From 7ee80d4c35169636b720485252bef789617e325f Mon Sep 17 00:00:00 2001 From: Fabian Vowie Date: Fri, 21 Jan 2022 18:44:32 +0100 Subject: [PATCH] Add additional test for AuthenticationMiddleware that checks for Bearer prefix --- auth/authorization_test.go | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/auth/authorization_test.go b/auth/authorization_test.go index 139f416..36075ea 100644 --- a/auth/authorization_test.go +++ b/auth/authorization_test.go @@ -9,7 +9,7 @@ import ( "github.com/stretchr/testify/assert" ) -func TestAuthorizationMiddleware(t *testing.T) { +func TestAuthenticationMiddleware(t *testing.T) { token := faker.Word() middleware := CreateAuthenticationMiddleware(token) @@ -19,7 +19,7 @@ func TestAuthorizationMiddleware(t *testing.T) { middlewareHandler := middleware.Middleware(handler) - t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { + t.Run("AuthenticationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { request, _ := http.NewRequest("GET", "/", nil) responseRecorder := httptest.NewRecorder() @@ -28,7 +28,17 @@ func TestAuthorizationMiddleware(t *testing.T) { assert.Equal(t, 403, responseRecorder.Code) }) - t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) { + t.Run("AuthenticationMiddleware returns 403 response when authorization header is missing Bearer prefix", func(t *testing.T) { + request, _ := http.NewRequest("GET", "/", nil) + request.Header.Set("Authorization", token) + responseRecorder := httptest.NewRecorder() + + middlewareHandler.ServeHTTP(responseRecorder, request) + + assert.Equal(t, 403, responseRecorder.Code) + }) + + t.Run("AuthenticationMiddleware continues when authorization header is correct", func(t *testing.T) { request, _ := http.NewRequest("GET", "/", nil) request.Header.Set("Authorization", "Bearer "+token) responseRecorder := httptest.NewRecorder()