0 | |
package jwt_test
|
|
0 |
package jwt
|
1 | 1 |
|
2 | 2 |
import (
|
3 | 3 |
"fmt"
|
|
4 |
"net/http"
|
4 | 5 |
"testing"
|
5 | 6 |
|
6 | 7 |
"google.golang.org/grpc/metadata"
|
7 | 8 |
|
8 | |
"github.com/go-kit/kit/auth/jwt"
|
9 | 9 |
"golang.org/x/net/context"
|
10 | 10 |
)
|
11 | 11 |
|
|
12 |
func TestToHTTPContext(t *testing.T) {
|
|
13 |
reqFunc := ToHTTPContext()
|
|
14 |
|
|
15 |
// When the header doesn't exist
|
|
16 |
ctx := reqFunc(context.Background(), &http.Request{})
|
|
17 |
|
|
18 |
if ctx.Value(JWTTokenContextKey) != nil {
|
|
19 |
t.Error("Context shouldn't contain the encoded JWT")
|
|
20 |
}
|
|
21 |
|
|
22 |
// Authorization header value has invalid format
|
|
23 |
header := http.Header{}
|
|
24 |
header.Set("Authorization", "no expected auth header format value")
|
|
25 |
ctx = reqFunc(context.Background(), &http.Request{Header: header})
|
|
26 |
|
|
27 |
if ctx.Value(JWTTokenContextKey) != nil {
|
|
28 |
t.Error("Context shouldn't contain the encoded JWT")
|
|
29 |
}
|
|
30 |
|
|
31 |
// Authorization header is correct
|
|
32 |
header.Set("Authorization", generateAuthHeaderFromToken(signedKey))
|
|
33 |
ctx = reqFunc(context.Background(), &http.Request{Header: header})
|
|
34 |
|
|
35 |
token := ctx.Value(JWTTokenContextKey).(string)
|
|
36 |
if token != signedKey {
|
|
37 |
t.Errorf("Context doesn't contain the expected encoded token value; expected: %s, got: %s", signedKey, token)
|
|
38 |
}
|
|
39 |
}
|
|
40 |
|
|
41 |
func TestFromHTTPContext(t *testing.T) {
|
|
42 |
reqFunc := FromHTTPContext()
|
|
43 |
|
|
44 |
// No JWT Token is passed in the context
|
|
45 |
ctx := context.Background()
|
|
46 |
r := http.Request{}
|
|
47 |
reqFunc(ctx, &r)
|
|
48 |
|
|
49 |
token := r.Header.Get("Authorization")
|
|
50 |
if token != "" {
|
|
51 |
t.Error("authorization key should not exist in metadata")
|
|
52 |
}
|
|
53 |
|
|
54 |
// Correct JWT Token is passed in the context
|
|
55 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
|
|
56 |
r = http.Request{Header: http.Header{}}
|
|
57 |
reqFunc(ctx, &r)
|
|
58 |
|
|
59 |
token = r.Header.Get("Authorization")
|
|
60 |
expected := generateAuthHeaderFromToken(signedKey)
|
|
61 |
|
|
62 |
if token != expected {
|
|
63 |
t.Errorf("Authorization header does not contain the expected JWT token; expected %s, got %s", expected, token)
|
|
64 |
}
|
|
65 |
}
|
|
66 |
|
12 | 67 |
func TestToGRPCContext(t *testing.T) {
|
13 | 68 |
md := metadata.MD{}
|
14 | |
reqFunc := jwt.ToGRPCContext()
|
|
69 |
reqFunc := ToGRPCContext()
|
15 | 70 |
|
16 | 71 |
// No Authorization header is passed
|
17 | 72 |
ctx := reqFunc(context.Background(), &md)
|
18 | |
token := ctx.Value(jwt.JWTTokenContextKey)
|
|
73 |
token := ctx.Value(JWTTokenContextKey)
|
19 | 74 |
if token != nil {
|
20 | |
t.Fatal("Context should not contain a JWT Token")
|
|
75 |
t.Error("Context should not contain a JWT Token")
|
21 | 76 |
}
|
22 | 77 |
|
23 | 78 |
// Invalid Authorization header is passed
|
24 | 79 |
md["authorization"] = []string{fmt.Sprintf("%s", signedKey)}
|
25 | 80 |
ctx = reqFunc(context.Background(), &md)
|
26 | |
token = ctx.Value(jwt.JWTTokenContextKey)
|
|
81 |
token = ctx.Value(JWTTokenContextKey)
|
27 | 82 |
if token != nil {
|
28 | |
t.Fatal("Context should not contain a JWT Token")
|
|
83 |
t.Error("Context should not contain a JWT Token")
|
29 | 84 |
}
|
30 | 85 |
|
31 | 86 |
// Authorization header is correct
|
32 | 87 |
md["authorization"] = []string{fmt.Sprintf("Bearer %s", signedKey)}
|
33 | 88 |
ctx = reqFunc(context.Background(), &md)
|
34 | |
token, ok := ctx.Value(jwt.JWTTokenContextKey).(string)
|
|
89 |
token, ok := ctx.Value(JWTTokenContextKey).(string)
|
35 | 90 |
if !ok {
|
36 | 91 |
t.Fatal("JWT Token not passed to context correctly")
|
37 | 92 |
}
|
38 | 93 |
|
39 | 94 |
if token != signedKey {
|
40 | |
t.Fatalf("JWT tokens did not match: expecting %s got %s", signedKey, token)
|
|
95 |
t.Errorf("JWT tokens did not match: expecting %s got %s", signedKey, token)
|
41 | 96 |
}
|
42 | 97 |
}
|
43 | 98 |
|
44 | 99 |
func TestFromGRPCContext(t *testing.T) {
|
45 | |
reqFunc := jwt.FromGRPCContext()
|
|
100 |
reqFunc := FromGRPCContext()
|
46 | 101 |
|
47 | 102 |
// No JWT Token is passed in the context
|
48 | 103 |
ctx := context.Background()
|
|
51 | 106 |
|
52 | 107 |
_, ok := md["authorization"]
|
53 | 108 |
if ok {
|
54 | |
t.Fatal("authorization key should not exist in metadata")
|
|
109 |
t.Error("authorization key should not exist in metadata")
|
55 | 110 |
}
|
56 | 111 |
|
57 | 112 |
// Correct JWT Token is passed in the context
|
58 | |
ctx = context.WithValue(context.Background(), jwt.JWTTokenContextKey, signedKey)
|
|
113 |
ctx = context.WithValue(context.Background(), JWTTokenContextKey, signedKey)
|
59 | 114 |
md = metadata.MD{}
|
60 | 115 |
reqFunc(ctx, &md)
|
61 | 116 |
|
|
65 | 120 |
}
|
66 | 121 |
|
67 | 122 |
if token[0] != generateAuthHeaderFromToken(signedKey) {
|
68 | |
t.Fatalf("JWT tokens did not match: expecting %s got %s", signedKey, token[0])
|
|
123 |
t.Errorf("JWT tokens did not match: expecting %s got %s", signedKey, token[0])
|
69 | 124 |
}
|
70 | 125 |
}
|
71 | |
|
72 | |
func generateAuthHeaderFromToken(token string) string {
|
73 | |
return fmt.Sprintf("Bearer %s", token)
|
74 | |
}
|