auth

Paddy 2014-12-14 Parent:1fb166575e69 Child:c03b5eb3179e

103:0b45e6b9cb94 Go to Latest

auth/authcode_test.go

Store salts and passphrases as hex-encoded strings. Update our passphraseScheme.create function signature to return strings. Hex encode our passphrases and salts when encrypthing them so they're easier to store safely. Decode our salt before using it to check candidate passphrases.

Download raw file
View source Diff to previous Annotate
History
paddy@29 1 package auth
paddy@29 2
paddy@29 3 import (
paddy@29 4 "testing"
paddy@29 5 "time"
paddy@29 6
paddy@45 7 "code.secondbit.org/uuid"
paddy@29 8 )
paddy@29 9
paddy@87 10 var authCodeStores = []authorizationCodeStore{NewMemstore()}
paddy@29 11
paddy@87 12 func compareAuthorizationCodes(authCode1, authCode2 AuthorizationCode) (success bool, field string, authCode1val, authCode2val interface{}) {
paddy@87 13 if authCode1.Code != authCode2.Code {
paddy@87 14 return false, "code", authCode1.Code, authCode2.Code
paddy@34 15 }
paddy@87 16 if !authCode1.Created.Equal(authCode2.Created) {
paddy@87 17 return false, "created", authCode1.Created, authCode2.Created
paddy@34 18 }
paddy@87 19 if authCode1.ExpiresIn != authCode2.ExpiresIn {
paddy@87 20 return false, "expires in", authCode1.ExpiresIn, authCode2.ExpiresIn
paddy@34 21 }
paddy@87 22 if !authCode1.ClientID.Equal(authCode2.ClientID) {
paddy@87 23 return false, "client ID", authCode1.ClientID, authCode2.ClientID
paddy@34 24 }
paddy@87 25 if authCode1.Scope != authCode2.Scope {
paddy@87 26 return false, "scope", authCode1.Scope, authCode2.Scope
paddy@34 27 }
paddy@87 28 if authCode1.RedirectURI != authCode2.RedirectURI {
paddy@87 29 return false, "redirect URI", authCode1.RedirectURI, authCode2.RedirectURI
paddy@34 30 }
paddy@87 31 if authCode1.State != authCode2.State {
paddy@87 32 return false, "state", authCode1.State, authCode2.State
paddy@34 33 }
paddy@34 34 return true, "", nil, nil
paddy@34 35 }
paddy@34 36
paddy@87 37 func TestAuthorizationCodeStoreSuccess(t *testing.T) {
paddy@36 38 t.Parallel()
paddy@87 39 authCode := AuthorizationCode{
paddy@29 40 Code: "code",
paddy@29 41 Created: time.Now(),
paddy@29 42 ExpiresIn: 180,
paddy@29 43 ClientID: uuid.NewID(),
paddy@29 44 Scope: "scope",
paddy@29 45 RedirectURI: "redirectURI",
paddy@29 46 State: "state",
paddy@29 47 }
paddy@87 48 for _, store := range authCodeStores {
paddy@87 49 err := store.saveAuthorizationCode(authCode)
paddy@29 50 if err != nil {
paddy@87 51 t.Errorf("Error saving auth code to %T: %s", store, err)
paddy@34 52 }
paddy@87 53 err = store.saveAuthorizationCode(authCode)
paddy@87 54 if err != ErrAuthorizationCodeAlreadyExists {
paddy@87 55 t.Errorf("Expected ErrAuthorizationCodeAlreadyExists from %T, got %+v", store, err)
paddy@29 56 }
paddy@87 57 retrieved, err := store.getAuthorizationCode(authCode.Code)
paddy@29 58 if err != nil {
paddy@87 59 t.Errorf("Error retrieving auth code from %T: %s", store, err)
paddy@29 60 }
paddy@87 61 match, field, expectation, result := compareAuthorizationCodes(authCode, retrieved)
paddy@34 62 if !match {
paddy@87 63 t.Errorf("Expected `%v` in the `%s` field of auth code retrieved from %T, got `%v`", expectation, field, store, result)
paddy@34 64 }
paddy@87 65 err = store.deleteAuthorizationCode(authCode.Code)
paddy@29 66 if err != nil {
paddy@87 67 t.Errorf("Error removing auth code from %T: %s", store, err)
paddy@29 68 }
paddy@87 69 retrieved, err = store.getAuthorizationCode(authCode.Code)
paddy@87 70 if err != ErrAuthorizationCodeNotFound {
paddy@87 71 t.Errorf("Expected ErrAuthorizationCodeNotFound from %T, got %+v and %+v", store, retrieved, err)
paddy@34 72 }
paddy@87 73 err = store.deleteAuthorizationCode(authCode.Code)
paddy@87 74 if err != ErrAuthorizationCodeNotFound {
paddy@87 75 t.Errorf("Expected ErrAuthorizationCodeNotFound from %T, got %+v", store, err)
paddy@29 76 }
paddy@29 77 }
paddy@29 78 }