github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/auth/token_provider_test.go (about)

     1  /*
     2   * Copyright 2020 The Compass Authors
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package auth_test
    18  
    19  import (
    20  	"bytes"
    21  	"context"
    22  	"fmt"
    23  	"io"
    24  	"net/http"
    25  
    26  	"github.com/kyma-incubator/compass/components/director/pkg/apperrors"
    27  	"github.com/kyma-incubator/compass/components/director/pkg/auth"
    28  	httputilsfakes "github.com/kyma-incubator/compass/components/system-broker/pkg/http/httpfakes"
    29  	"github.com/pkg/errors"
    30  
    31  	"testing"
    32  
    33  	"github.com/stretchr/testify/suite"
    34  )
    35  
    36  func TestTokenAuthorizationProviderTestSuite(t *testing.T) {
    37  	suite.Run(t, new(TokenAuthorizationProviderTestSuite))
    38  }
    39  
    40  type TokenAuthorizationProviderTestSuite struct {
    41  	suite.Suite
    42  }
    43  
    44  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_New() {
    45  	provider := auth.NewTokenAuthorizationProvider(nil)
    46  	suite.Require().NotNil(provider)
    47  }
    48  
    49  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_Name() {
    50  	provider := auth.NewTokenAuthorizationProvider(nil)
    51  
    52  	name := provider.Name()
    53  
    54  	suite.Require().Equal(name, "TokenAuthorizationProvider")
    55  }
    56  
    57  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_Matches() {
    58  	provider := auth.NewTokenAuthorizationProvider(nil)
    59  
    60  	matches := provider.Matches(auth.SaveToContext(context.Background(), &auth.OAuthCredentials{}))
    61  	suite.Require().Equal(matches, true)
    62  }
    63  
    64  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_DoesNotMatchWhenBasicCredentialsInContext() {
    65  	provider := auth.NewTokenAuthorizationProvider(nil)
    66  
    67  	matches := provider.Matches(auth.SaveToContext(context.Background(), &auth.BasicCredentials{}))
    68  	suite.Require().Equal(matches, false)
    69  }
    70  
    71  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_DoesNotMatchNoCredentialsInContext() {
    72  	provider := auth.NewTokenAuthorizationProvider(nil)
    73  
    74  	matches := provider.Matches(context.TODO())
    75  	suite.Require().Equal(matches, false)
    76  }
    77  
    78  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorization() {
    79  	fakeTkn := "fake-token"
    80  	fakeClient := &httputilsfakes.FakeClient{}
    81  	fakeClient.DoReturns(&http.Response{
    82  		StatusCode: http.StatusOK,
    83  		Body:       io.NopCloser(bytes.NewReader([]byte(fmt.Sprintf(`{"access_token": "%s"}`, fakeTkn)))),
    84  	}, nil)
    85  
    86  	provider := auth.NewTokenAuthorizationProvider(fakeClient)
    87  
    88  	clientID, clientSecret, tokenURL, scopes := "client-id", "client-secret", "https://test-domain.com/oauth/token", "scopes"
    89  	ctx := auth.SaveToContext(context.Background(), &auth.OAuthCredentials{
    90  		ClientID:          clientID,
    91  		ClientSecret:      clientSecret,
    92  		TokenURL:          tokenURL,
    93  		Scopes:            scopes,
    94  		AdditionalHeaders: map[string]string{"h1": "v1"},
    95  	})
    96  	authorization, err := provider.GetAuthorization(ctx)
    97  
    98  	suite.Require().NoError(err)
    99  	suite.Require().NotEmpty(authorization)
   100  
   101  	suite.Require().Equal("Bearer "+fakeTkn, authorization)
   102  }
   103  
   104  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorizationFailsWhenRequestFails() {
   105  	mockedErr := errors.New("test error")
   106  	fakeClient := &httputilsfakes.FakeClient{}
   107  	fakeClient.DoReturns(nil, mockedErr)
   108  
   109  	provider := auth.NewTokenAuthorizationProvider(fakeClient)
   110  
   111  	ctx := auth.SaveToContext(context.Background(), &auth.OAuthCredentials{})
   112  	authorization, err := provider.GetAuthorization(ctx)
   113  
   114  	suite.Require().Error(err)
   115  	suite.Require().Contains(err.Error(), mockedErr.Error())
   116  	suite.Require().Empty(authorization)
   117  }
   118  
   119  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorizationFailsWhenNoCredentialsInContext() {
   120  	provider := auth.NewTokenAuthorizationProvider(nil)
   121  
   122  	authorization, err := provider.GetAuthorization(context.TODO())
   123  
   124  	suite.Require().Error(err)
   125  	suite.Require().True(apperrors.IsNotFoundError(err))
   126  	suite.Require().Empty(authorization)
   127  }
   128  
   129  func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorizationFailsWhenBasicCredentialsAreInContext() {
   130  	provider := auth.NewTokenAuthorizationProvider(nil)
   131  
   132  	authorization, err := provider.GetAuthorization(auth.SaveToContext(context.Background(), &auth.BasicCredentials{}))
   133  
   134  	suite.Require().Error(err)
   135  	suite.Require().Contains(err.Error(), "failed to cast credentials to oauth credentials type")
   136  	suite.Require().Empty(authorization)
   137  }