fn_registry/python/functions/cybersecurity/har_extract_calls_test.py

"""Tests para har_extract_calls."""

from har_extract_calls import har_extract_calls


def test_golden_post_con_cookie_y_body_json():
    """Golden: POST con header Cookie + body json -> spec correcta,
    cookie extraida, hop-by-hop dropeados, set-cookie de respuesta."""
    entries = [
        {
            "request": {
                "method": "post",
                "url": "https://api.example.com/login",
                "headers": [
                    {"name": "Host", "value": "api.example.com"},
                    {"name": "Content-Length", "value": "42"},
                    {"name": "Accept-Encoding", "value": "gzip"},
                    {"name": "Content-Type", "value": "application/json"},
                    {"name": "Authorization", "value": "Bearer tok123"},
                    {"name": "Cookie", "value": "session=abc; csrf=xyz"},
                ],
                "postData": {
                    "mimeType": "application/json",
                    "text": '{"user":"neo","pass":"secret"}',
                },
            },
            "response": {
                "status": 200,
                "cookies": [
                    {"name": "session", "value": "newsess"},
                    {"name": "remember", "value": "1"},
                ],
                "headers": [],
            },
        }
    ]

    [spec] = har_extract_calls(entries)

    assert spec["method"] == "POST"
    assert spec["url"] == "https://api.example.com/login"
    # Hop-by-hop dropeados, Cookie extraido fuera de headers.
    assert spec["headers"] == {
        "Content-Type": "application/json",
        "Authorization": "Bearer tok123",
    }
    assert "Host" not in spec["headers"]
    assert "Content-Length" not in spec["headers"]
    assert "Accept-Encoding" not in spec["headers"]
    assert "Cookie" not in spec["headers"]
    # Cookies parseadas del header Cookie.
    assert spec["cookies"] == {"session": "abc", "csrf": "xyz"}
    # Body + tipo inferido.
    assert spec["body"] == '{"user":"neo","pass":"secret"}'
    assert spec["body_type"] == "json"
    # Status de respuesta.
    assert spec["status"] == 200
    # Cookies que setea la respuesta.
    assert spec["sets_cookies"] == ["session", "remember"]


def test_edge_get_sin_body():
    """Edge: GET sin body -> body None, body_type None, sin cookies."""
    entries = [
        {
            "request": {
                "method": "get",
                "url": "https://api.example.com/me",
                "headers": [
                    {"name": "Accept", "value": "application/json"},
                ],
            },
            "response": {"status": 304, "headers": []},
        }
    ]

    [spec] = har_extract_calls(entries)

    assert spec["method"] == "GET"
    assert spec["body"] is None
    assert spec["body_type"] is None
    assert spec["cookies"] == {}
    assert spec["headers"] == {"Accept": "application/json"}
    assert spec["status"] == 304
    assert spec["sets_cookies"] == []


def test_drop_headers_extra_respetado():
    """drop_headers extra elimina headers adicionales (case-insensitive)."""
    entries = [
        {
            "request": {
                "method": "GET",
                "url": "https://api.example.com/data",
                "headers": [
                    {"name": "User-Agent", "value": "curl/8"},
                    {"name": "X-Trace-Id", "value": "noise-123"},
                    {"name": "Accept", "value": "*/*"},
                ],
            },
            "response": {"status": 200, "headers": []},
        }
    ]

    [spec] = har_extract_calls(entries, drop_headers=["x-trace-id"])

    assert "X-Trace-Id" not in spec["headers"]
    assert spec["headers"] == {"User-Agent": "curl/8", "Accept": "*/*"}


def test_form_body_y_set_cookie_desde_headers():
    """Body form-urlencoded -> body_type form; set-cookie parseado de headers
    cuando no hay response.cookies."""
    entries = [
        {
            "request": {
                "method": "POST",
                "url": "https://api.example.com/form",
                "headers": [
                    {
                        "name": "Content-Type",
                        "value": "application/x-www-form-urlencoded",
                    },
                ],
                "postData": {
                    "mimeType": "application/x-www-form-urlencoded",
                    "text": "a=1&b=2",
                },
            },
            "response": {
                "status": 201,
                "headers": [
                    {"name": "Set-Cookie", "value": "auth=tok; Path=/; HttpOnly"},
                    {"name": "Content-Type", "value": "text/html"},
                    {"name": "Set-Cookie", "value": "lang=es; Path=/"},
                ],
            },
        }
    ]

    [spec] = har_extract_calls(entries)

    assert spec["body_type"] == "form"
    assert spec["body"] == "a=1&b=2"
    assert spec["sets_cookies"] == ["auth", "lang"]


def test_lista_vacia():
    """Sin entries -> lista vacia."""
    assert har_extract_calls([]) == []