auth
auth/session_test.go
Remove refresh token expiration, update implicit token. Refresh tokens no longer expire, because they're supposed to be long-lived, and we have no way to communicate to the user exactly how long-lived they are. Instead, they are invalidated after a single use, which should prevent too much abuse. It gives them an effective lifespan of "default token expiration, or until used", which I think is Good Enough. Also updated our implicit token to set the CreatedFrom to "implicit" and the ClientID to the client ID, which is important, I guess. It's really annoying that we have that logic in two different places.
| paddy@77 | 1 package auth |
| paddy@77 | 2 |
| paddy@77 | 3 import ( |
| paddy@77 | 4 "testing" |
| paddy@77 | 5 "time" |
| paddy@77 | 6 |
| paddy@107 | 7 "code.secondbit.org/uuid.hg" |
| paddy@77 | 8 ) |
| paddy@77 | 9 |
| paddy@77 | 10 var sessionStores = []sessionStore{NewMemstore()} |
| paddy@77 | 11 |
| paddy@77 | 12 func compareSessions(session1, session2 Session) (success bool, field string, val1, val2 interface{}) { |
| paddy@77 | 13 if session1.ID != session2.ID { |
| paddy@77 | 14 return false, "ID", session1.ID, session2.ID |
| paddy@77 | 15 } |
| paddy@77 | 16 if session1.IP != session2.IP { |
| paddy@77 | 17 return false, "IP", session1.IP, session2.IP |
| paddy@77 | 18 } |
| paddy@77 | 19 if session1.UserAgent != session2.UserAgent { |
| paddy@77 | 20 return false, "UserAgent", session1.UserAgent, session2.UserAgent |
| paddy@77 | 21 } |
| paddy@77 | 22 if !session1.ProfileID.Equal(session2.ProfileID) { |
| paddy@77 | 23 return false, "ProfileID", session1.ProfileID, session2.ProfileID |
| paddy@77 | 24 } |
| paddy@77 | 25 if !session1.Created.Equal(session2.Created) { |
| paddy@77 | 26 return false, "Created", session1.Created, session2.Created |
| paddy@77 | 27 } |
| paddy@77 | 28 if session1.Login != session2.Login { |
| paddy@77 | 29 return false, "Login", session1.Login, session2.Login |
| paddy@77 | 30 } |
| paddy@77 | 31 if session1.Active != session2.Active { |
| paddy@77 | 32 return false, "Active", session1.Active, session2.Active |
| paddy@77 | 33 } |
| paddy@77 | 34 return true, "", nil, nil |
| paddy@77 | 35 } |
| paddy@77 | 36 |
| paddy@77 | 37 func TestSessionStoreSuccess(t *testing.T) { |
| paddy@77 | 38 t.Parallel() |
| paddy@77 | 39 session := Session{ |
| paddy@77 | 40 ID: uuid.NewID().String() + uuid.NewID().String(), |
| paddy@77 | 41 IP: "127.0.0.1", |
| paddy@77 | 42 UserAgent: "TestRunner", |
| paddy@77 | 43 ProfileID: uuid.NewID(), |
| paddy@77 | 44 Created: time.Now(), |
| paddy@77 | 45 Login: "test@example.com", |
| paddy@77 | 46 Active: true, |
| paddy@77 | 47 } |
| paddy@77 | 48 for _, store := range sessionStores { |
| paddy@116 | 49 context := Context{sessions: store} |
| paddy@116 | 50 err := context.CreateSession(session) |
| paddy@77 | 51 if err != nil { |
| paddy@77 | 52 t.Errorf("Error saving session to %T: %s", store, err) |
| paddy@77 | 53 } |
| paddy@116 | 54 err = context.CreateSession(session) |
| paddy@77 | 55 if err != ErrSessionAlreadyExists { |
| paddy@77 | 56 t.Errorf("Expected ErrSessionAlreadyExists from %T, got %s", store, err) |
| paddy@77 | 57 } |
| paddy@116 | 58 retrieved, err := context.GetSession(session.ID) |
| paddy@77 | 59 if err != nil { |
| paddy@77 | 60 t.Errorf("Error retrieving session from %T: %s", store, err) |
| paddy@77 | 61 } |
| paddy@77 | 62 success, field, expectation, result := compareSessions(session, retrieved) |
| paddy@77 | 63 if !success { |
| paddy@77 | 64 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@77 | 65 } |
| paddy@116 | 66 retrievedList, err := context.ListSessions(session.ProfileID, time.Time{}, 10) |
| paddy@77 | 67 if err != nil { |
| paddy@77 | 68 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err) |
| paddy@77 | 69 } |
| paddy@77 | 70 if len(retrievedList) != 1 { |
| paddy@77 | 71 t.Errorf("Expected 1 session retrieved by profile from %T, got %d", store, len(retrievedList)) |
| paddy@77 | 72 } |
| paddy@77 | 73 success, field, expectation, result = compareSessions(session, retrievedList[0]) |
| paddy@77 | 74 if !success { |
| paddy@77 | 75 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@77 | 76 } |
| paddy@116 | 77 err = context.RemoveSession(session.ID) |
| paddy@77 | 78 if err != nil { |
| paddy@77 | 79 t.Errorf("Error removing session from %T: %s", store, err) |
| paddy@77 | 80 } |
| paddy@116 | 81 retrieved, err = context.GetSession(session.ID) |
| paddy@77 | 82 if err != ErrSessionNotFound { |
| paddy@77 | 83 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err) |
| paddy@77 | 84 } |
| paddy@116 | 85 retrievedList, err = context.ListSessions(session.ProfileID, time.Time{}, 10) |
| paddy@77 | 86 if err != nil { |
| paddy@77 | 87 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err) |
| paddy@77 | 88 } |
| paddy@77 | 89 if len(retrievedList) != 0 { |
| paddy@77 | 90 t.Errorf("Expected 0 sessions retrieved by profile from %T, got %d", store, len(retrievedList)) |
| paddy@77 | 91 } |
| paddy@116 | 92 err = context.RemoveSession(session.ID) |
| paddy@77 | 93 if err != ErrSessionNotFound { |
| paddy@77 | 94 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err) |
| paddy@77 | 95 } |
| paddy@77 | 96 } |
| paddy@77 | 97 } |