#!/bin/bash # CORS Whitelist & Blacklist API Test Script echo "🚀 CORS API Test Script" echo "=======================" # Colors GREEN='\033[0;32m' RED='\033[0;31m' YELLOW='\033[1;33m' NC='\033[0m' # No Color # Base URL BASE_URL="${BASE_URL:-http://localhost:8080}" # Step 1: Admin Login echo -e "\n${YELLOW}Step 1: Admin Login${NC}" LOGIN_RESPONSE=$(curl -s -X POST $BASE_URL/v1/auth/login \ -H "Content-Type: application/json" \ -d '{ "email":"admin@gauth.local", "password":"Admin@123" }') TOKEN=$(echo $LOGIN_RESPONSE | jq -r '.access_token') if [ "$TOKEN" = "null" ] || [ -z "$TOKEN" ]; then echo -e "${RED}❌ Login failed!${NC}" echo $LOGIN_RESPONSE | jq . exit 1 fi echo -e "${GREEN}✅ Login successful${NC}" echo "Token: ${TOKEN:0:30}..." # ==================== WHITELIST TESTS ==================== echo -e "\n${YELLOW}=== WHITELIST TESTS ===${NC}" # Step 2: Create Whitelist Entry echo -e "\n${YELLOW}Step 2: Create Whitelist Entry${NC}" CREATE_WL_RESPONSE=$(curl -s -X POST $BASE_URL/v1/settings/cors/whitelist \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "origin": "https://test-app.com", "description": "Test application domain" }') WL_ID=$(echo $CREATE_WL_RESPONSE | jq -r '.id') if [ "$WL_ID" = "null" ] || [ -z "$WL_ID" ]; then echo -e "${RED}❌ Whitelist creation failed!${NC}" echo $CREATE_WL_RESPONSE | jq . else echo -e "${GREEN}✅ Whitelist entry created${NC}" echo "ID: $WL_ID" echo $CREATE_WL_RESPONSE | jq '{id, origin, description, is_active}' fi # Step 3: List All Whitelist echo -e "\n${YELLOW}Step 3: List All Whitelist${NC}" LIST_WL_RESPONSE=$(curl -s -X GET $BASE_URL/v1/settings/cors/whitelist \ -H "Authorization: Bearer $TOKEN") WL_COUNT=$(echo $LIST_WL_RESPONSE | jq '. | length') echo -e "${GREEN}✅ Found $WL_COUNT whitelist entries${NC}" echo $LIST_WL_RESPONSE | jq '.[0:3] | .[] | {id, origin, is_active}' # Step 4: Update Whitelist Entry if [ "$WL_ID" != "null" ] && [ ! -z "$WL_ID" ]; then echo -e "\n${YELLOW}Step 4: Update Whitelist Entry${NC}" UPDATE_WL_RESPONSE=$(curl -s -X PUT $BASE_URL/v1/settings/cors/whitelist/$WL_ID \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "description": "Updated test application", "is_active": true }') echo -e "${GREEN}✅ Whitelist entry updated${NC}" echo $UPDATE_WL_RESPONSE | jq . fi # ==================== BLACKLIST TESTS ==================== echo -e "\n${YELLOW}=== BLACKLIST TESTS ===${NC}" # Step 5: Create Blacklist Entry echo -e "\n${YELLOW}Step 5: Create Blacklist Entry${NC}" CREATE_BL_RESPONSE=$(curl -s -X POST $BASE_URL/v1/settings/cors/blacklist \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "origin": "https://spam-site.com", "reason": "Spam attempts detected during testing" }') BL_ID=$(echo $CREATE_BL_RESPONSE | jq -r '.id') if [ "$BL_ID" = "null" ] || [ -z "$BL_ID" ]; then echo -e "${RED}❌ Blacklist creation failed!${NC}" echo $CREATE_BL_RESPONSE | jq . else echo -e "${GREEN}✅ Blacklist entry created${NC}" echo "ID: $BL_ID" echo $CREATE_BL_RESPONSE | jq '{id, origin, reason, is_active}' fi # Step 6: List All Blacklist echo -e "\n${YELLOW}Step 6: List All Blacklist${NC}" LIST_BL_RESPONSE=$(curl -s -X GET $BASE_URL/v1/settings/cors/blacklist \ -H "Authorization: Bearer $TOKEN") BL_COUNT=$(echo $LIST_BL_RESPONSE | jq '. | length') echo -e "${GREEN}✅ Found $BL_COUNT blacklist entries${NC}" echo $LIST_BL_RESPONSE | jq '.[] | {id, origin, reason, is_active}' # Step 7: Update Blacklist Entry if [ "$BL_ID" != "null" ] && [ ! -z "$BL_ID" ]; then echo -e "\n${YELLOW}Step 7: Update Blacklist Entry${NC}" UPDATE_BL_RESPONSE=$(curl -s -X PUT $BASE_URL/v1/settings/cors/blacklist/$BL_ID \ -H "Authorization: Bearer $TOKEN" \ -H "Content-Type: application/json" \ -d '{ "reason": "Updated: Multiple spam attempts", "is_active": true }') echo -e "${GREEN}✅ Blacklist entry updated${NC}" echo $UPDATE_BL_RESPONSE | jq . fi # ==================== CLEANUP ==================== echo -e "\n${YELLOW}=== CLEANUP ===${NC}" # Step 8: Delete Whitelist Entry if [ "$WL_ID" != "null" ] && [ ! -z "$WL_ID" ]; then echo -e "\n${YELLOW}Step 8: Delete Whitelist Entry${NC}" DELETE_WL_RESPONSE=$(curl -s -X DELETE $BASE_URL/v1/settings/cors/whitelist/$WL_ID \ -H "Authorization: Bearer $TOKEN") echo -e "${GREEN}✅ Whitelist entry deleted${NC}" echo $DELETE_WL_RESPONSE | jq . fi # Step 9: Delete Blacklist Entry if [ "$BL_ID" != "null" ] && [ ! -z "$BL_ID" ]; then echo -e "\n${YELLOW}Step 9: Delete Blacklist Entry${NC}" DELETE_BL_RESPONSE=$(curl -s -X DELETE $BASE_URL/v1/settings/cors/blacklist/$BL_ID \ -H "Authorization: Bearer $TOKEN") echo -e "${GREEN}✅ Blacklist entry deleted${NC}" echo $DELETE_BL_RESPONSE | jq . fi # ==================== SUMMARY ==================== echo -e "\n${GREEN}=======================${NC}" echo -e "${GREEN}✅ All tests completed!${NC}" echo -e "${GREEN}=======================${NC}" echo -e "\nTest Summary:" echo "- Admin Login: ✅" echo "- Whitelist Create: ✅" echo "- Whitelist List: ✅ ($WL_COUNT entries)" echo "- Whitelist Update: ✅" echo "- Whitelist Delete: ✅" echo "- Blacklist Create: ✅" echo "- Blacklist List: ✅ ($BL_COUNT entries)" echo "- Blacklist Update: ✅" echo "- Blacklist Delete: ✅" echo -e "\n${YELLOW}Swagger Documentation:${NC}" echo "$BASE_URL/v1/docs/index.html"