github.com/BTBurke/caddy-jwt@v3.7.1+incompatible/config_test.go (about) 1 package jwt 2 3 import ( 4 "net/http" 5 "testing" 6 7 "fmt" 8 "os" 9 10 "github.com/caddyserver/caddy" 11 "github.com/caddyserver/caddy/caddyhttp/httpserver" 12 . "github.com/onsi/ginkgo" 13 . "github.com/onsi/gomega" 14 ) 15 16 func TestCaddyJwtConfig(t *testing.T) { 17 RegisterFailHandler(Fail) 18 RunSpecs(t, "CaddyJWT Config Suite") 19 } 20 21 var EmptyNext = httpserver.HandlerFunc(func(w http.ResponseWriter, r *http.Request) (int, error) { 22 return 0, nil 23 }) 24 25 var _ = Describe("JWTAuth Config", func() { 26 BeforeEach(func() { 27 os.Unsetenv(ENV_PUBLIC_KEY) 28 os.Unsetenv(ENV_SECRET) 29 }) 30 Describe("Parse the jwt config block", func() { 31 32 It("returns an appropriate middleware handler", func() { 33 c := caddy.NewTestController("http", `jwt /from`) 34 err := Setup(c) 35 Expect(err).To(BeNil()) 36 }) 37 38 It("parses simple and complex blocks", func() { 39 tests := []struct { 40 input string 41 shouldErr bool 42 expect []Rule 43 }{ 44 {"jwt /test", false, []Rule{{Path: "/test"}}}, 45 {"jwt {\npath /test\n}", false, []Rule{{Path: "/test"}}}, 46 {`jwt { 47 path /test 48 redirect /login 49 allow user test 50 }`, false, []Rule{{ 51 Path: "/test", 52 Redirect: "/login", 53 AccessRules: []AccessRule{{ALLOW, "user", "test"}}}, 54 }}, 55 {`jwt /test { 56 allow user test 57 }`, true, nil}, 58 {`jwt { 59 path /test 60 deny role member 61 allow user test 62 }`, false, []Rule{{Path: "/test", AccessRules: []AccessRule{{DENY, "role", "member"}, {ALLOW, "user", "test"}}}}}, 63 {`jwt { 64 deny role member 65 }`, true, nil}, 66 {`jwt /path1 67 jwt /path2`, false, []Rule{{Path: "/path1"}, {Path: "/path2"}}}, 68 {`jwt { 69 path /path1 70 path /path2 71 }`, true, nil}, 72 {`jwt { 73 path / 74 except /login 75 except /test 76 allowroot 77 }`, false, []Rule{ 78 Rule{ 79 Path: "/", 80 ExceptedPaths: []string{"/login", "/test"}, 81 AllowRoot: true, 82 }, 83 }}, 84 {`jwt { 85 path / 86 publickey /test/test.pem 87 }`, false, []Rule{ 88 Rule{ 89 Path: "/", 90 KeyBackends: []KeyBackend{&LazyPublicKeyBackend{filename: "/test/test.pem"}}, 91 }, 92 }}, 93 {`jwt { 94 path / 95 secret /test/test.secret 96 }`, false, []Rule{ 97 Rule{ 98 Path: "/", 99 KeyBackends: []KeyBackend{&LazyHmacKeyBackend{filename: "/test/test.secret"}}, 100 }, 101 }}, 102 {`jwt { 103 path / 104 secret /test/test.secret 105 secret /test/test2.secret 106 }`, false, []Rule{ 107 Rule{ 108 Path: "/", 109 KeyBackends: []KeyBackend{&LazyHmacKeyBackend{filename: "/test/test.secret"}, &LazyHmacKeyBackend{filename: "/test/test2.secret"}}, 110 }, 111 }}, 112 {`jwt { 113 path / 114 publickey /test/test.pub 115 publickey /test/test2.pub 116 }`, false, []Rule{ 117 Rule{ 118 Path: "/", 119 KeyBackends: []KeyBackend{&LazyPublicKeyBackend{filename: "/test/test.pub"}, &LazyPublicKeyBackend{filename: "/test/test2.pub"}}, 120 }, 121 }}, 122 {`jwt { 123 path / 124 publickey /test/test.pub 125 secret /test/test.secret 126 }`, true, nil}, 127 {`jwt { 128 path / 129 passthrough 130 }`, false, []Rule{ 131 Rule{ 132 Path: "/", 133 Passthrough: true, 134 }, 135 }}, 136 {`jwt { 137 path / 138 token_source 139 }`, true, nil, 140 }, 141 {`jwt { 142 path / 143 token_source unexpected 144 }`, true, nil, 145 }, 146 {`jwt { 147 path / 148 token_source header foo bar 149 }`, true, nil, 150 }, 151 {`jwt { 152 path / 153 token_source query_param 154 }`, true, nil, 155 }, 156 {`jwt { 157 path / 158 token_source cookie 159 }`, true, nil, 160 }, 161 {`jwt { 162 path / 163 token_source query_param param_name 164 token_source cookie cookie_name 165 token_source header header_name 166 token_source header 167 }`, false, []Rule{ 168 Rule{ 169 Path: "/", 170 TokenSources: []TokenSource{ 171 &QueryTokenSource{ 172 ParamName: "param_name", 173 }, 174 &CookieTokenSource{ 175 CookieName: "cookie_name", 176 }, 177 &HeaderTokenSource{ 178 HeaderName: "header_name", 179 }, 180 &HeaderTokenSource{ 181 HeaderName: "Bearer", 182 }, 183 }, 184 }, 185 }}, 186 } 187 for _, test := range tests { 188 c := caddy.NewTestController("http", test.input) 189 actual, err := parse(c) 190 if !test.shouldErr { 191 Expect(err).To(BeNil()) 192 } else { 193 Expect(err).To(HaveOccurred(), fmt.Sprintf("%v", test)) 194 } 195 for idx, rule := range test.expect { 196 actualRule := actual[idx] 197 Expect(rule.Path).To(Equal(actualRule.Path)) 198 Expect(rule.Redirect).To(Equal(actualRule.Redirect)) 199 Expect(rule.AccessRules).To(Equal(actualRule.AccessRules)) 200 Expect(rule.ExceptedPaths).To(Equal(actualRule.ExceptedPaths)) 201 Expect(rule.AllowRoot).To(Equal(actualRule.AllowRoot)) 202 Expect(rule.KeyBackends).To(Equal(actualRule.KeyBackends), fmt.Sprintf("expected: %v\nactual: %v", rule, actualRule)) 203 Expect(rule.TokenSources).To(Equal(actualRule.TokenSources), fmt.Sprintf("expected: %v\nactual: %v", rule, actualRule)) 204 } 205 206 } 207 }) 208 209 }) 210 })