// getUserCredentialsFromRequest is the common code used to parse user // credentials in the request object. It will return a user object based on // a user specific bearer token func getUserCredentialsFromRequest(r *http.Request, service ServiceInterface) (*User, error) { token, err := util.ParseBearerToken(r) if err != nil { return nil, err } return service.GetUserCredentialsFromToken(string(token)) }
// getClientCredentialsFromRequest is the common code used to parse client // credentials in the request object. It will return a client object based on // either base auth client ID and secret or a client only bearer token func getClientCredentialsFromRequest(r *http.Request, service ServiceInterface) (*Account, error) { token, err := util.ParseBearerToken(r) if err != nil { return service.GetClientCredentialsFromBaseAuth(r) } account, err := service.GetClientCredentialsFromToken(string(token)) if err != nil { return nil, err } return account, nil }
func TestParseBearerToken(t *testing.T) { r, err := http.NewRequest("GET", "http://1.2.3.4/something", nil) assert.NoError(t, err, "Request setup should not get an error") r.Header.Add("Authorization", "Bearer test_token") token, err := util.ParseBearerToken(r) // Error should be nil assert.Nil(t, err) // Correct token should be returned if assert.NotNil(t, token) { assert.Equal(t, []byte("test_token"), token) } }
func TestParseBearerTokenNotFound(t *testing.T) { r, err := http.NewRequest("GET", "http://1.2.3.4/something", nil) assert.NoError(t, err, "Request setup should not get an error") r.Header.Add("Authorization", "bogus bogus") token, err := util.ParseBearerToken(r) // Token should be nil assert.Nil(t, token) // Correct error should be returned if assert.NotNil(t, err) { assert.Equal(t, "Bearer token not found", err.Error()) } }