Merge remote-tracking branch 'upstream/0.4.0' into 0.4.0

This commit is contained in:
Brad Rydzewski 2015-05-18 15:47:38 -07:00
commit bb6ab45700
2 changed files with 85 additions and 10 deletions

View file

@ -11,18 +11,10 @@ import (
// POST /api/user/tokens
func PostToken(c *gin.Context) {
settings := ToSettings(c)
store := ToDatastore(c)
sess := ToSession(c)
store := ToDatastore(c)
user := ToUser(c)
// if a session secret is not defined there is no way to
// generate jwt user tokens, so we must throw an error
if settings.Session == nil || len(settings.Session.Secret) == 0 {
c.String(500, "User tokens are not configured")
return
}
in := &common.Token{}
if !c.BindWith(in, binding.JSON) {
return
@ -39,13 +31,16 @@ func PostToken(c *gin.Context) {
err := store.AddToken(token)
if err != nil {
c.Fail(400, err)
c.Fail(500, err)
return
}
jwt, err := sess.GenerateToken(token)
if err != nil {
c.Fail(400, err)
return
}
c.JSON(200, struct {
*common.Token
Hash string `json:"hash"`
@ -61,10 +56,12 @@ func DelToken(c *gin.Context) {
token, err := store.TokenLabel(user, label)
if err != nil {
c.Fail(404, err)
return
}
err = store.DelToken(token)
if err != nil {
c.Fail(400, err)
return
}
c.Writer.WriteHeader(200)

78
pkg/server/token_test.go Normal file
View file

@ -0,0 +1,78 @@
package server
import (
"bytes"
"database/sql"
"encoding/json"
"net/http"
"testing"
"github.com/dgrijalva/jwt-go"
"github.com/drone/drone/pkg/server/recorder"
"github.com/drone/drone/pkg/server/session"
"github.com/drone/drone/pkg/settings"
"github.com/drone/drone/pkg/store/mock"
"github.com/drone/drone/pkg/types"
. "github.com/franela/goblin"
"github.com/gin-gonic/gin"
"github.com/stretchr/testify/mock"
)
var tokenTests = []struct {
inLabel string
inBody string
storeErr error
outCode int
outKind string
}{
{"", `{}`, sql.ErrNoRows, 500, ""},
{"app1", `{"label": "app1"}`, nil, 200, types.TokenUser},
{"app2", `{"label": "app2"}`, nil, 200, types.TokenUser},
}
func TestToken(t *testing.T) {
store := new(mocks.Store)
g := Goblin(t)
g.Describe("Token", func() {
g.It("should create tokens", func() {
for _, test := range tokenTests {
rw := recorder.New()
ctx := gin.Context{Engine: gin.Default(), Writer: rw}
body := bytes.NewBufferString(test.inBody)
ctx.Request, _ = http.NewRequest("POST", "/api/user/tokens", body)
ctx.Set("datastore", store)
ctx.Set("user", &types.User{Login: "Freya"})
config := settings.Settings{Session: &settings.Session{Secret: "Otto"}}
ctx.Set("settings", &config)
ctx.Set("session", session.New(config.Session))
// prepare the mock
store.On("AddToken", mock.AnythingOfType("*types.Token")).Return(test.storeErr).Once()
PostToken(&ctx)
g.Assert(rw.Code).Equal(test.outCode)
if test.outCode != 200 {
continue
}
var respjson map[string]interface{}
json.Unmarshal(rw.Body.Bytes(), &respjson)
g.Assert(respjson["kind"]).Equal(types.TokenUser)
g.Assert(respjson["label"]).Equal(test.inLabel)
// this is probably going too far... maybe just validate hash is not empty?
jwt.Parse(respjson["hash"].(string), func(token *jwt.Token) (interface{}, error) {
_, ok := token.Method.(*jwt.SigningMethodHMAC)
g.Assert(ok).IsTrue()
g.Assert(token.Claims["label"]).Equal(test.inLabel)
return nil, nil
})
}
})
g.It("should delete tokens")
})
}