github.com/iron-io/functions@v0.0.0-20180820112432-d59d7d1c40b2/api/server/server_auth_test.go (about) 1 // +build server 2 3 package server 4 5 import ( 6 "fmt" 7 "io" 8 "net/http" 9 "net/http/httptest" 10 "testing" 11 12 "github.com/gin-gonic/gin" 13 "github.com/iron-io/functions/common" 14 "github.com/spf13/viper" 15 ) 16 17 var UnAuthtestSuite = []struct { 18 name string 19 method string 20 path string 21 body string 22 expectedCode int 23 expectedCacheSize int 24 }{ 25 {"create my app", "POST", "/v1/apps", `{ "app": { "name": "myapp" } }`, http.StatusUnauthorized, 0}, 26 {"list apps", "GET", "/v1/apps", ``, http.StatusUnauthorized, 0}, 27 {"get app", "GET", "/v1/apps/myapp", ``, http.StatusUnauthorized, 0}, 28 {"add myroute", "POST", "/v1/apps/myapp/routes", `{ "route": { "name": "myroute", "path": "/myroute", "image": "iron/hello" } }`, http.StatusUnauthorized, 0}, 29 {"add myroute2", "POST", "/v1/apps/myapp/routes", `{ "route": { "name": "myroute2", "path": "/myroute2", "image": "iron/error" } }`, http.StatusUnauthorized, 0}, 30 {"get myroute", "GET", "/v1/apps/myapp/routes/myroute", ``, http.StatusUnauthorized, 0}, 31 {"get myroute2", "GET", "/v1/apps/myapp/routes/myroute2", ``, http.StatusUnauthorized, 0}, 32 {"get all routes", "GET", "/v1/apps/myapp/routes", ``, http.StatusUnauthorized, 0}, 33 // These two are currently returning 404 because they dont get created : temporarily using StatusNotFound 34 // {"execute myroute", "POST", "/r/myapp/myroute", `{ "name": "Teste" }`, http.StatusUnauthorized, 0}, 35 // {"execute myroute2", "POST", "/r/myapp/myroute2", `{ "name": "Teste" }`, http.StatusUnauthorized, 0}, 36 {"execute myroute", "POST", "/r/myapp/myroute", `{ "name": "Teste" }`, http.StatusNotFound, 0}, 37 {"execute myroute2", "POST", "/r/myapp/myroute2", `{ "name": "Teste" }`, http.StatusNotFound, 0}, 38 {"delete myroute", "DELETE", "/v1/apps/myapp/routes/myroute", ``, http.StatusUnauthorized, 0}, 39 {"delete app (fail)", "DELETE", "/v1/apps/myapp", ``, http.StatusUnauthorized, 0}, 40 {"delete myroute2", "DELETE", "/v1/apps/myapp/routes/myroute2", ``, http.StatusUnauthorized, 0}, 41 {"delete app (success)", "DELETE", "/v1/apps/myapp", ``, http.StatusUnauthorized, 0}, 42 {"get deleted app", "GET", "/v1/apps/myapp", ``, http.StatusUnauthorized, 0}, 43 {"get deleteds route on deleted app", "GET", "/v1/apps/myapp/routes/myroute", ``, http.StatusUnauthorized, 0}, 44 } 45 46 func routerRequestWithAuth(t *testing.T, router *gin.Engine, method, path string, body io.Reader, setAuth func(*http.Request)) (*http.Request, *httptest.ResponseRecorder) { 47 req, err := http.NewRequest(method, "http://127.0.0.1:8080"+path, body) 48 setAuth(req) 49 if err != nil { 50 t.Fatalf("Test: Could not create %s request to %s: %v", method, path, err) 51 } 52 53 rec := httptest.NewRecorder() 54 router.ServeHTTP(rec, req) 55 56 return req, rec 57 } 58 59 func setJwtAuth(req *http.Request) { 60 if jwtAuthKey := viper.GetString("jwt_auth_key"); jwtAuthKey != "" { 61 jwtToken, err := common.GetJwt(jwtAuthKey, 60*60) 62 if err == nil { 63 req.Header.Set("Authorization", fmt.Sprintf("Bearer %v", jwtToken)) 64 } 65 } 66 } 67 68 func setBrokenJwtAuth(req *http.Request) { 69 req.Header.Set("Authorization", fmt.Sprintf("Bearer %v", "broken token")) 70 } 71 72 func TestFullStackWithAuth(t *testing.T) { 73 viper.Set("jwt_auth_key", "test") 74 testFullStack(t, setJwtAuth, testSuite) 75 teardown() 76 } 77 78 func TestFullStackWithBrokenAuth(t *testing.T) { 79 viper.Set("jwt_auth_key", "test") 80 testFullStack(t, setBrokenJwtAuth, UnAuthtestSuite) 81 teardown() 82 }