File: util_test.go

package info (click to toggle)
golang-github-coreos-go-oidc 0.0~git20160926.0.16c5ecc-1
  • links: PTS, VCS
  • area: main
  • in suites: stretch
  • size: 436 kB
  • sloc: sh: 40; makefile: 5
file content (110 lines) | stat: -rw-r--r-- 2,981 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
package oidc

import (
	"fmt"
	"net/http"
	"reflect"
	"testing"
	"time"

	"github.com/coreos/go-oidc/jose"
)

func TestCookieTokenExtractorInvalid(t *testing.T) {
	ckName := "tokenCookie"
	tests := []*http.Cookie{
		&http.Cookie{},
		&http.Cookie{Name: ckName},
		&http.Cookie{Name: ckName, Value: ""},
	}

	for i, tt := range tests {
		r, _ := http.NewRequest("", "", nil)
		r.AddCookie(tt)
		_, err := CookieTokenExtractor(ckName)(r)
		if err == nil {
			t.Errorf("case %d: want: error for invalid cookie token, got: no error.", i)
		}
	}
}

func TestCookieTokenExtractorValid(t *testing.T) {
	validToken := "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"
	ckName := "tokenCookie"
	tests := []*http.Cookie{
		&http.Cookie{Name: ckName, Value: "some non-empty value"},
		&http.Cookie{Name: ckName, Value: validToken},
	}

	for i, tt := range tests {
		r, _ := http.NewRequest("", "", nil)
		r.AddCookie(tt)
		_, err := CookieTokenExtractor(ckName)(r)
		if err != nil {
			t.Errorf("case %d: want: valid cookie with no error, got: %v", i, err)
		}
	}
}

func TestExtractBearerTokenInvalid(t *testing.T) {
	tests := []string{"", "x", "Bearer", "xxxxxxx", "Bearer "}

	for i, tt := range tests {
		r, _ := http.NewRequest("", "", nil)
		r.Header.Add("Authorization", tt)
		_, err := ExtractBearerToken(r)
		if err == nil {
			t.Errorf("case %d: want: invalid Authorization header, got: valid Authorization header.", i)
		}
	}
}

func TestExtractBearerTokenValid(t *testing.T) {
	validToken := "eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"
	tests := []string{
		fmt.Sprintf("Bearer %s", validToken),
	}

	for i, tt := range tests {
		r, _ := http.NewRequest("", "", nil)
		r.Header.Add("Authorization", tt)
		_, err := ExtractBearerToken(r)
		if err != nil {
			t.Errorf("case %d: want: valid Authorization header, got: invalid Authorization header: %v.", i, err)
		}
	}
}

func TestNewClaims(t *testing.T) {
	issAt := time.Date(2, time.January, 1, 0, 0, 0, 0, time.UTC)
	expAt := time.Date(2, time.January, 1, 1, 0, 0, 0, time.UTC)

	want := jose.Claims{
		"iss": "https://example.com",
		"sub": "user-123",
		"aud": "client-abc",
		"iat": issAt.Unix(),
		"exp": expAt.Unix(),
	}

	got := NewClaims("https://example.com", "user-123", "client-abc", issAt, expAt)

	if !reflect.DeepEqual(want, got) {
		t.Fatalf("want=%#v got=%#v", want, got)
	}

	want2 := jose.Claims{
		"iss": "https://example.com",
		"sub": "user-123",
		"aud": []string{"client-abc", "client-def"},
		"iat": issAt.Unix(),
		"exp": expAt.Unix(),
	}

	got2 := NewClaims("https://example.com", "user-123", []string{"client-abc", "client-def"}, issAt, expAt)

	if !reflect.DeepEqual(want2, got2) {
		t.Fatalf("want=%#v got=%#v", want2, got2)
	}

}