(t *testing.T)
| 28 | ) |
| 29 | |
| 30 | func TestAuthMiddleware(t *testing.T) { |
| 31 | api := "APIabcdefg" |
| 32 | secret := "somesecretencodedinbase62extendto32bytes" |
| 33 | provider := &authfakes.FakeKeyProvider{} |
| 34 | provider.GetSecretReturns(secret) |
| 35 | |
| 36 | m := service.NewAPIKeyAuthMiddleware(provider) |
| 37 | var grants *auth.ClaimGrants |
| 38 | handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 39 | grants = service.GetGrants(r.Context()) |
| 40 | w.WriteHeader(http.StatusOK) |
| 41 | }) |
| 42 | |
| 43 | orig := &auth.VideoGrant{Room: "abcdefg", RoomJoin: true} |
| 44 | // ensure that the original claim could be retrieved |
| 45 | at := auth.NewAccessToken(api, secret). |
| 46 | AddGrant(orig) |
| 47 | token, err := at.ToJWT() |
| 48 | require.NoError(t, err) |
| 49 | |
| 50 | r := &http.Request{Header: http.Header{}} |
| 51 | w := httptest.NewRecorder() |
| 52 | service.SetAuthorizationToken(r, token) |
| 53 | m.ServeHTTP(w, r, handler) |
| 54 | |
| 55 | require.NotNil(t, grants) |
| 56 | require.EqualValues(t, orig, grants.Video) |
| 57 | |
| 58 | // no authorization == no claims |
| 59 | grants = nil |
| 60 | w = httptest.NewRecorder() |
| 61 | r = &http.Request{Header: http.Header{}} |
| 62 | m.ServeHTTP(w, r, handler) |
| 63 | require.Nil(t, grants) |
| 64 | require.Equal(t, http.StatusOK, w.Code) |
| 65 | |
| 66 | // incorrect authorization: error |
| 67 | grants = nil |
| 68 | w = httptest.NewRecorder() |
| 69 | r = &http.Request{Header: http.Header{}} |
| 70 | service.SetAuthorizationToken(r, "invalid token") |
| 71 | m.ServeHTTP(w, r, handler) |
| 72 | require.Nil(t, grants) |
| 73 | require.Equal(t, http.StatusUnauthorized, w.Code) |
| 74 | } |
nothing calls this directly
no test coverage detected