MCPcopy Index your code
hub / github.com/supabase/auth / TestMaybeLoadUserOrSession

Method TestMaybeLoadUserOrSession

internal/api/auth_test.go:192–314  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

190}
191
192func (ts *AuthTestSuite) TestMaybeLoadUserOrSession() {
193 u, err := models.FindUserByEmailAndAudience(ts.API.db, "test@example.com", ts.Config.JWT.Aud)
194 require.NoError(ts.T(), err)
195
196 s, err := models.NewSession(u.ID, nil)
197 require.NoError(ts.T(), err)
198 require.NoError(ts.T(), ts.API.db.Create(s))
199
200 require.NoError(ts.T(), ts.API.db.Load(s))
201
202 cases := []struct {
203 Desc string
204 UserJwtClaims *AccessTokenClaims
205 ExpectedError error
206 ExpectedUser *models.User
207 ExpectedSession *models.Session
208 }{
209 {
210 Desc: "Missing Subject Claim",
211 UserJwtClaims: &AccessTokenClaims{
212 RegisteredClaims: jwt.RegisteredClaims{
213 Subject: "",
214 },
215 Role: "authenticated",
216 },
217 ExpectedError: apierrors.NewForbiddenError(apierrors.ErrorCodeBadJWT, "invalid claim: missing sub claim"),
218 ExpectedUser: nil,
219 },
220 {
221 Desc: "Valid Subject Claim",
222 UserJwtClaims: &AccessTokenClaims{
223 RegisteredClaims: jwt.RegisteredClaims{
224 Subject: u.ID.String(),
225 },
226 Role: "authenticated",
227 },
228 ExpectedError: nil,
229 ExpectedUser: u,
230 },
231 {
232 Desc: "Invalid Subject Claim",
233 UserJwtClaims: &AccessTokenClaims{
234 RegisteredClaims: jwt.RegisteredClaims{
235 Subject: "invalid-subject-claim",
236 },
237 Role: "authenticated",
238 },
239 ExpectedError: apierrors.NewBadRequestError(apierrors.ErrorCodeBadJWT, "invalid claim: sub claim must be a UUID"),
240 ExpectedUser: nil,
241 },
242 {
243 Desc: "Empty Session ID Claim",
244 UserJwtClaims: &AccessTokenClaims{
245 RegisteredClaims: jwt.RegisteredClaims{
246 Subject: u.ID.String(),
247 },
248 Role: "authenticated",
249 SessionId: "",

Callers

nothing calls this directly

Calls 15

NewSessionFunction · 0.92
NewForbiddenErrorFunction · 0.92
NewBadRequestErrorFunction · 0.92
getUserFunction · 0.85
getSessionFunction · 0.85
SetMethod · 0.80
parseJWTClaimsMethod · 0.80
EqualMethod · 0.80
RunMethod · 0.65
StringMethod · 0.45

Tested by

no test coverage detected