// getUserCredentialsFromRequest is the common code used to parse user
// credentials in the request object. It will return a user object based on
// a user specific bearer token
func getUserCredentialsFromRequest(r *http.Request, service ServiceInterface) (*User, error) {
token, err := util.ParseBearerToken(r)
if err != nil {
return nil, err
}
return service.GetUserCredentialsFromToken(string(token))
}
// getClientCredentialsFromRequest is the common code used to parse client
// credentials in the request object. It will return a client object based on
// either base auth client ID and secret or a client only bearer token
func getClientCredentialsFromRequest(r *http.Request, service ServiceInterface) (*Account, error) {
token, err := util.ParseBearerToken(r)
if err != nil {
return service.GetClientCredentialsFromBaseAuth(r)
}
account, err := service.GetClientCredentialsFromToken(string(token))
if err != nil {
return nil, err
}
return account, nil
}
func TestParseBearerToken(t *testing.T) {
r, err := http.NewRequest("GET", "http://1.2.3.4/something", nil)
assert.NoError(t, err, "Request setup should not get an error")
r.Header.Add("Authorization", "Bearer test_token")
token, err := util.ParseBearerToken(r)
// Error should be nil
assert.Nil(t, err)
// Correct token should be returned
if assert.NotNil(t, token) {
assert.Equal(t, []byte("test_token"), token)
}
}
func TestParseBearerTokenNotFound(t *testing.T) {
r, err := http.NewRequest("GET", "http://1.2.3.4/something", nil)
assert.NoError(t, err, "Request setup should not get an error")
r.Header.Add("Authorization", "bogus bogus")
token, err := util.ParseBearerToken(r)
// Token should be nil
assert.Nil(t, token)
// Correct error should be returned
if assert.NotNil(t, err) {
assert.Equal(t, "Bearer token not found", err.Error())
}
}
