-
Notifications
You must be signed in to change notification settings - Fork 26
/
Copy pathtoken_test.go
119 lines (103 loc) · 3.5 KB
/
token_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
package beyond
import (
"encoding/json"
"io"
"net/http"
"net/http/httptest"
"strings"
"testing"
"github.com/drewolson/testflight"
"github.com/stretchr/testify/assert"
)
var (
tokenTestTokenUsers = map[string]string{
"932928c0a4edf9878ee0257a1d8f4d06adaaffee": "user1",
"257a1d8f4d06adaaffee932928c0a4edf9878ee0": "[email protected]",
}
tokenTestUserTokens = map[string]string{
"user1": "932928c0a4edf9878ee0257a1d8f4d06adaaffee",
"[email protected]": "257a1d8f4d06adaaffee932928c0a4edf9878ee0",
}
tokenServer = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if r.URL.Query().Get("access_token") == "invalid" {
_, err := io.WriteString(w, "{")
if err != nil {
errorHandler(w, 500, err.Error())
}
return
}
authorization := r.Header.Get("Authorization")
user := tokenTestTokenUsers[r.URL.Query().Get("access_token")]
if user == "" && strings.Contains(authorization, " ") {
user = tokenTestTokenUsers[strings.Split(authorization, " ")[1]]
}
err := json.NewEncoder(w).Encode(tokenUser{Login: user})
if err != nil {
errorHandler(w, 500, err.Error())
}
}))
)
func TestTokenError(t *testing.T) {
*tokenBase = "https://foo.bar?"
r, err := http.NewRequest("GET", "/", nil)
assert.NoError(t, err)
assert.Equal(t, "", tokenAuth(r))
r.Header.Set("Authorization", "token test")
assert.Equal(t, "", tokenAuth(r))
*tokenBase = tokenServer.URL + "/?access_token="
r.Header.Set("Authorization", "token invalid")
assert.Equal(t, "", tokenAuth(r))
}
func TestTokenBasic(t *testing.T) {
r, err := http.NewRequest("GET", "/", nil)
assert.NoError(t, err)
r.SetBasicAuth(tokenTestUserTokens["user1"], "x-oauth-basic")
login1 := tokenAuth(r)
r.SetBasicAuth("", tokenTestUserTokens["user1"])
login2 := tokenAuth(r)
assert.Equal(t, "user1", login1)
assert.Equal(t, "user1", login2)
r.SetBasicAuth(tokenTestUserTokens["user1"], "foobar")
assert.Equal(t, "", tokenAuth(r))
}
func TestTokenFederation(t *testing.T) {
r, err := http.NewRequest("GET", "/", nil)
assert.NoError(t, err)
r.Header.Set("Authorization", "token test")
assert.Equal(t, "", tokenAuth(r))
r.Header.Set("Authorization", "token "+tokenTestUserTokens["user1"])
login1 := tokenAuth(r)
login2 := tokenAuth(r)
assert.Equal(t, "user1", login1)
assert.Equal(t, "user1", login2)
}
func TestTokenSuccess(t *testing.T) {
testflight.WithServer(testMux, func(r *testflight.Requester) {
request, err := http.NewRequest("GET", "/ip", nil)
assert.Nil(t, err)
request.Header.Set("Authorization", "Token "+tokenTestUserTokens["user1"])
request.Host = "httpbin.org"
response := r.Do(request)
assert.Equal(t, 200, response.StatusCode)
assert.Equal(t, "{\n \"origin\"", strings.Split(response.Body, ":")[0])
})
testflight.WithServer(testMux, func(r *testflight.Requester) {
request, err := http.NewRequest("GET", "/ip", nil)
assert.Nil(t, err)
request.SetBasicAuth("user1", tokenTestUserTokens["user1"])
request.Host = "httpbin.org"
response := r.Do(request)
assert.Equal(t, 200, response.StatusCode)
assert.Equal(t, "{\n \"origin\"", strings.Split(response.Body, ":")[0])
})
// expect ACL 403
testflight.WithServer(testMux, func(r *testflight.Requester) {
request, err := http.NewRequest("GET", "/ip", nil)
assert.Nil(t, err)
request.Header.Set("Authorization", "Token "+tokenTestUserTokens["[email protected]"])
request.Host = "httpbin.org"
response := r.Do(request)
assert.Equal(t, 403, response.StatusCode)
assert.Contains(t, response.Body, "Access Denied")
})
}