| Index: server/auth/context_test.go
|
| diff --git a/server/auth/context_test.go b/server/auth/context_test.go
|
| index a281bc49379519ba588c8bf550db5c191b9a671f..184c9a6e6b0aaa295f866a035b9046ed3e4cfcca 100644
|
| --- a/server/auth/context_test.go
|
| +++ b/server/auth/context_test.go
|
| @@ -4,26 +4,25 @@
|
|
|
| package auth
|
|
|
| import (
|
| "fmt"
|
| "net/http"
|
| "net/http/httptest"
|
| "net/url"
|
| "testing"
|
|
|
| - "github.com/julienschmidt/httprouter"
|
| "golang.org/x/net/context"
|
|
|
| "github.com/luci/luci-go/common/errors"
|
| "github.com/luci/luci-go/server/auth/identity"
|
| - "github.com/luci/luci-go/server/middleware"
|
| + "github.com/luci/luci-go/server/router"
|
| . "github.com/smartystreets/goconvey/convey"
|
| )
|
|
|
| func TestContext(t *testing.T) {
|
| Convey("Works", t, func() {
|
| c := context.Background()
|
|
|
| So(GetAuthenticator(c), ShouldBeNil)
|
| _, err := LoginURL(c, "dest")
|
| So(err, ShouldEqual, ErrNoUsersAPI)
|
| @@ -47,130 +46,138 @@ func TestContext(t *testing.T) {
|
| So(err, ShouldBeNil)
|
| So(dest, ShouldEqual, "http://login_url?r=dest")
|
| dest, err = LogoutURL(c, "dest")
|
| So(err, ShouldBeNil)
|
| So(dest, ShouldEqual, "http://logout_url?r=dest")
|
| })
|
|
|
| }
|
|
|
| func TestContextAuthenticate(t *testing.T) {
|
| - call := func(c context.Context, h middleware.Handler) *httptest.ResponseRecorder {
|
| + call := func(c context.Context, m router.MiddlewareChain, h router.Handler) *httptest.ResponseRecorder {
|
| req, err := http.NewRequest("GET", "http://example.com/foo", nil)
|
| So(err, ShouldBeNil)
|
| w := httptest.NewRecorder()
|
| - h(c, w, req, nil)
|
| + router.RunMiddleware(&router.Context{
|
| + Context: c,
|
| + Writer: w,
|
| + Request: req,
|
| + }, m, h)
|
| return w
|
| }
|
|
|
| - handler := func(c context.Context, rw http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
| - fmt.Fprintf(rw, "%s", CurrentIdentity(c))
|
| + handler := func(c *router.Context) {
|
| + fmt.Fprintf(c.Writer, "%s", CurrentIdentity(c.Context))
|
| }
|
|
|
| Convey("Not configured", t, func() {
|
| - rr := call(context.Background(), Authenticate(handler))
|
| + rr := call(context.Background(), router.MiddlewareChain{Authenticate}, handler)
|
| So(rr.Code, ShouldEqual, 500)
|
| So(rr.Body.String(), ShouldEqual, "Authentication middleware is not configured\n")
|
| })
|
|
|
| Convey("Transient error", t, func() {
|
| c := prepareCtx(fakeMethod{authError: errors.WrapTransient(errors.New("boo"))})
|
| - rr := call(c, Authenticate(handler))
|
| + rr := call(c, router.MiddlewareChain{Authenticate}, handler)
|
| So(rr.Code, ShouldEqual, 500)
|
| So(rr.Body.String(), ShouldEqual, "Transient error during authentication - boo\n")
|
| })
|
|
|
| Convey("Fatal error", t, func() {
|
| c := prepareCtx(fakeMethod{authError: errors.New("boo")})
|
| - rr := call(c, Authenticate(handler))
|
| + rr := call(c, router.MiddlewareChain{Authenticate}, handler)
|
| So(rr.Code, ShouldEqual, 401)
|
| So(rr.Body.String(), ShouldEqual, "Authentication error - boo\n")
|
| })
|
|
|
| Convey("Works", t, func() {
|
| c := prepareCtx(fakeMethod{userID: "user:abc@example.com"})
|
| - rr := call(c, Authenticate(handler))
|
| + rr := call(c, router.MiddlewareChain{Authenticate}, handler)
|
| So(rr.Code, ShouldEqual, 200)
|
| So(rr.Body.String(), ShouldEqual, "user:abc@example.com")
|
| })
|
|
|
| Convey("Anonymous works", t, func() {
|
| c := prepareCtx(fakeMethod{anon: true})
