cubefs

auth_test.go
93 строки · 2.7 Кб
Перенос по словам
1
// Copyright 2022 The CubeFS Authors.
2
//
3
// Licensed under the Apache License, Version 2.0 (the "License");
4
// you may not use this file except in compliance with the License.
5
// You may obtain a copy of the License at
6
//
7
//     http://www.apache.org/licenses/LICENSE-2.0
8
//
9
// Unless required by applicable law or agreed to in writing, software
10
// distributed under the License is distributed on an "AS IS" BASIS,
11
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
12
// implied. See the License for the specific language governing
13
// permissions and limitations under the License.
14

15
package auth
16

17
import (
18
	"encoding/json"
19
	"net/http"
20
	"net/http/httptest"
21
	"strconv"
22
	"testing"
23

24
	"github.com/stretchr/testify/require"
25
)
26

27
var testServer *httptest.Server
28

29
var (
30
	testSecret = "testSecret"
31
	testName   = "test"
32
)
33

34
type ret struct {
35
	Name string `json:"name"`
36
}
37

38
func init() {
39
	authHandler := NewAuthHandler(&Config{EnableAuth: true, Secret: testSecret})
40
	http.HandleFunc("/get/name", func(w http.ResponseWriter, r *http.Request) {
41
		authHandler.Handler(w, r, func(w http.ResponseWriter, r *http.Request) {
42
			data, _ := json.Marshal(&ret{Name: testName})
43
			w.Write(data)
44
		})
45
	})
46
	testServer = httptest.NewServer(http.DefaultServeMux)
47
}
48

49
func TestAuth(t *testing.T) {
50
	// invalid secret
51
	tc := NewAuthTransport(&http.Transport{}, &Config{EnableAuth: true, Secret: "wrongSecret"})
52
	client := http.Client{
53
		Transport: tc,
54
	}
55
	req, err := http.NewRequest("POST", testServer.URL+"/get/name?id="+strconv.Itoa(101), nil)
56
	require.NoError(t, err)
57
	response, err := client.Do(req)
58
	require.NoError(t, err)
59
	defer response.Body.Close()
60
	require.Equal(t, http.StatusForbidden, response.StatusCode)
61

62
	// valid secret
63
	tc = NewAuthTransport(&http.Transport{}, &Config{EnableAuth: true, Secret: testSecret})
64
	client = http.Client{
65
		Transport: tc,
66
	}
67
	result := &ret{}
68
	req, err = http.NewRequest("POST", testServer.URL+"/get/name?id="+strconv.Itoa(101), nil)
69
	require.NoError(t, err)
70
	response, err = client.Do(req)
71
	require.NoError(t, err)
72
	defer response.Body.Close()
73
	require.Equal(t, http.StatusOK, response.StatusCode)
74
	err = json.NewDecoder(response.Body).Decode(result)
75
	require.NoError(t, err)
76
	require.Equal(t, testName, result.Name)
77

78
	// test empty token
79
	c := http.Client{}
80
	req, err = http.NewRequest("POST", testServer.URL+"/get/name?id="+strconv.Itoa(101), nil)
81
	require.NoError(t, err)
82
	response, err = c.Do(req)
83
	require.NoError(t, err)
84
	require.Equal(t, http.StatusForbidden, response.StatusCode)
85
	response.Body.Close()
86

87
	// test token failed
88
	req.Header.Set(TokenHeaderKey, "#$@%DF#$@#$")
89
	response, err = c.Do(req)
90
	require.NoError(t, err)
91
	require.Equal(t, http.StatusForbidden, response.StatusCode)
92
	response.Body.Close()
93
}
94
cubefs

Использование cookies
