bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiserver/api_key_test.go

bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiserver/api_key_test.go (about)

     1  package apiserver
     2  
     3  import (
     4  	"net/http"
     5  	"net/http/httptest"
     6  	"strings"
     7  	"testing"
     8  
     9  	log "github.com/sirupsen/logrus"
    10  	"github.com/stretchr/testify/assert"
    11  )
    12  
    13  func TestAPIKey(t *testing.T) {
    14  	router, err := NewAPITest()
    15  	if err != nil {
    16  		log.Fatalf("unable to run local API: %s", err)
    17  	}
    18  
    19  	APIKey, err := CreateTestBouncer()
    20  	if err != nil {
    21  		log.Fatalf("%s", err.Error())
    22  	}
    23  	// Login with empty token
    24  	w := httptest.NewRecorder()
    25  	req, _ := http.NewRequest("GET", "/v1/decisions", strings.NewReader(""))
    26  	req.Header.Add("User-Agent", UserAgent)
    27  	router.ServeHTTP(w, req)
    28  
    29  	assert.Equal(t, 403, w.Code)
    30  	assert.Equal(t, "{\"message\":\"access forbidden\"}", w.Body.String())
    31  
    32  	// Login with invalid token
    33  	w = httptest.NewRecorder()
    34  	req, _ = http.NewRequest("GET", "/v1/decisions", strings.NewReader(""))
    35  	req.Header.Add("User-Agent", UserAgent)
    36  	req.Header.Add("X-Api-Key", "a1b2c3d4e5f6")
    37  	router.ServeHTTP(w, req)
    38  
    39  	assert.Equal(t, 403, w.Code)
    40  	assert.Equal(t, "{\"message\":\"access forbidden\"}", w.Body.String())
    41  
    42  	// Login with valid token
    43  	w = httptest.NewRecorder()
    44  	req, _ = http.NewRequest("GET", "/v1/decisions", strings.NewReader(""))
    45  	req.Header.Add("User-Agent", UserAgent)
    46  	req.Header.Add("X-Api-Key", APIKey)
    47  	router.ServeHTTP(w, req)
    48  
    49  	assert.Equal(t, 200, w.Code)
    50  	assert.Equal(t, "null", w.Body.String())
    51  
    52  }