Exemplo n.º 1
0
func TestGetters(t *testing.T) {
	assert.False(t, IsAuthenticatedFromContext(context.Background()))
	_, err := PoliciesFromContext(context.Background())
	assert.NotNil(t, err)
	_, err = SubjectFromContext(context.Background())
	assert.NotNil(t, err)
	_, err = TokenFromContext(context.Background())
	assert.NotNil(t, err)

	ctx := context.Background()
	claims := hjwt.ClaimsCarrier{"sub": "peter"}
	token := &jwt.Token{Valid: true}
	policies := []policy.Policy{}
	ctx = NewContextFromAuthValues(ctx, claims, token, policies)

	assert.True(t, IsAuthenticatedFromContext(ctx))
	policiesContext, err := PoliciesFromContext(ctx)
	assert.Nil(t, err)
	assert.Equal(t, policies, policiesContext)

	subjectContext, err := SubjectFromContext(ctx)
	assert.Nil(t, err)
	assert.Equal(t, claims.GetSubject(), subjectContext)

	tokenContext, err := TokenFromContext(ctx)
	assert.Nil(t, err)
	assert.Equal(t, token, tokenContext)
}
Exemplo n.º 2
0
func TestCompareEquals(t *testing.T) {
	h := &BCrypt{
		WorkFactor: 10,
	}
	password := "******"
	hash, err := h.Hash(password)
	assert.Nil(t, err)
	assert.NotNil(t, hash)
	err = h.Compare(hash, password)
	assert.Nil(t, err)
}
Exemplo n.º 3
0
func TestDelete(t *testing.T) {
	_, err := store.Create("2", "2@bar", "secret", `{"foo": "bar"}`)
	assert.Nil(t, err)

	_, err = store.Get("2")
	assert.Nil(t, err)

	err = store.Delete("2")
	assert.Nil(t, err)

	_, err = store.Get("2")
	assert.NotNil(t, err)
}
Exemplo n.º 4
0
func TestRegistry(t *testing.T) {
	m := &provider{}
	r := NewRegistry([]Provider{m})

	p, err := r.Find("fooBar")
	assert.Nil(t, err)
	assert.Equal(t, m, p)

	p, err = r.Find("foobar")
	assert.Nil(t, err)
	assert.Equal(t, m, p)

	_, err = r.Find("bar")
	assert.NotNil(t, err)
}
Exemplo n.º 5
0
func TestAuthenticate(t *testing.T) {
	account, err := store.Create("5", "5@bar", "secret", `{"foo": "bar"}`)
	assert.Nil(t, err)

	_, err = store.Authenticate("5@bar", "wrong secret")
	assert.NotNil(t, err)
	_, err = store.Authenticate("doesnotexist@foo", "secret")
	assert.NotNil(t, err)
	_, err = store.Authenticate("", "")
	assert.NotNil(t, err)

	result, err := store.Authenticate("5@bar", "secret")
	assert.Nil(t, err)

	assert.True(t, reflect.DeepEqual(account, result), "Results do not match: (%v) does not equal ($v)", &account, &result)
}
Exemplo n.º 6
0
func TestUpdatePassword(t *testing.T) {
	account, err := store.Create("4", "4@bar", "old secret", `{"foo": "bar"}`)
	assert.Nil(t, err)

	_, err = store.UpdatePassword("4", "wrong old secret", "new secret")
	assert.NotNil(t, err)

	updatedAccount, err := store.UpdatePassword("4", "old secret", "new secret")
	assert.Nil(t, err)

	resultAccount, err := store.Get("4")
	assert.Nil(t, err)

	assert.Equal(t, updatedAccount.GetPassword(), resultAccount.GetPassword())
	assert.NotEqual(t, account.GetPassword(), resultAccount.GetPassword())
}
Exemplo n.º 7
0
func TestClientGrantType(t *testing.T) {
	router := mux.NewRouter()
	handler.SetRoutes(router)
	ts := httptest.NewServer(router)
	defer ts.Close()

	for k, c := range []*struct {
		config *oauth2.Config
		pass   bool
	}{
		{configs["working"], true},
		{configs["voidSecret"], false},
		{configs["voidID"], false},
		{configs["working"], true},
	} {
		conf := clientcredentials.Config{
			ClientID:     c.config.ClientID,
			ClientSecret: c.config.ClientSecret,
			TokenURL:     ts.URL + c.config.Endpoint.TokenURL,
			Scopes:       c.config.Scopes,
		}

