(t *testing.T)
| 208 | } |
| 209 | |
| 210 | func TestJWTCacheHandler(t *testing.T) { |
| 211 | setUp("/config/testing/handler_logout_url.yml") |
| 212 | handler := jwtmanager.JWTCacheHandler(http.HandlerFunc(ValidateRequestHandler)) |
| 213 | |
| 214 | user := &structs.User{Username: "testuser", Email: "test@example.com", Name: "Test Name"} |
| 215 | tokens := structs.PTokens{} |
| 216 | customClaims := structs.CustomClaims{} |
| 217 | |
| 218 | jwt, err := jwtmanager.NewVPJWT(*user, customClaims, tokens) |
| 219 | assert.NoError(t, err) |
| 220 | badjwt := strings.ReplaceAll(jwt, "a", "z") |
| 221 | badjwt = strings.ReplaceAll(badjwt, "b", "x") |
| 222 | |
| 223 | c := &http.Cookie{ |
| 224 | // Name: cfg.Cfg.Cookie.Name + "_1of1", |
| 225 | Name: cfg.Cfg.Cookie.Name, |
| 226 | Value: jwt, |
| 227 | Expires: time.Now().Add(1 * time.Hour), |
| 228 | Domain: cfg.Cfg.Cookie.Domain, |
| 229 | } |
| 230 | |
| 231 | cBlank := &http.Cookie{ |
| 232 | // Name: cfg.Cfg.Cookie.Name + "_1of1", |
| 233 | Name: cfg.Cfg.Cookie.Name, |
| 234 | Value: "", |
| 235 | Expires: time.Now().Add(1 * time.Hour), |
| 236 | Domain: cfg.Cfg.Cookie.Domain, |
| 237 | } |
| 238 | |
| 239 | tests := []struct { |
| 240 | name string |
| 241 | cookie *http.Cookie |
| 242 | bearerJWT string |
| 243 | wantcode int |
| 244 | }{ |
| 245 | // because we're testing the cacheing we run these multiple times |
| 246 | {"authorized 1", c, "", http.StatusOK}, |
| 247 | {"authorized 2", c, "", http.StatusOK}, |
| 248 | {"notauthorized 1", cBlank, "", http.StatusUnauthorized}, |
| 249 | {"notauthorized 2", cBlank, "", http.StatusUnauthorized}, |
| 250 | {"authorized 3", c, "", http.StatusOK}, |
| 251 | {"bearer 1", nil, jwt, http.StatusOK}, |
| 252 | {"badBearer 1", nil, badjwt, http.StatusUnauthorized}, |
| 253 | // {"badBearer", nil, badjwt, http.StatusUnauthorized}, |
| 254 | {"bearer 2", nil, jwt, http.StatusOK}, |
| 255 | {"badBearer 2", nil, badjwt, http.StatusUnauthorized}, |
| 256 | } |
| 257 | |
| 258 | for _, tt := range tests { |
| 259 | t.Run(tt.name, func(t *testing.T) { |
| 260 | req, err := http.NewRequest("GET", "/validate", nil) |
| 261 | req.Host = "myapp.example.com" |
| 262 | |
| 263 | if tt.cookie != nil { |
| 264 | req.AddCookie(tt.cookie) |
| 265 | } |
| 266 | |
| 267 | // https://github.com/vouch/vouch-proxy/issues/278 |
nothing calls this directly
no test coverage detected