code.vegaprotocol.io/vega@v0.79.0/wallet/service/v1/auth_test.go (about) 1 // Copyright (C) 2023 Gobalsky Labs Limited 2 // 3 // This program is free software: you can redistribute it and/or modify 4 // it under the terms of the GNU Affero General Public License as 5 // published by the Free Software Foundation, either version 3 of the 6 // License, or (at your option) any later version. 7 // 8 // This program is distributed in the hope that it will be useful, 9 // but WITHOUT ANY WARRANTY; without even the implied warranty of 10 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 // GNU Affero General Public License for more details. 12 // 13 // You should have received a copy of the GNU Affero General Public License 14 // along with this program. If not, see <http://www.gnu.org/licenses/>. 15 16 package v1_test 17 18 import ( 19 "testing" 20 "time" 21 22 v1 "code.vegaprotocol.io/vega/wallet/service/v1" 23 "code.vegaprotocol.io/vega/wallet/service/v1/mocks" 24 25 "github.com/golang/mock/gomock" 26 "github.com/stretchr/testify/assert" 27 "go.uber.org/zap" 28 ) 29 30 type testAuth struct { 31 v1.Auth 32 ctrl *gomock.Controller 33 } 34 35 func getTestAuth(t *testing.T) *testAuth { 36 t.Helper() 37 rsaKeys, err := v1.GenerateRSAKeys() 38 if err != nil { 39 t.Fatal(err) 40 } 41 42 ctrl := gomock.NewController(t) 43 store := mocks.NewMockRSAStore(ctrl) 44 store.EXPECT().GetRsaKeys().Return(rsaKeys, nil) 45 46 tokenExpiry := 10 * time.Hour 47 a, err := v1.NewAuth(zap.NewNop(), store, tokenExpiry) 48 if err != nil { 49 t.Fatal(err) 50 } 51 52 return &testAuth{ 53 Auth: a, 54 ctrl: ctrl, 55 } 56 } 57 58 func TestAuth(t *testing.T) { 59 t.Run("verify a valid token", testVerifyValidToken) 60 t.Run("verify an invalid token fail", testVerifyInvalidToken) 61 t.Run("revoke a valid token", testRevokeValidToken) 62 t.Run("revoke an invalid token fail", testRevokeInvalidToken) 63 } 64 65 func testVerifyValidToken(t *testing.T) { 66 t.Parallel() 67 auth := getTestAuth(t) 68 w := "jeremy" 69 70 // get a new session 71 tok, err := auth.NewSession(w) 72 assert.NoError(t, err) 73 assert.NotEmpty(t, tok) 74 75 wallet2, err := auth.VerifyToken(tok) 76 assert.NoError(t, err) 77 assert.Equal(t, w, wallet2) 78 } 79 80 func testVerifyInvalidToken(t *testing.T) { 81 t.Parallel() 82 auth := getTestAuth(t) 83 tok := "that's not a token" 84 85 w, err := auth.VerifyToken(tok) 86 assert.EqualError(t, err, "couldn't parse JWT token: token is malformed: token contains an invalid number of segments") 87 assert.Empty(t, w) 88 } 89 90 func testRevokeValidToken(t *testing.T) { 91 t.Parallel() 92 auth := getTestAuth(t) 93 walletName := "jeremy" 94 95 // get a new session 96 tok, err := auth.NewSession(walletName) 97 assert.NoError(t, err) 98 assert.NotEmpty(t, tok) 99 100 wallet2, err := auth.VerifyToken(tok) 101 assert.NoError(t, err) 102 assert.Equal(t, walletName, wallet2) 103 104 // now we made sure the token exists, let's revoke and re-verify it 105 name, err := auth.Revoke(tok) 106 assert.NoError(t, err) 107 assert.Equal(t, walletName, name) 108 109 w, err := auth.VerifyToken(tok) 110 assert.ErrorIs(t, err, v1.ErrSessionNotFound) 111 assert.Empty(t, w) 112 } 113 114 func testRevokeInvalidToken(t *testing.T) { 115 t.Parallel() 116 auth := getTestAuth(t) 117 tok := "hehehe that's not a toekn" 118 119 name, err := auth.Revoke(tok) 120 assert.EqualError(t, err, "couldn't parse JWT token: token is malformed: token contains an invalid number of segments") 121 assert.Empty(t, name) 122 }