		_, err := conf.Token(oauth2.NoContext)
		if c.pass {
			assert.Nil(t, err, "Case %d\n%v", k, conf)
		} else {
			assert.NotNil(t, err, "Case %d\n%v", k, conf)
		}
	}
}
Exemplo n.º 8
0
func TestPasswordGrantType(t *testing.T) {
	router := mux.NewRouter()
	handler.SetRoutes(router)
	ts := httptest.NewServer(router)
	defer ts.Close()

	for k, c := range []struct {
		config *oauth2.Config
		user   *userAuth
		pass   bool
	}{
		{configs["working"], logins["working"], true},
		{configs["working"], logins["voidEmail"], false},
		{configs["working"], logins["voidPassword"], false},
		{configs["working"], logins["working"], true},
		{configs["voidSecret"], logins["working"], false},
		{configs["voidID"], logins["working"], false},
		{configs["working"], logins["working"], true},
	} {
		config := *c.config
		config.Endpoint = oauth2.Endpoint{AuthURL: ts.URL + "/oauth2/auth", TokenURL: ts.URL + "/oauth2/token"}
		_, err := config.PasswordCredentialsToken(oauth2.NoContext, c.user.Username, c.user.Password)
		if c.pass {
			assert.Nil(t, err, "Case %d", k)
		} else {
			assert.NotNil(t, err, "Case %d", k)
		}
	}
}
Exemplo n.º 9
0
func TestUpdateEmail(t *testing.T) {
	_, err := store.Create("3", "3@bar", "secret", `{"foo": "bar"}`)
	assert.Nil(t, err)

	_, err = store.UpdateEmail("3", "3@foo", "wrong secret")
	assert.NotNil(t, err)

	_, err = store.UpdateEmail("3", "3@foo", "secret")
	assert.Nil(t, err)

	r, err := store.Get("3")
	assert.Nil(t, err)

	assert.Equal(t, "3", r.GetID())
	assert.Equal(t, "3@foo", r.GetEmail())
	assert.NotEqual(t, "secret", r.GetPassword())
}
Exemplo n.º 10
0
func TestCreateGetDeleteGet(t *testing.T) {
	for k, c := range []test{
		{subject: "peter", token: jwt.Token{Valid: false}, policies: []policy.Policy{policies["fail"]}, createData: data["fail"], statusCreate: http.StatusUnauthorized},
		{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["fail"]}, createData: data["fail"], statusCreate: http.StatusForbidden},
		{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["ok-max"], statusCreate: http.StatusOK, statusGet: http.StatusForbidden},
		{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["fail"], statusCreate: http.StatusBadRequest},
		{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["fail-validation"], statusCreate: http.StatusBadRequest},
		{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"], policies["pass-get"]}, createData: data["ok-zac"], statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusForbidden},
		{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-all"]}, createData: data["ok-steve"], statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusAccepted, statusGetAfterDelete: http.StatusNotFound},
	} {
		func() {
			handler := &Handler{s: store, m: mw}
			router := mux.NewRouter()
			handler.SetRoutes(router, mockAuthorization(c))
			ts := httptest.NewServer(router)
			defer ts.Close()

			request := gorequest.New()
			connectionsURL := fmt.Sprintf("%s/oauth2/connections?subject=%s", ts.URL, c.subject)

			resp, body, _ := request.Post(connectionsURL).Send(*c.createData).End()
			require.Equal(t, c.statusCreate, resp.StatusCode, "case %d: %s", k, body)
			if resp.StatusCode != http.StatusOK {
				return
			}

