Beispiel #1
0
func TestNewDefault(t *testing.T) {
	jm, err := userjwt.New()
	assert.NoError(t, err)
	assert.Equal(t, time.Hour, jm.Expire)

	assert.Nil(t, jm.Blacklist.Set("test", time.Hour))
	assert.False(t, jm.Blacklist.Has("test"))
	assert.Equal(t, userjwt.PostFormVarPrefix, jm.PostFormVarPrefix)
	assert.Len(t, jm.JTI.Get(), uuidLen)

	testClaims := map[string]interface{}{
		"mascot": "gopher",
	}
	token, jti, err := jm.GenerateToken(testClaims)
	assert.NoError(t, err)
	assert.Empty(t, jti)
	assert.NotEmpty(t, token)

	haveToken, err := jm.Parse(token)
	assert.NoError(t, err)
	assert.True(t, haveToken.Valid)
	assert.Equal(t, "gopher", haveToken.Claims["mascot"])

	failedToken, err := jm.Parse(token + "c")
	assert.Error(t, err)
	assert.Nil(t, failedToken)

	jmRSA, err := userjwt.New(userjwt.SetRSAFromFile("invalid.key"))
	assert.Nil(t, jmRSA)
	assert.Contains(t, err.Error(), "open invalid.key: no such file or directory")
}
Beispiel #2
0
func TestRSAEncryptedNoOrFailedPassword(t *testing.T) {
	jm, err := userjwt.New(userjwt.SetRSAFromFile(pkFile))
	assert.Contains(t, err.Error(), "Private Key is encrypted but password was not set")
	assert.Nil(t, jm)

	jm2, err2 := userjwt.New(userjwt.SetRSAFromFile(pkFile, []byte(`adfasdf`)))
	assert.Contains(t, err2.Error(), "Private Key decryption failed: x509: decryption password incorrect")
	assert.Nil(t, jm2)
}
Beispiel #3
0
func TestJTI(t *testing.T) {
	jm, err := userjwt.New()
	assert.NoError(t, err)
	jm.EnableJTI = true

	token, jti, err := jm.GenerateToken(nil)
	assert.NoError(t, err)
	assert.NotEmpty(t, jti)
	assert.NotEmpty(t, token)
	assert.Len(t, jti, uuidLen)
}
Beispiel #4
0
func testRsaOption(t *testing.T, opt userjwt.OptionFunc) {
	jm, err := userjwt.New(opt)
	assert.NoError(t, err)
	assert.NotNil(t, jm)

	token, _, err := jm.GenerateToken(nil)
	assert.NoError(t, err)
	assert.NotEmpty(t, token)

	tk, err := jm.Parse(token)
	assert.NoError(t, err)
	assert.NotNil(t, tk)
	assert.True(t, tk.Valid)
}
Beispiel #5
0
func testAuth(t *testing.T, opts ...userjwt.OptionFunc) (http.Handler, string) {
	jm, err := userjwt.New(opts...)
	assert.NoError(t, err)
	token, _, err := jm.GenerateToken(map[string]interface{}{
		"xfoo": "bar",
		"zfoo": 4711,
	})
	assert.NoError(t, err)

	final := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.WriteHeader(http.StatusOK)
		// t.Logf("Check Form for map: %v\n", r.Form)
		fmt.Fprint(w, r.Form.Encode())
	})
	authHandler := jm.Authorization(final)
	return authHandler, token
}
Beispiel #6
0
func TestInvalidSigningMethod(t *testing.T) {
	password := []byte(`Rump3lst!lzch3n`)
	jm, err := userjwt.New(
		userjwt.SetPassword(password),
	)
	assert.NoError(t, err)

	tk := jwt.New(jwt.SigningMethodHS256)
	tk.Claims["exp"] = time.Now().Add(time.Hour).Unix()
	tk.Claims["iat"] = time.Now().Unix()
	tk.Header["alg"] = "HS384"
	malformedToken, err := tk.SignedString(password)
	assert.NoError(t, err)

	mt, err := jm.Parse(malformedToken)
	assert.EqualError(t, err, userjwt.ErrUnexpectedSigningMethod.Error())
	assert.Nil(t, mt)
}
Beispiel #7
0
func TestLogout(t *testing.T) {

	tbl := &testBL{T: t}
	jm, err := userjwt.New()
	assert.NoError(t, err)
	jm.Blacklist = tbl

	token, _, err := jm.GenerateToken(nil)
	assert.NoError(t, err)

	tk, err := jm.Parse(token)
	assert.NoError(t, err)
	assert.NotNil(t, tk)

	assert.Nil(t, jm.Logout(nil))
	assert.Nil(t, jm.Logout(tk))
	assert.Equal(t, int(time.Hour.Seconds()), 1+int(tbl.exp.Seconds()))
	assert.Equal(t, token, tbl.token)
}
Beispiel #8
0
// BenchmarkAuthorizationHMAC-4	  100000	     20215 ns/op	    5552 B/op	     105 allocs/op
func BenchmarkAuthorizationHMAC(b *testing.B) {

	/*
		that benchmark gives a false impression because we're also
		measuring the NewRequest/Response creation ...
	*/

	password := []byte(`Rump3lst!lzch3n`)
	jm, err := userjwt.New(userjwt.SetPassword(password))
	if err != nil {
		b.Error(err)
	}
	token, _, err := jm.GenerateToken(map[string]interface{}{
		"xfoo": "bar",
		"zfoo": 4711,
	})
	if err != nil {
		b.Error(err)
	}

	final := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.WriteHeader(http.StatusOK)
	})
	authHandler := jm.Authorization(final)

	b.ReportAllocs()
	b.ResetTimer()
	for i := 0; i < b.N; i++ {
		// <15 allocs>
		req, err := http.NewRequest("GET", "http://auth.xyz", nil)
		if err != nil {
			b.Error(err)
		}
		req.Header.Set("Authorization", "Bearer "+token)
		w := httptest.NewRecorder()
		//</>

		authHandler.ServeHTTP(w, req)

	}
}
Beispiel #9
0
func TestPasswordFromConfig(t *testing.T) {

	cfg := config.NewMockReader(
		config.MockString(func(path string) string {
			if path == userjwt.PathJWTPassword {
				return `Rump3lst!lzch3n`
			}
			return ""
		}),
	)

	jm, err := userjwt.New(
		userjwt.SetPasswordFromConfig(cfg),
	)
	assert.NoError(t, err)

	token, _, err := jm.GenerateToken(nil)
	assert.NoError(t, err)
	assert.NotEmpty(t, token)

}