auth

Paddy 2015-04-07 Parent:5f670aba87b4 Child:cf6c1f05eb21

155:762953f6a7f2 Go to Latest

auth/session_test.go

Implement postgres version of the tokenStore. Create a postgres implementation for the tokenStore. Note that because pq doesn't support Postgres' array types (see https://github.com/lib/pq/issues/49), we couldn't just store the token.Scopes field as a Postgres array of varchars, which would have been the ideal. Instead, we need a many-to-many table that maps tokens to scopes. This meant we needed a special tokenScope type for our database mapping, and we needed to complicate the token storage/retrieval functions a little bit. It's kind of ugly, I'm not a huge fan of it, and I'd much rather be using the Postgres array types, but... well, here we are. We also added the postgres tokenStore to our slice of tokenStores to test when the correct environment variables are present. We wrote initialization SQL for the tables required by the postgres tokenStore. Also, added a helper script for emptying the test database, because I got tired of doing it by hand. We should be doing that in an automated fashion in the tests themselves, but that would mean extending the *Store interfaces.

Download raw file
View source Diff to previous Annotate
History
1 package auth
2
3 import (
4 "os"
5 "testing"
6 "time"
7
8 "code.secondbit.org/uuid.hg"
9 )
10
11 func init() {
12 if os.Getenv("PG_TEST_DB") != "" {
13 p, err := NewPostgres(os.Getenv("PG_TEST_DB"))
14 if err != nil {
15 panic(err)
16 }
17 sessionStores = append(sessionStores, &p)
18 }
19 }
20
21 var sessionStores = []sessionStore{NewMemstore()}
22
23 func compareSessions(session1, session2 Session) (success bool, field string, val1, val2 interface{}) {
24 if session1.ID != session2.ID {
25 return false, "ID", session1.ID, session2.ID
26 }
27 if session1.IP != session2.IP {
28 return false, "IP", session1.IP, session2.IP
29 }
30 if session1.UserAgent != session2.UserAgent {
31 return false, "UserAgent", session1.UserAgent, session2.UserAgent
32 }
33 if !session1.ProfileID.Equal(session2.ProfileID) {
34 return false, "ProfileID", session1.ProfileID, session2.ProfileID
35 }
36 if !session1.Created.Equal(session2.Created) {
37 return false, "Created", session1.Created, session2.Created
38 }
39 if !session1.Expires.Equal(session2.Expires) {
40 return false, "Expires", session1.Expires, session2.Expires
41 }
42 if session1.Login != session2.Login {
43 return false, "Login", session1.Login, session2.Login
44 }
45 if session1.Active != session2.Active {
46 return false, "Active", session1.Active, session2.Active
47 }
48 if session1.CSRFToken != session2.CSRFToken {
49 return false, "CSRFToken", session1.CSRFToken, session2.CSRFToken
50 }
51 return true, "", nil, nil
52 }
53
54 func TestSessionStoreSuccess(t *testing.T) {
55 t.Parallel()
56 session := Session{
57 ID: uuid.NewID().String() + uuid.NewID().String(),
58 IP: "127.0.0.1",
59 UserAgent: "TestRunner",
60 ProfileID: uuid.NewID(),
61 Created: time.Now().Round(time.Millisecond),
62 Login: "test@example.com",
63 Active: true,
64 }
65 for _, store := range sessionStores {
66 context := Context{sessions: store}
67 err := context.CreateSession(session)
68 if err != nil {
69 t.Errorf("Error saving session to %T: %s", store, err)
70 }
71 err = context.CreateSession(session)
72 if err != ErrSessionAlreadyExists {
73 t.Errorf("Expected ErrSessionAlreadyExists from %T, got %s", store, err)
74 }
75 retrieved, err := context.GetSession(session.ID)
76 if err != nil {
77 t.Errorf("Error retrieving session from %T: %s", store, err)
78 }
79 success, field, expectation, result := compareSessions(session, retrieved)
80 if !success {
81 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
82 }
83 retrievedList, err := context.ListSessions(session.ProfileID, time.Time{}, 10)
84 if err != nil {
85 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err)
86 }
87 if len(retrievedList) != 1 {
88 t.Errorf("Expected 1 session retrieved by profile from %T, got %d", store, len(retrievedList))
89 }
90 success, field, expectation, result = compareSessions(session, retrievedList[0])
91 if !success {
92 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
93 }
94 err = context.RemoveSession(session.ID)
95 if err != nil {
96 t.Errorf("Error removing session from %T: %s", store, err)
97 }
98 retrieved, err = context.GetSession(session.ID)
99 if err != ErrSessionNotFound {
100 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err)
101 }
102 retrievedList, err = context.ListSessions(session.ProfileID, time.Time{}, 10)
103 if err != nil {
104 t.Errorf("Error retrieving sessions by profile from %T: %s", store, err)
105 }
106 if len(retrievedList) != 0 {
107 t.Errorf("Expected 0 sessions retrieved by profile from %T, got %d", store, len(retrievedList))
108 }
109 err = context.RemoveSession(session.ID)
110 if err != ErrSessionNotFound {
111 t.Errorf("Expected ErrSessionNotFound from %T, got %s", store, err)
112 }
113 }
114 }
115
116 // BUG(paddy): We need to test the CreateSessionHandler.
117 // BUG(paddy): We need to test the credentialsValidate function.