Plugin Test Coverage

[Zwiterrion]

Create or track unique tests for Otoroshi plugins

• Additional headers in
• Additional headers out
• Allowed HTTP methods
• Missing headers in
• Missing headers out
• Headers validation
• Security Txt
• Yes
• Override host header
• Override Location header
• Remove headers in
• Remove headers out
• Maintenance mode
• Build mode
• Error response rewrite
• Reject headers in too long
• Reject headers out too long
• Additional cookies in
• Additional cookies out
• Limit headers in too long
• Limit headers out too long
• Basic Auth. caller
• Force HTTPS traffic
• Forwarded header
• Mock Responses
• Block non HTTPS traffic
• Consumer endpoint
• Missing cookies in
• Missing cookies out
• Default request body
• HMAC caller plugin
• HMAC access validator
• Http static asset
• Static Response
• Disable HTTP/1.0
• Query param transformer
• Read only requests
• User-Agent details extractor
• User-Agent endpoint
• User-Agent header
• request body xml-to-json
• response body xml-to-json
• Jwt signer
• Jwt verification only
• Jwt verifiers
• Jwt user extractor
• Otoroshi Health endpoint
• Public/Private paths
• Remove cookies in
• Remove cookies out
• Basic auth. from auth. module
• Request body Echo
• Request Echo
• Custom quotas
• Defer Responses
• Otoroshi info. token
• Websocket json format validator
• Websocket content validator in
• Websocket size validator
• Websocket type validator
• Context validator
• Authentication
• Multi Authentication
• HTTP Client Cache
• OAuth2 caller
• Static backend
• Websocket JQ transformer
• S3 Static backend
• Basic Auth
• Cookies validation
• Image replacer
• External request validator
• Send otoroshi headers back
• User profile endpoint
• Apikey mandatory metadata
• Robots
• User logged in expected
• IP allowed list
• IP block list
• request body json-to-xml
• response body json-to-xml
• Apikey mandatory tags
• User extraction from auth. module
• Expected consumer
• Generic allowed list
• Generic block list
• RegexResponseHeadersRewriter
• Allowed users only
• Apikeys
• GraphQL Composer
• Request Body length limiter
• Response Body length limiter
• Wasm Access control
• Wasm Backend
• Open Policy Agent (OPA)
• Wasm pre-route
• Wasm Request Transformer
• Wasm Response Transformer
• Wasm Route Matcher
• Endless HTTP responses
• Redirection
• Wasm Websocket transformer
• X-Forwarded-* headers
• Apikey quotas
• Apikey auth module
• Global Maintenance mode
• Custom throttling
• Public quotas
• Zip file backend
• Coraza WAF
• RBAC
• JQ
• JQ transform request
• JQ transform response
• Otoroshi challenge token
• Otoroshi headers in
• Otoroshi JWKS endpoint
• Otoroshi Metrics endpoint
• Routing Restrictions
• Workflow Access control
• Globally allowed domain names
• Globally denied domain names
• Traffic Mirroring
• Remote tunnel calls
• Workflow Backend
• Workflow Request Transformer
• Workflow Response Transformer
• Regex request body rewriter
• Regex response body rewriter
• Client certificate as apikey
• Client certificate header
• Client Certificate + Api Key only
• Client certificate matching (over http)
• Client certificate matching
• Client Certificate Only
• Canary mode cp:otoroshi.next.plugins.CanaryMode
• fail2ban cp:otoroshi.next.plugins.Fail2BanPlugin
• Global per ip address throttling cp:otoroshi.next.plugins.GlobalPerIpAddressThrottling
• Global throttling cp:otoroshi.next.plugins.GlobalThrottling
• GraphQL Proxy cp:otoroshi.next.plugins.GraphQLProxy
• GraphQL Query to REST cp:otoroshi.next.plugins.GraphQLQuery
• Http3 traffic switch cp:otoroshi.next.plugins.Http3Switch
• JWE extractor cp:otoroshi.next.plugins.JweExtractor
• JWE signer cp:otoroshi.next.plugins.JweSigner
• Apikey from Biscuit token extractor cp:otoroshi.next.plugins.NgBiscuitExtractor
• Biscuit token validator cp:otoroshi.next.plugins.NgBiscuitValidator
• Client credential token endpoint cp:otoroshi.next.plugins.NgClientCredentialTokenEndpoint
• Client Credential Service cp:otoroshi.next.plugins.NgClientCredentials
• Html Patcher cp:otoroshi.next.plugins.NgHtmlPatcher
• Response Cache cp:otoroshi.next.plugins.NgResponseCache
• OAuth1 caller cp:otoroshi.next.plugins.OAuth1Caller
• OIDC access_token as apikey cp:otoroshi.next.plugins.OIDCAccessTokenAsApikey
• OIDC access_token validator cp:otoroshi.next.plugins.OIDCAccessTokenValidator
• OIDC access_token authentication cp:otoroshi.next.plugins.OIDCAuthToken
• OIDC headers cp:otoroshi.next.plugins.OIDCHeaders
• Otoroshi AIA endpoint cp:otoroshi.next.plugins.OtoroshiAIAEndpoint
• Otoroshi OCSP Responder endpoint cp:otoroshi.next.plugins.OtoroshiOCSPResponderEndpoint
• Request bandwidth throttling cp:otoroshi.next.plugins.RequestBandwidthThrottling
• Response bandwidth throttling cp:otoroshi.next.plugins.ResponseBandwidthThrottling
• Time controlled Canary mode cp:otoroshi.next.plugins.TimeControlledCanaryMode
• W3C Trace Context cp:otoroshi.next.plugins.W3CTracing
• Workflow Resume Backend cp:otoroshi.next.workflow.WorkflowResumeBackend
• Coraza WAF - Incoming Request Validator cp:otoroshi.wasm.proxywasm.NgIncomingRequestValidatorCorazaWAF

