auth

Paddy 2015-01-19 Parent:34de07217709 Child:23c1a07c8a61

127:b714af0578dc Browse Files

Drop RemoveToken, test RevokeToken for refresh tokens. The RemoveToken function was never actually used, and there's no reason to use it. Tokens are revoked, not removed. So I deleted it. And while I was updating the tests, I finally inserted the test for revoking a refresh token, mainly to get rid of that damn TODO.

context.go token.go token_test.go 

     1.1 --- a/context.go	Mon Jan 19 04:24:22 2015 -0500
     1.2 +++ b/context.go	Mon Jan 19 06:01:51 2015 -0500
     1.3 @@ -309,15 +309,6 @@
     1.4  	return c.tokens.saveToken(token)
     1.5  }
     1.6  
     1.7 -// RemoveToken removes the Token identified by the passed token string from the tokenStore associated
     1.8 -// with the Context.
     1.9 -func (c Context) RemoveToken(token string) error {
    1.10 -	if c.tokens == nil {
    1.11 -		return ErrNoTokenStore
    1.12 -	}
    1.13 -	return c.tokens.removeToken(token)
    1.14 -}
    1.15 -
    1.16  // RevokeToken revokes the Token identfied by the passed token string from the tokenStore associated
    1.17  // with the context. If refresh is true, the token input should be compared against the refresh tokens,
    1.18  // not the access tokens.

     2.1 --- a/token.go	Mon Jan 19 04:24:22 2015 -0500
     2.2 +++ b/token.go	Mon Jan 19 06:01:51 2015 -0500
     2.3 @@ -53,7 +53,6 @@
     2.4  type tokenStore interface {
     2.5  	getToken(token string, refresh bool) (Token, error)
     2.6  	saveToken(token Token) error
     2.7 -	removeToken(token string) error
     2.8  	revokeToken(token string, refresh bool) error
     2.9  	getTokensByProfileID(profileID uuid.ID, num, offset int) ([]Token, error)
    2.10  }
    2.11 @@ -94,30 +93,6 @@
    2.12  	return nil
    2.13  }
    2.14  
    2.15 -func (m *memstore) removeToken(token string) error {
    2.16 -	m.tokenLock.Lock()
    2.17 -	defer m.tokenLock.Unlock()
    2.18 -	t, ok := m.tokens[token]
    2.19 -	if !ok {
    2.20 -		return ErrTokenNotFound
    2.21 -	}
    2.22 -	delete(m.tokens, token)
    2.23 -	if t.RefreshToken != "" {
    2.24 -		delete(m.refreshTokenLookup, t.RefreshToken)
    2.25 -	}
    2.26 -	pos := -1
    2.27 -	for p, item := range m.profileTokenLookup[t.ProfileID.String()] {
    2.28 -		if item == token {
    2.29 -			pos = p
    2.30 -			break
    2.31 -		}
    2.32 -	}
    2.33 -	if pos >= 0 {
    2.34 -		m.profileTokenLookup[t.ProfileID.String()] = append(m.profileTokenLookup[t.ProfileID.String()][:pos], m.profileTokenLookup[t.ProfileID.String()][pos+1:]...)
    2.35 -	}
    2.36 -	return nil
    2.37 -}
    2.38 -
    2.39  func (m *memstore) revokeToken(token string, refresh bool) error {
    2.40  	if refresh {
    2.41  		t, err := m.lookupTokenByRefresh(token)

