gin/auth_test.go

147 lines
4.0 KiB
Go
Raw Normal View History

2014-08-29 17:49:50 +00:00
// Copyright 2014 Manu Martinez-Almeida. All rights reserved.
// Use of this source code is governed by a MIT style
// license that can be found in the LICENSE file.
2014-08-12 09:32:06 +00:00
package gin
import (
"encoding/base64"
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
2014-08-12 09:32:06 +00:00
)
func TestBasicAuth(t *testing.T) {
2015-05-19 20:19:25 +00:00
pairs := processAccounts(Accounts{
"admin": "password",
"foo": "bar",
"bar": "foo",
2015-05-19 20:19:25 +00:00
})
assert.Len(t, pairs, 3)
assert.Contains(t, pairs, authPair{
user: "bar",
value: "Basic YmFyOmZvbw==",
2015-05-19 20:19:25 +00:00
})
assert.Contains(t, pairs, authPair{
user: "foo",
value: "Basic Zm9vOmJhcg==",
2015-05-19 20:19:25 +00:00
})
assert.Contains(t, pairs, authPair{
user: "admin",
value: "Basic YWRtaW46cGFzc3dvcmQ=",
2015-05-19 20:19:25 +00:00
})
}
2014-08-12 09:32:06 +00:00
func TestBasicAuthFails(t *testing.T) {
assert.Panics(t, func() { processAccounts(nil) })
assert.Panics(t, func() {
processAccounts(Accounts{
"": "password",
"foo": "bar",
})
})
}
2014-08-12 09:32:06 +00:00
func TestBasicAuthSearchCredential(t *testing.T) {
pairs := processAccounts(Accounts{
"admin": "password",
"foo": "bar",
"bar": "foo",
2014-08-12 09:32:06 +00:00
})
user, found := pairs.searchCredential(authorizationHeader("admin", "password"))
assert.Equal(t, "admin", user)
assert.True(t, found)
2014-08-12 09:32:06 +00:00
user, found = pairs.searchCredential(authorizationHeader("foo", "bar"))
assert.Equal(t, "foo", user)
assert.True(t, found)
2014-08-12 09:32:06 +00:00
user, found = pairs.searchCredential(authorizationHeader("bar", "foo"))
assert.Equal(t, "bar", user)
assert.True(t, found)
user, found = pairs.searchCredential(authorizationHeader("admins", "password"))
assert.Empty(t, user)
assert.False(t, found)
user, found = pairs.searchCredential(authorizationHeader("foo", "bar "))
assert.Empty(t, user)
assert.False(t, found)
2015-04-09 10:15:02 +00:00
user, found = pairs.searchCredential("")
assert.Empty(t, user)
assert.False(t, found)
2014-08-12 09:32:06 +00:00
}
func TestBasicAuthAuthorizationHeader(t *testing.T) {
assert.Equal(t, "Basic YWRtaW46cGFzc3dvcmQ=", authorizationHeader("admin", "password"))
}
func TestBasicAuthSecureCompare(t *testing.T) {
assert.True(t, secureCompare("1234567890", "1234567890"))
assert.False(t, secureCompare("123456789", "1234567890"))
assert.False(t, secureCompare("12345678900", "1234567890"))
assert.False(t, secureCompare("1234567891", "1234567890"))
}
func TestBasicAuthSucceed(t *testing.T) {
accounts := Accounts{"admin": "password"}
router := New()
router.Use(BasicAuth(accounts))
router.GET("/login", func(c *Context) {
c.String(http.StatusOK, c.MustGet(AuthUserKey).(string))
})
2014-08-12 09:32:06 +00:00
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/login", nil)
req.Header.Set("Authorization", authorizationHeader("admin", "password"))
router.ServeHTTP(w, req)
2014-08-12 09:32:06 +00:00
assert.Equal(t, http.StatusOK, w.Code)
assert.Equal(t, "admin", w.Body.String())
}
2014-08-12 09:32:06 +00:00
func TestBasicAuth401(t *testing.T) {
called := false
accounts := Accounts{"foo": "bar"}
router := New()
router.Use(BasicAuth(accounts))
router.GET("/login", func(c *Context) {
called = true
c.String(http.StatusOK, c.MustGet(AuthUserKey).(string))
2014-08-12 09:32:06 +00:00
})
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/login", nil)
2014-08-12 09:32:06 +00:00
req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
router.ServeHTTP(w, req)
2014-08-12 09:32:06 +00:00
assert.False(t, called)
assert.Equal(t, http.StatusUnauthorized, w.Code)
assert.Equal(t, "Basic realm=\"Authorization Required\"", w.HeaderMap.Get("WWW-Authenticate"))
2014-08-12 09:32:06 +00:00
}
2015-03-04 22:38:17 +00:00
func TestBasicAuth401WithCustomRealm(t *testing.T) {
called := false
2015-03-04 22:38:17 +00:00
accounts := Accounts{"foo": "bar"}
router := New()
router.Use(BasicAuthForRealm(accounts, "My Custom \"Realm\""))
router.GET("/login", func(c *Context) {
called = true
c.String(http.StatusOK, c.MustGet(AuthUserKey).(string))
2015-03-04 22:38:17 +00:00
})
w := httptest.NewRecorder()
req, _ := http.NewRequest("GET", "/login", nil)
2015-03-04 22:38:17 +00:00
req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
router.ServeHTTP(w, req)
2015-03-04 22:38:17 +00:00
assert.False(t, called)
assert.Equal(t, http.StatusUnauthorized, w.Code)
assert.Equal(t, "Basic realm=\"My Custom \\\"Realm\\\"\"", w.HeaderMap.Get("WWW-Authenticate"))
2015-03-04 22:38:17 +00:00
}