Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(106)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: server/auth/openid/method_test.go

Issue 2043423004: Make HTTP middleware easier to use (Closed) Base URL: https://github.com/luci/luci-go@master
Patch Set: Update tests Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« appengine/tumble/tumbletest.go ('K') | « server/auth/openid/method.go ('k') | server/auth/signing/context.go » ('j') | server/middleware/paniccatcher.go » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The LUCI Authors. All rights reserved. 1 // Copyright 2015 The LUCI Authors. All rights reserved.
2 // Use of this source code is governed under the Apache License, Version 2.0 2 // Use of this source code is governed under the Apache License, Version 2.0
3 // that can be found in the LICENSE file. 3 // that can be found in the LICENSE file.
4 4
5 package openid 5 package openid
6 6
7 import ( 7 import (
8 "fmt" 8 "fmt"
9 "net/http" 9 "net/http"
10 "net/http/httptest" 10 "net/http/httptest"
11 "net/url" 11 "net/url"
12 "testing" 12 "testing"
13 "time" 13 "time"
14 14
15 "github.com/luci/luci-go/common/clock/testclock" 15 "github.com/luci/luci-go/common/clock/testclock"
16 "github.com/luci/luci-go/server/auth" 16 "github.com/luci/luci-go/server/auth"
17 "github.com/luci/luci-go/server/auth/authtest" 17 "github.com/luci/luci-go/server/auth/authtest"
18 "github.com/luci/luci-go/server/router"
18 "github.com/luci/luci-go/server/secrets/testsecrets" 19 "github.com/luci/luci-go/server/secrets/testsecrets"
19 "github.com/luci/luci-go/server/settings" 20 "github.com/luci/luci-go/server/settings"
20 "golang.org/x/net/context" 21 "golang.org/x/net/context"
21 22
22 . "github.com/luci/luci-go/common/testing/assertions" 23 . "github.com/luci/luci-go/common/testing/assertions"
23 . "github.com/smartystreets/goconvey/convey" 24 . "github.com/smartystreets/goconvey/convey"
24 ) 25 )
25 26
26 func TestFullFlow(t *testing.T) { 27 func TestFullFlow(t *testing.T) {
27 Convey("with test context", t, func(c C) { 28 Convey("with test context", t, func(c C) {
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
85 86
86 // Generate login URL. 87 // Generate login URL.
87 loginURL, err := method.LoginURL(ctx, "/destination") 88 loginURL, err := method.LoginURL(ctx, "/destination")
88 So(err, ShouldBeNil) 89 So(err, ShouldBeNil)
89 So(loginURL, ShouldEqual, "/auth/openid/login?r=%2Fdesti nation") 90 So(loginURL, ShouldEqual, "/auth/openid/login?r=%2Fdesti nation")
90 91
91 // "Visit" login URL. 92 // "Visit" login URL.
92 req, err := http.NewRequest("GET", "http://fake"+loginUR L, nil) 93 req, err := http.NewRequest("GET", "http://fake"+loginUR L, nil)
93 So(err, ShouldBeNil) 94 So(err, ShouldBeNil)
94 rec := httptest.NewRecorder() 95 rec := httptest.NewRecorder()
95 » » » method.loginHandler(ctx, rec, req, nil) 96 » » » method.loginHandler(&router.Context{Context: ctx, Writer : rec, Request: req, Params: nil})
96 97
97 // It asks us to visit authorizarion endpoint. 98 // It asks us to visit authorizarion endpoint.
98 So(rec.Code, ShouldEqual, http.StatusFound) 99 So(rec.Code, ShouldEqual, http.StatusFound)
99 parsed, err := url.Parse(rec.Header().Get("Location")) 100 parsed, err := url.Parse(rec.Header().Get("Location"))
100 So(err, ShouldBeNil) 101 So(err, ShouldBeNil)
101 So(parsed.Host, ShouldEqual, ts.URL[len("http://"):]) 102 So(parsed.Host, ShouldEqual, ts.URL[len("http://"):])
102 So(parsed.Path, ShouldEqual, "/authorization") 103 So(parsed.Path, ShouldEqual, "/authorization")
103 So(parsed.Query(), ShouldResemble, url.Values{ 104 So(parsed.Query(), ShouldResemble, url.Values{
104 "client_id": {"client_id"}, 105 "client_id": {"client_id"},
105 "redirect_uri": {"http://fake/redirect"}, 106 "redirect_uri": {"http://fake/redirect"},
106 "response_type": {"code"}, 107 "response_type": {"code"},
107 "scope": {"openid email profile"}, 108 "scope": {"openid email profile"},
108 "prompt": {"select_account"}, 109 "prompt": {"select_account"},
109 "state": { 110 "state": {
110 "AXsiX2kiOiIxNDQyNTQwMDAwMDAwIiwiZGVzdF9 1cmwiOiIvZGVzdGluYXRpb24iLC" + 111 "AXsiX2kiOiIxNDQyNTQwMDAwMDAwIiwiZGVzdF9 1cmwiOiIvZGVzdGluYXRpb24iLC" +
111 "Job3N0X3VybCI6ImZha2UifUFtzG6wP buvHG2mY_Wf6eQ_Eiu7n3_Tf6GmRcse1g" + 112 "Job3N0X3VybCI6ImZha2UifUFtzG6wP buvHG2mY_Wf6eQ_Eiu7n3_Tf6GmRcse1g" +
112 "YE", 113 "YE",
113 }, 114 },
114 }) 115 })
115 116
116 // Pretend we've done it. OpenID redirects user's browse r to callback URI. 117 // Pretend we've done it. OpenID redirects user's browse r to callback URI.
