github.com/volatiletech/authboss@v2.4.1+incompatible/expire/expire_test.go

github.com/volatiletech/authboss@v2.4.1+incompatible/expire/expire_test.go (about)

     1  package expire
     2  
     3  import (
     4  	"context"
     5  	"net/http"
     6  	"net/http/httptest"
     7  	"testing"
     8  	"time"
     9  
    10  	"github.com/volatiletech/authboss"
    11  	"github.com/volatiletech/authboss/mocks"
    12  )
    13  
    14  func TestExpireSetup(t *testing.T) {
    15  	ab := authboss.New()
    16  
    17  	clientRW := mocks.NewClientRW()
    18  	ab.Storage.SessionState = clientRW
    19  
    20  	Setup(ab)
    21  
    22  	w := httptest.NewRecorder()
    23  	wr := ab.NewResponse(w)
    24  
    25  	handled, err := ab.Events.FireAfter(authboss.EventAuth, wr, nil)
    26  	if handled {
    27  		t.Error("it should not handle the event")
    28  	}
    29  	if err != nil {
    30  		t.Error(err)
    31  	}
    32  
    33  	wr.WriteHeader(http.StatusOK)
    34  	if _, ok := clientRW.ClientValues[authboss.SessionLastAction]; !ok {
    35  		t.Error("last action should have been set")
    36  	}
    37  }
    38  
    39  func TestExpireIsExpired(t *testing.T) {
    40  	ab := authboss.New()
    41  
    42  	clientRW := mocks.NewClientRW()
    43  	clientRW.ClientValues[authboss.SessionKey] = "username"
    44  	clientRW.ClientValues[authboss.SessionLastAction] = time.Now().UTC().Format(time.RFC3339)
    45  	ab.Storage.SessionState = clientRW
    46  
    47  	r := httptest.NewRequest("GET", "/", nil)
    48  	r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyPID, "primaryid"))
    49  	r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, struct{}{}))
    50  	w := ab.NewResponse(httptest.NewRecorder())
    51  	r, err := ab.LoadClientState(w, r)
    52  	if err != nil {
    53  		t.Error(err)
    54  	}
    55  
    56  	// No t.Parallel() - Also must be after refreshExpiry() call
    57  	nowTime = func() time.Time {
    58  		return time.Now().UTC().Add(time.Hour * 2)
    59  	}
    60  	defer func() {
    61  		nowTime = time.Now
    62  	}()
    63  
    64  	called := false
    65  	hadUser := false
    66  	m := Middleware(ab)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    67  		called = true
    68  
    69  		if r.Context().Value(authboss.CTXKeyPID) != nil {
    70  			hadUser = true
    71  		}
    72  		if r.Context().Value(authboss.CTXKeyUser) != nil {
    73  			hadUser = true
    74  		}
    75  	}))
    76  
    77  	m.ServeHTTP(w, r)
    78  
    79  	if !called {
    80  		t.Error("expected middleware to call handler")
    81  	}
    82  	if hadUser {
    83  		t.Error("expected user not to be present")
    84  	}
    85  
    86  	w.WriteHeader(200)
    87  	if _, ok := clientRW.ClientValues[authboss.SessionKey]; ok {
    88  		t.Error("this key should have been deleted\n", clientRW)
    89  	}
    90  	if _, ok := clientRW.ClientValues[authboss.SessionLastAction]; ok {
    91  		t.Error("this key should have been deleted\n", clientRW)
    92  	}
    93  }
    94  
    95  func TestExpireNotExpired(t *testing.T) {
    96  	ab := authboss.New()
    97  	clientRW := mocks.NewClientRW()
    98  	clientRW.ClientValues[authboss.SessionKey] = "username"
    99  	clientRW.ClientValues[authboss.SessionLastAction] = time.Now().UTC().Format(time.RFC3339)
   100  	ab.Storage.SessionState = clientRW
   101  
   102  	var err error
   103  
   104  	r := httptest.NewRequest("GET", "/", nil)
   105  	r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyPID, "primaryid"))
   106  	r = r.WithContext(context.WithValue(r.Context(), authboss.CTXKeyUser, struct{}{}))
   107  	w := ab.NewResponse(httptest.NewRecorder())
   108  	r, err = ab.LoadClientState(w, r)
   109  	if err != nil {
   110  		t.Error(err)
   111  	}
   112  
   113  	// No t.Parallel() - Also must be after refreshExpiry() call
   114  	newTime := time.Now().UTC().Add(ab.Modules.ExpireAfter / 2)
   115  	nowTime = func() time.Time {
   116  		return newTime
   117  	}
   118  	defer func() {
   119  		nowTime = time.Now
   120  	}()
   121  
   122  	called := false
   123  	hadUser := true
   124  	m := Middleware(ab)(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
   125  		called = true
   126  
   127  		if r.Context().Value(authboss.CTXKeyPID) == nil {
   128  			hadUser = false
   129  		}
   130  		if r.Context().Value(authboss.CTXKeyUser) == nil {
   131  			hadUser = false
   132  		}
   133  	}))
   134  
   135  	m.ServeHTTP(w, r)
   136  
   137  	if !called {
   138  		t.Error("expected middleware to call handler")
   139  	}
   140  	if !hadUser {
   141  		t.Error("expected user to be present")
   142  	}
   143  
   144  	want := newTime.Format(time.RFC3339)
   145  	w.WriteHeader(200)
   146  	if last, ok := clientRW.ClientValues[authboss.SessionLastAction]; !ok {
   147  		t.Error("this key should be present", clientRW)
   148  	} else if want != last {
   149  		t.Error("want:", want, "got:", last)
   150  	}
   151  }
   152  
   153  func TestExpireTimeToExpiry(t *testing.T) {
   154  	t.Parallel()
   155  
   156  	r := httptest.NewRequest("GET", "/", nil)
   157  
   158  	want := 5 * time.Second
   159  	dur := TimeToExpiry(r, want)
   160  	if dur != want {
   161  		t.Error("duration was wrong:", dur)
   162  	}
   163  }
   164  
   165  func TestExpireRefreshExpiry(t *testing.T) {
   166  	t.Parallel()
   167  
   168  	ab := authboss.New()
   169  	clientRW := mocks.NewClientRW()
   170  	ab.Storage.SessionState = clientRW
   171  	r := httptest.NewRequest("GET", "/", nil)
   172  	w := ab.NewResponse(httptest.NewRecorder())
   173  
   174  	RefreshExpiry(w, r)
   175  	w.WriteHeader(200)
   176  	if _, ok := clientRW.ClientValues[authboss.SessionLastAction]; !ok {
   177  		t.Error("this key should have been set")
   178  	}
   179  }