auth

Paddy 2014-07-18

0:7a6f64db7246 Go to Latest

auth/util_test.go

Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.

Download raw file
View source Diff to previous Annotate
History
paddy@0 1 package oauth2
paddy@0 2
paddy@0 3 import (
paddy@0 4 "net/http"
paddy@0 5 "net/url"
paddy@0 6 "testing"
paddy@0 7 )
paddy@0 8
paddy@0 9 const (
paddy@0 10 badAuthValue = "Digest XHHHHHHH"
paddy@0 11 goodAuthValue = "Basic dGVzdDp0ZXN0"
paddy@0 12 )
paddy@0 13
paddy@0 14 func TestBasicAuth(t *testing.T) {
paddy@0 15 r := &http.Request{Header: make(http.Header)}
paddy@0 16
paddy@0 17 // Without any header
paddy@0 18 if b, err := CheckBasicAuth(r); b != nil || err != nil {
paddy@0 19 t.Errorf("Validated basic auth without header")
paddy@0 20 }
paddy@0 21
paddy@0 22 // with invalid header
paddy@0 23 r.Header.Set("Authorization", badAuthValue)
paddy@0 24 b, err := CheckBasicAuth(r)
paddy@0 25 if b != nil || err == nil {
paddy@0 26 t.Errorf("Validated invalid auth")
paddy@0 27 return
paddy@0 28 }
paddy@0 29
paddy@0 30 // with valid header
paddy@0 31 r.Header.Set("Authorization", goodAuthValue)
paddy@0 32 b, err = CheckBasicAuth(r)
paddy@0 33 if b == nil || err != nil {
paddy@0 34 t.Errorf("Could not extract basic auth")
paddy@0 35 return
paddy@0 36 }
paddy@0 37
paddy@0 38 // check extracted auth data
paddy@0 39 if b.Username != "test" || b.Password != "test" {
paddy@0 40 t.Errorf("Error decoding basic auth")
paddy@0 41 }
paddy@0 42 }
paddy@0 43
paddy@0 44 func TestGetClientAuth(t *testing.T) {
paddy@0 45
paddy@0 46 urlWithSecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=yyy")
paddy@0 47 urlWithEmptySecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=")
paddy@0 48 urlNoSecret, _ := url.Parse("http://host.tld/path?client_id=xxx")
paddy@0 49
paddy@0 50 headerNoAuth := make(http.Header)
paddy@0 51 headerBadAuth := make(http.Header)
paddy@0 52 headerBadAuth.Set("Authorization", badAuthValue)
paddy@0 53 headerOKAuth := make(http.Header)
paddy@0 54 headerOKAuth.Set("Authorization", goodAuthValue)
paddy@0 55
paddy@0 56 var tests = []struct {
paddy@0 57 header http.Header
paddy@0 58 url *url.URL
paddy@0 59 allowQueryParams bool
paddy@0 60 expectAuth bool
paddy@0 61 }{
paddy@0 62 {headerNoAuth, urlWithSecret, true, true},
paddy@0 63 {headerNoAuth, urlWithSecret, false, false},
paddy@0 64 {headerNoAuth, urlWithEmptySecret, true, true},
paddy@0 65 {headerNoAuth, urlWithEmptySecret, false, false},
paddy@0 66 {headerNoAuth, urlNoSecret, true, false},
paddy@0 67 {headerNoAuth, urlNoSecret, false, false},
paddy@0 68
paddy@0 69 {headerBadAuth, urlWithSecret, true, true},
paddy@0 70 {headerBadAuth, urlWithSecret, false, false},
paddy@0 71 {headerBadAuth, urlWithEmptySecret, true, true},
paddy@0 72 {headerBadAuth, urlWithEmptySecret, false, false},
paddy@0 73 {headerBadAuth, urlNoSecret, true, false},
paddy@0 74 {headerBadAuth, urlNoSecret, false, false},
paddy@0 75
paddy@0 76 {headerOKAuth, urlWithSecret, true, true},
paddy@0 77 {headerOKAuth, urlWithSecret, false, true},
paddy@0 78 {headerOKAuth, urlWithEmptySecret, true, true},
paddy@0 79 {headerOKAuth, urlWithEmptySecret, false, true},
paddy@0 80 {headerOKAuth, urlNoSecret, true, true},
paddy@0 81 {headerOKAuth, urlNoSecret, false, true},
paddy@0 82 }
paddy@0 83
paddy@0 84 for _, tt := range tests {
paddy@0 85 w := new(Response)
paddy@0 86 r := &http.Request{Header: tt.header, URL: tt.url}
paddy@0 87 r.ParseForm()
paddy@0 88 auth := getClientAuth(w, r, tt.allowQueryParams)
paddy@0 89 if tt.expectAuth && auth == nil {
paddy@0 90 t.Errorf("Auth should not be nil for %v", tt)
paddy@0 91 } else if !tt.expectAuth && auth != nil {
paddy@0 92 t.Errorf("Auth should be nil for %v", tt)
paddy@0 93 }
paddy@0 94 }
paddy@0 95
paddy@0 96 }