func TestCreateGetFindDelete(t *testing.T) {
require.Nil(t, store.Create(connection))
c, err := store.Get(connection.ID)
require.Nil(t, err)
require.Equal(t, connection, c)
c, err = store.FindByRemoteSubject("google", "peterson")
require.Nil(t, err)
require.Equal(t, connection, c)
cs, err := store.FindAllByLocalSubject("peter")
require.Nil(t, err)
require.Equal(t, connection, cs[0])
require.Nil(t, store.Delete(connection.ID))
_, err = store.Get(connection.ID)
require.NotNil(t, err)
}
func TestCreateGetDeleteGet(t *testing.T) {
for k, c := range []test{
{subject: "peter", token: jwt.Token{Valid: false}, policies: []policy.Policy{policies["fail"]}, createData: data["fail"], statusCreate: http.StatusUnauthorized},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["fail"]}, createData: data["fail"], statusCreate: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["ok-max"], statusCreate: http.StatusOK, statusGet: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["fail"], statusCreate: http.StatusBadRequest},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: data["fail-validation"], statusCreate: http.StatusBadRequest},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"], policies["pass-get"]}, createData: data["ok-zac"], statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-all"]}, createData: data["ok-steve"], statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusAccepted, statusGetAfterDelete: http.StatusNotFound},
} {
func() {
handler := &Handler{s: store, m: mw}
router := mux.NewRouter()
handler.SetRoutes(router, mockAuthorization(c))
ts := httptest.NewServer(router)
defer ts.Close()
request := gorequest.New()
connectionsURL := fmt.Sprintf("%s/oauth2/connections?subject=%s", ts.URL, c.subject)
resp, body, _ := request.Post(connectionsURL).Send(*c.createData).End()
require.Equal(t, c.statusCreate, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
var conn DefaultConnection
assert.Nil(t, json.Unmarshal([]byte(body), &conn))
resp, body, _ = request.Get(connectionsURL).End()
require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
resp, body, _ = request.Get(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
resp, body, _ = request.Post(connectionsURL).Send(*c.createData).End()
require.Equal(t, http.StatusInternalServerError, resp.StatusCode, "case %d: %s", k, body)
resp, body, _ = request.Delete(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, c.statusDelete, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusAccepted {
return
}
resp, body, _ = request.Get(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, c.statusGetAfterDelete, resp.StatusCode, "case %d: %s", k, body)
resp, body, _ = request.Delete(fmt.Sprintf("%s/oauth2/connections/%s", ts.URL, conn.ID)).End()
require.Equal(t, http.StatusNotFound, resp.StatusCode, "case %d: %s", k, body)
}()
}
}
func TestCreateGetDeleteGet(t *testing.T) {
for k, c := range []test{
{subject: "peter", token: jwt.Token{Valid: false}, policies: []policy.Policy{policies["fail"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusUnauthorized},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["fail"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusOK, statusGet: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-create"], policies["pass-get"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusForbidden},
{subject: "peter", token: jwt.Token{Valid: true}, policies: []policy.Policy{policies["pass-all"]}, createData: payload{RedirectURIs: "redir"}, statusCreate: http.StatusOK, statusGet: http.StatusOK, statusDelete: http.StatusAccepted, statusGetAfterDelete: http.StatusNotFound},
} {
func() {
handler := &Handler{s: store, m: mw}
router := mux.NewRouter()
