gin/auth_test.go

// Copyright 2014 Manu Martinez-Almeida.  All rights reserved.
// Use of this source code is governed by a MIT style
// license that can be found in the LICENSE file.

package gin

import (
	"encoding/base64"
	"net/http"
	"net/http/httptest"
	"testing"
)

func TestBasicAuthSucceed(t *testing.T) {
	req, _ := http.NewRequest("GET", "/login", nil)
	w := httptest.NewRecorder()

	r := New()
	accounts := Accounts{"admin": "password"}
	r.Use(BasicAuth(accounts))

	r.GET("/login", func(c *Context) {
		c.String(200, "autorized")
	})

	req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
	r.ServeHTTP(w, req)

	if w.Code != 200 {
		t.Errorf("Response code should be Ok, was: %d", w.Code)
	}
	bodyAsString := w.Body.String()

	if bodyAsString != "autorized" {
		t.Errorf("Response body should be `autorized`, was  %s", bodyAsString)
	}
}

func TestBasicAuth401(t *testing.T) {
	req, _ := http.NewRequest("GET", "/login", nil)
	w := httptest.NewRecorder()

	r := New()
	accounts := Accounts{"foo": "bar"}
	r.Use(BasicAuth(accounts))

	r.GET("/login", func(c *Context) {
		c.String(200, "autorized")
	})

	req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
	r.ServeHTTP(w, req)

	if w.Code != 401 {
		t.Errorf("Response code should be Not autorized, was: %d", w.Code)
	}

	if w.HeaderMap.Get("WWW-Authenticate") != "Basic realm=\"Authorization Required\"" {
		t.Errorf("WWW-Authenticate header is incorrect: %s", w.HeaderMap.Get("Content-Type"))
	}
}

func TestBasicAuth401WithCustomRealm(t *testing.T) {
	req, _ := http.NewRequest("GET", "/login", nil)
	w := httptest.NewRecorder()

	r := New()
	accounts := Accounts{"foo": "bar"}
	r.Use(BasicAuthForRealm(accounts, "My Custom Realm"))

	r.GET("/login", func(c *Context) {
		c.String(200, "autorized")
	})

	req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))
	r.ServeHTTP(w, req)

	if w.Code != 401 {
		t.Errorf("Response code should be Not autorized, was: %d", w.Code)
	}

	if w.HeaderMap.Get("WWW-Authenticate") != "Basic realm=\"My Custom Realm\"" {
		t.Errorf("WWW-Authenticate header is incorrect: %s", w.HeaderMap.Get("Content-Type"))
	}
}
Adds in-code license 2014-08-29 17:49:50 +00:00			`// Copyright 2014 Manu Martinez-Almeida. All rights reserved.`
			`// Use of this source code is governed by a MIT style`
			`// license that can be found in the LICENSE file.`

Added tests for basic auth. 2014-08-12 09:32:06 +00:00			`package gin`

			`import (`
			`"encoding/base64"`
			`"net/http"`
			`"net/http/httptest"`
			`"testing"`
			`)`

			`func TestBasicAuthSucceed(t *testing.T) {`
			`req, _ := http.NewRequest("GET", "/login", nil)`
			`w := httptest.NewRecorder()`

Improves unit tests - Reusing much more code - More coverage - Cleanup - Fixes some cases 2014-08-18 17:48:48 +00:00			`r := New()`
Added tests for basic auth. 2014-08-12 09:32:06 +00:00			`accounts := Accounts{"admin": "password"}`
			`r.Use(BasicAuth(accounts))`

			`r.GET("/login", func(c *Context) {`
			`c.String(200, "autorized")`
			`})`

			`req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))`
			`r.ServeHTTP(w, req)`

			`if w.Code != 200 {`
Refactores BasicAuth 2015-03-23 03:38:32 +00:00			`t.Errorf("Response code should be Ok, was: %d", w.Code)`
Added tests for basic auth. 2014-08-12 09:32:06 +00:00			`}`
			`bodyAsString := w.Body.String()`

			`if bodyAsString != "autorized" {`
			t.Errorf("Response body should be `autorized`, was %s", bodyAsString)
			`}`
			`}`

			`func TestBasicAuth401(t *testing.T) {`
			`req, _ := http.NewRequest("GET", "/login", nil)`
			`w := httptest.NewRecorder()`

Improves unit tests - Reusing much more code - More coverage - Cleanup - Fixes some cases 2014-08-18 17:48:48 +00:00			`r := New()`
Added tests for basic auth. 2014-08-12 09:32:06 +00:00			`accounts := Accounts{"foo": "bar"}`
			`r.Use(BasicAuth(accounts))`

			`r.GET("/login", func(c *Context) {`
			`c.String(200, "autorized")`
			`})`

			`req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))`
			`r.ServeHTTP(w, req)`

			`if w.Code != 401 {`
Refactores BasicAuth 2015-03-23 03:38:32 +00:00			`t.Errorf("Response code should be Not autorized, was: %d", w.Code)`
Added tests for basic auth. 2014-08-12 09:32:06 +00:00			`}`

			`if w.HeaderMap.Get("WWW-Authenticate") != "Basic realm=\"Authorization Required\"" {`
			`t.Errorf("WWW-Authenticate header is incorrect: %s", w.HeaderMap.Get("Content-Type"))`
			`}`
			`}`
Added test for custom realm 2015-03-04 22:38:17 +00:00
			`func TestBasicAuth401WithCustomRealm(t *testing.T) {`
			`req, _ := http.NewRequest("GET", "/login", nil)`
			`w := httptest.NewRecorder()`

			`r := New()`
			`accounts := Accounts{"foo": "bar"}`
			`r.Use(BasicAuthForRealm(accounts, "My Custom Realm"))`

			`r.GET("/login", func(c *Context) {`
			`c.String(200, "autorized")`
			`})`

			`req.Header.Set("Authorization", "Basic "+base64.StdEncoding.EncodeToString([]byte("admin:password")))`
			`r.ServeHTTP(w, req)`

			`if w.Code != 401 {`
Cosmetic changes 2015-03-23 05:03:12 +00:00			`t.Errorf("Response code should be Not autorized, was: %d", w.Code)`
Added test for custom realm 2015-03-04 22:38:17 +00:00			`}`

			`if w.HeaderMap.Get("WWW-Authenticate") != "Basic realm=\"My Custom Realm\"" {`
			`t.Errorf("WWW-Authenticate header is incorrect: %s", w.HeaderMap.Get("Content-Type"))`
			`}`
			`}`