|
|
|
@ -5,17 +5,20 @@ import ( |
|
|
|
"net/http/httptest" |
|
|
|
"testing" |
|
|
|
|
|
|
|
"github.com/bxcodec/faker/v3" |
|
|
|
"github.com/stretchr/testify/assert" |
|
|
|
) |
|
|
|
|
|
|
|
func TestAuthorizationMiddleware(t *testing.T) { |
|
|
|
token := faker.Word() |
|
|
|
|
|
|
|
t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { |
|
|
|
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
|
|
|
w.WriteHeader(http.StatusOK) |
|
|
|
}) |
|
|
|
|
|
|
|
middleware := AuthenticationMiddleware{ |
|
|
|
Secret: "foo", |
|
|
|
Secret: token, |
|
|
|
} |
|
|
|
|
|
|
|
middlewareHandler := middleware.Middleware(handler) |
|
|
|
@ -25,7 +28,7 @@ func TestAuthorizationMiddleware(t *testing.T) { |
|
|
|
|
|
|
|
middlewareHandler.ServeHTTP(responseRecorder, request) |
|
|
|
|
|
|
|
assert.Equal(t, responseRecorder.Code, 403) |
|
|
|
assert.Equal(t, 403, responseRecorder.Code) |
|
|
|
}) |
|
|
|
|
|
|
|
t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) { |
|
|
|
@ -34,17 +37,17 @@ func TestAuthorizationMiddleware(t *testing.T) { |
|
|
|
}) |
|
|
|
|
|
|
|
middleware := AuthenticationMiddleware{ |
|
|
|
Secret: "foo", |
|
|
|
Secret: token, |
|
|
|
} |
|
|
|
|
|
|
|
middlewareHandler := middleware.Middleware(handler) |
|
|
|
|
|
|
|
request, _ := http.NewRequest("GET", "/", nil) |
|
|
|
request.Header.Set("Authorization", "foo") |
|
|
|
request.Header.Set("Authorization", token) |
|
|
|
responseRecorder := httptest.NewRecorder() |
|
|
|
|
|
|
|
middlewareHandler.ServeHTTP(responseRecorder, request) |
|
|
|
|
|
|
|
assert.Equal(t, responseRecorder.Code, 200) |
|
|
|
assert.Equal(t, 200, responseRecorder.Code) |
|
|
|
}) |
|
|
|
} |
Fabian Vowie
3 years ago