auth
2014-07-18
auth/util_test.go
Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/util_test.go Fri Jul 18 07:13:22 2014 -0400 1.3 @@ -0,0 +1,96 @@ 1.4 +package oauth2 1.5 + 1.6 +import ( 1.7 + "net/http" 1.8 + "net/url" 1.9 + "testing" 1.10 +) 1.11 + 1.12 +const ( 1.13 + badAuthValue = "Digest XHHHHHHH" 1.14 + goodAuthValue = "Basic dGVzdDp0ZXN0" 1.15 +) 1.16 + 1.17 +func TestBasicAuth(t *testing.T) { 1.18 + r := &http.Request{Header: make(http.Header)} 1.19 + 1.20 + // Without any header 1.21 + if b, err := CheckBasicAuth(r); b != nil || err != nil { 1.22 + t.Errorf("Validated basic auth without header") 1.23 + } 1.24 + 1.25 + // with invalid header 1.26 + r.Header.Set("Authorization", badAuthValue) 1.27 + b, err := CheckBasicAuth(r) 1.28 + if b != nil || err == nil { 1.29 + t.Errorf("Validated invalid auth") 1.30 + return 1.31 + } 1.32 + 1.33 + // with valid header 1.34 + r.Header.Set("Authorization", goodAuthValue) 1.35 + b, err = CheckBasicAuth(r) 1.36 + if b == nil || err != nil { 1.37 + t.Errorf("Could not extract basic auth") 1.38 + return 1.39 + } 1.40 + 1.41 + // check extracted auth data 1.42 + if b.Username != "test" || b.Password != "test" { 1.43 + t.Errorf("Error decoding basic auth") 1.44 + } 1.45 +} 1.46 + 1.47 +func TestGetClientAuth(t *testing.T) { 1.48 + 1.49 + urlWithSecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=yyy") 1.50 + urlWithEmptySecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=") 1.51 + urlNoSecret, _ := url.Parse("http://host.tld/path?client_id=xxx") 1.52 + 1.53 + headerNoAuth := make(http.Header) 1.54 + headerBadAuth := make(http.Header) 1.55 + headerBadAuth.Set("Authorization", badAuthValue) 1.56 + headerOKAuth := make(http.Header) 1.57 + headerOKAuth.Set("Authorization", goodAuthValue) 1.58 + 1.59 + var tests = []struct { 1.60 + header http.Header 1.61 + url *url.URL 1.62 + allowQueryParams bool 1.63 + expectAuth bool 1.64 + }{ 1.65 + {headerNoAuth, urlWithSecret, true, true}, 1.66 + {headerNoAuth, urlWithSecret, false, false}, 1.67 + {headerNoAuth, urlWithEmptySecret, true, true}, 1.68 + {headerNoAuth, urlWithEmptySecret, false, false}, 1.69 + {headerNoAuth, urlNoSecret, true, false}, 1.70 + {headerNoAuth, urlNoSecret, false, false}, 1.71 + 1.72 + {headerBadAuth, urlWithSecret, true, true}, 1.73 + {headerBadAuth, urlWithSecret, false, false}, 1.74 + {headerBadAuth, urlWithEmptySecret, true, true}, 1.75 + {headerBadAuth, urlWithEmptySecret, false, false}, 1.76 + {headerBadAuth, urlNoSecret, true, false}, 1.77 + {headerBadAuth, urlNoSecret, false, false}, 1.78 + 1.79 + {headerOKAuth, urlWithSecret, true, true}, 1.80 + {headerOKAuth, urlWithSecret, false, true}, 1.81 + {headerOKAuth, urlWithEmptySecret, true, true}, 1.82 + {headerOKAuth, urlWithEmptySecret, false, true}, 1.83 + {headerOKAuth, urlNoSecret, true, true}, 1.84 + {headerOKAuth, urlNoSecret, false, true}, 1.85 + } 1.86 + 1.87 + for _, tt := range tests { 1.88 + w := new(Response) 1.89 + r := &http.Request{Header: tt.header, URL: tt.url} 1.90 + r.ParseForm() 1.91 + auth := getClientAuth(w, r, tt.allowQueryParams) 1.92 + if tt.expectAuth && auth == nil { 1.93 + t.Errorf("Auth should not be nil for %v", tt) 1.94 + } else if !tt.expectAuth && auth != nil { 1.95 + t.Errorf("Auth should be nil for %v", tt) 1.96 + } 1.97 + } 1.98 + 1.99 +}