-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhttp_auth_test.go
130 lines (94 loc) · 3.39 KB
/
http_auth_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
package service
import (
"encoding/base64"
"net/http"
"testing"
"github.com/stretchr/testify/require"
"go.n16f.net/boulevard/pkg/httputils"
)
func TestHTTPBasicAuth(t *testing.T) {
require := require.New(t)
c := testHTTPClient(t)
var uriPath string
var res *http.Response
sendRequest := func(uriPath string, headerFields ...string) *http.Response {
header := httputils.Header(headerFields...)
return c.SendRequest("GET", uriPath, header, nil, nil)
}
auth := func(username, password string) string {
credentials := []byte(username + ":" + password)
return "Basic " + base64.StdEncoding.EncodeToString(credentials)
}
uriPath = "/auth/basic/credentials"
// No authorization field
res = sendRequest(uriPath)
require.Equal(401, res.StatusCode)
// Empty authorization field
res = sendRequest(uriPath, "Authorization", "")
require.Equal(401, res.StatusCode)
// Invalid authorization format
res = sendRequest(uriPath, "Authorization", "foobar")
require.Equal(401, res.StatusCode)
// Invalid authorization scheme
res = sendRequest(uriPath, "Authorization", "Bearer bar")
require.Equal(401, res.StatusCode)
// Invalid credentials format
res = sendRequest(uriPath, "Authorization", "Basic foo")
require.Equal(403, res.StatusCode)
// Invalid credentials
res = sendRequest(uriPath, "Authorization", auth("eve", "foo"))
require.Equal(403, res.StatusCode)
res = sendRequest(uriPath, "Authorization", auth("bob", "hello"))
require.Equal(403, res.StatusCode)
// Valid credentials
res = sendRequest(uriPath, "Authorization", auth("bob", "foo"))
require.Equal(200, res.StatusCode)
res = sendRequest(uriPath, "Authorization", auth("alice", "bar"))
require.Equal(200, res.StatusCode)
// Credential files
uriPath = "/auth/basic/credential-file"
res = sendRequest(uriPath, "Authorization", auth("eve", "foo"))
require.Equal(403, res.StatusCode)
res = sendRequest(uriPath, "Authorization", auth("bob", "foo"))
require.Equal(200, res.StatusCode)
}
func TestHTTPBearerAuth(t *testing.T) {
require := require.New(t)
c := testHTTPClient(t)
var uriPath string
var res *http.Response
sendRequest := func(uriPath string, headerFields ...string) *http.Response {
header := httputils.Header(headerFields...)
return c.SendRequest("GET", uriPath, header, nil, nil)
}
auth := func(token string) string {
return "Bearer " + token
}
uriPath = "/auth/bearer/tokens"
// No authorization field
res = sendRequest(uriPath)
require.Equal(401, res.StatusCode)
// Empty authorization field
res = sendRequest(uriPath, "Authorization", "")
require.Equal(401, res.StatusCode)
// Invalid authorization format
res = sendRequest(uriPath, "Authorization", "foobar")
require.Equal(401, res.StatusCode)
// Invalid authorization scheme
res = sendRequest(uriPath, "Authorization", "Basic bar")
require.Equal(401, res.StatusCode)
// Invalid credentials
res = sendRequest(uriPath, "Authorization", auth("hello"))
require.Equal(403, res.StatusCode)
// Valid credentials
res = sendRequest(uriPath, "Authorization", auth("foo"))
require.Equal(200, res.StatusCode)
res = sendRequest(uriPath, "Authorization", auth("bar"))
require.Equal(200, res.StatusCode)
// Credential files
uriPath = "/auth/bearer/token-file"
res = sendRequest(uriPath, "Authorization", auth("hello"))
require.Equal(403, res.StatusCode)
res = sendRequest(uriPath, "Authorization", auth("foo"))
require.Equal(200, res.StatusCode)
}