|
@ -9,7 +9,7 @@ import ( |
|
|
"github.com/stretchr/testify/assert" |
|
|
"github.com/stretchr/testify/assert" |
|
|
) |
|
|
) |
|
|
|
|
|
|
|
|
func TestAuthorizationMiddleware(t *testing.T) { |
|
|
|
|
|
|
|
|
func TestAuthenticationMiddleware(t *testing.T) { |
|
|
token := faker.Word() |
|
|
token := faker.Word() |
|
|
middleware := CreateAuthenticationMiddleware(token) |
|
|
middleware := CreateAuthenticationMiddleware(token) |
|
|
|
|
|
|
|
@ -19,7 +19,7 @@ func TestAuthorizationMiddleware(t *testing.T) { |
|
|
|
|
|
|
|
|
middlewareHandler := middleware.Middleware(handler) |
|
|
middlewareHandler := middleware.Middleware(handler) |
|
|
|
|
|
|
|
|
t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { |
|
|
|
|
|
|
|
|
t.Run("AuthenticationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { |
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
responseRecorder := httptest.NewRecorder() |
|
|
responseRecorder := httptest.NewRecorder() |
|
|
|
|
|
|
|
@ -28,7 +28,17 @@ func TestAuthorizationMiddleware(t *testing.T) { |
|
|
assert.Equal(t, 403, responseRecorder.Code) |
|
|
assert.Equal(t, 403, responseRecorder.Code) |
|
|
}) |
|
|
}) |
|
|
|
|
|
|
|
|
t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) { |
|
|
|
|
|
|
|
|
t.Run("AuthenticationMiddleware returns 403 response when authorization header is missing Bearer prefix", func(t *testing.T) { |
|
|
|
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
|
|
|
request.Header.Set("Authorization", token) |
|
|
|
|
|
responseRecorder := httptest.NewRecorder() |
|
|
|
|
|
|
|
|
|
|
|
middlewareHandler.ServeHTTP(responseRecorder, request) |
|
|
|
|
|
|
|
|
|
|
|
assert.Equal(t, 403, responseRecorder.Code) |
|
|
|
|
|
}) |
|
|
|
|
|
|
|
|
|
|
|
t.Run("AuthenticationMiddleware continues when authorization header is correct", func(t *testing.T) { |
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
request.Header.Set("Authorization", "Bearer "+token) |
|
|
request.Header.Set("Authorization", "Bearer "+token) |
|
|
responseRecorder := httptest.NewRecorder() |
|
|
responseRecorder := httptest.NewRecorder() |
|
|