diff options
| author | Greg Steuck <gnezdo@google.com> | 2021-07-28 11:03:25 -0700 |
|---|---|---|
| committer | Dmitry Vyukov <dvyukov@google.com> | 2021-07-30 18:21:17 +0200 |
| commit | 5bfcec7dfd4ba51d38b41cea770ecc96e7e59d4d (patch) | |
| tree | ef129d2b1e22acfd1c790c8189d7776a82daba91 /dashboard/app/auth_test.go | |
| parent | 14f590a6a765d9fbe53e2f7bacb5d9f6d7cb9063 (diff) | |
pkg/auth: move auth code into a new package for reuse in syz-hub
Diffstat (limited to 'dashboard/app/auth_test.go')
| -rw-r--r-- | dashboard/app/auth_test.go | 99 |
1 files changed, 0 insertions, 99 deletions
diff --git a/dashboard/app/auth_test.go b/dashboard/app/auth_test.go deleted file mode 100644 index c6d5fba23..000000000 --- a/dashboard/app/auth_test.go +++ /dev/null @@ -1,99 +0,0 @@ -// Copyright 2017 syzkaller project authors. All rights reserved. -// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. - -package main - -import ( - "encoding/json" - "fmt" - "net/http" - "net/http/httptest" - "strings" - "testing" - "time" - - "github.com/google/syzkaller/dashboard/dashapi" -) - -func reponseFor(t *testing.T, claims jwtClaims) (*httptest.Server, authEndpoint) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - bytes, err := json.Marshal(jwtClaimsParse{ - Subject: claims.Subject, - Audience: claims.Audience, - Expiration: fmt.Sprint(claims.Expiration.Unix()), - }) - if err != nil { - t.Fatalf("Marshal %v", err) - } - w.Header()["Content-Type"] = []string{"application/json"} - w.Write(bytes) - })) - return ts, makeAuthEndpoint(ts.URL) -} - -func TestBearerValid(t *testing.T) { - tm := time.Now() - magic := "ValidSubj" - ts, dut := reponseFor(t, jwtClaims{ - Subject: magic, - Audience: dashapi.DashboardAudience, - Expiration: tm.AddDate(0, 0, 1), - }) - defer ts.Close() - - got, err := dut.determineAuthSubj(tm, []string{"Bearer x"}) - if err != nil { - t.Errorf("Unexpected error %v", err) - } - if !strings.HasSuffix(got, magic) { - t.Errorf("Wrong subj %v not suffix of %v", magic, got) - } -} - -func TestBearerWrongAudience(t *testing.T) { - tm := time.Now() - ts, dut := reponseFor(t, jwtClaims{ - Subject: "irrelevant", - Expiration: tm.AddDate(0, 0, 1), - Audience: "junk", - }) - defer ts.Close() - - _, err := dut.determineAuthSubj(tm, []string{"Bearer x"}) - if !strings.HasPrefix(err.Error(), "unexpected audience") { - t.Fatalf("Unexpected error %v", err) - } -} - -func TestBearerExpired(t *testing.T) { - tm := time.Now() - ts, dut := reponseFor(t, jwtClaims{ - Subject: "irrelevant", - Expiration: tm.AddDate(0, 0, -1), - Audience: dashapi.DashboardAudience, - }) - defer ts.Close() - - _, err := dut.determineAuthSubj(tm, []string{"Bearer x"}) - if !strings.HasPrefix(err.Error(), "token past expiration") { - t.Fatalf("Unexpected error %v", err) - } -} - -func TestMissingHeader(t *testing.T) { - ts, dut := reponseFor(t, jwtClaims{}) - defer ts.Close() - got, err := dut.determineAuthSubj(time.Now(), []string{}) - if err != nil || got != "" { - t.Errorf("Unexpected error %v %v", got, err) - } -} - -func TestBadHeader(t *testing.T) { - ts, dut := reponseFor(t, jwtClaims{}) - defer ts.Close() - got, err := dut.determineAuthSubj(time.Now(), []string{"bad"}) - if err != nil || got != "" { - t.Errorf("Unexpected error %v %v", got, err) - } -} |