uppal/cgrates
1
0
Fork 1
mirror of https://github.com/cgrates/cgrates.git synced 2026-02-11 18:16:24 +05:00
Code Issues Packages Projects Releases Wiki Activity

Updated tests for basic authorization

Browse Source
This commit is contained in:
adragusin
2019-11-06 11:53:11 +02:00
committed by Dan Christian Bogos
parent ba533bd706
commit f8f37304ce
1 changed files with 111 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
utils/basic_auth_test.go
View File

@@ -17,7 +17,116 @@ along with this program. If not, see <http://www.gnu.org/licenses/>
*/
package utils
import "testing"
import (
"encoding/base64"
"net/http"
"net/http/httptest"
"testing"
)
func TestUse(t *testing.T) {
runned := 0
mid := func(h http.HandlerFunc) http.HandlerFunc {
runned++
return h
}
g := use(func(http.ResponseWriter, *http.Request) {}, mid, mid)
g(nil, nil)
if runned != 2 {
t.Error("Expecting something")
}
}
func TestBasicAuth(t *testing.T) {
midle := basicAuth(map[string]string{"1001": "MTIzNA=="})
var runned bool
toTest := midle(func(http.ResponseWriter, *http.Request) {
runned = true
})
req, err := http.NewRequest("GET", "/api/users", nil)
if err != nil {
t.Fatal(err)
}
req.Header.Set("Authorization", "Get "+base64.StdEncoding.EncodeToString([]byte("1001:1234")))
rr := httptest.NewRecorder()
toTest.ServeHTTP(rr, req)
if !runned {
t.Error("ResponseWrite error")
}
if rr.Result().Header.Get("WWW-Authenticate") != `Basic realm="Restricted"` {
t.Error("Expecting: Basic realm=Restricted, received: ", rr.Result().Header.Get("WWW-Authenticate"))
}
//part 1 -> <BasicAuth> Missing authorization header value
runned = false
req, err = http.NewRequest("GET", "/api/users", nil)
if err != nil {
t.Fatal(err)
}
req.Header.Set("missing", "Get "+base64.StdEncoding.EncodeToString([]byte("1001:1234")))
rr = httptest.NewRecorder()
toTest.ServeHTTP(rr, req)
if runned {
t.Error("ResponseWrite error")
}
if rr.Result().Header.Get("WWW-Authenticate") != `Basic realm="Restricted"` {
t.Error("Expecting: Basic realm=Restricted, received: ", rr.Result().Header.Get("WWW-Authenticate"))
}
//part 2 -> <BasicAuth> Unable to decode authorization header
runned = false
req, err = http.NewRequest("GET", "/api/users", nil)
if err != nil {
t.Fatal(err)
}
req.Header.Set("Authorization", "Get WRONG STRING "+base64.StdEncoding.EncodeToString([]byte("1001:1234")))
rr = httptest.NewRecorder()
toTest.ServeHTTP(rr, req)
if runned {
t.Error("ResponseWrite error")
}
if rr.Result().Header.Get("WWW-Authenticate") != `Basic realm="Restricted"` {
t.Error("Expecting: Basic realm=Restricted, received: ", rr.Result().Header.Get("WWW-Authenticate"))
}
//part 3 -> <BasicAuth> Unauthorized API access. Missing or extra credential components
runned = false
req, err = http.NewRequest("GET", "/api/users", nil)
if err != nil {
t.Fatal(err)
}
req.Header.Set("Authorization", "Get "+base64.StdEncoding.EncodeToString([]byte("10011234")))
rr = httptest.NewRecorder()
toTest.ServeHTTP(rr, req)
if runned {
t.Error("ResponseWrite error")
}
if rr.Result().Header.Get("WWW-Authenticate") != `Basic realm="Restricted"` {
t.Error("Expecting: Basic realm=Restricted, received: ", rr.Result().Header.Get("WWW-Authenticate"))
}
//part 4 -> <BasicAuth> Unauthorized API access by user
runned = false
req, err = http.NewRequest("GET", "/api/users", nil)
if err != nil {
t.Fatal(err)
}
req.Header.Set("Authorization", "Get "+base64.StdEncoding.EncodeToString([]byte("1001:1235")))
rr = httptest.NewRecorder()
toTest.ServeHTTP(rr, req)
if runned {
t.Error("ResponseWrite error")
}
if rr.Result().Header.Get("WWW-Authenticate") != `Basic realm="Restricted"` {
t.Error("Expecting: Basic realm=Restricted, received: ", rr.Result().Header.Get("WWW-Authenticate"))
}
}
func TestVerifyCredential(t *testing.T) {
var hashedPasswords = map[string]string{
@@ -36,6 +145,7 @@ func TestVerifyCredential(t *testing.T) {
{"foo", "bar", map[string]string{"test": "1234", "foo": hashedPasswords["bar"]}, true},
{"foo", "1234", map[string]string{"test": "1234", "foo": hashedPasswords["bar"]}, false},
{"none", "1234", map[string]string{"test": "1234", "foo": hashedPasswords["bar"]}, false},
{"test", "1234", map[string]string{"test": "1234" + string(0), "foo": hashedPasswords["bar"]}, false},
}
for _, tt := range verifyCredentialTests {