-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathbasic_test.go
125 lines (113 loc) · 2.85 KB
/
basic_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
// Copyright 2021 Flamego. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
package auth
import (
"bytes"
"encoding/base64"
"net/http"
"net/http/httptest"
"strings"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/flamego/flamego"
)
func TestBasic(t *testing.T) {
tests := []struct {
name string
username string
password string
wantCode int
wantBody string
}{
{
name: "good",
username: "foo",
password: "bar",
wantCode: http.StatusOK,
wantBody: "foo",
},
{
name: "bad",
username: "bar",
password: "foo",
wantCode: http.StatusUnauthorized,
wantBody: "Unauthorized\n",
},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
f := flamego.NewWithLogger(&bytes.Buffer{})
f.Use(Basic("foo", "bar"))
f.Get("/", func(user User) string {
return string(user)
})
resp := httptest.NewRecorder()
req, err := http.NewRequest(http.MethodGet, "/", nil)
require.NoError(t, err)
auth := strings.Join([]string{test.username, test.password}, ":")
req.Header.Set("Authorization", basicPrefix+base64.StdEncoding.EncodeToString([]byte(auth)))
f.ServeHTTP(resp, req)
assert.Equal(t, test.wantCode, resp.Code)
assert.Equal(t, test.wantBody, resp.Body.String())
})
}
}
func TestBasicFunc(t *testing.T) {
tests := []struct {
name string
header string
wantCode int
wantBody string
}{
{
name: "primary password",
header: basicPrefix + "Zm9vOmJhcg==", // foo:bar
wantCode: http.StatusOK,
wantBody: "foo",
},
{
name: "secondary password",
header: basicPrefix + "Zm9vOmJheg==", // foo:baz
wantCode: http.StatusOK,
wantBody: "foo",
},
{
name: "wrong password",
header: basicPrefix + "Zm9vOm5vcGU=", // foo:nope
wantCode: http.StatusUnauthorized,
wantBody: "Unauthorized\n",
},
{
name: "bad prefix",
header: "Zm9vOmJheg==", // foo:baz
wantCode: http.StatusUnauthorized,
wantBody: "Unauthorized\n",
},
{
name: "bad encoding",
header: basicPrefix + "Zm9vOm5",
wantCode: http.StatusUnauthorized,
wantBody: "Unauthorized\n",
},
}
for _, test := range tests {
t.Run(test.name, func(t *testing.T) {
f := flamego.NewWithLogger(&bytes.Buffer{})
f.Use(BasicFunc(func(username, password string) bool {
return username == "foo" && (password == "bar" || password == "baz")
}))
f.Get("/", func(user User) string {
return string(user)
})
resp := httptest.NewRecorder()
req, err := http.NewRequest(http.MethodGet, "/", nil)
require.NoError(t, err)
req.Header.Set("Authorization", test.header)
f.ServeHTTP(resp, req)
assert.Equal(t, test.wantCode, resp.Code)
assert.Equal(t, test.wantBody, resp.Body.String())
})
}
}