func TestJWTAuth(t *testing.T) { req, _ := http.NewRequest(echo.GET, "/", nil) rec := httptest.NewRecorder() c := echo.NewContext(req, echo.NewResponse(rec), echo.New()) key := []byte("key") fn := func(kid string, method jwt.SigningMethod) ([]byte, error) { return key, nil } ja := JWTAuth(fn) token := jwt.New(jwt.SigningMethodHS256) token.Claims["foo"] = "bar" token.Claims["exp"] = time.Now().Add(time.Hour * 72).Unix() ts, err := token.SignedString(key) assert.NoError(t, err) // Valid credentials auth := Bearer + " " + ts req.Header.Set(echo.Authorization, auth) assert.NoError(t, ja(c)) //--------------------- // Invalid credentials //--------------------- // Expired token token.Claims["exp"] = time.Now().Add(-time.Second).Unix() ts, err = token.SignedString(key) assert.NoError(t, err) auth = Bearer + " " + ts req.Header.Set(echo.Authorization, auth) he := ja(c).(*echo.HTTPError) assert.Equal(t, http.StatusUnauthorized, he.Code()) // Empty Authorization header req.Header.Set(echo.Authorization, "") he = ja(c).(*echo.HTTPError) assert.Equal(t, http.StatusBadRequest, he.Code()) // Invalid Authorization header auth = "token" req.Header.Set(echo.Authorization, auth) he = ja(c).(*echo.HTTPError) assert.Equal(t, http.StatusBadRequest, he.Code()) // Invalid scheme auth = "Bear token" req.Header.Set(echo.Authorization, auth) he = ja(c).(*echo.HTTPError) assert.Equal(t, http.StatusBadRequest, he.Code()) // WebSocket c.Request().Header.Set(echo.Upgrade, echo.WebSocket) assert.NoError(t, ja(c)) }
func TestBasicAuth(t *testing.T) { req, _ := http.NewRequest(echo.GET, "/", nil) rec := httptest.NewRecorder() c := echo.NewContext(req, echo.NewResponse(rec), echo.New()) fn := func(u, p string) bool { if u == "joe" && p == "secret" { return true } return false } ba := BasicAuth(fn) // Valid credentials auth := Basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:secret")) req.Header.Set(echo.Authorization, auth) assert.NoError(t, ba(c)) //--------------------- // Invalid credentials //--------------------- // Incorrect password auth = Basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:password")) req.Header.Set(echo.Authorization, auth) he := ba(c).(*echo.HTTPError) assert.Equal(t, http.StatusUnauthorized, he.Code()) // Empty Authorization header req.Header.Set(echo.Authorization, "") he = ba(c).(*echo.HTTPError) assert.Equal(t, http.StatusBadRequest, he.Code()) // Invalid Authorization header auth = base64.StdEncoding.EncodeToString([]byte(" :secret")) req.Header.Set(echo.Authorization, auth) he = ba(c).(*echo.HTTPError) assert.Equal(t, http.StatusBadRequest, he.Code()) // Invalid scheme auth = "Base " + base64.StdEncoding.EncodeToString([]byte(" :secret")) req.Header.Set(echo.Authorization, auth) he = ba(c).(*echo.HTTPError) assert.Equal(t, http.StatusBadRequest, he.Code()) // WebSocket c.Request().Header.Set(echo.Upgrade, echo.WebSocket) assert.NoError(t, ba(c)) }
func TestGzip(t *testing.T) { req, _ := http.NewRequest(echo.GET, "/", nil) rec := httptest.NewRecorder() c := echo.NewContext(req, echo.NewResponse(rec), echo.New()) h := func(c *echo.Context) error { return c.String(http.StatusOK, "test") } // Skip if no Accept-Encoding header Gzip()(h)(c) assert.Equal(t, http.StatusOK, rec.Code) assert.Equal(t, "test", rec.Body.String()) // Gzip req, _ = http.NewRequest(echo.GET, "/", nil) req.Header.Set(echo.AcceptEncoding, "gzip") rec = httptest.NewRecorder() c = echo.NewContext(req, echo.NewResponse(rec), echo.New()) Gzip()(h)(c) assert.Equal(t, http.StatusOK, rec.Code) assert.Equal(t, "gzip", rec.Header().Get(echo.ContentEncoding)) r, err := gzip.NewReader(rec.Body) defer r.Close() if assert.NoError(t, err) { buf := new(bytes.Buffer) buf.ReadFrom(r) assert.Equal(t, "test", buf.String()) } }
func TestResponse(t *testing.T) { w := httptest.NewRecorder() r := NewResponse(w) // SetWriter r.SetWriter(w) // Writer assert.Equal(t, w, r.Writer()) // Header assert.NotNil(t, r.Header()) // WriteHeader r.WriteHeader(http.StatusOK) assert.Equal(t, http.StatusOK, r.status) // Committed assert.True(t, r.committed) // Already committed r.WriteHeader(http.StatusTeapot) assert.NotEqual(t, http.StatusTeapot, r.Status()) // Status r.status = http.StatusOK assert.Equal(t, http.StatusOK, r.Status()) // Write s := "echo" _, err := r.Write([]byte(s)) assert.NoError(t, err) // Flush r.Flush() // Size assert.EqualValues(t, len(s), r.Size()) // Hijack assert.Panics(t, func() { r.Hijack() }) // CloseNotify assert.Panics(t, func() { r.CloseNotify() }) // reset r.reset(httptest.NewRecorder()) }
func TestEchoWebSocket(t *testing.T) { e := New() e.WebSocket("/ws", func(c *Context) error { c.socket.Write([]byte("test")) return nil }) srv := httptest.NewServer(e) defer srv.Close() addr := srv.Listener.Addr().String() origin := "http://localhost" url := fmt.Sprintf("ws://%s/ws", addr) ws, err := websocket.Dial(url, "", origin) if assert.NoError(t, err) { ws.Write([]byte("test")) defer ws.Close() buf := new(bytes.Buffer) buf.ReadFrom(ws) assert.Equal(t, "test", buf.String()) } }