authhandler_test.go 3.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133
  1. package handler
  2. import (
  3. "bufio"
  4. "net"
  5. "net/http"
  6. "net/http/httptest"
  7. "testing"
  8. "time"
  9. "github.com/dgrijalva/jwt-go"
  10. "github.com/stretchr/testify/assert"
  11. )
  12. func TestAuthHandlerFailed(t *testing.T) {
  13. req := httptest.NewRequest(http.MethodGet, "http://localhost", nil)
  14. handler := Authorize("B63F477D-BBA3-4E52-96D3-C0034C27694A", WithUnauthorizedCallback(
  15. func(w http.ResponseWriter, r *http.Request, err error) {
  16. w.Header().Set("X-Test", "test")
  17. w.WriteHeader(http.StatusUnauthorized)
  18. _, err = w.Write([]byte("content"))
  19. assert.Nil(t, err)
  20. }))(
  21. http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
  22. w.WriteHeader(http.StatusOK)
  23. }))
  24. resp := httptest.NewRecorder()
  25. handler.ServeHTTP(resp, req)
  26. assert.Equal(t, http.StatusUnauthorized, resp.Code)
  27. }
  28. func TestAuthHandler(t *testing.T) {
  29. const key = "B63F477D-BBA3-4E52-96D3-C0034C27694A"
  30. req := httptest.NewRequest(http.MethodGet, "http://localhost", nil)
  31. token, err := buildToken(key, map[string]interface{}{
  32. "key": "value",
  33. }, 3600)
  34. assert.Nil(t, err)
  35. req.Header.Set("Authorization", "Bearer "+token)
  36. handler := Authorize(key)(
  37. http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
  38. w.Header().Set("X-Test", "test")
  39. _, err := w.Write([]byte("content"))
  40. assert.Nil(t, err)
  41. flusher, ok := w.(http.Flusher)
  42. assert.True(t, ok)
  43. flusher.Flush()
  44. }))
  45. resp := httptest.NewRecorder()
  46. handler.ServeHTTP(resp, req)
  47. assert.Equal(t, http.StatusOK, resp.Code)
  48. assert.Equal(t, "test", resp.Header().Get("X-Test"))
  49. assert.Equal(t, "content", resp.Body.String())
  50. }
  51. func TestAuthHandlerWithPrevSecret(t *testing.T) {
  52. const (
  53. key = "14F17379-EB8F-411B-8F12-6929002DCA76"
  54. prevKey = "B63F477D-BBA3-4E52-96D3-C0034C27694A"
  55. )
  56. req := httptest.NewRequest(http.MethodGet, "http://localhost", nil)
  57. token, err := buildToken(key, map[string]interface{}{
  58. "key": "value",
  59. }, 3600)
  60. assert.Nil(t, err)
  61. req.Header.Set("Authorization", "Bearer "+token)
  62. handler := Authorize(key, WithPrevSecret(prevKey))(
  63. http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
  64. w.Header().Set("X-Test", "test")
  65. _, err := w.Write([]byte("content"))
  66. assert.Nil(t, err)
  67. }))
  68. resp := httptest.NewRecorder()
  69. handler.ServeHTTP(resp, req)
  70. assert.Equal(t, http.StatusOK, resp.Code)
  71. assert.Equal(t, "test", resp.Header().Get("X-Test"))
  72. assert.Equal(t, "content", resp.Body.String())
  73. }
  74. func TestAuthHandler_NilError(t *testing.T) {
  75. req := httptest.NewRequest(http.MethodGet, "http://localhost", nil)
  76. resp := httptest.NewRecorder()
  77. assert.NotPanics(t, func() {
  78. unauthorized(resp, req, nil, nil)
  79. })
  80. }
  81. func TestAuthHandler_Flush(t *testing.T) {
  82. resp := httptest.NewRecorder()
  83. handler := newGuardedResponseWriter(resp)
  84. handler.Flush()
  85. assert.True(t, resp.Flushed)
  86. }
  87. func TestAuthHandler_Hijack(t *testing.T) {
  88. resp := httptest.NewRecorder()
  89. writer := newGuardedResponseWriter(resp)
  90. assert.NotPanics(t, func() {
  91. writer.Hijack()
  92. })
  93. writer = newGuardedResponseWriter(mockedHijackable{resp})
  94. assert.NotPanics(t, func() {
  95. writer.Hijack()
  96. })
  97. }
  98. func buildToken(secretKey string, payloads map[string]interface{}, seconds int64) (string, error) {
  99. now := time.Now().Unix()
  100. claims := make(jwt.MapClaims)
  101. claims["exp"] = now + seconds
  102. claims["iat"] = now
  103. for k, v := range payloads {
  104. claims[k] = v
  105. }
  106. token := jwt.New(jwt.SigningMethodHS256)
  107. token.Claims = claims
  108. return token.SignedString([]byte(secretKey))
  109. }
  110. type mockedHijackable struct {
  111. *httptest.ResponseRecorder
  112. }
  113. func (m mockedHijackable) Hijack() (net.Conn, *bufio.ReadWriter, error) {
  114. return nil, nil, nil
  115. }