Skip to content
This repository has been archived by the owner on Oct 10, 2023. It is now read-only.

Commit

Permalink
Merge pull request #2 from MetLife/develop
Browse files Browse the repository at this point in the history 
Removed internal tests
  • Loading branch information
@jeffmurr
jeffmurr committed Apr 5, 2020
2 parents a50632a + 33318fa commit bc9736e
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 65 deletions.
4 changes: 2 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,9 @@ Since corporations often use [split-view DNS](https://en.wikipedia.org/wiki/Spli

## A Note on Authentication

Microsoft has extensive documentation on how to secure an HTTP endpoint in Azure Functions [here](https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-http-webhook-trigger?tabs=csharp#secure-an-http-endpoint-in-production). There are two main ways to secure a function: Turn on App Service Authentication/Authorization for the function app, or use Azure API Management (APIM) to authentication requests. Additionally, Azure functions support API key authorization that you can supply either as a query string variable or in a HTTP header. Microsoft states that API key authorization is not intended as a way to secure an HTTP trigger in production
Microsoft has extensive documentation on how to secure an HTTP endpoint in Azure Functions [here](https://docs.microsoft.com/en-us/azure/azure-functions/functions-bindings-http-webhook-trigger?tabs=csharp#secure-an-http-endpoint-in-production). There are two main ways to secure a function: Turn on App Service Authentication/Authorization for the function app, or use Azure API Management (APIM) to authenticate requests. Additionally, Azure functions support API key authorization that you can supply either as a query string variable or in a HTTP header. Microsoft states that API key authorization is not intended as a way to secure an HTTP trigger in production

By default, I have set the authLevel in the function.json file to *anonymous. Please note, when running functions locally, authorization is disabled regardless of the specified authorization level.
By default, I have set the authLevel in the function.json file to *anonymous*. Please note, when running functions locally, authorization is disabled regardless of the specified authorization level.

If you plan on running SSLChecker on the internet, please consider one of the above options for authentication.

Expand Down
63 changes: 0 additions & 63 deletions tests/test_SSLChecker.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,27 +87,6 @@ def test_external_dns_name_not_resolved():
assert results["Message"] == 'Domain exits but no A record'


def test_internal_dns_name_not_resolved():
# Construct a mock HTTP request
req = func.HttpRequest(
method='GET',
body=None,
url='/api/',
route_params={'scan': 'policy',
'view': 'internal',
'name': 'joegatt.com'}
)

# Call the function
resp = main(req)

# Convert resp string to dict
results = json.loads(resp)

# Check the output to ensure the DNS name could not resolve
assert results["Message"] == 'Domain exits but no A record'


def test_external_dns_name_not_exist():
# Construct a mock HTTP request
req = func.HttpRequest(
Expand All @@ -129,27 +108,6 @@ def test_external_dns_name_not_exist():
assert results["Message"] == 'The DNS name does not exist'


def test_internal_dns_name_not_exist():
# Construct a mock HTTP request
req = func.HttpRequest(
method='GET',
body=None,
url='/api/',
route_params={'scan': 'policy',
'view': 'internal',
'name': 'jeogatt.com'}
)

# Call the function
resp = main(req)

# Convert resp string to dict
results = json.loads(resp)

# Check the output to ensure the DNS name could not resolve
assert results["Message"] == 'The DNS name does not exist'


def test_external_sslyze_timeout():
# Construct a mock HTTP request
req = func.HttpRequest(
Expand All @@ -171,27 +129,6 @@ def test_external_sslyze_timeout():
assert results["Message"] == 'Connection to TCP 443 timed-out'


def test_internal_sslyze_timeout():
# Construct a mock HTTP request
req = func.HttpRequest(
method='GET',
body=None,
url='/api/',
route_params={'scan': 'policy',
'view': 'internal',
'name': 'bbbbbbbbbbbbbbb.com'}
)

# Call the function
resp = main(req)

# Convert resp string to dict
results = json.loads(resp)

# Check the output to ensure the DNS name could not resolve
assert results["Message"] == 'Connection to TCP 443 timed-out'


def test_external_missing_dns_name():
# Construct a mock HTTP request
req = func.HttpRequest(
Expand Down

0 comments on commit bc9736e

Please sign in to comment.