From 5a332f6960c84287c26aafd0c027906fadad8f6c Mon Sep 17 00:00:00 2001
From: Cedric Hebert <cedric.hebert@gmail.com>
Date: Sat, 6 Apr 2024 09:33:26 +0200
Subject: [PATCH] test structure cleanup

---
 tests/runtests.sh                   |  3 --
 tests/tests/10000-1.sh              | 62 ++++++++++++++++++++++++
 tests/tests/check-default-config.sh | 48 +++++++++++++++----
 tests/tests/detectURL.sh            | 24 ++++++----
 tests/tests/template.txt            | 73 +++++++++++++++++++++++++++++
 5 files changed, 191 insertions(+), 19 deletions(-)
 create mode 100644 tests/tests/10000-1.sh
 create mode 100644 tests/tests/template.txt

diff --git a/tests/runtests.sh b/tests/runtests.sh
index f06a176..6b0983f 100755
--- a/tests/runtests.sh
+++ b/tests/runtests.sh
@@ -1,7 +1,5 @@
 #!/bin/bash
 
-consoleoutput=docker-compose-logs.txt
-
 # Build test images
 docker build -f myappDockerfile -t myapptest ../myapp/
 docker build -f configmanagerDockerfile -t configmanagertest ../configmanager/
@@ -40,5 +38,4 @@ echo "ALL TESTS COMPLETED"
 
 # Cleanup
 docker-compose down
-rm $consoleoutput
 
diff --git a/tests/tests/10000-1.sh b/tests/tests/10000-1.sh
new file mode 100644
index 0000000..ff40eeb
--- /dev/null
+++ b/tests/tests/10000-1.sh
@@ -0,0 +1,62 @@
+# Time taken for 10000 requests, 1 injected decoy (replace)
+
+# Configure decoys
+config='
+{
+  "filters": [
+    {
+      "decoy": {
+        "key": "admin1234"
+      },
+      "inject": {
+        "store": {
+          "inResponse": "/robots.txt",
+          "withVerb": "GET",
+          "as": "body",
+          "at": {
+            "method": "replace",
+            "property": "((.|\n)*)"
+          }
+        }
+      }
+    }
+  ]
+}
+'
+
+# connect to configmanager, update /data/cad-default.json
+echo "$config" | docker exec -i configmanager sh -c 'cat > /data/cad-default.json'
+# wait a few seconds for the proxy to read the new config
+sleep 5
+
+
+# Start timing
+start_time=$(date +%s.%N)
+
+# Temporary file for curl output
+tempfile=$(uuidgen -r)
+
+# Do relevant action(s)
+for ((i=1; i<=9999; i++)); do
+  curl -v http://localhost:8000/robots.txt >/dev/null 2>&1
+done
+# Check in the 1000th iteration that the decoy is properly injected
+curl -v http://localhost:8000/robots.txt >$tempfile 2>&1
+
+# Check INJECTION (in $tempfile)
+status=$(grep "admin1234" $tempfile)
+
+# Output result & time
+if [ -z "$status" ]; then
+  echo -e "\033[0;31mFAIL\033[0m"
+else
+  echo -e "\033[0;32mPASS\033[0m"
+fi
+
+check_1_time=$(date +%s.%N)
+execution_time=$(echo "$check_1_time - $start_time" | bc)
+echo "Execution time: $execution_time seconds"
+
+# Cleanup
+rm $tempfile
+
diff --git a/tests/tests/check-default-config.sh b/tests/tests/check-default-config.sh
index 58eb36e..cda4448 100644
--- a/tests/tests/check-default-config.sh
+++ b/tests/tests/check-default-config.sh
@@ -1,23 +1,55 @@
 # check if the default config is working
 # (e.g. checks that the HTTP Response header 'x-cloud-active-defense' is set)
 
-tempfile=`uuidgen -r`
+# Configure decoys
+config='
+{
+  "filters": [
+    {
+      "decoy": {
+        "key": "x-cloud-active-defense",
+        "separator": "=",
+        "value": "ACTIVE"
+      },
+      "inject": {
+        "store": {
+          "inResponse": ".*",
+          "as": "header"
+        }
+      }
+    }
+  ]
+}
+'
+
+# connect to configmanager, update /data/cad-default.json
+echo "$config" | docker exec -i configmanager sh -c 'cat > /data/cad-default.json'
+# wait a few seconds for the proxy to read the new config
+sleep 5
+
+# Start timing
+start_time=$(date +%s.%N)
+
+# Temporary file for curl output
+tempfile=$(uuidgen -r)
 
