github.com/greenpau/go-authcrunch@v1.0.50/pkg/authn/cookie/cookie_test.go (about) 1 // Copyright 2022 Paul Greenberg greenpau@outlook.com 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package cookie 16 17 import ( 18 "fmt" 19 "github.com/greenpau/go-authcrunch/internal/tests" 20 "testing" 21 ) 22 23 func TestFactory(t *testing.T) { 24 var testcases = []struct { 25 name string 26 host string 27 config *Config 28 // Expected results. 29 want map[string]interface{} 30 shouldErr bool 31 err error 32 }{ 33 { 34 name: "default config", 35 want: map[string]interface{}{ 36 "grant": "access_token=foobar; Path=/; Secure; HttpOnly;", 37 "delete": "access_token=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 38 "session_delete": "AUTHP_SESSION_ID=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 39 "session_grant": "AUTHP_SESSION_ID=foobar; Path=/; Secure; HttpOnly;", 40 }, 41 }, 42 { 43 name: "contoso.com cookie with default path", 44 host: "auth.contoso.com", 45 config: &Config{ 46 Domains: map[string]*DomainConfig{ 47 "contoso.com": &DomainConfig{ 48 Seq: 0, 49 Domain: "contoso.com", 50 }, 51 }, 52 }, 53 want: map[string]interface{}{ 54 "grant": "access_token=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 55 "delete": "access_token=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 56 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 57 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 58 }, 59 }, 60 { 61 name: "contoso.com cookie same host", 62 host: "contoso.com", 63 config: &Config{ 64 Domains: map[string]*DomainConfig{ 65 "contoso.com": &DomainConfig{ 66 Seq: 0, 67 Domain: "contoso.com", 68 }, 69 }, 70 }, 71 want: map[string]interface{}{ 72 "grant": "access_token=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 73 "delete": "access_token=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 74 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 75 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 76 }, 77 }, 78 { 79 name: "contoso.com cookie without domain config", 80 host: "contoso.com", 81 want: map[string]interface{}{ 82 "grant": "access_token=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 83 "delete": "access_token=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 84 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 85 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 86 }, 87 }, 88 { 89 name: "contoso.com cookie with default strict samesite", 90 host: "auth.contoso.com", 91 config: &Config{ 92 Domains: map[string]*DomainConfig{ 93 "contoso.com": &DomainConfig{ 94 Seq: 0, 95 Domain: "contoso.com", 96 }, 97 }, 98 SameSite: "strict", 99 }, 100 want: map[string]interface{}{ 101 "grant": "access_token=foobar; Domain=contoso.com; Path=/; SameSite=Strict; Secure; HttpOnly;", 102 "delete": "access_token=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 103 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 104 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 105 }, 106 }, 107 { 108 name: "fail contoso.com cookie with default incorrect samesite", 109 host: "auth.contoso.com", 110 config: &Config{ 111 Domains: map[string]*DomainConfig{ 112 "contoso.com": &DomainConfig{ 113 Seq: 0, 114 Domain: "contoso.com", 115 }, 116 }, 117 SameSite: "foobar", 118 }, 119 shouldErr: true, 120 err: fmt.Errorf("the SameSite cookie attribute %q is invalid", "foobar"), 121 }, 122 { 123 name: "contoso.com cookie with custom path", 124 host: "auth.contoso.com", 125 config: &Config{ 126 Domains: map[string]*DomainConfig{ 127 "contoso.com": &DomainConfig{ 128 Seq: 0, 129 Domain: "contoso.com", 130 Path: "/mydir", 131 }, 132 }, 133 }, 134 want: map[string]interface{}{ 135 "grant": "access_token=foobar; Domain=contoso.com; Path=/mydir; Secure; HttpOnly;", 136 "delete": "access_token=delete; Domain=contoso.com; Path=/mydir; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 