Exemplo n.º 1
0
func Test_BasicAuth(t *testing.T) {
	auth := "Basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar"))

	h := http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
		res.Write([]byte("hello"))
	})
	m := negroni.New()
	m.Use(Basic("foo", "bar"))
	m.UseHandler(h)

	r, _ := http.NewRequest("GET", "foo", nil)
	recorder := httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code != 401 {
		t.Error("Response not 401")
	}

	respBody := recorder.Body.String()
	if respBody == "hello" {
		t.Error("Auth block failed")
	}

	recorder = httptest.NewRecorder()
	r.Header.Set("Authorization", auth)
	m.ServeHTTP(recorder, r)

	if recorder.Code == 401 {
		t.Error("Response is 401")
	}

	if recorder.Body.String() != "hello" {
		t.Error("Auth failed, got: ", recorder.Body.String())
	}
}
Exemplo n.º 2
0
func main() {
	flag.Usage = usage
	flag.Parse()
	args := flag.Args()

	if len(args) != 5 {
		usage()
		return
	}

	if gpgpubkey == nil {
		fmt.Fprintf(os.Stderr, "internal error: gpgpubkey is nil")
		return
	}

	if https == nil {
		fmt.Fprintf(os.Stderr, "internal error: https is nil")
		return
	}

	if port == nil {
		fmt.Fprintf(os.Stderr, "internal error: port is nil")
		return
	}

	serverName = args[0]
	directory = args[1]
	templatedir = args[2]
	username = args[3]
	password = args[4]

	os.RemoveAll(path.Join(directory, "tmp"))
	err := os.MkdirAll(path.Join(directory, "tmp"), 0755)
	if err != nil {
		fmt.Fprintf(os.Stderr, "%v", err)
		return
	}

	uploads = make(map[int]*upload)

	authHandler := auth.Basic(username, password)

	r := mux.NewRouter()
	r.HandleFunc("/", renderListOfACIs)
	r.HandleFunc("/pubkeys.gpg", getPubkeys)

	n0 := negroni.New(authHandler)
	n0.UseHandler(handler{initiateUpload})
	r.Handle("/{image}/startupload", n0)

	n1 := negroni.New(authHandler)
	n1.UseHandler(handler{uploadManifest})
	r.Handle("/manifest/{num}", n1)

	n2 := negroni.New(authHandler)
	n2.UseHandler(handler{receiveUpload(tmpSigPath, gotSig)})
	r.Handle("/signature/{num}", n2)

	n3 := negroni.New(authHandler)
	n3.UseHandler(handler{receiveUpload(tmpACIPath, gotACI)})
	r.Handle("/aci/{num}", n3)

	n4 := negroni.New(authHandler)
	n4.UseHandler(handler{completeUpload})
	r.Handle("/complete/{num}", n4)

	n := negroni.New(negroni.NewStatic(http.Dir(directory)),
		negroni.NewRecovery(), negroni.NewLogger())
	n.UseHandler(r)
	n.Run(":" + strconv.Itoa(*port))
}
Exemplo n.º 3
0
func Test_CacheBasic(t *testing.T) {
	auth := "Basic " + base64.StdEncoding.EncodeToString([]byte("foo:bar"))
	invalidAuth := "Basic " + base64.StdEncoding.EncodeToString([]byte("foo:barbar"))
	hashedPassword, err := Hash("bar")
	if err != nil {
		t.Error("Hashing password failed")
	}
	dataStore := &MockDataStore{hashedPassword}

	h := http.HandlerFunc(func(res http.ResponseWriter, req *http.Request) {
		res.Write([]byte("hello"))
	})
	cacheExpireTime := 500 * time.Millisecond
	cachePurseTime := 200 * time.Millisecond
	m := negroni.New()
	m.Use(CacheBasic(dataStore, cacheExpireTime, cachePurseTime))
	m.UseHandler(h)

	// Test request fails without credential.
	r, _ := http.NewRequest("GET", "foo", nil)
	recorder := httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code != 401 {
		t.Error("Response not 401")
	}

	respBody := recorder.Body.String()
	if respBody == "hello" {
		t.Error("Auth block failed")
	}

	// Test request succeeds with valid credential.
	r.Header.Set("Authorization", auth)
	recorder = httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code == 401 {
		t.Error("Response is 401")
	}

	if recorder.Body.String() != "hello" {
		t.Error("Auth failed, got: ", recorder.Body.String())
	}

	// Test request fails with invalid credential.
	r.Header.Set("Authorization", invalidAuth)
	recorder = httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code != 401 {
		t.Error("Response not 401")
	}

	respBody = recorder.Body.String()
	if respBody == "hello" {
		t.Error("Auth block failed")
	}

	// Test cache expiration.
	// 1. Expect 1st request: succeed
	// 2. Change password in data store to empty, wait for cache to expire
	// 3. Expect 2nd request: fail
	// 4. Change password in data store back to valid password, wait for cache to expire
	// 5. Expect 3nd request: success
	r.Header.Set("Authorization", auth)
	recorder = httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code == 401 {
		t.Error("Response is 401")
	}

	if recorder.Body.String() != "hello" {
		t.Error("Auth failed, got: ", recorder.Body.String())
	}

	dataStore.HashedPassword = nil
	time.Sleep(cacheExpireTime)

	recorder = httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code != 401 {
		t.Error("Response not 401")
	}

	respBody = recorder.Body.String()
	if respBody == "hello" {
		t.Error("Auth block failed")
	}

	dataStore.HashedPassword = hashedPassword
	time.Sleep(cacheExpireTime)

	recorder = httptest.NewRecorder()
	m.ServeHTTP(recorder, r)

	if recorder.Code == 401 {
		t.Error("Response is 401")
	}

	if recorder.Body.String() != "hello" {
		t.Error("Auth failed, got: ", recorder.Body.String())
	}
}