Exemple #1
0
func TestParseEncryptedAuth(t *testing.T) {
	if len(keys) == 0 {
		t.Fatalf("Must set $SECRETS\n")
	}
	var b bytes.Buffer
	r, err := http.NewRequest("GET", "http://does-not-matter.com", &b)
	if err != nil {
		t.Error(err)
	}

	libratoUser := "******"
	libratoPass := "******"
	tok, err := fernet.EncryptAndSign([]byte(libratoUser+":"+libratoPass), keys[0])
	if err != nil {
		t.Error(err)
	}
	r.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString(tok))
	expectedUser, expectedPass, err := Parse(r)

	if err != nil {
		t.Error(err)
	}

	if expectedUser != "*****@*****.**" {
		t.Errorf("expected=%q actual=%q\n", "l2met", expectedUser)
	}

	if expectedPass != "abc123" {
		t.Errorf("expected=%q actual=%q\n", "token", expectedPass)
	}
}
Exemple #2
0
func testEncryptDecrypt(t *testing.T, ts authTest) {
	if len(keys) == 0 {
		t.Fatalf("Must set $SECRETS\n")
	}

	var b bytes.Buffer
	r, err := http.NewRequest("GET", "http://does-not-matter.com", &b)
	if err != nil {
		t.Fatalf("error=%s\n", err)
	}

	tok, err := fernet.EncryptAndSign([]byte(ts.input), keys[0])
	if err != nil {
		t.Fatalf("error=%s\n", err)
	}
	r.Header.Set("Authorization",
		"Basic "+base64.StdEncoding.EncodeToString(tok))

	parseRes, err := Parse(r.Header["Authorization"][0])
	if err != nil {
		t.Fatalf("error=%s\n", err)
	}

	actualOutput, err := Decrypt(parseRes)
	if err != nil {
		t.Fatalf("error=%s\n", err)
	}

	if actualOutput != ts.output {
		t.Fatalf("actual=%q expected=%q\n", actualOutput, ts.output)
	}
}
func TestCreateDeveloperEmailExists(t *testing.T) {
	testServer(func(s *Server) {
		headers := make(map[string]string)
		k := fernet.MustDecodeKeys("YI1ZYdopn6usnQ/5gMAHg8+pNh6D0DdaJkytdoLWUj0=")
		tok, err := fernet.EncryptAndSign([]byte("mysharedtoken"), k[0])
		if err != nil {
			t.Fatalf("fernet encryption failed %v\n", err)
		}
		stok := base64.URLEncoding.EncodeToString(tok)
		headers["X-Access-Token"] = stok

		res, err := testHttpRequestWithHeaders("POST", "/api/v1/developers/", `{"name":"adnaan"}`, headers)
		if err != nil {
			t.Fatalf("email exists failed %v", err)

		} else {
			body, _ := ioutil.ReadAll(res.Body)

			if res.StatusCode != 500 {
				t.Fatalf("able to create developer: %v", string(body))

			}
		}

	})

}
Exemple #4
0
// Use the first valid key to sign b.
// Returns error if no key is able to sign b.
func EncryptAndSign(b []byte) ([]byte, error) {
	for i := range keys {
		if res, err := fernet.EncryptAndSign(b, keys[i]); err == nil {
			return res, err
		}
	}
	return []byte(""), errors.New("Unable to sign payload.")
}
Exemple #5
0
func Example() {
	k := fernet.MustDecodeKeys("cw_0x689RpI-jtRR7oE8h_eQsKImvJapLeSbXpwF4e4=")
	tok, err := fernet.EncryptAndSign([]byte("hello"), k[0])
	if err != nil {
		panic(err)
	}
	msg := fernet.VerifyAndDecrypt(tok, 60*time.Second, k)
	fmt.Println(string(msg))
	// Output:
	// hello
}
Exemple #6
0
//Generate time based access token using shared secret. See fernet project
//for more details
func (s *Server) genAccessToken(email string) (string, error) {
	//encrypt token
	k := fernet.MustDecodeKeys(s.config.Clients["browser"].Secret)
	tok, err := fernet.EncryptAndSign([]byte(email), k[0])
	if err != nil {

	}
	token := base64.URLEncoding.EncodeToString(tok)

	//cache it
	c := s.redisConn()
	defer c.Close()

	c.Do("SET", email, "loggedin")

	return token, nil

}
func TestFernet(t *testing.T) {
	k := fernet.MustDecodeKeys("YI1ZYdopn6usnQ/5gMAHg8+pNh6D0DdaJkytdoLWUj0=")
	tok, err := fernet.EncryptAndSign([]byte("mysharedtoken"), k[0])
	if err != nil {
		t.Fatalf("fernet encryption failed %v\n", err)
	}
	stok := base64.URLEncoding.EncodeToString(tok)

	btok, err := base64.URLEncoding.DecodeString(stok)
	//fmt.Println(btok)

	if err != nil {
		t.Fatalf("fernet key decryption failed %v\n", err)
	}

	msg := fernet.VerifyAndDecrypt(btok, 60*time.Second, k)
	if string(msg) != "mysharedtoken" {
		t.Fatalf("verification failed!\n")
	}

}
func TestCreateDeveloperHeaderWithTimeOK(t *testing.T) {
	testServer(func(s *Server) {
		headers := make(map[string]string)
		k := fernet.MustDecodeKeys("YI1ZYdopn6usnQ/5gMAHg8+pNh6D0DdaJkytdoLWUj0=")
		tok, err := fernet.EncryptAndSign([]byte("mysharedtoken"), k[0])
		if err != nil {
			t.Fatalf("fernet encryption failed %v\n", err)
		}
		stok := base64.URLEncoding.EncodeToString(tok)
		headers["X-Access-Token"] = stok
		res, err := testHttpRequestWithHeaders("POST", "/api/v1/developers/", `{"name":"adnaan","email":"*****@*****.**","password":"******"}`, headers)
		if err != nil {
			t.Fatalf("Unable to create developer: %v", err)

		} else {

			body, _ := ioutil.ReadAll(res.Body)

			if res.StatusCode != 200 {
				t.Fatalf("unable to create developer: %v", string(body))
			}

			response := NewDeveloperResponse{}
			err := json.Unmarshal(body, &response)
			if err != nil {
				t.Fatalf("fail to parse body: %v", string(body))
			}

			access_token = response.AccessToken
			dev_id = response.ObjectId

		}

	})

}