github.com/jghiloni/cli@v6.28.1-0.20170628223758-0ce05fe032a2+incompatible/api/uaa/wrapper/uaa_authentication_test.go (about) 1 package wrapper_test 2 3 import ( 4 "errors" 5 "fmt" 6 "io/ioutil" 7 "net/http" 8 "net/url" 9 "strings" 10 11 "code.cloudfoundry.org/cli/api/uaa" 12 "code.cloudfoundry.org/cli/api/uaa/uaafakes" 13 . "code.cloudfoundry.org/cli/api/uaa/wrapper" 14 "code.cloudfoundry.org/cli/api/uaa/wrapper/util" 15 "code.cloudfoundry.org/cli/api/uaa/wrapper/wrapperfakes" 16 . "github.com/onsi/ginkgo" 17 . "github.com/onsi/gomega" 18 ) 19 20 var _ = Describe("UAA Authentication", func() { 21 var ( 22 fakeConnection *uaafakes.FakeConnection 23 fakeClient *wrapperfakes.FakeUAAClient 24 inMemoryCache *util.InMemoryCache 25 26 wrapper uaa.Connection 27 request *http.Request 28 ) 29 30 BeforeEach(func() { 31 fakeConnection = new(uaafakes.FakeConnection) 32 fakeClient = new(wrapperfakes.FakeUAAClient) 33 inMemoryCache = util.NewInMemoryTokenCache() 34 35 inner := NewUAAAuthentication(fakeClient, inMemoryCache) 36 wrapper = inner.Wrap(fakeConnection) 37 }) 38 39 Describe("Make", func() { 40 Context("when the token is valid", func() { 41 BeforeEach(func() { 42 request = &http.Request{ 43 Header: http.Header{}, 44 } 45 inMemoryCache.SetAccessToken("a-ok") 46 }) 47 48 It("adds authentication headers", func() { 49 err := wrapper.Make(request, nil) 50 Expect(err).ToNot(HaveOccurred()) 51 52 Expect(fakeConnection.MakeCallCount()).To(Equal(1)) 53 authenticatedRequest, _ := fakeConnection.MakeArgsForCall(0) 54 headers := authenticatedRequest.Header 55 Expect(headers["Authorization"]).To(ConsistOf([]string{"a-ok"})) 56 }) 57 58 Context("when the request already has headers", func() { 59 It("preserves existing headers", func() { 60 request.Header.Add("Existing", "header") 61 err := wrapper.Make(request, nil) 62 Expect(err).ToNot(HaveOccurred()) 63 64 Expect(fakeConnection.MakeCallCount()).To(Equal(1)) 65 authenticatedRequest, _ := fakeConnection.MakeArgsForCall(0) 66 headers := authenticatedRequest.Header 67 Expect(headers["Existing"]).To(ConsistOf([]string{"header"})) 68 }) 69 }) 70 71 Context("when the wrapped connection returns nil", func() { 72 It("returns nil", func() { 73 fakeConnection.MakeReturns(nil) 74 75 err := wrapper.Make(request, nil) 76 Expect(err).ToNot(HaveOccurred()) 77 }) 78 }) 79 80 Context("when the wrapped connection returns an error", func() { 81 It("returns the error", func() { 82 innerError := errors.New("inner error") 83 fakeConnection.MakeReturns(innerError) 84 85 err := wrapper.Make(request, nil) 86 Expect(err).To(Equal(innerError)) 87 }) 88 }) 89 }) 90 91 Context("when the token is invalid", func() { 92 var expectedBody string 93 94 BeforeEach(func() { 95 expectedBody = "this body content should be preserved" 96 request, err := http.NewRequest( 97 http.MethodGet, 98 server.URL(), 99 ioutil.NopCloser(strings.NewReader(expectedBody)), 100 ) 101 Expect(err).NotTo(HaveOccurred()) 102 103 makeCount := 0 104 fakeConnection.MakeStub = func(request *http.Request, response *uaa.Response) error { 105 body, err := ioutil.ReadAll(request.Body) 106 Expect(err).NotTo(HaveOccurred()) 107 Expect(string(body)).To(Equal(expectedBody)) 108 109 if makeCount == 0 { 110 makeCount += 1 111 return uaa.InvalidAuthTokenError{} 112 } else { 113 return nil 114 } 115 } 116 117 fakeClient.RefreshAccessTokenReturns( 118 uaa.RefreshToken{ 119 AccessToken: "foobar-2", 120 RefreshToken: "bananananananana", 121 Type: "bearer", 122 }, 123 nil, 124 ) 125 126 inMemoryCache.SetAccessToken("what") 127 128 err = wrapper.Make(request, nil) 129 Expect(err).ToNot(HaveOccurred()) 130 }) 131 132 It("should refresh the token", func() { 133 Expect(fakeClient.RefreshAccessTokenCallCount()).To(Equal(1)) 134 }) 135 136 It("should resend the request", func() { 137 Expect(fakeConnection.MakeCallCount()).To(Equal(2)) 138 139 request, _ := fakeConnection.MakeArgsForCall(1) 140 Expect(request.Header.Get("Authorization")).To(Equal("bearer foobar-2")) 141 }) 142 143 It("should save the refresh token", func() { 144 Expect(inMemoryCache.RefreshToken()).To(Equal("bananananananana")) 145 }) 146 }) 147 148 Context("when refreshing the token", func() { 149 var originalAuthHeader string 150 BeforeEach(func() { 151 body := strings.NewReader(url.Values{ 152 "grant_type": {"refresh_token"}, 153 }.Encode()) 154 155 request, err := http.NewRequest("POST", fmt.Sprintf("%s/oauth/token", server.URL()), body) 156 Expect(err).NotTo(HaveOccurred()) 157 request.SetBasicAuth("some-user", "some-password") 158 originalAuthHeader = request.Header.Get("Authorization") 159 160 inMemoryCache.SetAccessToken("some-access-token") 161 162 err = wrapper.Make(request, nil) 163 Expect(err).ToNot(HaveOccurred()) 164 }) 165 166 It("does not change the 'Authorization' header", func() { 167 Expect(fakeConnection.MakeCallCount()).To(Equal(1)) 168 169 request, _ := fakeConnection.MakeArgsForCall(0) 170 Expect(request.Header.Get("Authorization")).To(Equal(originalAuthHeader)) 171 }) 172 }) 173 174 Context("when logging in", func() { 175 var originalAuthHeader string 176 BeforeEach(func() { 177 body := strings.NewReader(url.Values{ 178 "grant_type": {"password"}, 179 }.Encode()) 180 181 request, err := http.NewRequest("POST", fmt.Sprintf("%s/oauth/token", server.URL()), body) 182 Expect(err).NotTo(HaveOccurred()) 183 request.SetBasicAuth("some-user", "some-password") 184 originalAuthHeader = request.Header.Get("Authorization") 185 186 inMemoryCache.SetAccessToken("some-access-token") 187 188 err = wrapper.Make(request, nil) 189 Expect(err).ToNot(HaveOccurred()) 190 }) 191 192 It("does not change the 'Authorization' header", func() { 193 Expect(fakeConnection.MakeCallCount()).To(Equal(1)) 194 195 request, _ := fakeConnection.MakeArgsForCall(0) 196 Expect(request.Header.Get("Authorization")).To(Equal(originalAuthHeader)) 197 }) 198 }) 199 }) 200 })