diff --git a/tokens/tokens.go b/tokens/tokens.go index a66ebd0..72ed0af 100644 --- a/tokens/tokens.go +++ b/tokens/tokens.go @@ -51,9 +51,10 @@ func (tok *jwtToker) DecodeTokenString(tokenString string) (*UserToken, error) { return nil, fmt.Errorf("Error decoding token") } - if token == nil { - return nil, fmt.Errorf("Token was nil") - } + // Should never happen, remove soon. + // if token == nil { + // return nil, fmt.Errorf("Token was nil") + // } err = jwt.Validate( token, diff --git a/tokens/tokens_test.go b/tokens/tokens_test.go index 277e69e..76265c1 100644 --- a/tokens/tokens_test.go +++ b/tokens/tokens_test.go @@ -3,22 +3,163 @@ package tokens_test import ( "gitea.deepak.science/deepak/gogmagog/models" "gitea.deepak.science/deepak/gogmagog/tokens" + "github.com/go-chi/jwtauth" "github.com/stretchr/testify/assert" "testing" + "time" ) func TestBasic(t *testing.T) { assert := assert.New(t) toker := tokens.New("secret") + idToUse := int64(3) + usernameToUse := "test" usr := &models.UserNoPassword{ - UserID: 3, - Username: "test", + UserID: idToUse, + Username: usernameToUse, DisplayName: "Ted Est III", } token := toker.EncodeUser(usr) - _, err := toker.DecodeTokenString(token) + userToken, err := toker.DecodeTokenString(token) assert.Nil(err) + assert.Equal(usernameToUse, userToken.Username) + assert.Equal(idToUse, userToken.ID) _, err = tokens.New("bad secret").DecodeTokenString(token) assert.NotNil(err) } + +func getTokenString(claims map[string]interface{}) string { + auth := jwtauth.New("HS256", []byte("secret"), nil) + + jwtauth.SetIssuedNow(claims) + jwtauth.SetExpiryIn(claims, 2*time.Hour) + _, tokenString, _ := auth.Encode(claims) + + return tokenString +} + +func TestDecodeBadIssuer(t *testing.T) { + assert := assert.New(t) + toker := tokens.New("secret") + + idToUse := 3 + username := "test" + gog := "gogmagog.deepak.science" + + claims := map[string]interface{}{ + "user_id": int64(idToUse), + "username": username, + "display_name": "display_name", + "iss": gog, + "aud": "bad", + } + + token := getTokenString(claims) + _, err := toker.DecodeTokenString(token) + assert.NotNil(err) + +} + +func TestDecodeBadAudience(t *testing.T) { + assert := assert.New(t) + toker := tokens.New("secret") + + idToUse := 3 + username := "test" + gog := "gogmagog.deepak.science" + + claims := map[string]interface{}{ + "user_id": int64(idToUse), + "username": username, + "display_name": "display_name", + "iss": "bad", + "aud": gog, + } + + token := getTokenString(claims) + _, err := toker.DecodeTokenString(token) + assert.NotNil(err) + +} + +func TestDecodeMissingUserID(t *testing.T) { + assert := assert.New(t) + toker := tokens.New("secret") + + username := "test" + gog := "gogmagog.deepak.science" + + claims := map[string]interface{}{ + "username": username, + "display_name": "display_name", + "iss": gog, + "aud": gog, + } + + token := getTokenString(claims) + _, err := toker.DecodeTokenString(token) + assert.NotNil(err) + +} + +func TestDecodeBadUserID(t *testing.T) { + assert := assert.New(t) + toker := tokens.New("secret") + + username := "test" + gog := "gogmagog.deepak.science" + + claims := map[string]interface{}{ + "username": username, + "user_id": "id", + "display_name": "display_name", + "iss": gog, + "aud": gog, + } + + token := getTokenString(claims) + _, err := toker.DecodeTokenString(token) + assert.NotNil(err) + +} + +func TestDecodeMissingUsername(t *testing.T) { + assert := assert.New(t) + toker := tokens.New("secret") + + idToUse := 3 + gog := "gogmagog.deepak.science" + + claims := map[string]interface{}{ + "user_id": int64(idToUse), + "display_name": "display_name", + "iss": gog, + "aud": gog, + } + + token := getTokenString(claims) + _, err := toker.DecodeTokenString(token) + assert.NotNil(err) + +} + +func TestDecodeBadUsername(t *testing.T) { + assert := assert.New(t) + toker := tokens.New("secret") + + gog := "gogmagog.deepak.science" + + claims := map[string]interface{}{ + "username": 5, + "user_id": 3, + "display_name": "display_name", + "iss": gog, + "aud": gog, + } + + token := getTokenString(claims) + _, err := toker.DecodeTokenString(token) + assert.NotNil(err) + +}