// getUserCredentialsFromRequest is the common code used to parse user
// credentials in the request object. It will return a user object based on
// a user specific bearer token
func getUserCredentialsFromRequest(r *http.Request, service ServiceInterface) (*User, error) {
	token, err := util.ParseBearerToken(r)
	if err != nil {
		return nil, err
	}
	return service.GetUserCredentialsFromToken(string(token))
}
// getClientCredentialsFromRequest is the common code used to parse client
// credentials in the request object. It will return a client object based on
// either base auth client ID and secret or a client only bearer token
func getClientCredentialsFromRequest(r *http.Request, service ServiceInterface) (*Account, error) {
	token, err := util.ParseBearerToken(r)
	if err != nil {
		return service.GetClientCredentialsFromBaseAuth(r)
	}
	account, err := service.GetClientCredentialsFromToken(string(token))
	if err != nil {
		return nil, err
	}
	return account, nil
}
Пример #3
0
func TestParseBearerToken(t *testing.T) {
	r, err := http.NewRequest("GET", "http://1.2.3.4/something", nil)
	assert.NoError(t, err, "Request setup should not get an error")
	r.Header.Add("Authorization", "Bearer test_token")

	token, err := util.ParseBearerToken(r)

	// Error should be nil
	assert.Nil(t, err)

	// Correct token should be returned
	if assert.NotNil(t, token) {
		assert.Equal(t, []byte("test_token"), token)
	}
}
Пример #4
0
func TestParseBearerTokenNotFound(t *testing.T) {
	r, err := http.NewRequest("GET", "http://1.2.3.4/something", nil)
	assert.NoError(t, err, "Request setup should not get an error")
	r.Header.Add("Authorization", "bogus bogus")

	token, err := util.ParseBearerToken(r)

	// Token should be nil
	assert.Nil(t, token)

	// Correct error should be returned
	if assert.NotNil(t, err) {
		assert.Equal(t, "Bearer token not found", err.Error())
	}
}