cli http tests: allow response header capture

Author: theodore-s-beers

checks/http.go

@@ -76,7 +76,16 @@ func runHTTPRequest(
 		req.SetBasicAuth(requestStep.Request.BasicAuth.Username, requestStep.Request.BasicAuth.Password)
 	}
 
-	resp, err := client.Do(req)
+	requestClient := client
+	if requestStep.Request.FollowRedirects != nil && !*requestStep.Request.FollowRedirects {
+		clientCopy := *client
+		clientCopy.CheckRedirect = func(req *http.Request, via []*http.Request) error {
+			return http.ErrUseLastResponse
+		}
+		requestClient = &clientCopy
+	}
+
+	resp, err := requestClient.Do(req)
 	if err != nil {
 		errString := fmt.Sprintf("Failed to fetch: %s", err.Error())
 		result = api.HTTPRequestResult{Err: errString}
@@ -100,7 +109,12 @@ func runHTTPRequest(
 		trailers[k] = strings.Join(v, ",")
 	}
 
-	parseVariables(body, requestStep.ResponseVariables, variables)
+	if err := parseVariables(body, requestStep.ResponseVariables, variables); err != nil {
+		return api.HTTPRequestResult{Err: fmt.Sprintf("Failed to parse response variable: %s", err)}
+	}
+	if err := parseHeaderVariables(headers, requestStep.ResponseHeaderVariables, variables); err != nil {
+		return api.HTTPRequestResult{Err: fmt.Sprintf("Failed to parse response header variable: %s", err)}
+	}
 
 	result = api.HTTPRequestResult{
 		StatusCode:       resp.StatusCode,
@@ -195,6 +209,43 @@ func parseVariables(body []byte, vardefs []api.HTTPRequestResponseVariable, vari
 	return nil
 }
 
+func parseHeaderVariables(headers map[string]string, vardefs []api.HTTPRequestResponseHeaderVariable, variables map[string]string) error {
+	for _, vardef := range vardefs {
+		headerValue, ok := findHeaderValue(headers, vardef.Header)
+		if !ok {
+			return fmt.Errorf("header %q not found", vardef.Header)
+		}
+
+		value := headerValue
+		if vardef.Regex != "" {
+			re, err := regexp.Compile(vardef.Regex)
+			if err != nil {
+				return err
+			}
+			if re.NumSubexp() != 1 {
+				return fmt.Errorf("regex for header variable %q must have exactly one capture group", vardef.Name)
+			}
+			matches := re.FindStringSubmatch(headerValue)
+			if len(matches) != 2 {
+				return fmt.Errorf("header %q did not match regex", vardef.Header)
+			}
+			value = matches[1]
+		}
+
+		variables[vardef.Name] = value
+	}
+	return nil
+}
+
+func findHeaderValue(headers map[string]string, key string) (string, bool) {
+	for actualKey, value := range headers {
+		if strings.EqualFold(actualKey, key) {
+			return value, true
+		}
+	}
+	return "", false
+}
+
 func InterpolateVariables(template string, vars map[string]string) string {
 	r := regexp.MustCompile(`\$\{([^}]+)\}`)
 	return r.ReplaceAllStringFunc(template, func(m string) string {

checks/http_test.go

@@ -126,3 +126,53 @@ func TestTruncateAndStringifyBodyCapsBinaryBody(t *testing.T) {
 		t.Fatalf("len(truncateAndStringifyBody(binary)) = %d, want %d", len(got), 16*1024)
 	}
 }
+
+func TestRunHTTPRequestCapturesResponseHeaderVariableAndDoesNotFollowRedirect(t *testing.T) {
+	followRedirects := false
+
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.URL.Path != "/login" {
+			t.Errorf("path = %q, want /login", r.URL.Path)
+			return
+		}
+
+		w.Header().Set("Set-Cookie", "session_id=abc123; Path=/; HttpOnly")
+		w.Header().Set("Location", "/account")
+		w.WriteHeader(http.StatusFound)
+		_, _ = w.Write([]byte("Found. Redirecting to /account"))
+	}))
+	defer server.Close()
+
+	variables := map[string]string{}
+	requestStep := api.CLIStepHTTPRequest{
+		ResponseHeaderVariables: []api.HTTPRequestResponseHeaderVariable{{
+			Name:   "sessionID",
+			Header: "Set-Cookie",
+			Regex:  "session_id=([^;]+)",
+		}},
+		Request: api.HTTPRequest{
+			Method:          http.MethodPost,
+			FullURL:         api.BaseURLPlaceholder + "/login",
+			FollowRedirects: &followRedirects,
+			BodyForm: map[string]string{
+				"email":    "pacifica@example.com",
+				"password": "password123",
+				"returnTo": "/account",
+			},
+		},
+	}
+
+	result := runHTTPRequest(server.Client(), server.URL, variables, requestStep)
+	if result.Err != "" {
+		t.Fatalf("unexpected request error: %s", result.Err)
+	}
+	if result.StatusCode != http.StatusFound {
+		t.Fatalf("StatusCode = %d, want %d", result.StatusCode, http.StatusFound)
+	}
+	if result.ResponseHeaders["Set-Cookie"] == "" {
+		t.Fatalf("expected Set-Cookie response header")
+	}
+	if result.Variables["sessionID"] != "abc123" {
+		t.Fatalf("captured sessionID = %q, want abc123", result.Variables["sessionID"])
+	}
+}

