mirror of
https://github.com/GMWalletApp/epusdt.git
synced 2026-07-07 10:16:15 +00:00
f4ef71b359
Allow the admin JWT middleware to parse either Authorization: Bearer <jwt> or a bare JWT value, matching the existing comment. Add tests covering both accepted forms plus missing and empty authorization headers.
119 lines
2.5 KiB
Go
119 lines
2.5 KiB
Go
package middleware
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/GMWalletApp/epusdt/internal/testutil"
|
|
"github.com/GMWalletApp/epusdt/model/data"
|
|
"github.com/GMWalletApp/epusdt/model/mdb"
|
|
appjwt "github.com/GMWalletApp/epusdt/util/jwt"
|
|
"github.com/labstack/echo/v4"
|
|
)
|
|
|
|
func TestAdminTokenFromAuthorization(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
header string
|
|
want string
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "bearer token",
|
|
header: "Bearer jwt-token",
|
|
want: "jwt-token",
|
|
},
|
|
{
|
|
name: "bare token",
|
|
header: "jwt-token",
|
|
want: "jwt-token",
|
|
},
|
|
{
|
|
name: "trimmed bare token",
|
|
header: " jwt-token ",
|
|
want: "jwt-token",
|
|
},
|
|
{
|
|
name: "missing header",
|
|
header: "",
|
|
wantErr: true,
|
|
},
|
|
{
|
|
name: "empty bearer token",
|
|
header: "Bearer ",
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
got, err := adminTokenFromAuthorization(tt.header)
|
|
if tt.wantErr {
|
|
if err == nil {
|
|
t.Fatal("expected error")
|
|
}
|
|
return
|
|
}
|
|
if err != nil {
|
|
t.Fatalf("unexpected error: %v", err)
|
|
}
|
|
if got != tt.want {
|
|
t.Fatalf("token = %q, want %q", got, tt.want)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestCheckAdminJWTAcceptsBearerAndBareTokens(t *testing.T) {
|
|
cleanup := testutil.SetupTestDatabases(t)
|
|
defer cleanup()
|
|
|
|
if err := data.SetSetting(mdb.SettingGroupSystem, mdb.SettingKeyJwtSecret, "test-jwt-secret", mdb.SettingTypeString); err != nil {
|
|
t.Fatalf("seed jwt secret: %v", err)
|
|
}
|
|
token, err := appjwt.Sign(42, "admin")
|
|
if err != nil {
|
|
t.Fatalf("sign jwt: %v", err)
|
|
}
|
|
|
|
tests := []struct {
|
|
name string
|
|
header string
|
|
}{
|
|
{
|
|
name: "bearer token",
|
|
header: "Bearer " + token,
|
|
},
|
|
{
|
|
name: "bare token",
|
|
header: token,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
e := echo.New()
|
|
e.Use(CheckAdminJWT())
|
|
e.GET("/", func(ctx echo.Context) error {
|
|
if got := ctx.Get(AdminUserIDKey); got != uint64(42) {
|
|
t.Fatalf("%s = %v, want 42", AdminUserIDKey, got)
|
|
}
|
|
if got := ctx.Get(AdminUsernameKey); got != "admin" {
|
|
t.Fatalf("%s = %v, want admin", AdminUsernameKey, got)
|
|
}
|
|
return ctx.NoContent(http.StatusNoContent)
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/", nil)
|
|
req.Header.Set(echo.HeaderAuthorization, tt.header)
|
|
rec := httptest.NewRecorder()
|
|
e.ServeHTTP(rec, req)
|
|
|
|
if rec.Code != http.StatusNoContent {
|
|
t.Fatalf("status = %d, want %d; body=%s", rec.Code, http.StatusNoContent, rec.Body.String())
|
|
}
|
|
})
|
|
}
|
|
}
|