Added Test for Developer Tools

webgoat-lessons/chrome-dev-tools/src/Test/java/org.owasp.webgoat.plugin/ChromeDevToolsTest.java

@@ -0,0 +1,56 @@
+package org.owasp.webgoat.plugin;
+
+import org.hamcrest.Matchers;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.owasp.webgoat.plugins.LessonTest;
+import org.owasp.webgoat.session.WebgoatContext;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.hamcrest.CoreMatchers.is;
+import static org.mockito.Mockito.when;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+/**
+ * @author Benedikt Stuhrmann
+ * @since 13/03/19.
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+public class ChromeDevToolsTest extends LessonTest {
+
+    @Autowired
+    private WebgoatContext context;
+
+    @Before
+    public void setup() {
+        ChromeDevTools cdt = new ChromeDevTools();
+        when(webSession.getCurrentLesson()).thenReturn(cdt);
+        when(webSession.getWebgoatContext()).thenReturn(context);
+        this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
+    }
+
+    @Test
+    public void NetworkAssignmentTest_Success() throws Exception{
+        mockMvc.perform(MockMvcRequestBuilders.post("/ChromeDevTools/network")
+                .param("network_num", "123456")
+                .param("number", "123456"))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.lessonCompleted", Matchers.is(true)));
+    }
+
+    @Test
+    public void NetworkAssignmentTest_Fail() throws Exception {
+        mockMvc.perform(MockMvcRequestBuilders.post("/ChromeDevTools/network")
+                .param("network_num", "123456")
+                .param("number", "654321"))
+                .andExpect(status().isOk())
+                .andExpect(jsonPath("$.lessonCompleted", Matchers.is(false)));
+    }
+
+}

webgoat-lessons/chrome-dev-tools/src/main/java/org/owasp/webgoat/plugin/NetworkDummy.java

@@ -21,7 +21,7 @@ public class NetworkDummy extends AssignmentEndpoint {
   @RequestMapping(method = RequestMethod.POST)
   public
   @ResponseBody
-  AttackResult completed(@RequestParam String network_num) throws IOException {
+  AttackResult completed(@RequestParam String networkNum) throws IOException {
     return trackProgress(failed().feedback("network.request").build());
   }
 }

webgoat-lessons/chrome-dev-tools/src/main/java/org/owasp/webgoat/plugin/NetworkLesson.java

@@ -26,7 +26,7 @@ public class NetworkLesson extends AssignmentEndpoint {
   @ResponseBody
   AttackResult completed(@RequestParam String network_num, @RequestParam String number) throws IOException {
     if(network_num.equals(number)) {
-      return trackProgress(success().feedback("network.success").build());
+      return trackProgress(success().feedback("network.success").output("").build());
     } else {
       return trackProgress(failed().feedback("network.failed").build());
     }

webgoat-lessons/chrome-dev-tools/src/main/resources/html/ChromeDevTools.html

@@ -50,7 +50,7 @@
                     document.getElementById("networkNumCopy").value = document.getElementById("networkNum").value;
                 });
             </script>
-            <input type="hidden" name="network_num" id="networkNum" value="foo" />
+            <input type="hidden" name="networkNum" id="networkNum" value="foo" />
             <table>
                 <tr>
                     <td>Click this button to make a request:</td>