test(geolocation): Add unit test for geolocation

Author: julienloizelet

.github/workflows/markdown.yml

@@ -0,0 +1,39 @@
+on:
+  push:
+  workflow_dispatch:
+
+name: Markdown files test and update
+jobs:
+  markdown-test-and-update:
+    name: Markdown files test and update
+    runs-on: ubuntu-latest
+    steps:
+
+      - name: Clone sources
+        uses: actions/checkout@v2
+        with:
+          path: extension
+
+      - name: Launch localhost server
+        run: |
+          sudo npm install --global http-server
+          http-server ./extension &
+
+      - name: Set up Ruby 2.6
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: 2.6
+
+      - name: Check links in Markdown files
+        run: |
+          gem install awesome_bot
+          cd extension
+          awesome_bot --files README.md,docs/ddev.md --allow-dupe --allow 401 --skip-save-results --white-list ddev.site,crowdsec --base-url http://localhost:8080/
+
+      - name: Generate table of contents
+        uses: technote-space/toc-generator@v4
+        with:
+          MAX_HEADER_LEVEL: 5
+          COMMIT_NAME: CrowdSec Dev Bot
+          TARGET_PATHS: 'docs/ddev.md'
+          CHECK_ONLY_DEFAULT_BRANCH: true

.github/workflows/test-suite.yml

@@ -67,11 +67,24 @@ jobs:
         run: |
           ddev composer update --working-dir ./my-own-modules/crowdsec-php-lib
 
+      - name: Prepare PHP UNIT tests
+        run: |
+          ddev create-watcher PhpUnitTestMachine PhpUnitTestMachinePassword
+          ddev maxmind-download DEFAULT GeoLite2-City /var/www/html/my-own-modules/crowdsec-php-lib/tests
+          ddev maxmind-download DEFAULT GeoLite2-Country /var/www/html/my-own-modules/crowdsec-php-lib/tests
+          cd my-own-modules/crowdsec-php-lib/tests
+          sha256sum -c GeoLite2-Country.tar.gz.sha256.txt
+          sha256sum -c GeoLite2-City.tar.gz.sha256.txt
+          tar -xf GeoLite2-Country.tar.gz
+          tar -xf GeoLite2-City.tar.gz
+          rm GeoLite2-Country.tar.gz GeoLite2-Country.tar.gz.sha256.txt GeoLite2-City.tar.gz GeoLite2-City.tar.gz.sha256.txt
+
 
       - name: Run PHP UNIT tests
+        # ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} LAPI_URL=http://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/IpVerificationTest.php
         run: |
-          ddev create-watcher PhpUnitTestMachine PhpUnitTestMachinePassword
-          ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} LAPI_URL=http://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/IpVerificationTest.php
+          ddev exec -s crowdsec crowdsec -version
+          ddev exec BOUNCER_KEY=${{ env.BOUNCER_KEY }} LAPI_URL=http://crowdsec:8080  /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/GeolocationTest.php
 
       - name: Prepare END TO END tests
         run: |

.gitignore

@@ -18,4 +18,7 @@ super-linter.log
 # Auto prepend demo
 examples/auto-prepend/settings.php
 examples/auto-prepend/.logs
-examples/auto-prepend/.cache
+examples/auto-prepend/.cache
+
+# MaxMind databases
+*.mmdb

README.md

@@ -1,6 +1,4 @@
-<p align="center">
-<img src="https://raw.githubusercontent.com/crowdsecurity/crowdsec-docs/main/docs/assets/images/crowdsec_logo.png" alt="CrowdSec" title="CrowdSec" width="200" height="120"/>
-</p>
+![CrowdSec Logo](docs/images/logo_crowdsec.png)
 
