(t *testing.T)
| 1045 | } |
| 1046 | |
| 1047 | func TestTokenFromCookieString(t *testing.T) { |
| 1048 | // the middleware to test |
| 1049 | authMiddleware, _ := New(&GinJWTMiddleware{ |
| 1050 | Realm: "test zone", |
| 1051 | Key: key, |
| 1052 | Timeout: time.Hour, |
| 1053 | Authenticator: defaultAuthenticator, |
| 1054 | Unauthorized: func(c *gin.Context, code int, message string) { |
| 1055 | c.String(code, message) |
| 1056 | }, |
| 1057 | TokenLookup: "cookie:token", |
| 1058 | }) |
| 1059 | |
| 1060 | handler := ginHandler(authMiddleware) |
| 1061 | |
| 1062 | r := gofight.New() |
| 1063 | |
| 1064 | userToken, _, _ := authMiddleware.generateAccessToken(jwt.MapClaims{ |
| 1065 | "identity": testAdmin, |
| 1066 | }) |
| 1067 | |
| 1068 | r.GET("/auth/hello"). |
| 1069 | SetHeader(gofight.H{ |
| 1070 | "Authorization": "Bearer " + userToken, |
| 1071 | }). |
| 1072 | Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) { |
| 1073 | assert.Equal(t, http.StatusUnauthorized, r.Code) |
| 1074 | }) |
| 1075 | |
| 1076 | r.GET("/auth/hello"). |
| 1077 | SetHeader(gofight.H{ |
| 1078 | "Authorization": "Bearer " + userToken, |
| 1079 | }). |
| 1080 | Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) { |
| 1081 | token := gjson.Get(r.Body.String(), "token") |
| 1082 | assert.Equal(t, http.StatusUnauthorized, r.Code) |
| 1083 | assert.Equal(t, "", token.String()) |
| 1084 | }) |
| 1085 | |
| 1086 | r.GET("/auth/hello"). |
| 1087 | SetCookie(gofight.H{ |
| 1088 | "token": userToken, |
| 1089 | }). |
| 1090 | Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) { |
| 1091 | assert.Equal(t, http.StatusOK, r.Code) |
| 1092 | }) |
| 1093 | |
| 1094 | r.GET("/auth/hello"). |
| 1095 | SetCookie(gofight.H{ |
| 1096 | "token": userToken, |
| 1097 | }). |
| 1098 | Run(handler, func(r gofight.HTTPResponse, rq gofight.HTTPRequest) { |
| 1099 | token := gjson.Get(r.Body.String(), "token") |
| 1100 | assert.Equal(t, http.StatusOK, r.Code) |
| 1101 | assert.Equal(t, userToken, token.String()) |
| 1102 | }) |
| 1103 | } |
| 1104 |
nothing calls this directly
no test coverage detected
searching dependent graphs…