handler.SetRoutes(router, mockAuthorization(c))
ts := httptest.NewServer(router)
defer ts.Close()
request := gorequest.New()
resp, body, _ := request.Post(ts.URL + "/clients").Send(c.createData).End()
require.Equal(t, c.statusCreate, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
var client payload
json.Unmarshal([]byte(body), &client)
resp, body, _ = request.Get(ts.URL + "/clients/" + client.ID).End()
require.Equal(t, c.statusGet, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
resp, body, _ = request.Delete(ts.URL + "/clients/" + client.ID).End()
require.Equal(t, c.statusDelete, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusAccepted {
return
}
resp, body, _ = request.Get(ts.URL + "/clients/" + client.ID).End()
require.Equal(t, c.statusGetAfterDelete, resp.StatusCode, "case %d: %s", k, body)
}()
}
}
func TestCreateGetDelete(t *testing.T) {
for k, c := range []test{
test{
subject: "peter", token: &jwt.Token{Valid: false},
expected: result{create: http.StatusUnauthorized, get: 0, delete: 0},
},
test{
subject: "peter", token: &jwt.Token{Valid: true}, policies: policies["empty"],
expected: result{create: http.StatusForbidden, get: 0, delete: 0},
},
test{
subject: "peter", token: &jwt.Token{Valid: true}, policies: policies["empty"],
expected: result{create: http.StatusForbidden, get: 0, delete: 0},
},
test{
subject: "max", token: &jwt.Token{Valid: true}, policies: policies["empty"],
expected: result{create: http.StatusForbidden, get: 0, delete: 0},
},
test{
subject: "max", token: &jwt.Token{Valid: true}, payload: payload{},
policies: policies["allow-create"],
expected: result{
create: http.StatusForbidden, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@foobar.com", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@foobar.com", Password: "******", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: "notemail", Password: "******", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "not json"},
policies: policies["allow-create"],
expected: result{
create: http.StatusBadRequest, get: 0, delete: 0,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "{}"},
policies: policies["allow-create"],
expected: result{
create: http.StatusOK, get: http.StatusForbidden, delete: http.StatusForbidden,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "{}"},
policies: policies["allow-create-get"],
expected: result{
create: http.StatusOK, get: http.StatusOK, delete: http.StatusForbidden,
},
},
test{
subject: "peter", token: &jwt.Token{Valid: true},
payload: payload{Email: uuid.New() + "@bar.com", Password: "******", Data: "{}"},
policies: policies["allow-all"],
expected: result{
create: http.StatusOK, get: http.StatusOK, delete: http.StatusAccepted,
},
},
} {
router := mux.NewRouter()
hd.SetRoutes(router, mock(c))
ts := httptest.NewServer(router)
defer ts.Close()
t.Logf(ts.URL + "/accounts")
request := gorequest.New()
resp, body, _ := request.Post(ts.URL + "/accounts").Send(c.payload).End()
require.Equal(t, c.expected.create, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
user := assertAccount(t, c, body)
resp, body, _ = request.Get(ts.URL + "/accounts/" + user.GetID()).End()
require.Equal(t, c.expected.get, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusOK {
return
}
user = assertAccount(t, c, body)
resp, body, _ = request.Delete(ts.URL + "/accounts/" + user.GetID()).End()
require.Equal(t, c.expected.delete, resp.StatusCode, "case %d: %s", k, body)
if resp.StatusCode != http.StatusAccepted {
return
}
resp, body, _ = request.Get(ts.URL + "/accounts/" + user.GetID()).End()
require.Equal(t, http.StatusNotFound, resp.StatusCode, "case %d: %s", k, body)
}
}
func TestSignAndVerify(t *testing.T) {
for i, c := range []struct {
private []byte