 # PHP Bouncer Library
 

docs/ddev.md

@@ -134,6 +134,18 @@ Finally, run
 ddev exec BOUNCER_KEY=your-bouncer-key LAPI_URL=http://crowdsec:8080 MEMCACHED_DSN=memcached://memcached:11211 REDIS_DSN=redis://redis:6379 /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/IpVerificationTest.php
 ```
 
+For geolocation Unit Test, you should first put 2 free MaxMind databases in the `tests` folder : `GeoLite2-City.mmdb` 
+and`GeoLite2-Country.mmdb`. You can download these databases by creating a maxmind account and browse to [the download page](https://www.maxmind.com/en/accounts/current/geoip/downloads).
+
+
+Then, you can run:
+
+```
+ddev exec BOUNCER_KEY=your-bouncer-key LAPI_URL=http://crowdsec:8080  /usr/bin/php ./my-own-modules/crowdsec-php-lib/vendor/bin/phpunit --testdox --colors --exclude-group ignore ./my-own-modules/crowdsec-php-lib/tests/GeolocationTest.php
+
+```
+
+
 ### Use a `check-ip` php script for test
 
 

docs/images/logo_crowdsec.png

@@ -0,0 +1,107 @@
+<?php
+
+declare(strict_types=1);
+require __DIR__ . '/TestHelpers.php';
+require __DIR__ . '/WatcherClient.php';
+
+use CrowdSecBouncer\ApiCache;
+use CrowdSecBouncer\ApiClient;
+use CrowdSecBouncer\Bouncer;
+use PHPUnit\Framework\MockObject\MockObject;
+use PHPUnit\Framework\TestCase;
+use Psr\Log\LoggerInterface;
+use Symfony\Component\Cache\Adapter\PhpFilesAdapter;
+
+final class GeolocationTest extends TestCase
+{
+    /** @var WatcherClient */
+    private $watcherClient;
+
+    /** @var LoggerInterface */
+    private $logger;
+
+    protected function setUp(): void
+    {
+        $this->logger = TestHelpers::createLogger();
+
+        $this->watcherClient = new WatcherClient($this->logger);
+        $this->watcherClient->configure();
+    }
+
+    public function maxmindConfigProvider(): array
+    {
+        return TestHelpers::maxmindConfigProvider();
+    }
+
+    /**
+     * @group integration
+     * @covers       \Bouncer
+     * @dataProvider maxmindConfigProvider
+     * @group ignore_
+     * @throws \Symfony\Component\Cache\Exception\CacheException
+     */
+    public function testCanVerifyIpAndCountryWithMaxmindInLiveMode(array $maxmindConfig):
+    void
+    {
+        // Check if MaxMind database exist
+        if (!file_exists($maxmindConfig['database_path'])) {
+            $this->fail('There must be a MaxMind Database here: '.$maxmindConfig['database_path']);
+            $this->stopFlag = true; // Stop further processing if this occurs
+        }
+        // Init context
+        $cacheAdapter = new PhpFilesAdapter('php_array_adapter_backup_cache', 0,
+            TestHelpers::PHP_FILES_CACHE_ADAPTER_DIR);
+        $this->watcherClient->setInitialState();
+        $cacheAdapter->clear();
+
+        $geolocationConfig = [
+            'save_in_session' => false,
+            'enabled' => true,
+            'type' => 'maxmind',
+            'maxmind' => [
+                'database_type' => $maxmindConfig['database_type'],
+                'database_path' => $maxmindConfig['database_path']
+            ]
+        ];
+        // Init bouncer
+        /** @var ApiClient */
+        $apiClientMock = $this->getMockBuilder(ApiClient::class)
+            ->setConstructorArgs([$this->logger])
+            ->enableProxyingToOriginalMethods()
+            ->getMock();
+        $apiCache = new ApiCache($this->logger, $apiClientMock, $cacheAdapter);
+        $bouncerConfig = [
+            'api_key' => TestHelpers::getBouncerKey(),
+            'api_url' => TestHelpers::getLapiUrl(),
+            'geolocation' => $geolocationConfig
+        ];
+        $bouncer = new Bouncer(null, $this->logger, $apiCache);
+        $bouncer->configure($bouncerConfig);
+
+        $this->assertEquals(
+            'captcha',
+            $bouncer->getRemediationForIp(TestHelpers::IP_JAPAN),
+            'Get decisions for a clean IP but bad country'
+        );
+
+
+        // Disable Geolocation feature
+        $geolocationConfig['enabled'] = false;
+        $bouncerConfig['geolocation'] = $geolocationConfig;
+        $bouncer = new Bouncer(null, $this->logger, $apiCache);
+        $bouncer->configure($bouncerConfig);
+        $cacheAdapter->clear();
+
+        $this->assertEquals(
+            'bypass',
+            $bouncer->getRemediationForIp(TestHelpers::IP_JAPAN),
+            'Get decisions for a clean IP and bad country but with geolocation disabled'
+        );
+
+
+
+
+
+
+    }
+}

tests/GeolocationTest.php

@@ -5,10 +5,10 @@
 use Bramus\Monolog\Formatter\ColoredLineFormatter;
 use Monolog\Handler\StreamHandler;
 use Monolog\Logger;
-use Predis\ClientInterface;
 use Symfony\Component\Cache\Adapter\MemcachedAdapter;
 use Symfony\Component\Cache\Adapter\PhpFilesAdapter;
 use Symfony\Component\Cache\Adapter\RedisAdapter;
+use Symfony\Component\Cache\Exception\CacheException;
 
 class TestHelpers
 {
@@ -19,14 +19,16 @@ class TestHelpers
     public const LARGE_IPV4_RANGE = '23';
