Browse Source

Add additional test for AuthenticationMiddleware that checks for Bearer prefix

feature/update-route-registration
Fabian Vowie 3 years ago
parent
commit
7ee80d4c35
No known key found for this signature in database GPG Key ID: C27317C33B27C410
  1. 16
      auth/authorization_test.go

16
auth/authorization_test.go

@ -9,7 +9,7 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
func TestAuthorizationMiddleware(t *testing.T) {
func TestAuthenticationMiddleware(t *testing.T) {
token := faker.Word() token := faker.Word()
middleware := CreateAuthenticationMiddleware(token) middleware := CreateAuthenticationMiddleware(token)
@ -19,7 +19,7 @@ func TestAuthorizationMiddleware(t *testing.T) {
middlewareHandler := middleware.Middleware(handler) middlewareHandler := middleware.Middleware(handler)
t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
t.Run("AuthenticationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
request, _ := http.NewRequest("GET", "/", nil) request, _ := http.NewRequest("GET", "/", nil)
responseRecorder := httptest.NewRecorder() responseRecorder := httptest.NewRecorder()
@ -28,7 +28,17 @@ func TestAuthorizationMiddleware(t *testing.T) {
assert.Equal(t, 403, responseRecorder.Code) assert.Equal(t, 403, responseRecorder.Code)
}) })
t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) {
t.Run("AuthenticationMiddleware returns 403 response when authorization header is missing Bearer prefix", func(t *testing.T) {
request, _ := http.NewRequest("GET", "/", nil)
request.Header.Set("Authorization", token)
responseRecorder := httptest.NewRecorder()
middlewareHandler.ServeHTTP(responseRecorder, request)
assert.Equal(t, 403, responseRecorder.Code)
})
t.Run("AuthenticationMiddleware continues when authorization header is correct", func(t *testing.T) {
request, _ := http.NewRequest("GET", "/", nil) request, _ := http.NewRequest("GET", "/", nil)
request.Header.Set("Authorization", "Bearer "+token) request.Header.Set("Authorization", "Bearer "+token)
responseRecorder := httptest.NewRecorder() responseRecorder := httptest.NewRecorder()

Loading…
Cancel
Save