Unit tests for PostToken API

2015-05-18 11:49:26 -06:00 · 2015-05-18 11:49:26 -06:00 · f9f2fdc2c8
commit f9f2fdc2c8
parent eedfbaf202
2 changed files with 102 additions and 2 deletions
--- a/pkg/server/token.go
+++ b/pkg/server/token.go
@ -6,6 +6,7 @@ import (
 	"github.com/gin-gonic/gin"
 	"github.com/gin-gonic/gin/binding"

+	"github.com/drone/drone/pkg/server/session"
 	common "github.com/drone/drone/pkg/types"
 )

@ -13,7 +14,6 @@ import (
 func PostToken(c *gin.Context) {
 	settings := ToSettings(c)
 	store := ToDatastore(c)
-	sess := ToSession(c)
 	user := ToUser(c)

 	// if a session secret is not defined there is no way to
@ -39,13 +39,24 @@ func PostToken(c *gin.Context) {

 	err := store.AddToken(token)
 	if err != nil {
-		c.Fail(400, err)
+		c.Fail(500, err)
+		return
+	}
+
+	var sess session.Session
+	val, _ := c.Get("session")
+	if val != nil {
+		sess = val.(session.Session)
+	} else {
+		sess = session.New(settings.Session)
 	}

 	jwt, err := sess.GenerateToken(token)
 	if err != nil {
 		c.Fail(400, err)
+		return
 	}
+
 	c.JSON(200, struct {
 		*common.Token
 		Hash string `json:"hash"`
@ -61,10 +72,12 @@ func DelToken(c *gin.Context) {
 	token, err := store.TokenLabel(user, label)
 	if err != nil {
 		c.Fail(404, err)
+		return
 	}
 	err = store.DelToken(token)
 	if err != nil {
 		c.Fail(400, err)
+		return
 	}

 	c.Writer.WriteHeader(200)
--- a/pkg/server/token_test.go
+++ b/pkg/server/token_test.go
@ -0,0 +1,87 @@
+package server
+
+import (
+	"bytes"
+	"database/sql"
+	"encoding/json"
+	"net/http"
+	"testing"
+
+	"github.com/dgrijalva/jwt-go"
+	"github.com/drone/drone/pkg/server/recorder"
+	"github.com/drone/drone/pkg/server/session"
+	"github.com/drone/drone/pkg/settings"
+	"github.com/drone/drone/pkg/store/mock"
+	"github.com/drone/drone/pkg/types"
+	. "github.com/franela/goblin"
+	"github.com/gin-gonic/gin"
+	"github.com/stretchr/testify/mock"
+)
+
+var tokenTests = []struct {
+	inLabel    string
+	inBody     string
+	inSession  *settings.Session
+	inHaveSess bool
+	storeErr   error
+	outCode    int
+	outKind    string
+}{
+	{"", `{}`, nil, false, nil, 500, ""},
+	{"", `{}`, &settings.Session{Secret: "Otto"}, false, sql.ErrNoRows, 500, ""},
+	{"app1", `{"label": "app1"}`, &settings.Session{Secret: "Otto"}, true, nil, 200, types.TokenUser},
+	{"app2", `{"label": "app2"}`, &settings.Session{Secret: "Otto"}, false, nil, 200, types.TokenUser},
+}
+
+func TestToken(t *testing.T) {
+	store := new(mocks.Store)
+
+	g := Goblin(t)
+	g.Describe("Token", func() {
+		g.It("should create tokens", func() {
+			for _, test := range tokenTests {
+				rw := recorder.New()
+				ctx := gin.Context{Engine: gin.Default(), Writer: rw}
+				body := bytes.NewBufferString(test.inBody)
+				ctx.Request, _ = http.NewRequest("POST", "/api/user/tokens", body)
+
+				ctx.Set("datastore", store)
+				ctx.Set("user", &types.User{Login: "Freya"})
+
+				config := settings.Settings{Session: test.inSession}
+				ctx.Set("settings", &config)
+				if test.inSession != nil {
+					// only set these up if we've got Session configuration
+					if test.inHaveSess {
+						ctx.Set("session", session.New(test.inSession))
+					}
+
+					// prepare the mock datastore
+					store.On("AddToken", mock.AnythingOfType("*types.Token")).Return(test.storeErr).Once()
+				}
+
+				PostToken(&ctx)
+
+				g.Assert(rw.Code).Equal(test.outCode)
+				if test.outCode != 200 {
+					continue
+				}
+
+				var respjson map[string]interface{}
+				json.Unmarshal(rw.Body.Bytes(), &respjson)
+				g.Assert(respjson["kind"]).Equal(types.TokenUser)
+				g.Assert(respjson["label"]).Equal(test.inLabel)
+
+				// this is probably going too far... maybe just validate hash is not empty?
+				jwt.Parse(respjson["hash"].(string), func(token *jwt.Token) (interface{}, error) {
+					_, ok := token.Method.(*jwt.SigningMethodHMAC)
+					g.Assert(ok).IsTrue()
+					g.Assert(token.Claims["label"]).Equal(test.inLabel)
+					return nil, nil
+				})
+			}
+		})
+
+		g.It("should delete tokens")
+	})
+}