github.com/companieshouse/insolvency-api@v0.0.0-20231024103413-440c973d9e9b/interceptors/email_auth_interceptor_test.go

github.com/companieshouse/insolvency-api@v0.0.0-20231024103413-440c973d9e9b/interceptors/email_auth_interceptor_test.go (about)

     1  package interceptors
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  	"net/http/httptest"
     7  	"testing"
     8  
     9  	"github.com/companieshouse/chs.go/authentication"
    10  	"github.com/jarcoal/httpmock"
    11  
    12  	. "github.com/smartystreets/goconvey/convey"
    13  )
    14  
    15  func getTestHandler() http.HandlerFunc {
    16  	return func(w http.ResponseWriter, req *http.Request) {
    17  		w.WriteHeader(http.StatusOK)
    18  	}
    19  }
    20  
    21  func testContext() context.Context {
    22  	ctx := context.Background()
    23  	ctx = context.WithValue(
    24  		ctx,
    25  		authentication.ContextKeyUserDetails,
    26  		authentication.AuthUserDetails{Email: "demo@companieshouse.gov.uk"},
    27  	)
    28  	return ctx
    29  }
    30  
    31  func invalidTestContext() context.Context {
    32  	ctx := context.Background()
    33  	ctx = context.WithValue(
    34  		ctx,
    35  		authentication.ContextKeyUserDetails,
    36  		"invalid",
    37  	)
    38  	return ctx
    39  }
    40  
    41  func TestUnitEmailAuthIntercept(t *testing.T) {
    42  	Convey("Email auth intercept", t, func() {
    43  		httpmock.Activate()
    44  		defer httpmock.DeactivateAndReset()
    45  
    46  		Convey("Invalid user details in context", func() {
    47  			req, _ := http.NewRequestWithContext(invalidTestContext(), "GET", "", nil)
    48  
    49  			w := httptest.NewRecorder()
    50  			test := EmailAuthIntercept(getTestHandler())
    51  			test.ServeHTTP(w, req)
    52  			So(w.Code, ShouldEqual, http.StatusInternalServerError)
    53  		})
    54  
    55  		Convey("Error checking EFS allow list", func() {
    56  			req, _ := http.NewRequestWithContext(testContext(), "GET", "", nil)
    57  
    58  			defer httpmock.Reset()
    59  			httpmock.RegisterResponder(
    60  				http.MethodGet,
    61  				"http://localhost:4001/efs-submission-api/company-authentication/allow-list/demo@companieshouse.gov.uk",
    62  				httpmock.NewStringResponder(http.StatusInternalServerError, ""),
    63  			)
    64  
    65  			w := httptest.NewRecorder()
    66  			test := EmailAuthIntercept(getTestHandler())
    67  			test.ServeHTTP(w, req)
    68  			So(w.Code, ShouldEqual, http.StatusInternalServerError)
    69  		})
    70  
    71  		Convey("User not allowed", func() {
    72  			req, _ := http.NewRequestWithContext(testContext(), "GET", "", nil)
    73  
    74  			defer httpmock.Reset()
    75  			httpmock.RegisterResponder(
    76  				http.MethodGet,
    77  				"http://localhost:4001/efs-submission-api/company-authentication/allow-list/demo@companieshouse.gov.uk?",
    78  				httpmock.NewStringResponder(http.StatusOK, "false"),
    79  			)
    80  
    81  			w := httptest.NewRecorder()
    82  			test := EmailAuthIntercept(getTestHandler())
    83  			test.ServeHTTP(w, req)
    84  			So(w.Code, ShouldEqual, http.StatusUnauthorized)
    85  		})
    86  
    87  		Convey("User allowed", func() {
    88  			req, _ := http.NewRequestWithContext(testContext(), "GET", "", nil)
    89  
    90  			defer httpmock.Reset()
    91  			httpmock.RegisterResponder(
    92  				http.MethodGet,
    93  				"http://localhost:4001/efs-submission-api/company-authentication/allow-list/demo@companieshouse.gov.uk?",
    94  				httpmock.NewStringResponder(http.StatusOK, "true"),
    95  			)
    96  
    97  			w := httptest.NewRecorder()
    98  			test := EmailAuthIntercept(getTestHandler())
    99  			test.ServeHTTP(w, req)
   100  			So(w.Code, ShouldEqual, http.StatusOK)
   101  		})
   102  	})
   103  }