114 lines
2.6 KiB
Go
114 lines
2.6 KiB
Go
|
package fuphttp_test
|
||
|
|
||
|
import (
|
||
|
"context"
|
||
|
"io"
|
||
|
"net/http"
|
||
|
"net/http/httptest"
|
||
|
"testing"
|
||
|
|
||
|
"hg.lukegb.com/lukegb/depot/web/fup/fuphttp"
|
||
|
)
|
||
|
|
||
|
func TestTokenAuthMiddleware(t *testing.T) {
|
||
|
ctx, cancel := context.WithCancel(context.Background())
|
||
|
t.Cleanup(cancel)
|
||
|
|
||
|
ccfg := *cfg
|
||
|
ccfg.AuthMiddleware = fuphttp.TokenAuthMiddleware("token", "realm")
|
||
|
|
||
|
a, err := fuphttp.New(ctx, &ccfg)
|
||
|
if err != nil {
|
||
|
t.Fatalf("fuphttp.New: %v", err)
|
||
|
}
|
||
|
s := httptest.NewServer(a.Handler())
|
||
|
t.Cleanup(s.Close)
|
||
|
|
||
|
tcs := []struct {
|
||
|
name string
|
||
|
path string
|
||
|
username, password string
|
||
|
wantStatus int
|
||
|
wantText string
|
||
|
}{{
|
||
|
name: "root, no creds",
|
||
|
path: "/",
|
||
|
wantStatus: http.StatusUnauthorized,
|
||
|
wantText: "unparsable or no credentials\n",
|
||
|
}, {
|
||
|
name: "root, with bad creds",
|
||
|
path: "/",
|
||
|
password: "wrong password",
|
||
|
wantStatus: http.StatusUnauthorized,
|
||
|
wantText: "bad credentials\n",
|
||
|
}, {
|
||
|
name: "root, with good creds",
|
||
|
path: "/",
|
||
|
password: "token",
|
||
|
wantStatus: http.StatusOK,
|
||
|
}, {
|
||
|
name: "raw",
|
||
|
path: "/raw/foo.txt",
|
||
|
wantStatus: http.StatusNotFound,
|
||
|
}, {
|
||
|
name: "raw, with bad creds",
|
||
|
path: "/raw/foo.txt",
|
||
|
password: "wrong password",
|
||
|
wantStatus: http.StatusNotFound,
|
||
|
}, {
|
||
|
name: "raw, with good creds",
|
||
|
path: "/raw/foo.txt",
|
||
|
password: "token",
|
||
|
wantStatus: http.StatusNotFound,
|
||
|
}, {
|
||
|
name: "pretty",
|
||
|
path: "/foo.txt",
|
||
|
wantStatus: http.StatusNotFound,
|
||
|
}, {
|
||
|
name: "pretty, with bad creds",
|
||
|
path: "/foo.txt",
|
||
|
password: "wrong password",
|
||
|
wantStatus: http.StatusNotFound,
|
||
|
}, {
|
||
|
name: "pretty, with good creds",
|
||
|
path: "/foo.txt",
|
||
|
password: "token",
|
||
|
wantStatus: http.StatusNotFound,
|
||
|
}}
|
||
|
|
||
|
for _, tc := range tcs {
|
||
|
t.Run(tc.name, func(t *testing.T) {
|
||
|
ctx, cancel := context.WithCancel(ctx)
|
||
|
t.Cleanup(cancel)
|
||
|
|
||
|
req, err := http.NewRequestWithContext(ctx, "GET", s.URL+tc.path, nil)
|
||
|
if err != nil {
|
||
|
t.Fatalf("NewRequestWithContext: %v", err)
|
||
|
}
|
||
|
|
||
|
if tc.password != "" {
|
||
|
req.SetBasicAuth("", tc.password)
|
||
|
}
|
||
|
|
||
|
resp, err := s.Client().Do(req)
|
||
|
if err != nil {
|
||
|
t.Fatalf("Do(%q): %v", s.URL+tc.path, err)
|
||
|
}
|
||
|
defer resp.Body.Close()
|
||
|
|
||
|
if resp.StatusCode != tc.wantStatus {
|
||
|
t.Errorf("StatusCode = %v; want %v", resp.StatusCode, tc.wantStatus)
|
||
|
}
|
||
|
|
||
|
body, err := io.ReadAll(resp.Body)
|
||
|
if err != nil {
|
||
|
t.Fatalf("ReadAll(Body): %v", err)
|
||
|
}
|
||
|
|
||
|
if tc.wantText != "" && string(body) != tc.wantText {
|
||
|
t.Errorf("response body = %q; want %q", string(body), tc.wantText)
|
||
|
}
|
||
|
})
|
||
|
}
|
||
|
}
|