No testable plugins (without specific account or whatever) :

• Wasm Router cp:otoroshi.next.plugins.WasmRouter
• Wasm Sink cp:otoroshi.next.plugins.WasmSink
• Gzip compression cp:otoroshi.next.plugins.GzipResponseCompressor
• Izanami V1 Canary Campaign cp:otoroshi.next.plugins.NgIzanamiV1Canary
• Izanami v1 APIs Proxy cp:otoroshi.next.plugins.NgIzanamiV1Proxy
• cdn.polyfill.io detector cp:otoroshi.next.plugins.PolyfillIoDetector
• cdn.polyfill.io mitigation cp:otoroshi.next.plugins.PolyfillIoReplacer
• Legacy apikeys cp:otoroshi.next.plugins.NgLegacyApikeyCall
• Legacy Authentication cp:otoroshi.next.plugins.NgLegacyAuthModuleCall
• Log4Shell mitigation plugin cp:otoroshi.next.plugins.NgLog4ShellFilter
• Brotli compression cp:otoroshi.next.plugins.BrotliResponseCompressor
• SOAP action cp:otoroshi.next.plugins.SOAPAction
• Global self registration endpoints (service discovery) cp:otoroshi.next.plugins.NgDiscoverySelfRegistrationSink
• Self registration endpoints (service discovery) cp:otoroshi.next.plugins.NgDiscoverySelfRegistrationTransformer
• Service discovery target selector (service discovery) cp:otoroshi.next.plugins.NgDiscoveryTargetsSelector
• CORS cp:otoroshi.next.plugins.Cors
• Snow Monkey Chaos cp:otoroshi.next.plugins.SnowMonkeyChaos
• Tailscale select target by name cp:otoroshi.next.plugins.TailscaleSelectTargetByName
• TCP Tunnel cp:otoroshi.next.plugins.TcpTunnel
• UDP Tunnel cp:otoroshi.next.plugins.UdpTunnel
• Zip Bomb backend cp:otoroshi.next.plugins.ZipBombBackend
• Eureka instance cp:otoroshi.next.plugins.EurekaServerSink
• Internal Eureka target cp:otoroshi.next.plugins.EurekaTarget
• External Eureka target cp:otoroshi.next.plugins.ExternalEurekaTarget
• Geolocation details extractor (using IpStack api) cp:otoroshi.next.plugins.NgIpStackGeolocationInfoExtractor
• Geolocation endpoint cp:otoroshi.next.plugins.NgGeolocationInfoEndpoint
• Geolocation header cp:otoroshi.next.plugins.NgGeolocationInfoHeader
• Geolocation details extractor (using Maxmind db) cp:otoroshi.next.plugins.NgMaxMindGeolocationInfoExtractor
• Auth0 Passwordless end flow endpoint cp:otoroshi.next.plugins.Auth0PasswordlessEndFlowEndpoint
• Auth0 Passwordless start/end flow cp:otoroshi.next.plugins.Auth0PasswordlessFlow
• Auth0 Passwordless start/end flow endpoints cp:otoroshi.next.plugins.Auth0PasswordlessStartEndFlowEndpoints
• Auth0 Passwordless start flow endpoint cp:otoroshi.next.plugins.Auth0PasswordlessStartFlowEndpoint