forked from wgroeneveld/go-jamming
76 lines
1.8 KiB
Go
76 lines
1.8 KiB
Go
|
package app
|
||
|
|
||
|
import (
|
||
|
"github.com/gorilla/mux"
|
||
|
"github.com/stretchr/testify/assert"
|
||
|
"github.com/wgroeneveld/go-jamming/common"
|
||
|
"net/http"
|
||
|
"net/http/httptest"
|
||
|
"testing"
|
||
|
)
|
||
|
|
||
|
var conf = &common.Config{
|
||
|
Token: "boemsjakkalakka",
|
||
|
AllowedWebmentionSources: []string{ "http://ewelja.be" },
|
||
|
}
|
||
|
|
||
|
func TestAuthorizedOnlyUnauthorizedWithWrongToken(t *testing.T) {
|
||
|
srv := &server{
|
||
|
conf: conf,
|
||
|
}
|
||
|
|
||
|
passed := false
|
||
|
handler := srv.authorizedOnly(func(writer http.ResponseWriter, request *http.Request) {
|
||
|
passed = true
|
||
|
})
|
||
|
r, _ := http.NewRequest("PUT", "/whatever", nil)
|
||
|
w := httptest.NewRecorder()
|
||
|
r = mux.SetURLVars(r, map[string]string{
|
||
|
"token": "invalid",
|
||
|
"domain": conf.AllowedWebmentionSources[0],
|
||
|
})
|
||
|
|
||
|
handler(w, r)
|
||
|
assert.False(t, passed, "should not have called unauthorized func")
|
||
|
}
|
||
|
|
||
|
func TestAuthorizedOnlyUnauthorizedWithWrongDomain(t *testing.T) {
|
||
|
srv := &server{
|
||
|
conf: conf,
|
||
|
}
|
||
|
|
||
|
passed := false
|
||
|
handler := srv.authorizedOnly(func(writer http.ResponseWriter, request *http.Request) {
|
||
|
passed = true
|
||
|
})
|
||
|
r, _ := http.NewRequest("PUT", "/whatever", nil)
|
||
|
w := httptest.NewRecorder()
|
||
|
r = mux.SetURLVars(r, map[string]string{
|
||
|
"token": conf.Token,
|
||
|
"domain": "https://sexymoddafokkas.be",
|
||
|
})
|
||
|
|
||
|
handler(w, r)
|
||
|
assert.False(t, passed, "should not have called unauthorized func")
|
||
|
}
|
||
|
|
||
|
func TestAuthorizedOnlyOkIfTokenAndDomainMatch(t *testing.T) {
|
||
|
srv := &server{
|
||
|
conf: conf,
|
||
|
}
|
||
|
|
||
|
passed := false
|
||
|
handler := srv.authorizedOnly(func(writer http.ResponseWriter, request *http.Request) {
|
||
|
passed = true
|
||
|
})
|
||
|
r, _ := http.NewRequest("PUT", "/whatever", nil)
|
||
|
w := httptest.NewRecorder()
|
||
|
r = mux.SetURLVars(r, map[string]string{
|
||
|
"token": conf.Token,
|
||
|
"domain": conf.AllowedWebmentionSources[0],
|
||
|
})
|
||
|
|
||
|
handler(w, r)
|
||
|
assert.True(t, passed, "should have passed authentication!")
|
||
|
}
|