// checkAdminAuthToken checks admin connection token which Centrifugo returns after admin login.
func (app *Application) checkAdminAuthToken(token string) error {
app.RLock()
secret := app.config.WebSecret
app.RUnlock()
if secret == "" {
logger.ERROR.Println("provide web_secret in configuration")
return ErrUnauthorized
}
if token == "" {
return ErrUnauthorized
}
s := securecookie.New([]byte(secret), nil)
var val string
err := s.Decode(AuthTokenKey, token, &val)
if err != nil {
return ErrUnauthorized
}
if val != AuthTokenValue {
return ErrUnauthorized
}
return nil
}
func (app *Application) adminAuthToken() (string, error) {
app.RLock()
secret := app.config.WebSecret
app.RUnlock()
s := securecookie.New([]byte(secret), nil)
return s.Encode(AuthTokenKey, AuthTokenValue)
}
func (app *Application) adminAuthToken() (string, error) {
app.RLock()
secret := app.config.WebSecret
app.RUnlock()
if secret == "" {
logger.ERROR.Println("provide web_secret in configuration")
return "", ErrInternalServerError
}
s := securecookie.New([]byte(secret), nil)
return s.Encode(AuthTokenKey, AuthTokenValue)
}
func TestAdminClientMessageHandling(t *testing.T) {
c, err := newTestAdminClient()
assert.Equal(t, nil, err)
emptyMsg := ""
_, err = c.handleMessage([]byte(emptyMsg))
assert.NotEqual(t, nil, err)
malformedMsg := "ooops"
_, err = c.handleMessage([]byte(malformedMsg))
assert.NotEqual(t, nil, err)
unknownMsg := "{\"method\":\"unknown\", \"params\": {}}"
_, err = c.handleMessage([]byte(unknownMsg))
assert.Equal(t, ErrInvalidMessage, err)
emptyAuthMethod := "{\"method\":\"auth\", \"params\": {}}"
_, err = c.handleMessage([]byte(emptyAuthMethod))
assert.Equal(t, ErrUnauthorized, err)
s := securecookie.New([]byte(c.app.config.WebSecret), nil)
token, _ := s.Encode(AuthTokenKey, AuthTokenValue)
correctAuthMethod := "{\"method\":\"auth\", \"params\": {\"token\":\"" + token + "\"}}"
_, err = c.handleMessage([]byte(correctAuthMethod))
assert.Equal(t, nil, err)
pingCommand := "{\"method\":\"ping\", \"params\": {}}"
_, err = c.handleMessage([]byte(pingCommand))
assert.Equal(t, nil, err)
}
package main
import (
"fmt"
"io"
"math/rand"
"os"
"reflect"
"testing/quick"
"github.com/centrifugal/centrifugo/Godeps/_workspace/src/github.com/gorilla/securecookie"
)
var hashKey = []byte("very-secret12345")
var blockKey = []byte("a-lot-secret1234")
var s = securecookie.New(hashKey, blockKey)
type Cookie struct {
B bool
I int
S string
}
func main() {
var c Cookie
t := reflect.TypeOf(c)
rnd := rand.New(rand.NewSource(0))
for i := 0; i < 100; i++ {
v, ok := quick.Value(t, rnd)
if !ok {
panic("couldn't generate value")