func TestGroupAdder(t *testing.T) { adder := authenticator.Request( NewGroupAdder( authenticator.RequestFunc(func(req *http.Request) (user.Info, bool, error) { return &user.DefaultInfo{Name: "user", Groups: []string{"original"}}, true, nil }), []string{"added"}, ), ) user, _, _ := adder.AuthenticateRequest(nil) if !reflect.DeepEqual(user.GetGroups(), []string{"original", "added"}) { t.Errorf("Expected original,added groups, got %#v", user.GetGroups()) } }
func TestBasicAuth(t *testing.T) { testCases := map[string]struct { Header string Password testPassword ExpectedCalled bool ExpectedUsername string ExpectedPassword string ExpectedUser string ExpectedOK bool ExpectedErr bool }{ "no auth": {}, "empty password basic header": { ExpectedCalled: true, ExpectedUsername: "******", ExpectedPassword: "", }, "valid basic header": { ExpectedCalled: true, ExpectedUsername: "******", ExpectedPassword: "******", }, "password auth returned user": { Password: testPassword{User: &user.DefaultInfo{Name: "returneduser"}, OK: true}, ExpectedCalled: true, ExpectedUsername: "******", ExpectedPassword: "******", ExpectedUser: "******", ExpectedOK: true, }, "password auth returned error": { Password: testPassword{Err: errors.New("auth error")}, ExpectedCalled: true, ExpectedUsername: "******", ExpectedPassword: "******", ExpectedErr: true, }, } for k, testCase := range testCases { password := testCase.Password auth := authenticator.Request(New(&password)) req, _ := http.NewRequest("GET", "/", nil) if testCase.ExpectedUsername != "" || testCase.ExpectedPassword != "" { req.SetBasicAuth(testCase.ExpectedUsername, testCase.ExpectedPassword) } user, ok, err := auth.AuthenticateRequest(req) if testCase.ExpectedCalled != password.Called { t.Errorf("%s: Expected called=%v, got %v", k, testCase.ExpectedCalled, password.Called) continue } if testCase.ExpectedUsername != password.Username { t.Errorf("%s: Expected called with username=%v, got %v", k, testCase.ExpectedUsername, password.Username) continue } if testCase.ExpectedPassword != password.Password { t.Errorf("%s: Expected called with password=%v, got %v", k, testCase.ExpectedPassword, password.Password) continue } if testCase.ExpectedErr != (err != nil) { t.Errorf("%s: Expected err=%v, got err=%v", k, testCase.ExpectedErr, err) continue } if testCase.ExpectedOK != ok { t.Errorf("%s: Expected ok=%v, got ok=%v", k, testCase.ExpectedOK, ok) continue } if testCase.ExpectedUser != "" && testCase.ExpectedUser != user.GetName() { t.Errorf("%s: Expected user.GetName()=%v, got %v", k, testCase.ExpectedUser, user.GetName()) continue } } }