auth
auth/token_test.go
Add support for bulk changes and for logins. Logins now get stored, listed, removed, and updated. You can select a profile by the login associated with it. Also added support for bulk changing profiles, because it may be necesary to set many profiles to compromised at the same time, and there's no sense in requiring a statement per profile.
| paddy@28 | 1 package auth |
| paddy@28 | 2 |
| paddy@28 | 3 import ( |
| paddy@28 | 4 "testing" |
| paddy@28 | 5 "time" |
| paddy@28 | 6 |
| paddy@28 | 7 "secondbit.org/uuid" |
| paddy@28 | 8 ) |
| paddy@28 | 9 |
| paddy@28 | 10 var tokenStores = []TokenStore{NewMemstore()} |
| paddy@28 | 11 |
| paddy@35 | 12 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) { |
| paddy@35 | 13 if token1.AccessToken != token2.AccessToken { |
| paddy@35 | 14 return false, "access token", token1.AccessToken, token2.AccessToken |
| paddy@35 | 15 } |
| paddy@35 | 16 if token1.RefreshToken != token2.RefreshToken { |
| paddy@35 | 17 return false, "refresh token", token1.RefreshToken, token2.RefreshToken |
| paddy@35 | 18 } |
| paddy@35 | 19 if !token1.Created.Equal(token2.Created) { |
| paddy@35 | 20 return false, "created", token1.Created, token2.Created |
| paddy@35 | 21 } |
| paddy@35 | 22 if token1.ExpiresIn != token2.ExpiresIn { |
| paddy@35 | 23 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn |
| paddy@35 | 24 } |
| paddy@35 | 25 if token1.TokenType != token2.TokenType { |
| paddy@35 | 26 return false, "token type", token1.TokenType, token2.TokenType |
| paddy@35 | 27 } |
| paddy@35 | 28 if token1.Scope != token2.Scope { |
| paddy@35 | 29 return false, "scope", token1.Scope, token2.Scope |
| paddy@35 | 30 } |
| paddy@35 | 31 if !token1.ProfileID.Equal(token2.ProfileID) { |
| paddy@35 | 32 return false, "profile ID", token1.ProfileID, token2.ProfileID |
| paddy@35 | 33 } |
| paddy@35 | 34 return true, "", nil, nil |
| paddy@35 | 35 } |
| paddy@35 | 36 |
| paddy@28 | 37 func TestTokenStoreSuccess(t *testing.T) { |
| paddy@37 | 38 t.Parallel() |
| paddy@28 | 39 token := Token{ |
| paddy@28 | 40 AccessToken: "access", |
| paddy@28 | 41 RefreshToken: "refresh", |
| paddy@28 | 42 Created: time.Now(), |
| paddy@28 | 43 ExpiresIn: 3600, |
| paddy@28 | 44 TokenType: "bearer", |
| paddy@28 | 45 Scope: "scope", |
| paddy@28 | 46 ProfileID: uuid.NewID(), |
| paddy@28 | 47 } |
| paddy@35 | 48 for _, store := range tokenStores { |
| paddy@28 | 49 err := store.SaveToken(token) |
| paddy@28 | 50 if err != nil { |
| paddy@37 | 51 t.Errorf("Error saving token to %T: %s", store, err) |
| paddy@37 | 52 } |
| paddy@37 | 53 err = store.SaveToken(token) |
| paddy@37 | 54 if err != ErrTokenAlreadyExists { |
| paddy@37 | 55 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err) |
| paddy@28 | 56 } |
| paddy@28 | 57 retrievedAccess, err := store.GetToken(token.AccessToken, false) |
| paddy@28 | 58 if err != nil { |
| paddy@35 | 59 t.Errorf("Error retrieving token from %T: %s", store, err) |
| paddy@28 | 60 } |
| paddy@35 | 61 success, field, expectation, result := compareTokens(token, retrievedAccess) |
| paddy@35 | 62 if !success { |
| paddy@35 | 63 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@35 | 64 } |
| paddy@28 | 65 retrievedRefresh, err := store.GetToken(token.RefreshToken, true) |
| paddy@28 | 66 if err != nil { |
| paddy@35 | 67 t.Errorf("Error retrieving refresh token from %T: %s", store, err) |
| paddy@28 | 68 } |
| paddy@35 | 69 success, field, expectation, result = compareTokens(token, retrievedRefresh) |
| paddy@35 | 70 if !success { |
| paddy@35 | 71 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@35 | 72 } |
| paddy@28 | 73 retrievedProfile, err := store.GetTokensByProfileID(token.ProfileID, 25, 0) |
| paddy@28 | 74 if err != nil { |
| paddy@35 | 75 t.Errorf("Error retrieving token by profile from %T: %s", store, err) |
| paddy@28 | 76 } |
| paddy@28 | 77 if len(retrievedProfile) != 1 { |
| paddy@35 | 78 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile) |
| paddy@28 | 79 } |
| paddy@35 | 80 success, field, expectation, result = compareTokens(token, retrievedProfile[0]) |
| paddy@35 | 81 if !success { |
| paddy@35 | 82 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store) |
| paddy@35 | 83 } |
| paddy@28 | 84 err = store.RemoveToken(token.AccessToken) |
| paddy@28 | 85 if err != nil { |
| paddy@35 | 86 t.Errorf("Error removing token from %T: %s", store, err) |
| paddy@28 | 87 } |
| paddy@28 | 88 _, err = store.GetToken(token.AccessToken, false) |
| paddy@28 | 89 if err != ErrTokenNotFound { |
| paddy@35 | 90 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@28 | 91 } |
| paddy@28 | 92 _, err = store.GetToken(token.RefreshToken, true) |
| paddy@28 | 93 if err != ErrTokenNotFound { |
| paddy@35 | 94 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@28 | 95 } |
| paddy@28 | 96 retrievedProfile, err = store.GetTokensByProfileID(token.ProfileID, 25, 0) |
| paddy@28 | 97 if err != nil { |
| paddy@35 | 98 t.Errorf("Error retrieving token by profile from %T: %s", store, err) |
| paddy@28 | 99 } |
| paddy@28 | 100 if len(retrievedProfile) != 0 { |
| paddy@35 | 101 t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile) |
| paddy@28 | 102 } |
| paddy@37 | 103 err = store.RemoveToken(token.AccessToken) |
| paddy@37 | 104 if err != ErrTokenNotFound { |
| paddy@37 | 105 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err) |
| paddy@37 | 106 } |
| paddy@28 | 107 } |
| paddy@28 | 108 } |