auth

Paddy 2014-07-18

0:7a6f64db7246 Go to Latest

auth/util_test.go

Start rewriting the repo. This code originally was a carbon copy of https://github.com/RangelReale/osin, but I am methodically stripping out the extensible nature of it for a simpler interface, while simultaneously bringing the style into line with the Ducky style.

Download raw file
View source Diff to previous Annotate
History
1 package oauth2
2
3 import (
4 "net/http"
5 "net/url"
6 "testing"
7 )
8
9 const (
10 badAuthValue = "Digest XHHHHHHH"
11 goodAuthValue = "Basic dGVzdDp0ZXN0"
12 )
13
14 func TestBasicAuth(t *testing.T) {
15 r := &http.Request{Header: make(http.Header)}
16
17 // Without any header
18 if b, err := CheckBasicAuth(r); b != nil || err != nil {
19 t.Errorf("Validated basic auth without header")
20 }
21
22 // with invalid header
23 r.Header.Set("Authorization", badAuthValue)
24 b, err := CheckBasicAuth(r)
25 if b != nil || err == nil {
26 t.Errorf("Validated invalid auth")
27 return
28 }
29
30 // with valid header
31 r.Header.Set("Authorization", goodAuthValue)
32 b, err = CheckBasicAuth(r)
33 if b == nil || err != nil {
34 t.Errorf("Could not extract basic auth")
35 return
36 }
37
38 // check extracted auth data
39 if b.Username != "test" || b.Password != "test" {
40 t.Errorf("Error decoding basic auth")
41 }
42 }
43
44 func TestGetClientAuth(t *testing.T) {
45
46 urlWithSecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=yyy")
47 urlWithEmptySecret, _ := url.Parse("http://host.tld/path?client_id=xxx&client_secret=")
48 urlNoSecret, _ := url.Parse("http://host.tld/path?client_id=xxx")
49
50 headerNoAuth := make(http.Header)
51 headerBadAuth := make(http.Header)
52 headerBadAuth.Set("Authorization", badAuthValue)
53 headerOKAuth := make(http.Header)
54 headerOKAuth.Set("Authorization", goodAuthValue)
55
56 var tests = []struct {
57 header http.Header
58 url *url.URL
59 allowQueryParams bool
60 expectAuth bool
61 }{
62 {headerNoAuth, urlWithSecret, true, true},
63 {headerNoAuth, urlWithSecret, false, false},
64 {headerNoAuth, urlWithEmptySecret, true, true},
65 {headerNoAuth, urlWithEmptySecret, false, false},
66 {headerNoAuth, urlNoSecret, true, false},
67 {headerNoAuth, urlNoSecret, false, false},
68
69 {headerBadAuth, urlWithSecret, true, true},
70 {headerBadAuth, urlWithSecret, false, false},
71 {headerBadAuth, urlWithEmptySecret, true, true},
72 {headerBadAuth, urlWithEmptySecret, false, false},
73 {headerBadAuth, urlNoSecret, true, false},
74 {headerBadAuth, urlNoSecret, false, false},
75
76 {headerOKAuth, urlWithSecret, true, true},
77 {headerOKAuth, urlWithSecret, false, true},
78 {headerOKAuth, urlWithEmptySecret, true, true},
79 {headerOKAuth, urlWithEmptySecret, false, true},
80 {headerOKAuth, urlNoSecret, true, true},
81 {headerOKAuth, urlNoSecret, false, true},
82 }
83
84 for _, tt := range tests {
85 w := new(Response)
86 r := &http.Request{Header: tt.header, URL: tt.url}
87 r.ParseForm()
88 auth := getClientAuth(w, r, tt.allowQueryParams)
89 if tt.expectAuth && auth == nil {
90 t.Errorf("Auth should not be nil for %v", tt)
91 } else if !tt.expectAuth && auth != nil {
92 t.Errorf("Auth should be nil for %v", tt)
93 }
94 }
95
96 }