Add additional test for AuthenticationMiddleware that checks for Bearer prefix

2 years ago · 76d15be087
1 changed files with 13 additions and 3 deletions
--- a/auth/authorization_test.go
+++ b/auth/authorization_test.go
@ -9,7 +9,7 @@ import (
 	"github.com/stretchr/testify/assert"
 )

-func TestAuthorizationMiddleware(t *testing.T) {
+func TestAuthenticationMiddleware(t *testing.T) {
 	token := faker.Word()
 	middleware := CreateAuthenticationMiddleware(token)

@ -19,7 +19,7 @@ func TestAuthorizationMiddleware(t *testing.T) {

 	middlewareHandler := middleware.Middleware(handler)

-	t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
+	t.Run("AuthenticationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
 		request, _ := http.NewRequest("GET", "/", nil)
 		responseRecorder := httptest.NewRecorder()

@ -28,7 +28,17 @@ func TestAuthorizationMiddleware(t *testing.T) {
 		assert.Equal(t, 403, responseRecorder.Code)
 	})

-	t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) {
+	t.Run("AuthenticationMiddleware returns 403 response when authorization header is missing Bearer prefix", func(t *testing.T) {
+		request, _ := http.NewRequest("GET", "/", nil)
+		request.Header.Set("Authorization", token)
+		responseRecorder := httptest.NewRecorder()
+
+		middlewareHandler.ServeHTTP(responseRecorder, request)
+
+		assert.Equal(t, 403, responseRecorder.Code)
+	})
+
+	t.Run("AuthenticationMiddleware continues when authorization header is correct", func(t *testing.T) {
 		request, _ := http.NewRequest("GET", "/", nil)
 		request.Header.Set("Authorization", "Bearer "+token)
 		responseRecorder := httptest.NewRecorder()