func (_ Test) EncryptXXTea() {
str := "Hello World! 你好,中国!"
key := "1234567890"
encrypt_data := xxtea.Encrypt([]byte(str), []byte(key))
decrypt_data := string(xxtea.Decrypt(encrypt_data, []byte(key)))
if str == decrypt_data {
e.InfoLog.Println("success!")
} else {
e.InfoLog.Println("fail!")
}
}
// NewAuthtoken creates a token according to model.Authtoken provided
func (au Authority) NewAuthtoken(a model.Authtoken) (string, error) {
bytes := authtoken2bytes(authtoken{
authtoken: a,
created: time.Now(),
})
for i := range au.privateKeys {
bytes = xxtea.Encrypt(bytes, au.privateKeys[len(au.privateKeys)-1-i])
}
return hex.EncodeToString(bytes), nil
}
func TestAuth(t *testing.T) {
Convey("Given a authority", t, func() {
c := New(50*time.Millisecond, []byte("key1"), []byte("key2"), []byte("key3"))
Convey("When create new authtoken with info", func() {
a := model.Authtoken{}
a.Email = "*****@*****.**"
a.Username = "******"
token, _ := c.NewAuthtoken(a)
Convey("The info should resemble a", func() {
info, _ := c.Authenticate(token)
So(info, ShouldResemble, a)
})
Convey("After 50ms, token is expired", func() {
time.Sleep(500 * time.Millisecond)
_, err := c.Authenticate(token)
So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue)
})
})
Convey("When given invalid hex, maybe hacked by someone", func() {
_, err := c.Authenticate(`invalidhex`)
Convey("The detailed error should be hex decode error", func() {
So(err.(errors.Error).Is(errors.ErrServerInternal), ShouldBeTrue)
})
})
Convey("When given invalid token, maybe hacked by someone", func() {
bytes := []byte("invalid json")
privateKeys := [][]byte{[]byte("key1"), []byte("key2"), []byte("key3")}
for i := range privateKeys {
bytes = xxtea.Encrypt(bytes, privateKeys[len(privateKeys)-1-i])
}
token := hex.EncodeToString(bytes)
_, err := c.Authenticate(token)
Convey("The error should be token has been expired", func() {
So(err.(errors.Error).Is(errors.ErrUnauthorized), ShouldBeTrue)
})
})
})
}
