auth

Paddy 2015-12-14 Parent:b7e685839a1b

182:cd5f07f9811b Go to Latest

auth/token_test.go

Update nsq import path. go-nsq has moved to nsqio/go-nsq, so we need to update the import path appropriately.

Download raw file

View source Diff to previous Annotate

1 package auth

3 import (

4 "os"

5 "testing"

6 "time"

8 "code.secondbit.org/scopes.hg/types"

9 "code.secondbit.org/uuid.hg"

10 )

12 func init() {

13 if os.Getenv("PG_TEST_DB") != "" {

14 p, err := NewPostgres(os.Getenv("PG_TEST_DB"))

15 if err != nil {

16 panic(err)

17 }

18 tokenStores = append(tokenStores, &p)

19 }

20 }

22 var tokenStores = []tokenStore{NewMemstore()}

24 func compareTokens(token1, token2 Token) (success bool, field string, val1, val2 interface{}) {

25 if token1.AccessToken != token2.AccessToken {

26 return false, "access token", token1.AccessToken, token2.AccessToken

27 }

28 if token1.RefreshToken != token2.RefreshToken {

29 return false, "refresh token", token1.RefreshToken, token2.RefreshToken

30 }

31 if !token1.Created.Equal(token2.Created) {

32 return false, "created", token1.Created, token2.Created

33 }

34 if token1.CreatedFrom != token2.CreatedFrom {

35 return false, "created from", token1.CreatedFrom, token2.CreatedFrom

36 }

37 if token1.ExpiresIn != token2.ExpiresIn {

38 return false, "expires in", token1.ExpiresIn, token2.ExpiresIn

39 }

40 if token1.TokenType != token2.TokenType {

41 return false, "token type", token1.TokenType, token2.TokenType

42 }

43 if len(token1.Scopes) != len(token2.Scopes) {

44 return false, "scopes", token1.Scopes, token2.Scopes

45 }

46 for pos, scope := range token1.Scopes {

47 if scope != token2.Scopes[pos] {

48 return false, "scopes", token1.Scopes, token2.Scopes

49 }

50 }

51 if !token1.ProfileID.Equal(token2.ProfileID) {

52 return false, "profile ID", token1.ProfileID, token2.ProfileID

53 }

54 if token1.Revoked != token2.Revoked {

55 return false, "revoked", token1.Revoked, token2.Revoked

56 }

57 return true, "", nil, nil

58 }

60 func TestTokenStoreSuccess(t *testing.T) {

61 t.Parallel()

62 token := Token{

63 AccessToken: "access",

64 RefreshToken: "refresh",

65 Created: time.Now().Round(time.Millisecond),

66 ExpiresIn: 3600,

67 TokenType: "bearer",

68 Scopes: scopeTypes.StringsToScopes([]string{"scope"}),

69 ProfileID: uuid.NewID(),

70 }

71 for _, store := range tokenStores {

72 context := Context{tokens: store}

73 retrievedAccess, err := context.GetToken(token.AccessToken, false)

74 if err == nil {

75 t.Errorf("Expected ErrTokenNotFound from %T, got %+v", store, retrievedAccess)

76 } else if err != ErrTokenNotFound {

77 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)

78 }

79 retrievedRefresh, err := context.GetToken(token.RefreshToken, true)

80 if err == nil {

81 t.Errorf("Expected ErrTokenNotFound from %T, got %+v", store, retrievedRefresh)

82 } else if err != ErrTokenNotFound {

83 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)

84 }

85 err = context.RevokeToken(token.RefreshToken)

86 if err != ErrTokenNotFound {

87 t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)

88 }

89 err = context.SaveToken(token)

90 if err != nil {

91 t.Errorf("Error saving token to %T: %s", store, err)

92 }

93 err = context.SaveToken(token)

94 if err != ErrTokenAlreadyExists {

95 t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)

96 }

97 retrievedAccess, err = context.GetToken(token.AccessToken, false)

98 if err != nil {

99 t.Errorf("Error retrieving token from %T: %s", store, err)

100 }

101 success, field, expectation, result := compareTokens(token, retrievedAccess)

102 if !success {

103 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)

104 }

105 retrievedRefresh, err = context.GetToken(token.RefreshToken, true)

106 if err != nil {

107 t.Errorf("Error retrieving refresh token from %T: %s", store, err)

108 }

109 success, field, expectation, result = compareTokens(token, retrievedRefresh)

110 if !success {

111 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)

112 }

113 retrievedProfile, err := context.GetTokensByProfileID(token.ProfileID, 25, 0)

114 if err != nil {

115 t.Errorf("Error retrieving token by profile from %T: %s", store, err)

116 }

117 if len(retrievedProfile) != 1 {

118 t.Errorf("Expected 1 token retrieved by profile ID from %T, got %+v", store, retrievedProfile)

119 }

120 success, field, expectation, result = compareTokens(token, retrievedProfile[0])

121 if !success {

122 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)

123 }

124 err = context.RevokeToken(token.RefreshToken)

125 if err != nil {

126 t.Errorf("Error revoking token in %T: %s", store, err)

127 }

128 retrievedRevoked, err := context.GetToken(token.AccessToken, false)

129 if err != nil {

130 t.Errorf("Error retrieving token from %T: %s", store, err)

131 }

132 token.Revoked = true

133 success, field, expectation, result = compareTokens(token, retrievedRevoked)

134 if !success {

135 t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)

136 }

137 }

138 }

139

140 // BUG(paddy): We need to test the refreshTokenValidate function.

141 // BUG(paddy): We need to test the refreshTokenInvalidate function.