From 5bfcec7dfd4ba51d38b41cea770ecc96e7e59d4d Mon Sep 17 00:00:00 2001 From: Greg Steuck Date: Wed, 28 Jul 2021 11:03:25 -0700 Subject: pkg/auth: move auth code into a new package for reuse in syz-hub --- dashboard/app/auth_test.go | 99 ---------------------------------------------- 1 file changed, 99 deletions(-) delete mode 100644 dashboard/app/auth_test.go (limited to 'dashboard/app/auth_test.go') diff --git a/dashboard/app/auth_test.go b/dashboard/app/auth_test.go deleted file mode 100644 index c6d5fba23..000000000 --- a/dashboard/app/auth_test.go +++ /dev/null @@ -1,99 +0,0 @@ -// Copyright 2017 syzkaller project authors. All rights reserved. -// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. - -package main - -import ( - "encoding/json" - "fmt" - "net/http" - "net/http/httptest" - "strings" - "testing" - "time" - - "github.com/google/syzkaller/dashboard/dashapi" -) - -func reponseFor(t *testing.T, claims jwtClaims) (*httptest.Server, authEndpoint) { - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - bytes, err := json.Marshal(jwtClaimsParse{ - Subject: claims.Subject, - Audience: claims.Audience, - Expiration: fmt.Sprint(claims.Expiration.Unix()), - }) - if err != nil { - t.Fatalf("Marshal %v", err) - } - w.Header()["Content-Type"] = []string{"application/json"} - w.Write(bytes) - })) - return ts, makeAuthEndpoint(ts.URL) -} - -func TestBearerValid(t *testing.T) { - tm := time.Now() - magic := "ValidSubj" - ts, dut := reponseFor(t, jwtClaims{ - Subject: magic, - Audience: dashapi.DashboardAudience, - Expiration: tm.AddDate(0, 0, 1), - }) - defer ts.Close() - - got, err := dut.determineAuthSubj(tm, []string{"Bearer x"}) - if err != nil { - t.Errorf("Unexpected error %v", err) - } - if !strings.HasSuffix(got, magic) { - t.Errorf("Wrong subj %v not suffix of %v", magic, got) - } -} - -func TestBearerWrongAudience(t *testing.T) { - tm := time.Now() - ts, dut := reponseFor(t, jwtClaims{ - Subject: "irrelevant", - Expiration: tm.AddDate(0, 0, 1), - Audience: "junk", - }) - defer ts.Close() - - _, err := dut.determineAuthSubj(tm, []string{"Bearer x"}) - if !strings.HasPrefix(err.Error(), "unexpected audience") { - t.Fatalf("Unexpected error %v", err) - } -} - -func TestBearerExpired(t *testing.T) { - tm := time.Now() - ts, dut := reponseFor(t, jwtClaims{ - Subject: "irrelevant", - Expiration: tm.AddDate(0, 0, -1), - Audience: dashapi.DashboardAudience, - }) - defer ts.Close() - - _, err := dut.determineAuthSubj(tm, []string{"Bearer x"}) - if !strings.HasPrefix(err.Error(), "token past expiration") { - t.Fatalf("Unexpected error %v", err) - } -} - -func TestMissingHeader(t *testing.T) { - ts, dut := reponseFor(t, jwtClaims{}) - defer ts.Close() - got, err := dut.determineAuthSubj(time.Now(), []string{}) - if err != nil || got != "" { - t.Errorf("Unexpected error %v %v", got, err) - } -} - -func TestBadHeader(t *testing.T) { - ts, dut := reponseFor(t, jwtClaims{}) - defer ts.Close() - got, err := dut.determineAuthSubj(time.Now(), []string{"bad"}) - if err != nil || got != "" { - t.Errorf("Unexpected error %v %v", got, err) - } -} -- cgit mrf-deployment