117 // `callbackHandler` will call /token and /userinfo fake endpoints exposed 118 // `callbackHandler` will call /token and /userinfo fake endpoints exposed
118 // by testserver. 119 // by testserver.
119 callbackParams := url.Values{} 120 callbackParams := url.Values{}
120 callbackParams.Set("code", "omg_auth_code") 121 callbackParams.Set("code", "omg_auth_code")
121 callbackParams.Set("state", parsed.Query().Get("state")) 122 callbackParams.Set("state", parsed.Query().Get("state"))
122 req, err = http.NewRequest("GET", "http://fake/redirect? "+callbackParams.Encode(), nil) 123 req, err = http.NewRequest("GET", "http://fake/redirect? "+callbackParams.Encode(), nil)
123 So(err, ShouldBeNil) 124 So(err, ShouldBeNil)
124 rec = httptest.NewRecorder() 125 rec = httptest.NewRecorder()
125 » » » method.callbackHandler(ctx, rec, req, nil) 126 » » » method.callbackHandler(&router.Context{Context: ctx, Wri ter: rec, Request: req, Params: nil})
126 127
127 // We should be redirected to the login page, with sessi on cookie set. 128 // We should be redirected to the login page, with sessi on cookie set.
128 expectedCookie := "oid_session=AXsiX2kiOiIxNDQyNTQwMDAwM DAwIiwic2lkIjoi" + 129 expectedCookie := "oid_session=AXsiX2kiOiIxNDQyNTQwMDAwM DAwIiwic2lkIjoi" +
129 "dXNlcl9pZF9zdWIvMSJ9PmRzaOv-mS0PMHkve897iiELNmp iLi_j3ICG1VKuNCs" 130 "dXNlcl9pZF9zdWIvMSJ9PmRzaOv-mS0PMHkve897iiELNmp iLi_j3ICG1VKuNCs"
130 So(rec.Code, ShouldEqual, http.StatusFound) 131 So(rec.Code, ShouldEqual, http.StatusFound)
131 So(rec.Header().Get("Location"), ShouldEqual, "/destinat ion") 132 So(rec.Header().Get("Location"), ShouldEqual, "/destinat ion")
132 So(rec.Header().Get("Set-Cookie"), ShouldEqual, 133 So(rec.Header().Get("Set-Cookie"), ShouldEqual,
133 expectedCookie+"; Path=/; Expires=Sun, 18 Oct 20 15 01:18:20 GMT; Max-Age=2591100; HttpOnly") 134 expectedCookie+"; Path=/; Expires=Sun, 18 Oct 20 15 01:18:20 GMT; Max-Age=2591100; HttpOnly")
134 135
135 // Use the cookie to authenticate some call. 136 // Use the cookie to authenticate some call.
(...skipping 10 matching lines...) Expand all
146 }) 147 })
147 148
148 // Now generate URL to and visit logout page. 149 // Now generate URL to and visit logout page.
149 logoutURL, err := method.LogoutURL(ctx, "/another_destin ation") 150 logoutURL, err := method.LogoutURL(ctx, "/another_destin ation")
150 So(err, ShouldBeNil) 151 So(err, ShouldBeNil)
151 So(logoutURL, ShouldEqual, "/auth/openid/logout?r=%2Fano ther_destination") 152 So(logoutURL, ShouldEqual, "/auth/openid/logout?r=%2Fano ther_destination")
152 req, err = http.NewRequest("GET", "http://fake"+logoutUR L, nil) 153 req, err = http.NewRequest("GET", "http://fake"+logoutUR L, nil)
153 So(err, ShouldBeNil) 154 So(err, ShouldBeNil)
154 req.Header.Add("Cookie", expectedCookie) 155 req.Header.Add("Cookie", expectedCookie)
155 rec = httptest.NewRecorder() 156 rec = httptest.NewRecorder()
156 » » » method.logoutHandler(ctx, rec, req, nil) 157 » » » method.logoutHandler(&router.Context{Context: ctx, Write r: rec, Request: req, Params: nil})
157 158
158 // Should be redirected to destination with the cookie k illed. 159 // Should be redirected to destination with the cookie k illed.
