148 lines
2.8 KiB
Go
148 lines
2.8 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"local/dndex/storage"
|
|
"local/dndex/storage/entity"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"os"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/google/uuid"
|
|
)
|
|
|
|
func TestVerify(t *testing.T) {
|
|
os.Args = os.Args[:1]
|
|
os.Setenv("AUTH", "true")
|
|
defer os.Unsetenv("AUTH")
|
|
|
|
fresh := func() (storage.RateLimitedGraph, *httptest.ResponseRecorder, *http.Request, Token, string) {
|
|
g := storage.NewRateLimitedGraph()
|
|
token := Token{
|
|
ID: uuid.New().String(),
|
|
Namespace: uuid.New().String(),
|
|
}
|
|
obf, _ := token.Obfuscate()
|
|
one := entity.One{
|
|
ID: token.ID,
|
|
Title: obf,
|
|
}
|
|
if err := g.Insert(context.TODO(), token.Namespace+"."+AuthKey, one); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
return g,
|
|
httptest.NewRecorder(),
|
|
httptest.NewRequest(http.MethodGet, "/", nil),
|
|
token,
|
|
obf
|
|
}
|
|
|
|
t.Run("no auth", func(t *testing.T) {
|
|
g, w, r, _, _ := fresh()
|
|
err := Verify(g, w, r)
|
|
if err == nil {
|
|
t.Fatal(err)
|
|
}
|
|
if !strings.Contains(err.Error(), "auth not found") {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
|
|
t.Run("ok auth", func(t *testing.T) {
|
|
g, w, r, _, obf := fresh()
|
|
r.AddCookie(&http.Cookie{
|
|
Name: AuthKey,
|
|
Value: obf,
|
|
})
|
|
err := Verify(g, w, r)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
|
|
t.Run("no ns auth", func(t *testing.T) {
|
|
g, w, r, token, _ := fresh()
|
|
token.Namespace = ""
|
|
obf, err := token.Obfuscate()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
r.AddCookie(&http.Cookie{
|
|
Name: AuthKey,
|
|
Value: obf,
|
|
})
|
|
err = Verify(g, w, r)
|
|
if err == nil {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
|
|
t.Run("wrong ns auth", func(t *testing.T) {
|
|
g, w, r, token, _ := fresh()
|
|
token.Namespace = uuid.New().String()
|
|
obf, err := token.Obfuscate()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
r.AddCookie(&http.Cookie{
|
|
Name: AuthKey,
|
|
Value: obf,
|
|
})
|
|
err = Verify(g, w, r)
|
|
if err == nil {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
|
|
t.Run("expired auth", func(t *testing.T) {
|
|
t.Logf("not impl")
|
|
})
|
|
|
|
t.Run("bad auth", func(t *testing.T) {
|
|
g, w, r, token, _ := fresh()
|
|
token.ID = uuid.New().String()
|
|
obf, err := token.Obfuscate()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
r.AddCookie(&http.Cookie{
|
|
Name: AuthKey,
|
|
Value: obf,
|
|
})
|
|
err = Verify(g, w, r)
|
|
if err == nil {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
|
|
t.Run("public not ok", func(t *testing.T) {
|
|
g, w, r, _, _ := fresh()
|
|
if err := g.Insert(context.TODO(), "public", entity.One{ID: UserKey}); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
err := Verify(g, w, r)
|
|
if err == nil {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
|
|
t.Run("public ok", func(t *testing.T) {
|
|
g, w, r, token, _ := fresh()
|
|
if err := g.Insert(context.TODO(), token.Namespace, entity.One{ID: UserKey}); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
token.ID = "gibberish-but-public-ns-so-its-ok"
|
|
obf, _ := token.Obfuscate()
|
|
r.AddCookie(&http.Cookie{
|
|
Name: AuthKey,
|
|
Value: obf,
|
|
})
|
|
err := Verify(g, w, r)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
})
|
|
}
|