Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitaly.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/auth/extract_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'auth/extract_test.go')
-rw-r--r--auth/extract_test.go66
1 files changed, 6 insertions, 60 deletions
diff --git a/auth/extract_test.go b/auth/extract_test.go
index 4274785c4..510fb1790 100644
--- a/auth/extract_test.go
+++ b/auth/extract_test.go
@@ -7,51 +7,8 @@ import (
"github.com/grpc-ecosystem/go-grpc-middleware/util/metautils"
"github.com/stretchr/testify/require"
- "google.golang.org/grpc/codes"
- "google.golang.org/grpc/credentials"
- "google.golang.org/grpc/metadata"
- "google.golang.org/grpc/status"
)
-func TestCheckTokenV1(t *testing.T) {
- secret := "secret 1234"
-
- testCases := []struct {
- desc string
- md metadata.MD
- code codes.Code
- }{
- {
- desc: "ok",
- md: credsMD(t, RPCCredentials(secret)),
- code: codes.OK,
- },
- {
- desc: "denied",
- md: credsMD(t, RPCCredentials("wrong secret")),
- code: codes.PermissionDenied,
- },
- {
- desc: "invalid, not bearer",
- md: credsMD(t, &invalidCreds{"foobar"}),
- code: codes.Unauthenticated,
- },
- {
- desc: "invalid, bearer but not base64",
- md: credsMD(t, &invalidCreds{"Bearer foo!!bar"}),
- code: codes.Unauthenticated,
- },
- }
-
- for _, tc := range testCases {
- t.Run(tc.desc, func(t *testing.T) {
- ctx := metadata.NewIncomingContext(context.Background(), tc.md)
- err := CheckToken(ctx, secret, time.Now())
- require.Equal(t, tc.code, status.Code(err), "expected grpc code in error %v", err)
- })
- }
-}
-
func TestCheckTokenV2(t *testing.T) {
targetTime := time.Unix(1535671600, 0)
secret := []byte("foo")
@@ -97,9 +54,14 @@ func TestCheckTokenV2(t *testing.T) {
result: errDenied,
},
{
+ desc: "Invalid token format",
+ token: "foo.bar",
+ result: errUnauthenticated,
+ },
+ {
desc: "Empty token",
token: "",
- result: errDenied,
+ result: errUnauthenticated,
},
}
@@ -113,19 +75,3 @@ func TestCheckTokenV2(t *testing.T) {
})
}
}
-
-func credsMD(t *testing.T, creds credentials.PerRPCCredentials) metadata.MD {
- md, err := creds.GetRequestMetadata(context.Background())
- require.NoError(t, err)
- return metadata.New(md)
-}
-
-type invalidCreds struct {
- authHeader string
-}
-
-func (invalidCreds) RequireTransportSecurity() bool { return false }
-
-func (ic *invalidCreds) GetRequestMetadata(context.Context, ...string) (map[string]string, error) {
- return map[string]string{"authorization": ic.authHeader}, nil
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 16:00:39 +0300