-
Notifications
You must be signed in to change notification settings - Fork 0
/
auth_test.go
129 lines (110 loc) · 3.03 KB
/
auth_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
// Copyright 2020, 2023 Juca Crispim <[email protected]>
// This file is part of tupi.
// tupi is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// tupi is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
// You should have received a copy of the GNU Affero General Public License
// along with tupi. If not, see <http://www.gnu.org/licenses/>.
package tupi
import (
"net/http"
"testing"
)
func TestCredentials(t *testing.T) {
fpath := "./testdata/htpasswd"
bad := "./testdata/badhtpasswd"
pwd := "$2y$05$aaD9jwzs9TImqvelCOe3K.S7bdR.UBgG71yqo0j0vZ0PaBpVZaDKO"
var tests = []struct {
fpath string
user string
pwd string
has_err bool
}{
{fpath, "test", pwd, false},
{fpath, "chico", pwd, false},
{bad, "chico", "", true},
}
for _, test := range tests {
creds, err := authCredentials(test.fpath)
if err != nil && !test.has_err {
t.Errorf("%s", err)
continue
}
if creds[test.user] != test.pwd {
t.Errorf("Got a bad password: %s", creds["test"])
}
}
}
func TestUserSecret(t *testing.T) {
fpath := "./testdata/htpasswd"
var tests = []struct {
username string
fpath string
has_error bool
}{
{"test", fpath, false},
{"zé", fpath, true},
}
for _, test := range tests {
_, err := userSecret(test.username, test.fpath)
if err != nil && !test.has_error {
t.Errorf("%s", err)
}
}
}
func TestAuthenticate_BasicAuth(t *testing.T) {
req, _ := http.NewRequest("GET", "/u/", nil)
fpath := "./testdata/htpasswd"
var tests = []struct {
user string
password string
ok bool
fpath string
}{
{"test", "123", true, fpath},
{"test", "345", false, fpath},
{"missing", "123", false, fpath},
{"fpath", "123", false, ""},
}
for _, test := range tests {
conf := DomainConfig{}
conf.HtpasswdFile = test.fpath
req.SetBasicAuth(test.user, test.password)
r, _ := authenticate(req, &conf)
if r != test.ok {
t.Errorf("error in %s %s: %t", test.user, test.password, r)
}
}
}
func TestAuthenticate_Plugin(t *testing.T) {
req, _ := http.NewRequest("GET", "/u/", nil)
fpath := "./build/auth_plugin.so"
fpath_bad := "./build/auth_plugin_bad.so"
fpath_panic := "./build/auth_plugin_panic.so"
var tests = []struct {
host string
ok bool
fpath string
}{
{"test.localhost", true, fpath},
{"bla", false, fpath},
{"test.localhost", false, "error.so"},
{"test.localhost", false, fpath_bad},
{"test.localhost", false, fpath_panic},
}
for _, test := range tests {
LoadAuthPlugin(test.fpath, test.host, nil)
conf := DomainConfig{}
conf.AuthPlugin = test.fpath
req.Host = test.host
r, _ := authenticate(req, &conf)
if r != test.ok {
t.Errorf("error in %s: %t", test.host, r)
}
}
}