Example #1
0
func TestWithParseAndValidateSuccess(t *testing.T) {
	jm, err := ctxjwt.NewService()
	assert.NoError(t, err)

	theToken, _, err := jm.GenerateToken(map[string]interface{}{
		"xfoo": "bar",
		"zfoo": 4711,
	})
	assert.NoError(t, err)
	assert.NotEmpty(t, theToken)

	req, err := http.NewRequest("GET", "http://auth.xyz", nil)
	assert.NoError(t, err)
	ctxjwt.SetHeaderAuthorization(req, theToken)

	finalHandler := ctxhttp.HandlerFunc(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		w.WriteHeader(http.StatusTeapot)
		fmt.Fprintf(w, "I'm more of a coffee pot")

		ctxToken, err := ctxjwt.FromContext(ctx)
		assert.NoError(t, err)
		assert.NotNil(t, ctxToken)
		assert.Exactly(t, "bar", ctxToken.Claims["xfoo"].(string))

		return nil
	})
	authHandler := jm.WithParseAndValidate()(finalHandler)

	wRec := httptest.NewRecorder()
	assert.NoError(t, authHandler.ServeHTTPContext(context.Background(), wRec, req))
	assert.Equal(t, http.StatusTeapot, wRec.Code)
	assert.Equal(t, `I'm more of a coffee pot`, wRec.Body.String())
}
Example #2
0
func TestFromContext(t *testing.T) {

	ctx := ctxjwt.WithContext(context.Background(), nil)
	assert.NotNil(t, ctx)

	haveToken, haveErr := ctxjwt.FromContext(ctx)
	assert.Nil(t, haveToken)
	assert.EqualError(t, haveErr, ctxjwt.ErrContextJWTNotFound.Error())
}
Example #3
0
func TestContextWithError(t *testing.T) {

	var wantErr = errors.New("Contiki Context")
	ctx := ctxjwt.WithContextError(context.Background(), wantErr)
	assert.NotNil(t, ctx)

	haveToken, haveErr := ctxjwt.FromContext(ctx)
	assert.Nil(t, haveToken)
	assert.EqualError(t, haveErr, wantErr.Error())
}
Example #4
0
// WithInitStoreByToken is a middleware which initializes a request based store
// via a JSON Web Token.
// Extracts the store.Reader and jwt.Token from context.Context. If the requested
// store is different than the initialized requested store than the new requested
// store will be saved in the context.
func WithInitStoreByToken() ctxhttp.Middleware {

	return func(h ctxhttp.Handler) ctxhttp.Handler {
		return ctxhttp.HandlerFunc(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {

			storeService, requestedStore, err := FromContextReader(ctx)
			if err != nil {
				if PkgLog.IsDebug() {
					PkgLog.Debug("store.WithInitStoreByToken.FromContextServiceReader", "err", err, "ctx", ctx)
				}
				return errgo.Mask(err)
			}

			token, err := ctxjwt.FromContext(ctx)
			if err != nil {
				if PkgLog.IsDebug() {
					PkgLog.Debug("store.WithInitStoreByToken.ctxjwt.FromContext.err", "err", err, "ctx", ctx)
				}
				return errgo.Mask(err)
			}

			scopeOption, err := CodeFromClaim(token.Claims)
			if err != nil {
				if PkgLog.IsDebug() {
					PkgLog.Debug("store.WithInitStoreByToken.StoreCodeFromClaim", "err", err, "token", token, "ctx", ctx)
				}
				return errgo.Mask(err)
			}

			newRequestedStore, err := storeService.RequestedStore(scopeOption)
			if err != nil {
				if PkgLog.IsDebug() {
					PkgLog.Debug("store.WithInitStoreByToken.RequestedStore", "err", err, "token", token, "scopeOption", scopeOption, "ctx", ctx)
				}
				return errgo.Mask(err)
			}

			if newRequestedStore.StoreID() != requestedStore.StoreID() {
				// this may lead to a bug because the previously set storeService and requestedStore
				// will still exists and have not been removed.
				ctx = NewContextReader(ctx, storeService, newRequestedStore)
			}

			return h.ServeHTTPContext(ctx, w, r)
		})
	}
}
Example #5
0
func TestWithParseAndValidateHTTPErrorHandler(t *testing.T) {

	authHandler, _ := testAuth(t, ctxhttp.HandlerFunc(func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
		tok, err := ctxjwt.FromContext(ctx)
		assert.Nil(t, tok)
		w.WriteHeader(http.StatusTeapot)
		_, err = w.Write([]byte(err.Error()))
		return err
	}))

	req, err := http.NewRequest("GET", "http://auth.xyz", nil)
	assert.NoError(t, err)
	w := httptest.NewRecorder()
	assert.NoError(t, authHandler.ServeHTTPContext(context.Background(), w, req))
	assert.Equal(t, http.StatusTeapot, w.Code)
	assert.Equal(t, "no token present in request", w.Body.String())
}