public []byte
header map[string]interface{}
claims map[string]interface{}
valid bool
signOk bool
}{
{
[]byte(""),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{"nbf": time.Now().Add(time.Hour)},
false,
false,
},
{
[]byte(TestCertificates[0][1]),
[]byte(""),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{"nbf": time.Now().Add(time.Hour)},
false,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{"nbf": time.Now().Add(-time.Hour)},
false,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{"nbf": time.Now().Add(time.Hour)},
false,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{"exp": time.Now().Add(-time.Hour)},
false,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{
"nbf": time.Now().Add(-time.Hour),
"iat": time.Now().Add(-time.Hour),
"exp": time.Now().Add(time.Hour),
},
true,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{
"nbf": time.Now().Add(-time.Hour),
},
false,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{
"exp": time.Now().Add(time.Hour),
},
true,
true,
},
{
[]byte(TestCertificates[0][1]),
[]byte(TestCertificates[1][1]),
map[string]interface{}{"foo": "bar"},
map[string]interface{}{},
false,
true,
},
} {
j := New(c.private, c.public)
data, err := j.SignToken(c.claims, c.header)
if c.signOk {
require.Nil(t, err, "Case %d", i)
} else {
require.NotNil(t, err, "Case %d", i)
}
tok, err := j.VerifyToken([]byte(data))
if c.valid {
require.Nil(t, err, "Case %d", i)
require.Equal(t, c.valid, tok.Valid, "Case %d", i)
} else {
require.NotNil(t, err, "Case %d", i)
}
}
}
func TestIntrospect(t *testing.T) {
router := mux.NewRouter()
handler.SetRoutes(router)
ts := httptest.NewServer(router)
defer ts.Close()
config := configs["working"]
user := logins["working"]
clientConfig := clientcredentials.Config{
ClientID: config.ClientID,
ClientSecret: config.ClientSecret,
TokenURL: ts.URL + config.Endpoint.TokenURL,
Scopes: config.Scopes,
}
config.Endpoint = oauth2.Endpoint{AuthURL: ts.URL + "/oauth2/auth", TokenURL: ts.URL + "/oauth2/token"}
access, _ := clientConfig.Token(oauth2.NoContext)
verify, _ := config.PasswordCredentialsToken(oauth2.NoContext, user.Username, user.Password)
for k, c := range []*struct {
accessToken string
code int
pass bool
}{
{"Bearer " + verify.AccessToken, http.StatusOK, true},
{"", http.StatusUnauthorized, false},
{"Bearer ", http.StatusUnauthorized, false},
{"Bearer invalid", http.StatusForbidden, false},
{"Bearer invalid", http.StatusForbidden, false},
{"Bearer invalid", http.StatusForbidden, false},
//
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.e30.FvuwHdEjgGxPAyVUb-eqtiPl2gycU9WOHNzwpFKcpdN_QkXkBUxU3qFl3lLBaMzIuP_GjXLXcJZFhyQ2Ne3kfWuZSGLmob0Og8B4lAy7CA7iwpji2R3aUcwBwbJ41IJa__F8fMRz0dRDwhyrBKD-9y4TfV_-yZuzBZxq0UdjX6IdpzsdetphBSIZkPij5MY3thRwC-X_gXyIXi4-G2_CjRrV5lCGnPJrDbLqPCYqS71wK9NEsz_B8p5ENmwad8vZe4fEFR7XsqJrhPjbEVGeLpzSz0AOGp4G1iyvv1sdu4M3Y8KSSGYnZ8lXNGyi8QeUr374Y6XgJ5N5TVLWI2cMxg", http.StatusForbidden, false},
// "exp": "2012-04-23T18:25:43.511Z"
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDEyLTA0LTIzVDE4OjI1OjQzLjUxMVoifQ.YPCfgNDs-UT6vNqh6095cXiMe0jcA9HjHuLi6hK6YBPsEHwHFniFGXAYt1PpPabBHAz7lQQ8zZao6LrVXkfz7PLbeQZl3KY0SUb-Wb0eEDjX4naEdm20whrYMZQ36VcTMT-FsGk5MB-nIYKq3iX6FMhumV8StjpC0jrM14488lPwLXihC1uITQBNVFEyXV_emhfuyojWEcEq899oE_vVRd7pTOmIhU8dFEAonoLZyPTKzSfvqaurPeySA5ttA-TTMTxZNzGVxWV4cwYHlhTXfS57zoSF_EN_PULTqMepUe8RC9AFnwyvNAa5e4nxQG5yO6b7cUGa0vSCD5FPbNBh-w", http.StatusForbidden, false},
// {
// "exp": "2099-04-23T18:25:43.511Z",
// "nbf": "2099-04-23T18:25:43.511Z"
// }