159 So(rec.Code, ShouldEqual, http.StatusFound) 160 So(rec.Code, ShouldEqual, http.StatusFound)
160 So(rec.Header().Get("Location"), ShouldEqual, "/another_ destination") 161 So(rec.Header().Get("Location"), ShouldEqual, "/another_ destination")
161 So(rec.Header().Get("Set-Cookie"), ShouldEqual, 162 So(rec.Header().Get("Set-Cookie"), ShouldEqual,
162 "oid_session=deleted; Path=/; Expires=Thu, 01 Ja n 1970 00:00:01 GMT; Max-Age=0") 163 "oid_session=deleted; Path=/; Expires=Thu, 01 Ja n 1970 00:00:01 GMT; Max-Age=0")
163 }) 164 })
164 }) 165 })
165 } 166 }
166 167
167 func TestCallbackHandleEdgeCases(t *testing.T) { 168 func TestCallbackHandleEdgeCases(t *testing.T) {
168 Convey("with test context", t, func(c C) { 169 Convey("with test context", t, func(c C) {
169 ctx := context.Background() 170 ctx := context.Background()
170 ctx = settings.Use(ctx, settings.New(&settings.MemoryStorage{})) 171 ctx = settings.Use(ctx, settings.New(&settings.MemoryStorage{}))
171 ctx, _ = testclock.UseTime(ctx, time.Unix(1442540000, 0)) 172 ctx, _ = testclock.UseTime(ctx, time.Unix(1442540000, 0))
172 ctx = testsecrets.Use(ctx) 173 ctx = testsecrets.Use(ctx)
173 174
174 method := AuthMethod{SessionStore: &authtest.MemorySessionStore{ }} 175 method := AuthMethod{SessionStore: &authtest.MemorySessionStore{ }}
175 176
176 call := func(query map[string]string) *httptest.ResponseRecorder { 177 call := func(query map[string]string) *httptest.ResponseRecorder {
177 q := url.Values{} 178 q := url.Values{}
178 for k, v := range query { 179 for k, v := range query {
179 q.Add(k, v) 180 q.Add(k, v)
180 } 181 }
181 req, err := http.NewRequest("GET", "/auth/openid/callbac k?"+q.Encode(), nil) 182 req, err := http.NewRequest("GET", "/auth/openid/callbac k?"+q.Encode(), nil)
182 c.So(err, ShouldBeNil) 183 c.So(err, ShouldBeNil)
183 req.Host = "fake.com" 184 req.Host = "fake.com"
184 rec := httptest.NewRecorder() 185 rec := httptest.NewRecorder()
185 » » » method.callbackHandler(ctx, rec, req, nil) 186 » » » method.callbackHandler(&router.Context{Context: ctx, Wri ter: rec, Request: req, Params: nil})
186 return rec 187 return rec
187 } 188 }
188 189
189 Convey("handles 'error'", func() { 190 Convey("handles 'error'", func() {
190 rec := call(map[string]string{"error": "Omg, error"}) 191 rec := call(map[string]string{"error": "Omg, error"})
191 So(rec.Code, ShouldEqual, 400) 192 So(rec.Code, ShouldEqual, 400)
192 So(rec.Body.String(), ShouldEqual, "OpenID login error: Omg, error\n") 193 So(rec.Body.String(), ShouldEqual, "OpenID login error: Omg, error\n")
193 }) 194 })
194 195
195 Convey("handles no 'code'", func() { 196 Convey("handles no 'code'", func() {
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after
250 ctx := context.Background() 251 ctx := context.Background()
251 method := AuthMethod{SessionStore: &authtest.MemorySessionStore{ }} 252 method := AuthMethod{SessionStore: &authtest.MemorySessionStore{ }}
252 253
253 _, err := method.LoginURL(ctx, "http://somesite") 254 _, err := method.LoginURL(ctx, "http://somesite")
254 So(err, ShouldErrLike, "openid: dest URL in LoginURL or LogoutUR L must be relative") 255 So(err, ShouldErrLike, "openid: dest URL in LoginURL or LogoutUR L must be relative")
255 256
256 _, err = method.LogoutURL(ctx, "http://somesite") 257 _, err = method.LogoutURL(ctx, "http://somesite")
257 So(err, ShouldErrLike, "openid: dest URL in LoginURL or LogoutUR L must be relative") 258 So(err, ShouldErrLike, "openid: dest URL in LoginURL or LogoutUR L must be relative")
258 }) 259 })
259 } 260 }
OLDNEW
« appengine/tumble/tumbletest.go ('K') | « server/auth/openid/method.go ('k') | server/auth/signing/context.go » ('j') | server/middleware/paniccatcher.go » ('J')

Powered by Google App Engine
This is Rietveld 408576698