github.com/volatiletech/authboss@v2.4.1+incompatible/client_state_test.go (about) 1 package authboss 2 3 import ( 4 "io" 5 "net/http/httptest" 6 "strings" 7 "testing" 8 ) 9 10 func TestStateGet(t *testing.T) { 11 t.Parallel() 12 13 ab := New() 14 ab.Storage.SessionState = newMockClientStateRW("one", "two") 15 ab.Storage.CookieState = newMockClientStateRW("three", "four") 16 17 r := httptest.NewRequest("GET", "/", nil) 18 w := ab.NewResponse(httptest.NewRecorder()) 19 20 var err error 21 r, err = ab.LoadClientState(w, r) 22 if err != nil { 23 t.Error(err) 24 } 25 26 if got, _ := GetSession(r, "one"); got != "two" { 27 t.Error("session value was wrong:", got) 28 } 29 if got, _ := GetCookie(r, "three"); got != "four" { 30 t.Error("cookie value was wrong:", got) 31 } 32 } 33 34 func TestStateResponseWriterDoubleWritePanic(t *testing.T) { 35 t.Parallel() 36 37 ab := New() 38 ab.Storage.SessionState = newMockClientStateRW("one", "two") 39 40 w := ab.NewResponse(httptest.NewRecorder()) 41 42 w.WriteHeader(200) 43 // Check this doesn't panic 44 w.WriteHeader(200) 45 46 defer func() { 47 if recover() == nil { 48 t.Error("expected a panic") 49 } 50 }() 51 52 _ = w.putClientState() 53 } 54 55 func TestStateResponseWriterLastSecondWriteHeader(t *testing.T) { 56 t.Parallel() 57 58 ab := New() 59 ab.Storage.SessionState = newMockClientStateRW() 60 61 w := ab.NewResponse(httptest.NewRecorder()) 62 63 PutSession(w, "one", "two") 64 65 w.WriteHeader(200) 66 got := strings.TrimSpace(w.Header().Get("test_session")) 67 if got != `{"one":"two"}` { 68 t.Error("got:", got) 69 } 70 } 71 72 func TestStateResponseWriterLastSecondWriteWrite(t *testing.T) { 73 t.Parallel() 74 75 ab := New() 76 ab.Storage.SessionState = newMockClientStateRW() 77 78 w := ab.NewResponse(httptest.NewRecorder()) 79 80 PutSession(w, "one", "two") 81 82 io.WriteString(w, "Hello world!") 83 84 got := strings.TrimSpace(w.Header().Get("test_session")) 85 if got != `{"one":"two"}` { 86 t.Error("got:", got) 87 } 88 } 89 90 func TestStateResponseWriterEvents(t *testing.T) { 91 t.Parallel() 92 93 ab := New() 94 w := ab.NewResponse(httptest.NewRecorder()) 95 96 PutSession(w, "one", "two") 97 DelSession(w, "one") 98 DelCookie(w, "one") 99 PutCookie(w, "two", "one") 100 101 want := ClientStateEvent{Kind: ClientStateEventPut, Key: "one", Value: "two"} 102 if got := w.sessionStateEvents[0]; got != want { 103 t.Error("event was wrong", got) 104 } 105 106 want = ClientStateEvent{Kind: ClientStateEventDel, Key: "one"} 107 if got := w.sessionStateEvents[1]; got != want { 108 t.Error("event was wrong", got) 109 } 110 111 want = ClientStateEvent{Kind: ClientStateEventDel, Key: "one"} 112 if got := w.cookieStateEvents[0]; got != want { 113 t.Error("event was wrong", got) 114 } 115 116 want = ClientStateEvent{Kind: ClientStateEventPut, Key: "two", Value: "one"} 117 if got := w.cookieStateEvents[1]; got != want { 118 t.Error("event was wrong", got) 119 } 120 } 121 122 func TestFlashClearer(t *testing.T) { 123 t.Parallel() 124 125 ab := New() 126 ab.Storage.SessionState = newMockClientStateRW(FlashSuccessKey, "a", FlashErrorKey, "b") 127 128 r := httptest.NewRequest("GET", "/", nil) 129 w := ab.NewResponse(httptest.NewRecorder()) 130 131 if msg := FlashSuccess(w, r); msg != "" { 132 t.Error("unexpected flash success:", msg) 133 } 134 135 if msg := FlashError(w, r); msg != "" { 136 t.Error("unexpected flash error:", msg) 137 } 138 139 var err error 140 r, err = ab.LoadClientState(w, r) 141 if err != nil { 142 t.Error(err) 143 } 144 145 if msg := FlashSuccess(w, r); msg != "a" { 146 t.Error("Unexpected flash success:", msg) 147 } 148 149 if msg := FlashError(w, r); msg != "b" { 150 t.Error("Unexpected flash error:", msg) 151 } 152 153 want := ClientStateEvent{Kind: ClientStateEventDel, Key: FlashSuccessKey} 154 if got := w.sessionStateEvents[0]; got != want { 155 t.Error("event was wrong", got) 156 } 157 want = ClientStateEvent{Kind: ClientStateEventDel, Key: FlashErrorKey} 158 if got := w.sessionStateEvents[1]; got != want { 159 t.Error("event was wrong", got) 160 } 161 } 162 163 func TestDelAllSession(t *testing.T) { 164 t.Parallel() 165 166 csrw := &ClientStateResponseWriter{} 167 168 DelAllSession(csrw, []string{"notthisone", "orthis"}) 169 170 if len(csrw.sessionStateEvents) != 1 { 171 t.Error("should have one delete all") 172 } 173 if ev := csrw.sessionStateEvents[0]; ev.Kind != ClientStateEventDelAll { 174 t.Error("it should be a delete all event:", ev.Kind) 175 } else if ev.Key != "notthisone,orthis" { 176 t.Error("the whitelist should be passed through as CSV:", ev.Key) 177 } 178 } 179 180 func TestDelKnown(t *testing.T) { 181 t.Parallel() 182 183 csrw := &ClientStateResponseWriter{} 184 185 DelKnownSession(csrw) 186 DelKnownCookie(csrw) 187 188 mustBeDel := func(ev ClientStateEvent) { 189 t.Helper() 190 if ev.Kind != ClientStateEventDel { 191 t.Error("events should all be deletes") 192 } 193 } 194 195 if len(csrw.sessionStateEvents) != 3 { 196 t.Error("should have deleted 3 session entries") 197 } 198 mustBeDel(csrw.sessionStateEvents[0]) 199 mustBeDel(csrw.sessionStateEvents[1]) 200 mustBeDel(csrw.sessionStateEvents[2]) 201 202 for i, key := range []string{SessionKey, SessionHalfAuthKey, SessionLastAction} { 203 if sessionKey := csrw.sessionStateEvents[i].Key; key != sessionKey { 204 t.Errorf("%d) key was wrong, want: %s, got: %s", i, key, sessionKey) 205 } 206 } 207 208 if len(csrw.cookieStateEvents) != 1 { 209 t.Error("should have deleted 1 cookie") 210 } 211 mustBeDel(csrw.cookieStateEvents[0]) 212 if key := csrw.cookieStateEvents[0].Key; key != CookieRemember { 213 t.Error("cookie key was wrong:", key) 214 } 215 }