166 lines
3.4 KiB
Go
166 lines
3.4 KiB
Go
package tokens_test
|
|
|
|
import (
|
|
"gitea.deepak.science/deepak/gogmagog/models"
|
|
"gitea.deepak.science/deepak/gogmagog/tokens"
|
|
"github.com/go-chi/jwtauth"
|
|
"github.com/stretchr/testify/assert"
|
|
"testing"
|
|
"time"
|
|
)
|
|
|
|
func TestBasic(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
idToUse := int64(3)
|
|
usernameToUse := "test"
|
|
usr := &models.UserNoPassword{
|
|
UserID: idToUse,
|
|
Username: usernameToUse,
|
|
DisplayName: "Ted Est III",
|
|
}
|
|
token := toker.EncodeUser(usr)
|
|
|
|
userToken, err := toker.DecodeTokenString(token)
|
|
assert.Nil(err)
|
|
assert.Equal(usernameToUse, userToken.Username)
|
|
assert.Equal(idToUse, userToken.ID)
|
|
_, err = tokens.New("bad secret").DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
}
|
|
|
|
func getTokenString(claims map[string]interface{}) string {
|
|
auth := jwtauth.New("HS256", []byte("secret"), nil)
|
|
|
|
jwtauth.SetIssuedNow(claims)
|
|
jwtauth.SetExpiryIn(claims, 2*time.Hour)
|
|
_, tokenString, _ := auth.Encode(claims)
|
|
|
|
return tokenString
|
|
}
|
|
|
|
func TestDecodeBadIssuer(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
|
|
idToUse := 3
|
|
username := "test"
|
|
gog := "gogmagog.deepak.science"
|
|
|
|
claims := map[string]interface{}{
|
|
"user_id": int64(idToUse),
|
|
"username": username,
|
|
"display_name": "display_name",
|
|
"iss": gog,
|
|
"aud": "bad",
|
|
}
|
|
|
|
token := getTokenString(claims)
|
|
_, err := toker.DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
|
|
}
|
|
|
|
func TestDecodeBadAudience(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
|
|
idToUse := 3
|
|
username := "test"
|
|
gog := "gogmagog.deepak.science"
|
|
|
|
claims := map[string]interface{}{
|
|
"user_id": int64(idToUse),
|
|
"username": username,
|
|
"display_name": "display_name",
|
|
"iss": "bad",
|
|
"aud": gog,
|
|
}
|
|
|
|
token := getTokenString(claims)
|
|
_, err := toker.DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
|
|
}
|
|
|
|
func TestDecodeMissingUserID(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
|
|
username := "test"
|
|
gog := "gogmagog.deepak.science"
|
|
|
|
claims := map[string]interface{}{
|
|
"username": username,
|
|
"display_name": "display_name",
|
|
"iss": gog,
|
|
"aud": gog,
|
|
}
|
|
|
|
token := getTokenString(claims)
|
|
_, err := toker.DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
|
|
}
|
|
|
|
func TestDecodeBadUserID(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
|
|
username := "test"
|
|
gog := "gogmagog.deepak.science"
|
|
|
|
claims := map[string]interface{}{
|
|
"username": username,
|
|
"user_id": "id",
|
|
"display_name": "display_name",
|
|
"iss": gog,
|
|
"aud": gog,
|
|
}
|
|
|
|
token := getTokenString(claims)
|
|
_, err := toker.DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
|
|
}
|
|
|
|
func TestDecodeMissingUsername(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
|
|
idToUse := 3
|
|
gog := "gogmagog.deepak.science"
|
|
|
|
claims := map[string]interface{}{
|
|
"user_id": int64(idToUse),
|
|
"display_name": "display_name",
|
|
"iss": gog,
|
|
"aud": gog,
|
|
}
|
|
|
|
token := getTokenString(claims)
|
|
_, err := toker.DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
|
|
}
|
|
|
|
func TestDecodeBadUsername(t *testing.T) {
|
|
assert := assert.New(t)
|
|
toker := tokens.New("secret")
|
|
|
|
gog := "gogmagog.deepak.science"
|
|
|
|
claims := map[string]interface{}{
|
|
"username": 5,
|
|
"user_id": 3,
|
|
"display_name": "display_name",
|
|
"iss": gog,
|
|
"aud": gog,
|
|
}
|
|
|
|
token := getTokenString(claims)
|
|
_, err := toker.DecodeTokenString(token)
|
|
assert.NotNil(err)
|
|
|
|
}
|