auth
auth/request_test.go
Enable terminating sessions through the API. Add a terminateSession method to the sessionStore that sets the Active property of the Session to false. Create a Context.TerminateSession wrapper for the terminateSession method on the sessionStore. Add a Sessions property to our response type so we can return a []Session in API responses. Use the URL-safe encoding when base64 encoding our session ID and CSRFToken, so the ID can be passed in the URL and so our encodings are consistent. Add a TerminateSessionHandler function that will extract a Session ID from the request URL, authenticate the user, check that the authenticated user owns the session in question, and terminate the session. Add implementations for our new terminateSession method for the memstore and postgres types. Test both the memstore and postgres implementation of our terminateSession helper in session_test.go.
| paddy@116 | 1 package auth |
| paddy@116 | 2 |
| paddy@116 | 3 import "fmt" |
| paddy@116 | 4 |
| paddy@116 | 5 func compareErrors(err1, err2 requestError) (success bool, field string, val1, val2 interface{}) { |
| paddy@116 | 6 if err1.Slug != err2.Slug { |
| paddy@116 | 7 return false, "Slug", err1.Slug, err2.Slug |
| paddy@116 | 8 } |
| paddy@116 | 9 if err1.Field != err2.Field { |
| paddy@116 | 10 return false, "Field", err1.Field, err2.Field |
| paddy@116 | 11 } |
| paddy@116 | 12 if err1.Param != err2.Param { |
| paddy@116 | 13 return false, "Param", err1.Param, err2.Param |
| paddy@116 | 14 } |
| paddy@116 | 15 if err1.Header != err2.Header { |
| paddy@116 | 16 return false, "Header", err1.Header, err2.Header |
| paddy@116 | 17 } |
| paddy@116 | 18 return true, "", nil, nil |
| paddy@116 | 19 } |
| paddy@116 | 20 |
| paddy@116 | 21 func compareResponses(resp1, resp2 response) (success bool, field string, val1, val2 interface{}) { |
| paddy@116 | 22 if len(resp1.Errors) != len(resp2.Errors) { |
| paddy@116 | 23 return false, "Errors", resp1.Errors, resp2.Errors |
| paddy@116 | 24 } |
| paddy@116 | 25 if len(resp1.Logins) != len(resp2.Logins) { |
| paddy@116 | 26 return false, "Logins", resp1.Logins, resp2.Logins |
| paddy@116 | 27 } |
| paddy@116 | 28 if len(resp1.Profiles) != len(resp2.Profiles) { |
| paddy@116 | 29 return false, "Profiles", resp1.Profiles, resp2.Profiles |
| paddy@116 | 30 } |
| paddy@116 | 31 if len(resp1.Clients) != len(resp2.Clients) { |
| paddy@116 | 32 return false, "Clients", resp1.Clients, resp2.Clients |
| paddy@116 | 33 } |
| paddy@116 | 34 if len(resp1.Endpoints) != len(resp2.Endpoints) { |
| paddy@116 | 35 return false, "Endpoints", resp1.Endpoints, resp2.Endpoints |
| paddy@116 | 36 } |
| paddy@116 | 37 for pos := range resp1.Errors { |
| paddy@116 | 38 success, field, val1, val2 = compareErrors(resp1.Errors[pos], resp2.Errors[pos]) |
| paddy@116 | 39 if !success { |
| paddy@116 | 40 field = fmt.Sprintf("Error %d %s", pos, field) |
| paddy@116 | 41 return |
| paddy@116 | 42 } |
| paddy@116 | 43 } |
| paddy@116 | 44 for pos := range resp1.Logins { |
| paddy@116 | 45 success, field, val1, val2 = compareLogins(resp1.Logins[pos], resp2.Logins[pos]) |
| paddy@116 | 46 if !success { |
| paddy@116 | 47 field = fmt.Sprintf("Login %d %s", pos, field) |
| paddy@116 | 48 return |
| paddy@116 | 49 } |
| paddy@116 | 50 } |
| paddy@116 | 51 for pos := range resp1.Profiles { |
| paddy@116 | 52 success, field, val1, val2 = compareProfiles(resp1.Profiles[pos], resp2.Profiles[pos]) |
| paddy@116 | 53 if !success { |
| paddy@116 | 54 field = fmt.Sprintf("Profile %d %s", pos, field) |
| paddy@116 | 55 return |
| paddy@116 | 56 } |
| paddy@116 | 57 } |
| paddy@116 | 58 for pos := range resp1.Clients { |
| paddy@116 | 59 success, field, val1, val2 = compareClients(resp1.Clients[pos], resp2.Clients[pos]) |
| paddy@116 | 60 if !success { |
| paddy@116 | 61 field = fmt.Sprintf("Client %d %s", pos, field) |
| paddy@116 | 62 return |
| paddy@116 | 63 } |
| paddy@116 | 64 } |
| paddy@116 | 65 for pos := range resp1.Endpoints { |
| paddy@116 | 66 success, field, val1, val2 = compareEndpoints(resp1.Endpoints[pos], resp2.Endpoints[pos]) |
| paddy@116 | 67 if !success { |
| paddy@116 | 68 field = fmt.Sprintf("Endpoint %d %s", pos, field) |
| paddy@116 | 69 return |
| paddy@116 | 70 } |
| paddy@116 | 71 } |
| paddy@116 | 72 return true, "", nil, nil |
| paddy@116 | 73 } |
| paddy@116 | 74 |
| paddy@116 | 75 func fillInServerGenerated(expectation, result response) { |
| paddy@116 | 76 if len(expectation.Profiles) > 0 { |
| paddy@116 | 77 for pos, profile := range expectation.Profiles { |
| paddy@116 | 78 profile.ID = result.Profiles[pos].ID |
| paddy@116 | 79 profile.Created = result.Profiles[pos].Created |
| paddy@116 | 80 profile.LastSeen = result.Profiles[pos].LastSeen |
| paddy@116 | 81 expectation.Profiles[pos] = profile |
| paddy@116 | 82 } |
| paddy@116 | 83 } |
| paddy@116 | 84 if len(expectation.Logins) > 0 { |
| paddy@116 | 85 for pos, login := range expectation.Logins { |
| paddy@116 | 86 login.ProfileID = result.Logins[pos].ProfileID |
| paddy@116 | 87 login.Created = result.Logins[pos].Created |
| paddy@116 | 88 login.LastUsed = result.Logins[pos].LastUsed |
| paddy@116 | 89 expectation.Logins[pos] = login |
| paddy@116 | 90 } |
| paddy@116 | 91 } |
| paddy@116 | 92 if len(expectation.Clients) > 0 { |
| paddy@116 | 93 for pos, client := range expectation.Clients { |
| paddy@116 | 94 client.ID = result.Clients[pos].ID |
| paddy@116 | 95 client.Secret = result.Clients[pos].Secret |
| paddy@116 | 96 client.OwnerID = result.Clients[pos].OwnerID |
| paddy@116 | 97 expectation.Clients[pos] = client |
| paddy@116 | 98 } |
| paddy@116 | 99 } |
| paddy@116 | 100 if len(expectation.Endpoints) > 0 { |
| paddy@116 | 101 for pos, endpoint := range expectation.Endpoints { |
| paddy@116 | 102 endpoint.ID = result.Endpoints[pos].ID |
| paddy@116 | 103 endpoint.ClientID = result.Endpoints[pos].ClientID |
| paddy@116 | 104 endpoint.Added = result.Endpoints[pos].Added |
| paddy@116 | 105 expectation.Endpoints[pos] = endpoint |
| paddy@116 | 106 } |
| paddy@116 | 107 } |
| paddy@116 | 108 } |