diff options
author | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-09-02 09:07:28 +0300 |
---|---|---|
committer | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-09-02 09:07:28 +0300 |
commit | f1a69ce3f27b0bcd0b8369f909f655ded23d98c9 (patch) | |
tree | d3a7701a85845179bfc5f5e4932de78059224c04 /internal/auth | |
parent | 29410749d7c0cf68d373d4c324f41a47d7101ce5 (diff) |
refactor: replace magic numbers with http status codes
Diffstat (limited to 'internal/auth')
-rw-r--r-- | internal/auth/auth.go | 12 | ||||
-rw-r--r-- | internal/auth/auth_test.go | 16 |
2 files changed, 14 insertions, 14 deletions
diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 29aaa582..e6b6f751 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -114,7 +114,7 @@ func (a *Auth) checkSession(w http.ResponseWriter, r *http.Request) (*sessions.S return nil, errsave } - http.Redirect(w, r, getRequestAddress(r), 302) + http.Redirect(w, r, getRequestAddress(r), http.StatusFound) return nil, errsession } @@ -216,7 +216,7 @@ func (a *Auth) checkAuthenticationResponse(session *sessions.Session, w http.Res "redirect_uri", redirectURI, ).Info("Authentication was successful, redirecting user back to requested page") - http.Redirect(w, r, redirectURI, 302) + http.Redirect(w, r, redirectURI, http.StatusFound) } func (a *Auth) domainAllowed(ctx context.Context, name string, domains source.Source) bool { @@ -277,7 +277,7 @@ func (a *Auth) handleProxyingAuth(session *sessions.Session, w http.ResponseWrit "pages_domain": domain, }).Info("Redirecting user to gitlab for oauth") - http.Redirect(w, r, url, 302) + http.Redirect(w, r, url, http.StatusFound) return true } @@ -324,7 +324,7 @@ func (a *Auth) handleProxyingAuth(session *sessions.Session, w http.ResponseWrit // Redirect pages to originating domain with code and state to finish // authentication process - http.Redirect(w, r, proxyDomain+r.URL.Path+"?"+query.Encode(), 302) + http.Redirect(w, r, proxyDomain+r.URL.Path+"?"+query.Encode(), http.StatusFound) return true } @@ -448,7 +448,7 @@ func (a *Auth) checkTokenExists(session *sessions.Session, w http.ResponseWriter // Because the pages domain might be in public suffix list, we have to // redirect to pages domain to trigger authorization flow - http.Redirect(w, r, a.getProxyAddress(r, state), 302) + http.Redirect(w, r, a.getProxyAddress(r, state), http.StatusFound) return true } @@ -473,7 +473,7 @@ func destroySession(session *sessions.Session, w http.ResponseWriter, r *http.Re return } - http.Redirect(w, r, getRequestAddress(r), 302) + http.Redirect(w, r, getRequestAddress(r), http.StatusFound) } // IsAuthSupported checks if pages is running with the authentication support diff --git a/internal/auth/auth_test.go b/internal/auth/auth_test.go index d03407a5..b49e5423 100644 --- a/internal/auth/auth_test.go +++ b/internal/auth/auth_test.go @@ -96,7 +96,7 @@ func TestTryAuthenticateWithError(t *testing.T) { r := &http.Request{URL: reqURL} require.Equal(t, true, auth.TryAuthenticate(result, r, source.NewMockSource())) - require.Equal(t, 401, result.Code) + require.Equal(t, http.StatusUnauthorized, result.Code) } func TestTryAuthenticateWithCodeButInvalidState(t *testing.T) { @@ -115,7 +115,7 @@ func TestTryAuthenticateWithCodeButInvalidState(t *testing.T) { session.Save(r, result) require.Equal(t, true, auth.TryAuthenticate(result, r, source.NewMockSource())) - require.Equal(t, 401, result.Code) + require.Equal(t, http.StatusUnauthorized, result.Code) } func TestTryAuthenticateRemoveTokenFromRedirect(t *testing.T) { @@ -260,7 +260,7 @@ func TestCheckAuthenticationWhenAccess(t *testing.T) { require.False(t, contentServed) // notFoundContent wasn't served so the default response from CheckAuthentication should be 200 - require.Equal(t, 200, result.Code) + require.Equal(t, http.StatusOK, result.Code) } func TestCheckAuthenticationWhenNoAccess(t *testing.T) { @@ -299,7 +299,7 @@ func TestCheckAuthenticationWhenNoAccess(t *testing.T) { res := w.Result() defer res.Body.Close() - require.Equal(t, 404, res.StatusCode) + require.Equal(t, http.StatusNotFound, res.StatusCode) body, err := ioutil.ReadAll(res.Body) require.NoError(t, err) @@ -339,7 +339,7 @@ func TestCheckAuthenticationWhenInvalidToken(t *testing.T) { contentServed := auth.CheckAuthentication(result, r, &domainMock{projectID: 1000}) require.True(t, contentServed) - require.Equal(t, 302, result.Code) + require.Equal(t, http.StatusFound, result.Code) } func TestCheckAuthenticationWithoutProject(t *testing.T) { @@ -374,7 +374,7 @@ func TestCheckAuthenticationWithoutProject(t *testing.T) { contentServed := auth.CheckAuthenticationWithoutProject(result, r, &domainMock{projectID: 0}) require.False(t, contentServed) - require.Equal(t, 200, result.Code) + require.Equal(t, http.StatusOK, result.Code) } func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) { @@ -409,7 +409,7 @@ func TestCheckAuthenticationWithoutProjectWhenInvalidToken(t *testing.T) { contentServed := auth.CheckAuthenticationWithoutProject(result, r, &domainMock{projectID: 0}) require.True(t, contentServed) - require.Equal(t, 302, result.Code) + require.Equal(t, http.StatusFound, result.Code) } func TestGenerateKeys(t *testing.T) { @@ -489,7 +489,7 @@ func TestCheckResponseForInvalidTokenWhenNotInvalidToken(t *testing.T) { require.NoError(t, err) r := &http.Request{URL: reqURL} - resp := &http.Response{StatusCode: 200, Body: ioutil.NopCloser(bytes.NewReader([]byte("ok")))} + resp := &http.Response{StatusCode: http.StatusOK, Body: ioutil.NopCloser(bytes.NewReader([]byte("ok")))} require.Equal(t, false, auth.CheckResponseForInvalidToken(result, r, resp)) } |