137 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 138 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 139 }, 140 }, 141 { 142 name: "contoso.com cookie custom lifetime", 143 host: "auth.contoso.com", 144 config: &Config{ 145 Domains: map[string]*DomainConfig{ 146 "contoso.com": &DomainConfig{ 147 Seq: 0, 148 Domain: "contoso.com", 149 Lifetime: 900, 150 }, 151 "foo.bar": &DomainConfig{ 152 Seq: 0, 153 Domain: "foo.bar", 154 Lifetime: 900, 155 }, 156 }, 157 }, 158 want: map[string]interface{}{ 159 "grant": "access_token=foobar; Domain=contoso.com; Path=/; Max-Age=900; Secure; HttpOnly;", 160 "delete": "access_token=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 161 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 162 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 163 }, 164 }, 165 { 166 name: "contoso.com cookie without domain config", 167 host: "auth.contoso.com", 168 config: &Config{ 169 Path: "/", 170 Lifetime: 900, 171 SameSite: "strict", 172 }, 173 want: map[string]interface{}{ 174 "grant": "access_token=foobar; Domain=contoso.com; Path=/; Max-Age=900; SameSite=Strict; Secure; HttpOnly;", 175 "delete": "access_token=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 176 "session_delete": "AUTHP_SESSION_ID=delete; Domain=contoso.com; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 177 "session_grant": "AUTHP_SESSION_ID=foobar; Domain=contoso.com; Path=/; Secure; HttpOnly;", 178 }, 179 }, 180 { 181 name: "localhost cookie", 182 host: "localhost", 183 config: &Config{ 184 Path: "/", 185 Lifetime: 900, 186 SameSite: "strict", 187 }, 188 want: map[string]interface{}{ 189 "grant": "access_token=foobar; Path=/; Max-Age=900; SameSite=Strict; Secure; HttpOnly;", 190 "delete": "access_token=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 191 "session_delete": "AUTHP_SESSION_ID=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 192 "session_grant": "AUTHP_SESSION_ID=foobar; Path=/; Secure; HttpOnly;", 193 }, 194 }, 195 { 196 name: "localhost ipv4 cookie with port", 197 host: "127.0.0.1:443", 198 config: &Config{ 199 Path: "/", 200 Lifetime: 900, 201 SameSite: "strict", 202 }, 203 want: map[string]interface{}{ 204 "grant": "access_token=foobar; Path=/; Max-Age=900; SameSite=Strict; Secure; HttpOnly;", 205 "delete": "access_token=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 206 "session_delete": "AUTHP_SESSION_ID=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 207 "session_grant": "AUTHP_SESSION_ID=foobar; Path=/; Secure; HttpOnly;", 208 }, 209 }, 210 { 211 name: "ipv6 cookie with port", 212 host: "[2001:db8:3333:4444::8888]:443", 213 config: &Config{ 214 Path: "/", 215 Lifetime: 900, 216 SameSite: "strict", 217 }, 218 want: map[string]interface{}{ 219 "grant": "access_token=foobar; Path=/; Max-Age=900; SameSite=Strict; Secure; HttpOnly;", 220 "delete": "access_token=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 221 "session_delete": "AUTHP_SESSION_ID=delete; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT;", 222 "session_grant": "AUTHP_SESSION_ID=foobar; Path=/; Secure; HttpOnly;", 223 }, 224 }, 225 } 226 for _, tc := range testcases { 227 t.Run(tc.name, func(t *testing.T) { 228 msgs := []string{fmt.Sprintf("test name: %s", tc.name)} 229 cf, err := NewFactory(tc.config) 230 if tests.EvalErrWithLog(t, err, "cookie", tc.shouldErr, tc.err, msgs) { 231 return 232 } 233 got := make(map[string]interface{}) 234 got["grant"] = cf.GetCookie(tc.host, "access_token", "foobar") 235 got["delete"] = cf.GetDeleteCookie(tc.host, "access_token") 236 got["session_grant"] = cf.GetSessionCookie(tc.host, "foobar") 237 got["session_delete"] = cf.GetDeleteSessionCookie(tc.host) 238 tests.EvalObjectsWithLog(t, "cookie", tc.want, got, msgs) 239 }) 240 } 241 }