     3.1 --- a/token_test.go	Mon Jan 19 04:24:22 2015 -0500
     3.2 +++ b/token_test.go	Mon Jan 19 06:01:51 2015 -0500
     3.3 @@ -53,7 +53,27 @@
     3.4  	}
     3.5  	for _, store := range tokenStores {
     3.6  		context := Context{tokens: store}
     3.7 -		err := context.SaveToken(token)
     3.8 +		retrievedAccess, err := context.GetToken(token.AccessToken, false)
     3.9 +		if err == nil {
    3.10 +			t.Errorf("Expected ErrTokenNotFound from %T, got %+v", store, retrievedAccess)
    3.11 +		} else if err != ErrTokenNotFound {
    3.12 +			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.13 +		}
    3.14 +		retrievedRefresh, err := context.GetToken(token.RefreshToken, true)
    3.15 +		if err == nil {
    3.16 +			t.Errorf("Expected ErrTokenNotFound from %T, got %+v", store, retrievedRefresh)
    3.17 +		} else if err != ErrTokenNotFound {
    3.18 +			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.19 +		}
    3.20 +		err = context.RevokeToken(token.AccessToken, false)
    3.21 +		if err != ErrTokenNotFound {
    3.22 +			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.23 +		}
    3.24 +		err = context.RevokeToken(token.RefreshToken, true)
    3.25 +		if err != ErrTokenNotFound {
    3.26 +			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.27 +		}
    3.28 +		err = context.SaveToken(token)
    3.29  		if err != nil {
    3.30  			t.Errorf("Error saving token to %T: %s", store, err)
    3.31  		}
    3.32 @@ -61,7 +81,7 @@
    3.33  		if err != ErrTokenAlreadyExists {
    3.34  			t.Errorf("Expected ErrTokenAlreadyExists from %T, got %s", store, err)
    3.35  		}
    3.36 -		retrievedAccess, err := context.GetToken(token.AccessToken, false)
    3.37 +		retrievedAccess, err = context.GetToken(token.AccessToken, false)
    3.38  		if err != nil {
    3.39  			t.Errorf("Error retrieving token from %T: %s", store, err)
    3.40  		}
    3.41 @@ -69,7 +89,7 @@
    3.42  		if !success {
    3.43  			t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
    3.44  		}
    3.45 -		retrievedRefresh, err := context.GetToken(token.RefreshToken, true)
    3.46 +		retrievedRefresh, err = context.GetToken(token.RefreshToken, true)
    3.47  		if err != nil {
    3.48  			t.Errorf("Error retrieving refresh token from %T: %s", store, err)
    3.49  		}
    3.50 @@ -101,37 +121,18 @@
    3.51  		if !success {
    3.52  			t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
    3.53  		}
    3.54 -		// TODO(paddy): test revoking by refresh token.
    3.55 -		err = context.RemoveToken(token.AccessToken)
    3.56 +		err = context.RevokeToken(token.RefreshToken, true)
    3.57  		if err != nil {
    3.58 -			t.Errorf("Error removing token from %T: %s", store, err)
    3.59 +			t.Errorf("Error revoking token in %T: %s", store, err)
    3.60  		}
    3.61 -		_, err = context.GetToken(token.AccessToken, false)
    3.62 -		if err != ErrTokenNotFound {
    3.63 -			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.64 +		retrievedRevoked, err = context.GetToken(token.RefreshToken, true)
    3.65 +		if err != nil {
    3.66 +			t.Errorf("Error retrieving token from %T: %s", store, err)
    3.67  		}
    3.68 -		_, err = context.GetToken(token.RefreshToken, true)
    3.69 -		if err != ErrTokenNotFound {
    3.70 -			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.71 -		}
    3.72 -		retrievedProfile, err = context.GetTokensByProfileID(token.ProfileID, 25, 0)
    3.73 -		if err != nil {
    3.74 -			t.Errorf("Error retrieving token by profile from %T: %s", store, err)
    3.75 -		}
    3.76 -		if len(retrievedProfile) != 0 {
    3.77 -			t.Errorf("Expected list of 0 tokens from %T, got %+v", store, retrievedProfile)
    3.78 -		}
    3.79 -		err = context.RemoveToken(token.AccessToken)
    3.80 -		if err != ErrTokenNotFound {
    3.81 -			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.82 -		}
    3.83 -		err = context.RevokeToken(token.AccessToken, false)
    3.84 -		if err != ErrTokenNotFound {
    3.85 -			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.86 -		}
    3.87 -		err = context.RevokeToken(token.RefreshToken, true)
    3.88 -		if err != ErrTokenNotFound {
    3.89 -			t.Errorf("Expected ErrTokenNotFound from %T, got %s", store, err)
    3.90 +		token.RefreshRevoked = true
    3.91 +		success, field, expectation, result = compareTokens(token, retrievedRevoked)
    3.92 +		if !success {
    3.93 +			t.Errorf("Expected field %s to be %v, but got %v from %T", field, expectation, result, store)
    3.94  		}
    3.95  	}
    3.96  }