			var conn DefaultConnection
			assert.Nil(t, json.Unmarshal([]byte(body), &conn))

			resp, body, _ = request.Get(connectionsURL).End()
			require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
			if resp.StatusCode != http.StatusOK {
				return
			}

			resp, body, _ = request.Get(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
			require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
			if resp.StatusCode != http.StatusOK {
				return
			}

			resp, body, _ = request.Post(connectionsURL).Send(*c.createData).End()
			require.Equal(t, http.StatusInternalServerError, resp.StatusCode, "case %d: %s", k, body)

			resp, body, _ = request.Delete(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
			require.Equal(t, c.statusDelete, resp.StatusCode, "case %d: %s", k, body)
			if resp.StatusCode != http.StatusAccepted {
				return
			}

			resp, body, _ = request.Get(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
			require.Equal(t, c.statusGetAfterDelete, resp.StatusCode, "case %d: %s", k, body)

			resp, body, _ = request.Delete(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
			require.Equal(t, http.StatusNotFound, resp.StatusCode, "case %d: %s", k, body)
		}()
	}
}
Exemplo n.º 11
0
func TestHash(t *testing.T) {
	h := &BCrypt{
		WorkFactor: 10,
	}
	password := "******"
	hash, err := h.Hash(password)
	assert.Nil(t, err)
	assert.NotNil(t, hash)
	assert.NotEqual(t, hash, password)
}
Exemplo n.º 12
0
func TestLoadCertificate(t *testing.T) {
	for _, c := range TestCertificates {
		out, err := LoadCertificate(c[0])
		assert.Nil(t, err)
		assert.Equal(t, c[1], string(out))
	}
	_, err := LoadCertificate("")
	assert.NotNil(t, err)
	_, err = LoadCertificate("foobar")
	assert.NotNil(t, err)
}
Exemplo n.º 13
0
func TestCompareDifferent(t *testing.T) {
	h := &BCrypt{
		WorkFactor: 10,
	}
	password := "******"
	hash, err := h.Hash(password)
	assert.Nil(t, err)
	assert.NotNil(t, hash)
	err = h.Compare(hash, uuid.NewRandom().String())
	assert.NotNil(t, err)
}
Exemplo n.º 14
0
func TestCreateAndGetCases(t *testing.T) {
	for _, c := range []struct {
		data  []string
		extra string
		pass  bool
		find  bool
	}{
		{[]string{"1", "1@bar", "secret"}, `{"foo": "bar"}`, true, true},
		{[]string{"1", "1@foo", "secret"}, `{"foo": "bar"}`, false, true},
		{[]string{"2", "1@bar", "secret"}, `{"foo": "bar"}`, false, false},
	} {
		result, err := store.Create(c.data[0], c.data[1], c.data[2], c.extra)
		if c.pass {
			assert.Nil(t, err)
			assert.Equal(t, c.data[0], result.GetID())
			assert.Equal(t, c.data[1], result.GetEmail())
			assert.NotEqual(t, c.data[2], result.GetPassword())
			assert.Equal(t, c.extra, result.GetData())

			result, err = store.Get(c.data[0])
			if c.find {
				assert.Nil(t, err)
				assert.Equal(t, c.data[0], result.GetID())
				assert.Equal(t, c.data[1], result.GetEmail())
				assert.NotEqual(t, c.data[2], result.GetPassword())
				assert.Equal(t, c.extra, result.GetData())
			} else {
				assert.NotNil(t, err)
			}
		} else {
			assert.NotNil(t, err)
			_, err = store.Get(c.data[0])
			if c.find {
				assert.Nil(t, err)
			} else {
				assert.NotNil(t, err)
			}
		}
	}
}
Exemplo n.º 15
0
// Nil asserts that the specified object is nil.
//
//    require.Nil(t, err, "err should be nothing")
func Nil(t TestingT, object interface{}, msgAndArgs ...interface{}) {
	if !assert.Nil(t, object, msgAndArgs...) {
		t.FailNow()
	}
}