 # Do relevant action(s)
 curl -v http://localhost:8000 >$tempfile 2>&1
 
-# check INJECTION (in $tempfile)
-status=`grep "< x-cloud-active-defense: ACTIVE" $tempfile`
+# Check INJECTION (in $tempfile)
+status=$(grep "< x-cloud-active-defense: ACTIVE" $tempfile)
 
-# check DETECTION (in docker logs)
-
-# output result
-if [ "$status" == "" ]; then
+# Output result & time
+if [ -z "$status" ]; then
   echo -e "\033[0;31mFAIL\033[0m"
 else
   echo -e "\033[0;32mPASS\033[0m"
 fi
 
-# cleanup
+check_1_time=$(date +%s.%N)
+execution_time=$(echo "$check_1_time - $start_time" | bc)
+echo "Execution time: $execution_time seconds"
+
+# Cleanup
 rm $tempfile
 
diff --git a/tests/tests/detectURL.sh b/tests/tests/detectURL.sh
index ac10917..44375b2 100644
--- a/tests/tests/detectURL.sh
+++ b/tests/tests/detectURL.sh
@@ -1,5 +1,6 @@
 # test simple detection in URL (first README.md decoy)
 
+# Configure decoys
 config='
 {
   "filters": [
@@ -23,30 +24,37 @@ config='
 }
 '
 
-# Do relevant action(s)
 # connect to configmanager, update /data/cad-default.json
 echo "$config" | docker exec -i configmanager sh -c 'cat > /data/cad-default.json'
 # wait a few seconds for the proxy to read the new config
 sleep 5
 
+# Start timing
+start_time=$(date +%s.%N)
+
+# Temporary file for curl output
+tempfile=$(uuidgen -r)
+
+# Do relevant action(s)
 # trigger decoy by visiting /forbidden
 tempfile=`uuidgen -r`
 curl -v http://localhost:8000/forbidden >$tempfile 2>&1
 # give some time for the alert to be sent to the console
-sleep 2
-
-# check INJECTION (in $tempfile)
 
-# check DETECTION (in docker logs)
+# Check DETECTION (in docker logs)
 status=`docker-compose logs | grep '"DecoyKey": "forbidden",'`
 
-# output result
-if [ "$status" == "" ]; then
+# Output result & time
+if [ -z "$status" ]; then
   echo -e "\033[0;31mFAIL\033[0m"
 else
   echo -e "\033[0;32mPASS\033[0m"
 fi
 
-# cleanup
+check_1_time=$(date +%s.%N)
+execution_time=$(echo "$check_1_time - $start_time" | bc)
+echo "Execution time: $execution_time seconds"
+
+# Cleanup
 rm $tempfile
 
diff --git a/tests/tests/template.txt b/tests/tests/template.txt
new file mode 100644
index 0000000..bbb8a0e
--- /dev/null
+++ b/tests/tests/template.txt
@@ -0,0 +1,73 @@
+# TEMPLATE FOR YOUR OWN TESTS
+
+# Configure decoys
+config='
+{
+  "filters": [
+    {
+      "decoy": {
+        "key": "forbidden"
+      },
+      "detect": {
+        "seek": {
+          "inRequest": ".*",
+          "withVerb": "GET",
+          "in": "url"
+        },
+        "alert": {
+          "severity": "LOW",
+          "whenSeen": true
+        }
+      }
+    }
+  ]
+}
+'
+
+# connect to configmanager, update /data/cad-default.json
+echo "$config" | docker exec -i configmanager sh -c 'cat > /data/cad-default.json'
+# wait a few seconds for the proxy to read the new config
+sleep 5
+
+
+# Start timing
+start_time=$(date +%s.%N)
+
+# Temporary file for curl output
+tempfile=$(uuidgen -r)
+
+# Do relevant action(s)
+#curl -v http://localhost:8000/ >$tempfile 2>&1
+
+# Check INJECTION (in $tempfile)
+#status=$(grep "<SOMETHING>" $tempfile)
+
+# Output result & time
+if [ -z "$status" ]; then
+  echo -e "\033[0;31mFAIL\033[0m"
+else
+  echo -e "\033[0;32mPASS\033[0m"
+fi
+
+check_1_time=$(date +%s.%N)
+execution_time=$(echo "$check_1_time - $start_time" | bc)
+echo "Execution time: $execution_time seconds"
+
+
+# Check DETECTION (in docker logs)
+#status=`docker-compose logs | grep '<SOMETHING>'`
+
+# Output result & time
+if [ -z "$status" ]; then
+  echo -e "\033[0;31mFAIL\033[0m"
+else
+  echo -e "\033[0;32mPASS\033[0m"
+fi
+
+check_2_time=$(date +%s.%N)
+execution_time=$(echo "$check_2_time - $check_2_time" | bc)
+echo "Execution time: $execution_time seconds"
+
+# Cleanup
+rm $tempfile
+