88 lines
2.3 KiB
Go
88 lines
2.3 KiB
Go
// Copyright 2019 Drone.IO Inc. All rights reserved.
|
|
// Use of this source code is governed by the Drone Non-Commercial License
|
|
// that can be found in the LICENSE file.
|
|
|
|
package auth
|
|
|
|
import (
|
|
"database/sql"
|
|
"io/ioutil"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/drone/drone/core"
|
|
"github.com/drone/drone/handler/api/request"
|
|
"github.com/drone/drone/mock"
|
|
"github.com/sirupsen/logrus"
|
|
|
|
"github.com/golang/mock/gomock"
|
|
)
|
|
|
|
func init() {
|
|
logrus.SetOutput(ioutil.Discard)
|
|
}
|
|
|
|
func TestAuth(t *testing.T) {
|
|
controller := gomock.NewController(t)
|
|
defer controller.Finish()
|
|
|
|
mockUser := &core.User{
|
|
ID: 1,
|
|
Login: "octocat",
|
|
Admin: true,
|
|
Machine: true,
|
|
Hash: "$2a$04$rR2VvGjM9iqAAoyLSE4IrexAlxDbIS3M5YKtj9ANs7vraki0ybYJq 197XXbZablx0RPQ8",
|
|
}
|
|
|
|
session := mock.NewMockSession(controller)
|
|
session.EXPECT().Get(gomock.Any()).Return(mockUser, nil)
|
|
|
|
w := httptest.NewRecorder()
|
|
r := httptest.NewRequest("GET", "/?access_token=VA.197XXbZablx0RPQ8", nil)
|
|
|
|
HandleAuthentication(session)(
|
|
http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// use dummy status code to signal the next handler in
|
|
// the middleware chain was properly invoked.
|
|
w.WriteHeader(http.StatusTeapot)
|
|
|
|
// verify the user was added to the request context
|
|
if user, _ := request.UserFrom(r.Context()); user != mockUser {
|
|
t.Errorf("Expect user in context")
|
|
}
|
|
}),
|
|
).ServeHTTP(w, r)
|
|
|
|
if got, want := w.Code, http.StatusTeapot; got != want {
|
|
t.Errorf("Want status code %d, got %d", want, got)
|
|
}
|
|
}
|
|
|
|
func TestAuth_Guest(t *testing.T) {
|
|
controller := gomock.NewController(t)
|
|
defer controller.Finish()
|
|
|
|
w := httptest.NewRecorder()
|
|
r := httptest.NewRequest("GET", "/", nil)
|
|
|
|
session := mock.NewMockSession(controller)
|
|
session.EXPECT().Get(gomock.Any()).Return(nil, sql.ErrNoRows)
|
|
|
|
HandleAuthentication(session)(
|
|
http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
// use dummy status code to signal the next handler in
|
|
// the middleware chain was properly invoked.
|
|
w.WriteHeader(http.StatusTeapot)
|
|
|
|
// verify the user was added to the request context
|
|
if _, ok := request.UserFrom(r.Context()); ok {
|
|
t.Errorf("Expect guest mode, no user in context")
|
|
}
|
|
}),
|
|
).ServeHTTP(w, r)
|
|
|
|
if got, want := w.Code, http.StatusTeapot; got != want {
|
|
t.Errorf("Want status code %d, got %d", want, got)
|
|
}
|
|
}
|