Home Explore Help
Register Sign In
publics
/
gin-gonic__gin
0
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: v0.6
Branches Tags
gin-gonic__gin
/
auth_test.go

auth_test.go 2.2 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. // Copyright 2014 Manu Martinez-Almeida.  All rights reserved.
    2. 

  2. // Use of this source code is governed by a MIT style
    3. 

  3. // license that can be found in the LICENSE file.
    4. 

  4. 

  5. package gin
    6. 

  6. 

  7. import (
    8. 

  8. 	"encoding/base64"
    9. 

  9. 	"net/http"
    10. 

  10. 	"net/http/httptest"
    11. 

  11. 	"testing"
    12. 

  12. )
    13. 

  13. 

  14. func TestBasicAuthSucceed(t *testing.T) {
    15. 

  15. 	req, _ := http.NewRequest("GET", "/login", nil)
    16. 

  16. 	w := httptest.NewRecorder()
    17. 

  17. 

  18. 	r := New()
    19. 

  19. 	accounts := Accounts{"admin": "password"}
    20. 

  20. 	r.Use(BasicAuth(accounts))
    21. 

  21. 

  22. 	r.GET("/login", func(c *Context) {
    23. 

  23. 		c.String(200, "autorized")
    24. 

  24. 	})
    25. 

  25. 

  26. 	req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
    27. 

  27. 	r.ServeHTTP(w, req)
    28. 

  28. 

  29. 	if w.Code != 200 {
    30. 

  30. 		t.Errorf("Response code should be Ok, was: %s", w.Code)
    31. 

  31. 	}
    32. 

  32. 	bodyAsString := w.Body.String()
    33. 

  33. 

  34. 	if bodyAsString != "autorized" {
    35. 

  35. 		t.Errorf("Response body should be `autorized`, was  %s", bodyAsString)
    36. 

  36. 	}
    37. 

  37. }
    38. 

  38. 

  39. func TestBasicAuth401(t *testing.T) {
    40. 

  40. 	req, _ := http.NewRequest("GET", "/login", nil)
    41. 

  41. 	w := httptest.NewRecorder()
    42. 

  42. 

  43. 	r := New()
    44. 

  44. 	accounts := Accounts{"foo": "bar"}
    45. 

  45. 	r.Use(BasicAuth(accounts))
    46. 

  46. 

  47. 	r.GET("/login", func(c *Context) {
    48. 

  48. 		c.String(200, "autorized")
    49. 

  49. 	})
    50. 

  50. 

  51. 	req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
    52. 

  52. 	r.ServeHTTP(w, req)
    53. 

  53. 

  54. 	if w.Code != 401 {
    55. 

  55. 		t.Errorf("Response code should be Not autorized, was: %s", w.Code)
    56. 

  56. 	}
    57. 

  57. 

  58. 	if w.HeaderMap.Get("WWW-Authenticate") != "Basic realm=\"Authorization Required\"" {
    59. 

  59. 		t.Errorf("WWW-Authenticate header is incorrect: %s", w.HeaderMap.Get("Content-Type"))
    60. 

  60. 	}
    61. 

  61. }
    62. 

  62. 

  63. func TestBasicAuth401WithCustomRealm(t *testing.T) {
    64. 

  64. 	req, _ := http.NewRequest("GET", "/login", nil)
    65. 

  65. 	w := httptest.NewRecorder()
    66. 

  66. 

  67. 	r := New()
    68. 

  68. 	accounts := Accounts{"foo": "bar"}
    69. 

  69. 	r.Use(BasicAuthForRealm(accounts, "My Custom Realm"))
    70. 

  70. 

  71. 	r.GET("/login", func(c *Context) {
    72. 

  72. 		c.String(200, "autorized")
    73. 

  73. 	})
    74. 

  74. 

  75. 	req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
    76. 

  76. 	r.ServeHTTP(w, req)
    77. 

  77. 

  78. 	if w.Code != 401 {
    79. 

  79. 		t.Errorf("Response code should be Not autorized, was: %s", w.Code)
    80. 

  80. 	}
    81. 

  81. 

  82. 	if w.HeaderMap.Get("WWW-Authenticate") != "Basic realm=\"My Custom Realm\"" {
    83. 

  83. 		t.Errorf("WWW-Authenticate header is incorrect: %s", w.HeaderMap.Get("Content-Type"))
    84. 

  84. 	}
    85. 

  85. }
    86.