hanayo/vendor/github.com/RangelReale/osin/util_test.go

137 lines
3.5 KiB
Go
Raw Normal View History

2019-02-23 13:29:15 +00:00
package osin
import (
"net/http"
"net/url"
"testing"
)
const (
badAuthValue = "Digest XHHHHHHH"
goodAuthValue = "Basic dGVzdDp0ZXN0"
goodBearerAuthValue = "Bearer BGFVTDUJDp0ZXN0"
)
func TestBasicAuth(t *testing.T) {
r := &http.Request{Header: make(http.Header)}
// Without any header
if b, err := CheckBasicAuth(r); b != nil || err != nil {
t.Errorf("Validated basic auth without header")
}
// with invalid header
r.Header.Set("Authorization", badAuthValue)
b, err := CheckBasicAuth(r)
if b != nil || err == nil {
t.Errorf("Validated invalid auth")
return
}
// with valid header
r.Header.Set("Authorization", goodAuthValue)
b, err = CheckBasicAuth(r)
if b == nil || err != nil {
t.Errorf("Could not extract basic auth")
return
}
// check extracted auth data
if b.Username != "test" || b.Password != "test" {
t.Errorf("Error decoding basic auth")
}
}
func TestGetClientAuth(t *testing.T) {
urlWithSecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=yyy")
urlWithEmptySecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=")
urlNoSecret, _ := url.Parse("http://host.tld/path?client_id=xxx")
headerNoAuth := make(http.Header)
headerBadAuth := make(http.Header)
headerBadAuth.Set("Authorization", badAuthValue)
headerOKAuth := make(http.Header)
headerOKAuth.Set("Authorization", goodAuthValue)
var tests = []struct {
header http.Header
url *url.URL
allowQueryParams bool
expectAuth bool
}{
{headerNoAuth, urlWithSecret, true, true},
{headerNoAuth, urlWithSecret, false, false},
{headerNoAuth, urlWithEmptySecret, true, true},
{headerNoAuth, urlWithEmptySecret, false, false},
{headerNoAuth, urlNoSecret, true, false},
{headerNoAuth, urlNoSecret, false, false},
{headerBadAuth, urlWithSecret, true, true},
{headerBadAuth, urlWithSecret, false, false},
{headerBadAuth, urlWithEmptySecret, true, true},
{headerBadAuth, urlWithEmptySecret, false, false},
{headerBadAuth, urlNoSecret, true, false},
{headerBadAuth, urlNoSecret, false, false},
{headerOKAuth, urlWithSecret, true, true},
{headerOKAuth, urlWithSecret, false, true},
{headerOKAuth, urlWithEmptySecret, true, true},
{headerOKAuth, urlWithEmptySecret, false, true},
{headerOKAuth, urlNoSecret, true, true},
{headerOKAuth, urlNoSecret, false, true},
}
for _, tt := range tests {
w := new(Response)
r := &http.Request{Header: tt.header, URL: tt.url}
r.ParseForm()
auth := getClientAuth(w, r, tt.allowQueryParams)
if tt.expectAuth && auth == nil {
t.Errorf("Auth should not be nil for %v", tt)
} else if !tt.expectAuth && auth != nil {
t.Errorf("Auth should be nil for %v", tt)
}
}
}
func TestBearerAuth(t *testing.T) {
r := &http.Request{Header: make(http.Header)}
// Without any header
if b := CheckBearerAuth(r); b != nil {
t.Errorf("Validated bearer auth without header")
}
// with invalid header
r.Header.Set("Authorization", badAuthValue)
b := CheckBearerAuth(r)
if b != nil {
t.Errorf("Validated invalid auth")
return
}
// with valid header
r.Header.Set("Authorization", goodBearerAuthValue)
b = CheckBearerAuth(r)
if b == nil {
t.Errorf("Could not extract bearer auth")
return
}
// check extracted auth data
if b.Code != "BGFVTDUJDp0ZXN0" {
t.Errorf("Error decoding bearer auth")
}
// extracts bearer auth from query string
url, _ := url.Parse("http://host.tld/path?code=XYZ")
r = &http.Request{URL: url}
r.ParseForm()
b = CheckBearerAuth(r)
if b.Code != "XYZ" {
t.Errorf("Error decoding bearer auth")
}
}