photoprism/pkg/header/auth_test.go
Michael Mayer a4e2bb33b9 2FA: Rename "Auth Secret" to "App Password" for more clarity #782 #808
Signed-off-by: Michael Mayer <michael@photoprism.app>
2024-01-19 18:10:01 +01:00

195 lines
5.2 KiB
Go

package header
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/gin-gonic/gin"
"github.com/stretchr/testify/assert"
"github.com/photoprism/photoprism/pkg/rnd"
)
func TestAuthToken(t *testing.T) {
t.Run("None", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// No headers have been set, so no token should be returned.
token := AuthToken(c)
assert.Equal(t, "", token)
})
t.Run("BearerToken", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Set Bearer Authorization header to a random value generated by rnd.AuthToken().
expected := rnd.AuthToken()
SetAuthorization(c.Request, expected)
// Check header for expected token.
authToken := AuthToken(c)
assert.Equal(t, expected, authToken)
bearerToken := BearerToken(c)
assert.Equal(t, authToken, bearerToken)
})
t.Run("XAuthToken", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Set X-Auth-Token header to a random value generated by rnd.AuthToken().
expected := rnd.AuthToken()
c.Request.Header.Add(XAuthToken, expected)
// Check header for expected token.
authToken := AuthToken(c)
assert.Equal(t, expected, authToken)
bearerToken := BearerToken(c)
assert.Equal(t, "", bearerToken)
})
t.Run("XSessionID", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Set X-Session-ID header to a random value generated by rnd.AuthToken().
expected := rnd.AuthToken()
c.Request.Header.Add(XSessionID, expected)
// Check header for expected token.
authToken := AuthToken(c)
assert.Equal(t, expected, authToken)
bearerToken := BearerToken(c)
assert.Equal(t, "", bearerToken)
})
t.Run("AppPassword", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Set X-Auth-Token header to a random value generated by rnd.AppPassword().
expected := rnd.AppPassword()
c.Request.Header.Add(XAuthToken, expected)
// Check header for expected token.
authToken := AuthToken(c)
assert.Equal(t, expected, authToken)
bearerToken := BearerToken(c)
assert.Equal(t, "", bearerToken)
})
}
func TestBearerToken(t *testing.T) {
t.Run("None", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// No headers have been set, so no token should be returned.
token := BearerToken(c)
assert.Equal(t, "", token)
})
t.Run("Found", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Add authorization header.
SetAuthorization(c.Request, "69be27ac5ca305b394046a83f6fda18167ca3d3f2dbe7ac0")
// Check result.
token := BearerToken(c)
assert.Equal(t, "69be27ac5ca305b394046a83f6fda18167ca3d3f2dbe7ac0", token)
})
}
func TestAuthorization(t *testing.T) {
t.Run("None", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// No headers have been set, so no token should be returned.
authType, authToken := Authorization(c)
assert.Equal(t, "", authType)
assert.Equal(t, "", authToken)
})
t.Run("BearerToken", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Add authorization header.
c.Request.Header.Add(Auth, "Bearer 69be27ac5ca305b394046a83f6fda18167ca3d3f2dbe7ac0")
// Check result.
authType, authToken := Authorization(c)
assert.Equal(t, AuthBearer, authType)
assert.Equal(t, "69be27ac5ca305b394046a83f6fda18167ca3d3f2dbe7ac0", authToken)
})
}
func TestBasicAuth(t *testing.T) {
t.Run("None", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// No headers have been set, so no token should be returned.
user, pass, key := BasicAuth(c)
assert.Equal(t, "", user)
assert.Equal(t, "", pass)
assert.Equal(t, "", key)
})
t.Run("Found", func(t *testing.T) {
gin.SetMode(gin.TestMode)
w := httptest.NewRecorder()
c, _ := gin.CreateTestContext(w)
c.Request = &http.Request{
Header: make(http.Header),
}
// Add authorization header.
c.Request.Header.Add(Auth, AuthBasic+" QWxhZGRpbjpvcGVuIHNlc2FtZQ==")
// Check result.
user, pass, key := BasicAuth(c)
assert.Equal(t, "Aladdin", user)
assert.Equal(t, "open sesame", pass)
assert.Equal(t, "0cdb723383eb144043424a4a254461658d887396", key)
})
}