-
Notifications
You must be signed in to change notification settings - Fork 13
/
middleware_auth_test.go
151 lines (115 loc) · 3.35 KB
/
middleware_auth_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package rye
import (
"net/http"
"net/http/httptest"
"context"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
)
const AUTH_HEADER_NAME = "Authorization"
var _ = Describe("Auth Middleware", func() {
var (
request *http.Request
response *httptest.ResponseRecorder
testHandler func(http.ResponseWriter, *http.Request) *Response
)
BeforeEach(func() {
response = httptest.NewRecorder()
})
Context("auth", func() {
var (
fakeAuth *recorder
)
BeforeEach(func() {
fakeAuth = &recorder{}
testHandler = NewMiddlewareAuth(fakeAuth.authFunc)
request = &http.Request{
Header: map[string][]string{},
}
})
It("passes the header to the auth func", func() {
testAuth := "foobar"
request.Header.Add(AUTH_HEADER_NAME, testAuth)
resp := testHandler(response, request)
Expect(resp).To(BeNil())
Expect(fakeAuth.header).To(Equal(testAuth))
})
Context("when no header is found", func() {
It("errors", func() {
resp := testHandler(response, request)
Expect(resp).ToNot(BeNil())
Expect(resp.Err).ToNot(BeNil())
Expect(resp.Err.Error()).To(ContainSubstring("no authentication"))
})
})
})
Context("Basic Auth", func() {
var (
username = "user1"
pass = "mypass"
)
BeforeEach(func() {
testHandler = NewMiddlewareAuth(NewBasicAuthFunc(map[string]string{
username: pass,
}))
request = &http.Request{
Header: map[string][]string{},
}
})
It("validates the password", func() {
request.SetBasicAuth(username, pass)
resp := testHandler(response, request)
Expect(resp.Err).To(BeNil())
})
It("adds the username to context", func() {
request.SetBasicAuth(username, pass)
resp := testHandler(response, request)
Expect(resp.Err).To(BeNil())
ctxUname := resp.Context.Value(AUTH_USERNAME_KEY)
uname, ok := ctxUname.(string)
Expect(ok).To(BeTrue())
Expect(uname).To(Equal(username))
})
It("preserves the request context", func() {
})
It("errors if username unknown", func() {
request.SetBasicAuth("noname", pass)
resp := testHandler(response, request)
Expect(resp.Err).ToNot(BeNil())
Expect(resp.Err.Error()).To(ContainSubstring("invalid auth"))
})
It("errors if password wrong", func() {
request.SetBasicAuth(username, "wrong")
resp := testHandler(response, request)
Expect(resp.Err).ToNot(BeNil())
Expect(resp.Err.Error()).To(ContainSubstring("invalid auth"))
})
Context("parseBasicAuth", func() {
It("errors if header not basic", func() {
request.Header.Add(AUTH_HEADER_NAME, "wrong")
resp := testHandler(response, request)
Expect(resp.Err).ToNot(BeNil())
Expect(resp.Err.Error()).To(ContainSubstring("invalid auth"))
})
It("errors if header not base64", func() {
request.Header.Add(AUTH_HEADER_NAME, "Basic ------")
resp := testHandler(response, request)
Expect(resp.Err).ToNot(BeNil())
Expect(resp.Err.Error()).To(ContainSubstring("invalid auth"))
})
It("errors if header wrong format", func() {
request.Header.Add(AUTH_HEADER_NAME, "Basic YXNkZgo=") // asdf no `:`
resp := testHandler(response, request)
Expect(resp.Err).ToNot(BeNil())
Expect(resp.Err.Error()).To(ContainSubstring("invalid auth"))
})
})
})
})
type recorder struct {
header string
}
func (r *recorder) authFunc(ctx context.Context, s string) *Response {
r.header = s
return nil
}