local_bearer_test.go 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. package auth
  2. import (
  3. "net/http/httptest"
  4. "testing"
  5. authpublic "github.com/OliveTin/OliveTin/internal/auth/authpublic"
  6. config "github.com/OliveTin/OliveTin/internal/config"
  7. "github.com/stretchr/testify/assert"
  8. "github.com/stretchr/testify/require"
  9. )
  10. func TestCheckUserFromLocalBearerApiKey_Match_LowercaseBearerScheme(t *testing.T) {
  11. t.Parallel()
  12. cfg := config.DefaultConfig()
  13. cfg.AuthLocalUsers.Enabled = true
  14. cfg.AuthLocalUsers.Users = []*config.LocalUser{{
  15. Username: "bot",
  16. Usergroup: "bots",
  17. ApiKey: "secret-api-key",
  18. }}
  19. req := httptest.NewRequest("POST", "/", nil)
  20. req.Header.Set("Authorization", "bearer secret-api-key")
  21. ctx := &authpublic.AuthCheckingContext{Request: req, Config: cfg}
  22. user := checkUserFromLocalBearerApiKey(ctx)
  23. require.NotNil(t, user)
  24. assert.Equal(t, "bot", user.Username)
  25. assert.Equal(t, "bots", user.UsergroupLine)
  26. assert.Equal(t, "local", user.Provider)
  27. }
  28. func TestCheckUserFromLocalBearerApiKey_Match(t *testing.T) {
  29. t.Parallel()
  30. cfg := config.DefaultConfig()
  31. cfg.AuthLocalUsers.Enabled = true
  32. cfg.AuthLocalUsers.Users = []*config.LocalUser{{
  33. Username: "bot",
  34. Usergroup: "bots",
  35. ApiKey: "secret-api-key",
  36. }}
  37. req := httptest.NewRequest("POST", "/", nil)
  38. req.Header.Set("Authorization", "Bearer secret-api-key")
  39. ctx := &authpublic.AuthCheckingContext{Request: req, Config: cfg}
  40. user := checkUserFromLocalBearerApiKey(ctx)
  41. require.NotNil(t, user)
  42. assert.Equal(t, "bot", user.Username)
  43. assert.Equal(t, "bots", user.UsergroupLine)
  44. assert.Equal(t, "local", user.Provider)
  45. }
  46. func TestCheckUserFromLocalBearerApiKey_WrongKey(t *testing.T) {
  47. t.Parallel()
  48. cfg := config.DefaultConfig()
  49. cfg.AuthLocalUsers.Enabled = true
  50. cfg.AuthLocalUsers.Users = []*config.LocalUser{{
  51. Username: "bot",
  52. ApiKey: "secret-api-key",
  53. }}
  54. req := httptest.NewRequest("POST", "/", nil)
  55. req.Header.Set("Authorization", "Bearer wrong")
  56. ctx := &authpublic.AuthCheckingContext{Request: req, Config: cfg}
  57. assert.Nil(t, checkUserFromLocalBearerApiKey(ctx))
  58. }
  59. func TestCheckUserFromLocalBearerApiKey_DisabledLocalUsers(t *testing.T) {
  60. t.Parallel()
  61. cfg := config.DefaultConfig()
  62. cfg.AuthLocalUsers.Enabled = false
  63. cfg.AuthLocalUsers.Users = []*config.LocalUser{{
  64. Username: "bot",
  65. ApiKey: "secret-api-key",
  66. }}
  67. req := httptest.NewRequest("POST", "/", nil)
  68. req.Header.Set("Authorization", "Bearer secret-api-key")
  69. ctx := &authpublic.AuthCheckingContext{Request: req, Config: cfg}
  70. assert.Nil(t, checkUserFromLocalBearerApiKey(ctx))
  71. }
  72. func TestCheckUserFromLocalBearerApiKey_NoBearerPrefix(t *testing.T) {
  73. t.Parallel()
  74. cfg := config.DefaultConfig()
  75. cfg.AuthLocalUsers.Enabled = true
  76. cfg.AuthLocalUsers.Users = []*config.LocalUser{{
  77. Username: "bot",
  78. ApiKey: "secret-api-key",
  79. }}
  80. req := httptest.NewRequest("POST", "/", nil)
  81. req.Header.Set("Authorization", "secret-api-key")
  82. ctx := &authpublic.AuthCheckingContext{Request: req, Config: cfg}
  83. assert.Nil(t, checkUserFromLocalBearerApiKey(ctx))
  84. }