125 lines
2.5 KiB
Go
125 lines
2.5 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"testing"
|
|
"time"
|
|
|
|
"cdr.dev/slog"
|
|
"forge.cadoles.com/arcad/edge/pkg/app"
|
|
edgeHTTP "forge.cadoles.com/arcad/edge/pkg/http"
|
|
"forge.cadoles.com/arcad/edge/pkg/module"
|
|
"github.com/golang-jwt/jwt"
|
|
"github.com/pkg/errors"
|
|
"gitlab.com/wpetit/goweb/logger"
|
|
)
|
|
|
|
func TestAuthModule(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
logger.SetLevel(slog.LevelDebug)
|
|
|
|
keyFunc, secret := getKeyFunc()
|
|
|
|
server := app.NewServer(
|
|
module.ConsoleModuleFactory(),
|
|
ModuleFactory(
|
|
WithJWT(keyFunc),
|
|
),
|
|
)
|
|
|
|
data, err := ioutil.ReadFile("testdata/auth.js")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if err := server.Load("testdata/auth.js", string(data)); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if err := server.Start(); err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
|
|
defer server.Stop()
|
|
|
|
req, err := http.NewRequest("GET", "/foo", nil)
|
|
if err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, jwt.MapClaims{
|
|
"sub": "jdoe",
|
|
"nbf": time.Now().UTC().Unix(),
|
|
})
|
|
|
|
rawToken, err := token.SignedString(secret)
|
|
if err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
|
|
req.Header.Add("Authorization", "Bearer "+rawToken)
|
|
|
|
ctx := context.WithValue(context.Background(), edgeHTTP.ContextKeyOriginRequest, req)
|
|
|
|
if _, err := server.ExecFuncByName("testAuth", ctx); err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
}
|
|
|
|
func TestAuthAnonymousModule(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
logger.SetLevel(slog.LevelDebug)
|
|
|
|
keyFunc, _ := getKeyFunc()
|
|
|
|
server := app.NewServer(
|
|
module.ConsoleModuleFactory(),
|
|
ModuleFactory(WithJWT(keyFunc)),
|
|
)
|
|
|
|
data, err := ioutil.ReadFile("testdata/auth_anonymous.js")
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if err := server.Load("testdata/auth_anonymous.js", string(data)); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
if err := server.Start(); err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
|
|
defer server.Stop()
|
|
|
|
req, err := http.NewRequest("GET", "/foo", nil)
|
|
if err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
|
|
ctx := context.WithValue(context.Background(), edgeHTTP.ContextKeyOriginRequest, req)
|
|
|
|
if _, err := server.ExecFuncByName("testAuth", ctx); err != nil {
|
|
t.Fatalf("%+v", errors.WithStack(err))
|
|
}
|
|
}
|
|
|
|
func getKeyFunc() (jwt.Keyfunc, []byte) {
|
|
secret := []byte("not_so_secret")
|
|
|
|
keyFunc := func(t *jwt.Token) (interface{}, error) {
|
|
if _, ok := t.Method.(*jwt.SigningMethodHMAC); !ok {
|
|
return nil, fmt.Errorf("Unexpected signing method: %v", t.Header["alg"])
|
|
}
|
|
|
|
return secret, nil
|
|
}
|
|
|
|
return keyFunc, secret
|
|
}
|