bitbucket.org/Aishee/synsec@v0.0.0-20210414005726-236fc01a153d/pkg/apiserver/jwt_test.go (about) 1 package apiserver 2 3 import ( 4 "net/http" 5 "net/http/httptest" 6 "strings" 7 "testing" 8 9 log "github.com/sirupsen/logrus" 10 "github.com/stretchr/testify/assert" 11 ) 12 13 func TestLogin(t *testing.T) { 14 router, err := NewAPITest() 15 if err != nil { 16 log.Fatalf("unable to run local API: %s", err) 17 } 18 19 body, err := CreateTestMachine(router) 20 if err != nil { 21 log.Fatalln(err.Error()) 22 } 23 24 // Login with machine not validated yet 25 w := httptest.NewRecorder() 26 req, _ := http.NewRequest("POST", "/v1/watchers/login", strings.NewReader(body)) 27 req.Header.Add("User-Agent", UserAgent) 28 router.ServeHTTP(w, req) 29 30 assert.Equal(t, 401, w.Code) 31 assert.Equal(t, "{\"code\":401,\"message\":\"machine test not validated\"}", w.Body.String()) 32 33 // Login with machine not exist 34 w = httptest.NewRecorder() 35 req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test1\", \"password\": \"test1\"}")) 36 req.Header.Add("User-Agent", UserAgent) 37 router.ServeHTTP(w, req) 38 39 assert.Equal(t, 401, w.Code) 40 assert.Equal(t, "{\"code\":401,\"message\":\"ent: machine not found\"}", w.Body.String()) 41 42 // Login with invalid body 43 w = httptest.NewRecorder() 44 req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("test")) 45 req.Header.Add("User-Agent", UserAgent) 46 router.ServeHTTP(w, req) 47 48 assert.Equal(t, 401, w.Code) 49 assert.Equal(t, "{\"code\":401,\"message\":\"missing : invalid character 'e' in literal true (expecting 'r')\"}", w.Body.String()) 50 51 // Login with invalid format 52 w = httptest.NewRecorder() 53 req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test1\"}")) 54 req.Header.Add("User-Agent", UserAgent) 55 router.ServeHTTP(w, req) 56 57 assert.Equal(t, 401, w.Code) 58 assert.Equal(t, "{\"code\":401,\"message\":\"input format error\"}", w.Body.String()) 59 60 //Validate machine 61 err = ValidateMachine("test") 62 if err != nil { 63 log.Fatalln(err.Error()) 64 } 65 66 // Login with invalid password 67 w = httptest.NewRecorder() 68 req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test\", \"password\": \"test1\"}")) 69 req.Header.Add("User-Agent", UserAgent) 70 router.ServeHTTP(w, req) 71 72 assert.Equal(t, 401, w.Code) 73 assert.Equal(t, "{\"code\":401,\"message\":\"incorrect Username or Password\"}", w.Body.String()) 74 75 // Login with valid machine 76 w = httptest.NewRecorder() 77 req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader(body)) 78 req.Header.Add("User-Agent", UserAgent) 79 router.ServeHTTP(w, req) 80 81 assert.Equal(t, 200, w.Code) 82 assert.Contains(t, w.Body.String(), "\"token\"") 83 assert.Contains(t, w.Body.String(), "\"expire\"") 84 85 // Login with valid machine + scenarios 86 w = httptest.NewRecorder() 87 req, _ = http.NewRequest("POST", "/v1/watchers/login", strings.NewReader("{\"machine_id\": \"test\", \"password\": \"test\", \"scenarios\": [\"breakteam/test\", \"breakteam/test2\"]}")) 88 req.Header.Add("User-Agent", UserAgent) 89 router.ServeHTTP(w, req) 90 91 assert.Equal(t, 200, w.Code) 92 assert.Contains(t, w.Body.String(), "\"token\"") 93 assert.Contains(t, w.Body.String(), "\"expire\"") 94 95 }