github.com/kyma-incubator/compass/components/director@v0.0.0-20230623144113-d764f56ff805/pkg/auth/token_provider_test.go (about) 1 /* 2 * Copyright 2020 The Compass Authors 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package auth_test 18 19 import ( 20 "bytes" 21 "context" 22 "fmt" 23 "io" 24 "net/http" 25 26 "github.com/kyma-incubator/compass/components/director/pkg/apperrors" 27 "github.com/kyma-incubator/compass/components/director/pkg/auth" 28 httputilsfakes "github.com/kyma-incubator/compass/components/system-broker/pkg/http/httpfakes" 29 "github.com/pkg/errors" 30 31 "testing" 32 33 "github.com/stretchr/testify/suite" 34 ) 35 36 func TestTokenAuthorizationProviderTestSuite(t *testing.T) { 37 suite.Run(t, new(TokenAuthorizationProviderTestSuite)) 38 } 39 40 type TokenAuthorizationProviderTestSuite struct { 41 suite.Suite 42 } 43 44 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_New() { 45 provider := auth.NewTokenAuthorizationProvider(nil) 46 suite.Require().NotNil(provider) 47 } 48 49 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_Name() { 50 provider := auth.NewTokenAuthorizationProvider(nil) 51 52 name := provider.Name() 53 54 suite.Require().Equal(name, "TokenAuthorizationProvider") 55 } 56 57 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_Matches() { 58 provider := auth.NewTokenAuthorizationProvider(nil) 59 60 matches := provider.Matches(auth.SaveToContext(context.Background(), &auth.OAuthCredentials{})) 61 suite.Require().Equal(matches, true) 62 } 63 64 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_DoesNotMatchWhenBasicCredentialsInContext() { 65 provider := auth.NewTokenAuthorizationProvider(nil) 66 67 matches := provider.Matches(auth.SaveToContext(context.Background(), &auth.BasicCredentials{})) 68 suite.Require().Equal(matches, false) 69 } 70 71 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_DoesNotMatchNoCredentialsInContext() { 72 provider := auth.NewTokenAuthorizationProvider(nil) 73 74 matches := provider.Matches(context.TODO()) 75 suite.Require().Equal(matches, false) 76 } 77 78 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorization() { 79 fakeTkn := "fake-token" 80 fakeClient := &httputilsfakes.FakeClient{} 81 fakeClient.DoReturns(&http.Response{ 82 StatusCode: http.StatusOK, 83 Body: io.NopCloser(bytes.NewReader([]byte(fmt.Sprintf(`{"access_token": "%s"}`, fakeTkn)))), 84 }, nil) 85 86 provider := auth.NewTokenAuthorizationProvider(fakeClient) 87 88 clientID, clientSecret, tokenURL, scopes := "client-id", "client-secret", "https://test-domain.com/oauth/token", "scopes" 89 ctx := auth.SaveToContext(context.Background(), &auth.OAuthCredentials{ 90 ClientID: clientID, 91 ClientSecret: clientSecret, 92 TokenURL: tokenURL, 93 Scopes: scopes, 94 AdditionalHeaders: map[string]string{"h1": "v1"}, 95 }) 96 authorization, err := provider.GetAuthorization(ctx) 97 98 suite.Require().NoError(err) 99 suite.Require().NotEmpty(authorization) 100 101 suite.Require().Equal("Bearer "+fakeTkn, authorization) 102 } 103 104 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorizationFailsWhenRequestFails() { 105 mockedErr := errors.New("test error") 106 fakeClient := &httputilsfakes.FakeClient{} 107 fakeClient.DoReturns(nil, mockedErr) 108 109 provider := auth.NewTokenAuthorizationProvider(fakeClient) 110 111 ctx := auth.SaveToContext(context.Background(), &auth.OAuthCredentials{}) 112 authorization, err := provider.GetAuthorization(ctx) 113 114 suite.Require().Error(err) 115 suite.Require().Contains(err.Error(), mockedErr.Error()) 116 suite.Require().Empty(authorization) 117 } 118 119 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorizationFailsWhenNoCredentialsInContext() { 120 provider := auth.NewTokenAuthorizationProvider(nil) 121 122 authorization, err := provider.GetAuthorization(context.TODO()) 123 124 suite.Require().Error(err) 125 suite.Require().True(apperrors.IsNotFoundError(err)) 126 suite.Require().Empty(authorization) 127 } 128 129 func (suite *TokenAuthorizationProviderTestSuite) TestTokenAuthorizationProvider_GetAuthorizationFailsWhenBasicCredentialsAreInContext() { 130 provider := auth.NewTokenAuthorizationProvider(nil) 131 132 authorization, err := provider.GetAuthorization(auth.SaveToContext(context.Background(), &auth.BasicCredentials{})) 133 134 suite.Require().Error(err) 135 suite.Require().Contains(err.Error(), "failed to cast credentials to oauth credentials type") 136 suite.Require().Empty(authorization) 137 }