Esempio n. 1
0
func TestIsAllowed(t *testing.T) {
	router := mux.NewRouter()
	router.HandleFunc("/oauth2/token", tokenHandler).Methods("POST")
	router.HandleFunc("/guard/allowed", func(rw http.ResponseWriter, req *http.Request) {
		if req.Header.Get("Authorization") != "Basic YXBwOmtleQ==" {
			http.Error(rw, req.Header.Get("Authorization"), http.StatusUnauthorized)
			return
		}
		var p handler.GrantedPayload
		decoder := json.NewDecoder(req.Body)
		if err := decoder.Decode(&p); err != nil {
			t.Logf("Could not decode body %s", err)
			pkg.HttpError(rw, errors.New(err), http.StatusBadRequest)
			return
		}

		assert.Equal(t, "foo", p.Permission)
		assert.Equal(t, "bar", p.Token)
		assert.Equal(t, "res", p.Resource)
		assert.Equal(t, "foo", p.Context.Owner)
		pkg.WriteJSON(rw, struct {
			Allowed bool `json:"allowed"`
		}{Allowed: true})
	}).Methods("POST")
	ts := httptest.NewServer(router)
	defer ts.Close()

	c := New(ts.URL, "app", "key")
	allowed, err := c.IsAllowed(&AuthorizeRequest{Permission: "foo", Token: "bar", Resource: "res", Context: &operator.Context{Owner: "foo"}})
	assert.Nil(t, err, "%s", err)
	assert.True(t, allowed)
}
Esempio n. 2
0
func TestIsAuthenticated(t *testing.T) {
	router := mux.NewRouter()
	called := false
	router.HandleFunc("/oauth2/token", tokenHandler).Methods("POST")
	router.HandleFunc("/oauth2/introspect", func(rw http.ResponseWriter, req *http.Request) {
		if req.Header.Get("Authorization") != "Basic YXBwOmtleQ==" {
			http.Error(rw, req.Header.Get("Authorization"), http.StatusUnauthorized)
			return
		}
		req.ParseForm()
		assert.NotEmpty(t, req.Form.Get("token"))
		pkg.WriteJSON(rw, struct {
			Active bool `json:"active"`
		}{Active: true})
		called = true
	}).Methods("POST")
	ts := httptest.NewServer(router)
	defer ts.Close()

	c := New(ts.URL, "app", "key")
	active, err := c.IsAuthenticated("some.token")
	assert.Nil(t, err, "%s", err)
	assert.True(t, active)
	assert.True(t, called)
}
Esempio n. 3
0
func TestIsRequestAllowed(t *testing.T) {
	router := mux.NewRouter()
	router.HandleFunc("/guard/allowed", func(rw http.ResponseWriter, req *http.Request) {
		if req.Header.Get("Authorization") != "Basic YXBwOmtleQ==" {
			http.Error(rw, req.Header.Get("Authorization"), http.StatusUnauthorized)
			return
		}
		pkg.WriteJSON(rw, struct {
			Allowed bool `json:"allowed"`
		}{Allowed: true})
	}).Methods("POST")
	router.HandleFunc("/oauth2/token", tokenHandler).Methods("POST")
	ts := httptest.NewServer(router)
	defer ts.Close()

	c := New(ts.URL, "app", "key")
	c.SetClientToken(&oauth2.Token{TokenType: "bearer", AccessToken: "foobar"})
	allowed, err := c.IsRequestAllowed(&http.Request{Header: http.Header{"Authorization": []string{"Bearer token"}}}, "", "", "")
	assert.Nil(t, err)
	assert.True(t, allowed)
}