-
Notifications
You must be signed in to change notification settings - Fork 26
/
federate_test.go
112 lines (97 loc) · 3.27 KB
/
federate_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package beyond
import (
"fmt"
"io/ioutil"
"net/http"
"net/http/httptest"
"net/url"
"testing"
"github.com/drewolson/testflight"
"github.com/gorilla/securecookie"
"github.com/stretchr/testify/assert"
)
var (
federateServer = httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
switch r.URL.Path {
case "/next":
token := r.URL.Query().Get("token")
if token == "" {
w.WriteHeader(551)
return
}
handled := false
testflight.WithServer(testMux, func(r *testflight.Requester) {
request, err := http.NewRequest("GET", "/federate/verify?token="+token, nil)
if err == nil {
request.Host = *host
response := r.Do(request)
w.Write(response.RawBody)
handled = true
return
}
})
if !handled {
fmt.Fprint(w, "ERR")
w.WriteHeader(552)
}
return
default:
return
}
}))
)
func TestFederateSetup(t *testing.T) {
assert.NoError(t, federateSetup())
assert.Empty(t, federateAccessCodec)
*federateAccessKey = "9zcNzr9ObeWnNExMXYbeXxy9CxMMz6FS6ZhSfYRwzXHTNa3ZJo7uFQ2qsWZ5u1Id"
*federateSecretKey = "S6ZhSfYRwzXHTNa3ZJo7uFQ2qsWZ5u1Id9zcNzr9ObeWnNExMXYbeXxy9CxMMz6F"
assert.NoError(t, federateSetup())
assert.NotEmpty(t, federateAccessCodec)
assert.NotEmpty(t, federateSecretCodec)
}
func TestFederateHandler(t *testing.T) {
testflight.WithServer(testMux, func(r *testflight.Requester) {
request, err := http.NewRequest("GET", "/federate", nil)
request.Host = *host
assert.NoError(t, err)
response := r.Do(request)
assert.Equal(t, 403, response.StatusCode)
assert.Equal(t, "securecookie: the value is not valid\n", response.Body)
next := federateServer.URL + "/next?token="
next, err = securecookie.EncodeMulti("next", next, federateAccessCodec...)
assert.NoError(t, err)
request, err = http.NewRequest("GET", "/federate?next="+url.QueryEscape(next), nil)
request.Host = *host
assert.NoError(t, err)
response = r.Do(request)
assert.Equal(t, *fouroOneCode, response.StatusCode)
assert.Contains(t, response.Body, "/launch?next=https")
request, err = http.NewRequest("GET", "/federate?next="+url.QueryEscape(next), nil)
assert.NoError(t, err)
request.Host = *host
vals := map[string]interface{}{"user": "[email protected]"}
cookieValue, err := securecookie.EncodeMulti(*cookieName, &vals, store.Codecs...)
assert.NoError(t, err)
request.AddCookie(&http.Cookie{Name: *cookieName, Value: cookieValue})
response = r.Do(request)
assert.Equal(t, 200, response.StatusCode)
assert.Equal(t, "{\"email\":\"[email protected]\"}\n", response.Body)
federateSecretCodec = []securecookie.Codec{}
request, err = http.NewRequest("GET", "/federate?next="+url.QueryEscape(next), nil)
assert.NoError(t, err)
request.Host = *host
request.AddCookie(&http.Cookie{Name: *cookieName, Value: cookieValue})
response = r.Do(request)
assert.Equal(t, 500, response.StatusCode)
assert.Contains(t, response.Body, "securecookie: no codecs provided")
})
}
func TestFederateVerify500(t *testing.T) {
req := httptest.NewRequest("GET", "http://"+*host+"/federate/verify?", nil)
w := httptest.NewRecorder()
testMux.ServeHTTP(w, req)
resp := w.Result()
body, _ := ioutil.ReadAll(resp.Body)
assert.Equal(t, 500, resp.StatusCode)
assert.Equal(t, "securecookie: no codecs provided\n", string(body))
}