     public const BAD_IPV6 = '2001:0db8:85a3:0000:0000:8a2e:0370:7334';
     public const IPV6_RANGE = '64';
+    public const JAPAN = 'JP';
+    public const IP_JAPAN = '210.249.74.42';
+    public const FRANCE = 'FR';
+    public const IP_FRANCE = '78.119.253.85';
+
 
-    public const FS_CACHE_ADAPTER_DIR = __DIR__.'/../var/fs.cache';
-    public const PHP_FILES_CACHE_ADAPTER_DIR = __DIR__.'/../var/phpFiles.cache';
 
-    public const WATCHER_LOGIN = 'PhpUnitTestMachine';
-    public const WATCHER_PASSWORD = 'PhpUnitTestMachinePassword';
+    public const PHP_FILES_CACHE_ADAPTER_DIR = __DIR__.'/../var/phpFiles.cache';
 
-    public const LOG_LEVEL = Logger::WARNING; // set to Logger::DEBUG to get high verbosity
+    public const LOG_LEVEL = Logger::DEBUG; // set to Logger::DEBUG to get high verbosity
 
     public static function createLogger(): Logger
     {
@@ -38,15 +40,17 @@ public static function createLogger(): Logger
         return $log;
     }
 
+    /**
+     * @return array
+     * @throws ErrorException
+     * @throws CacheException
+     */
     public static function cacheAdapterProvider(): array
     {
         // Init all adapters
-
         $phpFilesAdapter = new PhpFilesAdapter('php_array_adapter_backup_cache', 0, self::PHP_FILES_CACHE_ADAPTER_DIR);
-
         /** @var string */
         $redisCacheAdapterDsn = getenv('REDIS_DSN');
-        /** @var ClientInterface */
         $redisClient = RedisAdapter::createConnection($redisCacheAdapterDsn);
         $redisAdapter = new RedisAdapter($redisClient);
 
@@ -68,6 +72,21 @@ public static function cacheAdapterProvider(): array
         ];
     }
 
+
+    public static function maxmindConfigProvider(): array
+    {
+        return [
+            'country database' => [[
+                'database_type' => 'country',
+                'database_path' => __DIR__.'/GeoLite2-Country.mmdb'
+            ]],
+            'city database' => [[
+                'database_type' => 'city',
+                'database_path' => __DIR__.'/GeoLite2-City.mmdb'
+            ]],
+        ];
+    }
+
     public static function getLapiUrl(): string
     {
         return getenv('LAPI_URL');
@@ -82,8 +101,7 @@ public static function getBouncerKey(): string
         if (false === $path) {
             throw new RuntimeException("'.bouncer-key' file was not found.");
         }
-        $apiKey = file_get_contents($path);
 
-        return $apiKey;
+        return file_get_contents($path);
     }
 }

tests/TestHelpers.php

@@ -54,6 +54,7 @@ public function setInitialState(): void
         $now = new DateTime();
         $this->addDecision($now, '12h', '+12 hours', TestHelpers::BAD_IP, 'captcha');
         $this->addDecision($now, '24h', '+24 hours', TestHelpers::BAD_IP.'/'.TestHelpers::IP_RANGE, 'ban');
+        $this->addDecision($now, '24h', '+24 hours', TestHelpers::JAPAN, 'captcha', 'country');
     }
 
     /** Set the initial watcher state */
@@ -100,9 +101,13 @@ public function deleteAllDecisions(): void
         $this->request('/v1/decisions', null, null, 'DELETE');
     }
 
-    public function addDecision(DateTime $now, string $durationString, string $dateTimeDurationString, string $ipOrRange, string $type)
+    protected function getFinalScope($scope, $value){
+        return ($scope === 'Ip' && 2 === count(explode('/', $value))) ? 'Range' : $scope;
+    }
+
+    public function addDecision(DateTime $now, string $durationString, string $dateTimeDurationString, string
+    $value, string $type, string $scope = 'Ip')
     {
-        $isRange = (2 === count(explode('/', $ipOrRange)));
         $stopAt = (clone $now)->modify($dateTimeDurationString)->format('Y-m-d\TH:i:s.000\Z');
         $startAt = $now->format('Y-m-d\TH:i:s.000\Z');
 
@@ -112,10 +117,10 @@ public function addDecision(DateTime $now, string $durationString, string $dateT
               [
                 'duration' => $durationString,
                 'origin' => 'cscli',
-                'scenario' => 'captcha for '.$ipOrRange.' for '.$durationString.' for PHPUnit tests',
-                'scope' => $isRange ? 'Range' : 'Ip',
+                'scenario' => $type.' for scope/value ('.$scope.'/'.$value.') for '.$durationString.' for PHPUnit tests',
+                'scope' => $this->getFinalScope($scope, $value),
                 'type' => $type,
-                'value' => $ipOrRange,
+                'value' => $value,
               ],
             ],
             'events' => [
@@ -129,8 +134,8 @@ public function addDecision(DateTime $now, string $durationString, string $dateT
             'scenario_version' => '',
             'simulated' => false,
             'source' => [
-              'scope' => $isRange ? 'Range' : 'Ip',
-              'value' => $ipOrRange,
+              'scope' => $this->getFinalScope($scope, $value),
+              'value' => $value,
             ],
             'start_at' => $startAt,
             'stop_at' => $stopAt,