(t *testing.T)
| 39 | } |
| 40 | |
| 41 | func TestAuthMiddleware_Authenticate(t *testing.T) { |
| 42 | gin.SetMode(gin.TestMode) |
| 43 | |
| 44 | // Setup ledgerforge service |
| 45 | ledgerforgeService, err := setupLedgerForge(t) |
| 46 | assert.NoError(t, err) |
| 47 | |
| 48 | // Create test API keys |
| 49 | validKey, err := ledgerforgeService.CreateAPIKey(context.Background(), "valid-key", "test-owner", []string{"ledgers:read"}, time.Now().Add(24*time.Hour)) |
| 50 | assert.NoError(t, err) |
| 51 | |
| 52 | insufficientKey, err := ledgerforgeService.CreateAPIKey(context.Background(), "insufficient-key", "test-owner", []string{"ledgers:read"}, time.Now().Add(24*time.Hour)) |
| 53 | assert.NoError(t, err) |
| 54 | |
| 55 | expiredKey, err := ledgerforgeService.CreateAPIKey(context.Background(), "expired-key", "test-owner", []string{"ledgers:read"}, time.Now().Add(-24*time.Hour)) |
| 56 | assert.NoError(t, err) |
| 57 | |
| 58 | revokedKey, err := ledgerforgeService.CreateAPIKey(context.Background(), "revoked-key", "test-owner", []string{"read"}, time.Now().Add(24*time.Hour)) |
| 59 | assert.NoError(t, err) |
| 60 | |
| 61 | err = ledgerforgeService.RevokeAPIKey(context.Background(), revokedKey.APIKeyID, revokedKey.OwnerID) |
| 62 | assert.NoError(t, err) |
| 63 | |
| 64 | allPermissionsScopes := []string{ |
| 65 | "ledgers:read", "ledgers:write", "ledgers:delete", |
| 66 | "balances:read", "balances:write", "balances:delete", |
| 67 | "accounts:read", "accounts:write", "accounts:delete", |
| 68 | "identities:read", "identities:write", "identities:delete", |
| 69 | "transactions:read", "transactions:write", "transactions:delete", |
| 70 | "balance-monitors:read", "balance-monitors:write", "balance-monitors:delete", |
| 71 | "hooks:read", "hooks:write", "hooks:delete", |
| 72 | "api-keys:read", "api-keys:write", "api-keys:delete", |
| 73 | "search:read", "search:write", "search:delete", |
| 74 | "reconciliation:read", "reconciliation:write", "reconciliation:delete", |
| 75 | "metadata:read", "metadata:write", "metadata:delete", |
| 76 | "backup:read", "backup:write", "backup:delete", |
| 77 | } |
| 78 | |
| 79 | comprehensiveKey, err := ledgerforgeService.CreateAPIKey(context.Background(), "comprehensive-key", "test-owner", allPermissionsScopes, time.Now().Add(24*time.Hour)) |
| 80 | assert.NoError(t, err) |
| 81 | |
| 82 | tests := []struct { |
| 83 | name string |
| 84 | path string |
| 85 | method string |
| 86 | apiKey string |
| 87 | expectedCode int |
| 88 | expectedError string |
| 89 | setupConfig func() *config.Configuration |
| 90 | }{ |
| 91 | { |
| 92 | name: "Valid master key", |
| 93 | path: "/ledgers", |
| 94 | method: "GET", |
| 95 | apiKey: "master-key", |
| 96 | setupConfig: func() *config.Configuration { |
| 97 | return &config.Configuration{ |
| 98 | Server: config.ServerConfig{ |
nothing calls this directly
no test coverage detected