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJuYmYiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoifQ.hCuvBuiwEjjTbL8NMfEe6exDaRUeQIHodTNc5uBdY1lxmJWfFPh2zykuEvinqTprQe2CPRmL3Dk6jX3pcnigg7IjMX-EZueOnJc229gwjmJJiIGuUJOV3bLc-0xQ3cu6FCRc2NgOEh6Nq6Jh8G7ko4Du4gGrFsn97kbzAUYyns98T8442p0YXdQF-KVCc87fCkdr6OTsbfomy7jUDLCWptyJqREOoBll-nzyFWTxGHgoH_DmHft64SwvsvRafqZv9Q48bRzr857ps6OjEPncjRTriAsJa-p7aPKO2e7LXLKpopcaNwC09RNteAO4XPc2_M-IrYf6a02UzgSmOkIZUg", http.StatusForbidden, false},
// {
// "exp": "2099-04-23T18:25:43.511Z",
// "iat": "2000-04-23T18:25:43.511Z",
// "nbf": "2099-04-23T18:25:43.511Z"
// }
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJpYXQiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJuYmYiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoifQ.WtRurXoCy4kHPxnaL5ccPaeHIaDogXRFE6mqyF8nVTSsv6E7FaJg4IiYylxa44ty8GRMYn7c2CSyQefTVauqjJm8b0Rpu4biIeyCQRzwTZZzqZbc6irdWYsJu4DkwfAU0yP2EaLEtQOG3scnDpmtyCp7NvDAi8XlVeytOSHjqyJMWzqO_z5eU4e2Ap-3wkLo4P9_W1W3Tx_V0xQR2VaOXtVjEa_VS36rAMBy6WAvYQrYNlvBAA6OBfqg2uvKUfmEoE6MchkFxHFTSGBmI2boDfF2XGlyLn0di7gIBG-udXDv_zaVp4BtuswygTskV5d2i3pvLGP6UuJJhc7VVOAoPw", http.StatusForbidden, false},
// {
// "exp": "2099-04-23T18:25:43.511Z",
// "iat": "2000-04-23T18:25:43.511Z",
// "nbf": "2000-04-23T18:25:43.511Z",
// "aud": "wrong-audience"
// }
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJpYXQiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJuYmYiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJhdWQiOiJ3cm9uZy1hdWRpZW5jZSJ9.rF4JqVpawgHcg_H2hAAsEI2GUxzxCote4pUlruK9hLF-Dv-YSeEmMcFBhfxgsFuDCJotUCG6v8EhwI4u2wxGQHzLz70a-0AEZLQBccCfF_V4qAk8B7M5z2fO7xtEy8RkB2pZKCHbJ1f_6MSM_EyV6r4oiwedveBSsLKcjDhWE3_wExmtmtZaujJy53gR8Wh7BnUt6pl95_d7OMFjGEp1C_N0f3xd9SizIZ-qlIwHiX4xLHtvTZIjdmfyzXxPm_MK_aMOXmX0F6DQn5tgMzAggEdKSD6YdU8HM256zLQeddczrrDI5P3SASiBJ6MCUM4AzbvoFuFAilQi0WzpLpmlJw", http.StatusOK, false},
// {
// "exp": "2099-04-23T18:25:43.511Z",
// "iat": "2000-04-23T18:25:43.511Z",
// "nbf": "2000-04-23T18:25:43.511Z",
// "aud": "tests"
// }
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJpYXQiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJuYmYiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJhdWQiOiJ0ZXN0cyJ9.NQZCoKU2qoC-_VFi-_8fQDzObeQrnld9wyaqF0jYHL_wqROn5VumCDVl1oxMN7g-L9wqo5U-xUXf1HS_Ae6CLDFlkbd6dI-h1_l7_ALn_L_GoxQsEo2lQUDQ-Q4eqlLabc764cTYFXd5EwcsZMHWs5ZFCeMOv3exfeTmg8E9e1FiyuTuKVjvMxL-ZCh113nzXEGFr6GRzqjL6VSnJPDX0Pv78R9tnL6CqWbCuDBlIPOccbpWLuWF0yKjV-OyvcWpjkLIVtAbrimi3A7cNUI_V3EJm9Y4tr8e6hv9zViPNbhycmqvOp-vur2k64PrzeMcbuj7TFRCJg2V3moPJF3NtQ", http.StatusOK, true},
// {
// "exp": "2099-04-23T18:25:43.511Z",
// "iat": "2000-04-23T18:25:43.511Z",
// "nbf": "2000-04-23T18:25:43.511Z",
// "aud": "tests"
// }
{"Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOiIyMDk5LTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJpYXQiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJuYmYiOiIyMDAwLTA0LTIzVDE4OjI1OjQzLjUxMVoiLCJhdWQiOiJ0ZXN0cyJ9.NQZCoKU2qoC-_VFi-_8fQDzObeQrnld9wyaqF0jYHL_wqROn5VumCDVl1oxMN7g-L9wqo5U-xUXf1HS_Ae6CLDFlkbd6dI-h1_l7_ALn_L_GoxQsEo2lQUDQ-Q4eqlLabc764cTYFXd5EwcsZMHWs5ZFCeMOv3exfeTmg8E9e1FiyuTuKVjvMxL-ZCh113nzXEGFr6GRzqjL6VSnJPDX0Pv78R9tnL6CqWbCuDBlIPOccbpWLuWF0yKjV-OyvcWpjkLIVtAbrimi3A7cNUI_V3EJm9Y4tr8e6hv9zViPNbhycmqvOp-vur2k64PrzeMcbuj7TFRCJg2V3moPJF3NtQ", http.StatusOK, true},
} {
client := &http.Client{}
form := url.Values{}
form.Add("token", access.AccessToken)
req, _ := http.NewRequest("POST", ts.URL+"/oauth2/introspect", strings.NewReader(form.Encode()))
if c.accessToken != "" {
req.Header.Add("Authorization", c.accessToken)
}
res, _ := client.Do(req)
body, _ := ioutil.ReadAll(res.Body)
require.Equal(t, c.code, res.StatusCode, "Case %d: %s", k, body)
if res.StatusCode != http.StatusOK {
continue
}
var result map[string]interface{}
require.Nil(t, json.Unmarshal(body, &result))
assert.Equal(t, c.pass, result["active"].(bool), "Case %d", k)
}
}