github.com/go-kivik/kivik/v4@v4.3.2/x/kivikd/authdb/authdb_test.go (about) 1 // Licensed under the Apache License, Version 2.0 (the "License"); you may not 2 // use this file except in compliance with the License. You may obtain a copy of 3 // the License at 4 // 5 // http://www.apache.org/licenses/LICENSE-2.0 6 // 7 // Unless required by applicable law or agreed to in writing, software 8 // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 9 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 10 // License for the specific language governing permissions and limitations under 11 // the License. 12 13 package authdb 14 15 import ( 16 "encoding/base64" 17 "testing" 18 "time" 19 ) 20 21 func TestCreateAuthToken(t *testing.T) { 22 type catTest struct { 23 name string 24 username, salt, secret string 25 time int64 26 expected string 27 recovery string 28 } 29 tests := []catTest{ 30 { 31 name: "no secret", 32 recovery: "secret must be set", 33 }, 34 { 35 name: "no salt", 36 secret: "foo", 37 recovery: "salt must be set", 38 }, 39 { 40 name: "valid", 41 secret: "foo", 42 salt: "4e170ffeb6f34daecfd814dfb4001a73", 43 username: "baz", 44 time: 12345, 45 expected: "YmF6OjMwMzk6fqvvtjD0eY7M_OZCiSWeRk01mlo", 46 }, 47 } 48 for _, test := range tests { 49 t.Run(test.name, func(t *testing.T) { 50 recovery := func() (recovery string) { 51 defer func() { 52 if r := recover(); r != nil { 53 recovery = r.(string) 54 } 55 }() 56 result := CreateAuthToken(test.username, test.salt, test.secret, test.time) 57 if result != test.expected { 58 t.Errorf("Unexpected result: %s", result) 59 } 60 return "" 61 }() 62 if recovery != test.recovery { 63 t.Errorf("Unexpected panic recovery: %s", recovery) 64 } 65 }) 66 } 67 } 68 69 func TestDecodeAuthToken(t *testing.T) { 70 tests := []struct { 71 name string 72 input string 73 username string 74 created time.Time 75 err string 76 }{ 77 { 78 name: "invalid base64", 79 input: "ée", 80 err: "illegal base64 data at input byte 0", 81 }, 82 { 83 name: "invalid payload", 84 input: base64.RawURLEncoding.EncodeToString([]byte("foo bar baz")), 85 err: "invalid payload", 86 }, 87 { 88 name: "invalid timestamp", 89 input: base64.RawURLEncoding.EncodeToString([]byte("foo:asdf:asdf")), 90 err: "invalid timestamp 'asdf'", 91 }, 92 { 93 name: "valid", 94 input: base64.RawURLEncoding.EncodeToString([]byte("foo:12345:asdf")), 95 username: "foo", 96 created: time.Unix(74565, 0), 97 }, 98 { 99 name: "real world token", 100 input: "MzBkMzRmODktMGUyMC00YzZhLTgyZjQtN2FhOWEyMmZkYThmOjU5OTlBNDI0OlGqCaGA69un9MHg2_Cyd95h4zkH", 101 username: "30d34f89-0e20-4c6a-82f4-7aa9a22fda8f", 102 created: time.Unix(1503241252, 0), 103 }, 104 } 105 for _, test := range tests { 106 t.Run(test.name, func(t *testing.T) { 107 username, created, err := DecodeAuthToken(test.input) 108 var errMsg string 109 if err != nil { 110 errMsg = err.Error() 111 } 112 if errMsg != test.err { 113 t.Errorf("Unexpected error: %s", errMsg) 114 } 115 if err != nil { 116 return 117 } 118 if test.username != username || !test.created.Equal(created) { 119 t.Errorf("Unexpected results: %s / %v\n", username, created) 120 } 121 }) 122 } 123 }