|
@ -0,0 +1,50 @@ |
|
|
|
|
|
package auth |
|
|
|
|
|
|
|
|
|
|
|
import ( |
|
|
|
|
|
"net/http" |
|
|
|
|
|
"net/http/httptest" |
|
|
|
|
|
"testing" |
|
|
|
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/assert" |
|
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
|
|
func TestAuthorizationMiddleware(t *testing.T) { |
|
|
|
|
|
t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { |
|
|
|
|
|
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
|
|
|
|
|
w.WriteHeader(http.StatusOK) |
|
|
|
|
|
}) |
|
|
|
|
|
|
|
|
|
|
|
middleware := AuthenticationMiddleware{ |
|
|
|
|
|
Secret: "foo", |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
middlewareHandler := middleware.Middleware(handler) |
|
|
|
|
|
|
|
|
|
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
|
|
|
responseRecorder := httptest.NewRecorder() |
|
|
|
|
|
|
|
|
|
|
|
middlewareHandler.ServeHTTP(responseRecorder, request) |
|
|
|
|
|
|
|
|
|
|
|
assert.Equal(t, responseRecorder.Code, 403) |
|
|
|
|
|
}) |
|
|
|
|
|
|
|
|
|
|
|
t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) { |
|
|
|
|
|
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
|
|
|
|
|
w.WriteHeader(http.StatusOK) |
|
|
|
|
|
}) |
|
|
|
|
|
|
|
|
|
|
|
middleware := AuthenticationMiddleware{ |
|
|
|
|
|
Secret: "foo", |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
middlewareHandler := middleware.Middleware(handler) |
|
|
|
|
|
|
|
|
|
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
|
|
|
request.Header.Set("Authorization", "foo") |
|
|
|
|
|
responseRecorder := httptest.NewRecorder() |
|
|
|
|
|
|
|
|
|
|
|
middlewareHandler.ServeHTTP(responseRecorder, request) |
|
|
|
|
|
|
|
|
|
|
|
assert.Equal(t, responseRecorder.Code, 200) |
|
|
|
|
|
}) |
|
|
|
|
|
} |