client/lessons.go

@@ -72,10 +72,11 @@ const (
 )
 
 type CLIStepHTTPRequest struct {
-	ResponseVariables []HTTPRequestResponseVariable
-	Tests             []HTTPRequestTest
-	Request           HTTPRequest
-	SleepAfterMs      *int
+	ResponseVariables       []HTTPRequestResponseVariable
+	ResponseHeaderVariables []HTTPRequestResponseHeaderVariable
+	Tests                   []HTTPRequestTest
+	Request                 HTTPRequest
+	SleepAfterMs            *int
 }
 
 type Sleepable interface {
@@ -93,11 +94,12 @@ func (h *CLIStepHTTPRequest) GetSleepAfterMs() *int {
 const BaseURLPlaceholder = "${baseURL}"
 
 type HTTPRequest struct {
-	Method   string
-	FullURL  string
-	Headers  map[string]string
-	BodyJSON map[string]any
-	BodyForm map[string]string
+	Method          string
+	FullURL         string
+	Headers         map[string]string
+	BodyJSON        map[string]any
+	BodyForm        map[string]string
+	FollowRedirects *bool
 
 	BasicAuth *HTTPBasicAuth
 }
@@ -112,6 +114,12 @@ type HTTPRequestResponseVariable struct {
 	Path string
 }
 
+type HTTPRequestResponseHeaderVariable struct {
+	Name   string
+	Header string
+	Regex  string
+}
+
 // HTTPRequestTest should have only one field set
 type HTTPRequestTest struct {
 	StatusCode       *int

render/variables.go

@@ -52,6 +52,17 @@ func savedVariablesForHTTPResult(result api.HTTPRequestResult) []variableEntry {
 			description: "JSON Body " + responseVariable.Path,
 		})
 	}
+	for _, responseHeaderVariable := range result.Request.ResponseHeaderVariables {
+		value := result.Variables[responseHeaderVariable.Name]
+		if value == "" {
+			continue
+		}
+		entries = append(entries, variableEntry{
+			name:        responseHeaderVariable.Name,
+			value:       value,
+			description: responseHeaderVariableDescription(responseHeaderVariable),
+		})
+	}
 	return entries
 }
 
@@ -66,9 +77,25 @@ func missingSaveVariablesForHTTPResult(result api.HTTPRequestResult) []variableE
 			description: "JSON Body " + responseVariable.Path,
 		})
 	}
+	for _, responseHeaderVariable := range result.Request.ResponseHeaderVariables {
+		if result.Variables[responseHeaderVariable.Name] != "" {
+			continue
+		}
+		entries = append(entries, variableEntry{
+			name:        responseHeaderVariable.Name,
+			description: responseHeaderVariableDescription(responseHeaderVariable),
+		})
+	}
 	return entries
 }
 
+func responseHeaderVariableDescription(v api.HTTPRequestResponseHeaderVariable) string {
+	if v.Regex == "" {
+		return "Response Header " + v.Header
+	}
+	return fmt.Sprintf("Response Header %s matching %s", v.Header, v.Regex)
+}
+
 func availableVariablesForHTTPResult(result api.HTTPRequestResult) (entries []variableEntry, expectsVariables bool) {
 	seen := map[string]bool{}
 

render/variables_test.go

@@ -12,12 +12,17 @@ func TestHTTPVariableSections(t *testing.T) {
 		Variables: map[string]string{
 			"authToken": "token-123",
 			"shortCode": "abc123",
+			"sessionID": "session-123",
 		},
 		Request: api.CLIStepHTTPRequest{
 			ResponseVariables: []api.HTTPRequestResponseVariable{
 				{Name: "shortCode", Path: ".short_code"},
 				{Name: "missingCode", Path: ".missing_code"},
 			},
+			ResponseHeaderVariables: []api.HTTPRequestResponseHeaderVariable{
+				{Name: "sessionID", Header: "Set-Cookie", Regex: "session_id=([^;]+)"},
+				{Name: "missingSessionID", Header: "Set-Cookie", Regex: "missing=([^;]+)"},
+			},
 			Request: api.HTTPRequest{
 				FullURL: "${baseURL}/api/links/${shortCode}",
 				Headers: map[string]string{
@@ -37,9 +42,11 @@ func TestHTTPVariableSections(t *testing.T) {
 
 	wantContains := []string{
 		"Variables Saved:",
+		"sessionID: session-123 (Response Header Set-Cookie matching session_id=([^;]+))",
 		"shortCode: abc123 (JSON Body .short_code)",
 		"Variables Missing:",
 		"missingCode: [not found] (JSON Body .missing_code)",
+		"missingSessionID: [not found] (Response Header Set-Cookie matching missing=([^;]+))",
 		"Variables Available:",
 		"authToken: token-123 (Request Header \"Authorization\")",
 		"shortCode: abc123 (Request URL)",