|
| - rr := call(c, Authenticate(handler))
|
| + rr := call(c, router.MiddlewareChain{Authenticate}, handler)
|
| So(rr.Code, ShouldEqual, 200)
|
| So(rr.Body.String(), ShouldEqual, "anonymous:anonymous")
|
| })
|
|
|
| Convey("Broken ID is rejected", t, func() {
|
| c := prepareCtx(fakeMethod{userID: "???"})
|
| - rr := call(c, Authenticate(handler))
|
| + rr := call(c, router.MiddlewareChain{Authenticate}, handler)
|
| So(rr.Code, ShouldEqual, 401)
|
| So(rr.Body.String(), ShouldEqual, "Authentication error - auth: bad identity string \"???\"\n")
|
| })
|
| }
|
|
|
| func TestAutologin(t *testing.T) {
|
| - call := func(c context.Context, h middleware.Handler) *httptest.ResponseRecorder {
|
| + call := func(c context.Context, m router.MiddlewareChain, h router.Handler) *httptest.ResponseRecorder {
|
| req, err := http.NewRequest("GET", "http://example.com/foo", nil)
|
| So(err, ShouldBeNil)
|
| w := httptest.NewRecorder()
|
| - h(c, w, req, nil)
|
| + router.RunMiddleware(&router.Context{
|
| + Context: c,
|
| + Writer: w,
|
| + Request: req,
|
| + }, m, h)
|
| return w
|
| }
|
|
|
| - handler := func(c context.Context, rw http.ResponseWriter, r *http.Request, p httprouter.Params) {
|
| - fmt.Fprintf(rw, "%s", CurrentIdentity(c))
|
| + handler := func(c *router.Context) {
|
| + fmt.Fprintf(c.Writer, "%s", CurrentIdentity(c.Context))
|
| }
|
|
|
| Convey("Not configured", t, func() {
|
| - rr := call(context.Background(), Autologin(handler))
|
| + rr := call(context.Background(), router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 500)
|
| So(rr.Body.String(), ShouldEqual, "Authentication middleware is not configured\n")
|
| })
|
|
|
| Convey("Transient error", t, func() {
|
| c := prepareCtx(fakeMethod{authError: errors.WrapTransient(errors.New("boo"))})
|
| - rr := call(c, Autologin(handler))
|
| + rr := call(c, router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 500)
|
| So(rr.Body.String(), ShouldEqual, "Transient error during authentication - boo\n")
|
| })
|
|
|
| Convey("Fatal error", t, func() {
|
| c := prepareCtx(fakeMethod{authError: errors.New("boo")})
|
| - rr := call(c, Autologin(handler))
|
| + rr := call(c, router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 401)
|
| })
|
|
|
| Convey("Anonymous is redirected to login if has UsersAPI", t, func() {
|
| c := prepareCtx(fakeMethod{anon: true})
|
| - rr := call(c, Autologin(handler))
|
| + rr := call(c, router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 302)
|
| So(rr.Header().Get("Location"), ShouldEqual, "http://login_url?r=%2Ffoo")
|
| })
|
|
|
| Convey("Anonymous is rejected if no UsersAPI", t, func() {
|
| c := prepareCtx(noUserAPI{})
|
| - rr := call(c, Autologin(handler))
|
| + rr := call(c, router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 401)
|
| So(rr.Body.String(), ShouldEqual, "Authentication error - auth: methods do not support login or logout URL\n")
|
| })
|
|
|
| Convey("Handles transient error in LoginURL", t, func() {
|
| c := prepareCtx(fakeMethod{anon: true, loginURLError: errors.WrapTransient(errors.New("boo"))})
|
| - rr := call(c, Autologin(handler))
|
| + rr := call(c, router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 500)
|
| So(rr.Body.String(), ShouldEqual, "Transient error during authentication - boo\n")
|
| })
|
|
|
| Convey("Passes authenticated user through", t, func() {
|
| c := prepareCtx(fakeMethod{userID: "user:abc@example.com"})
|
| - rr := call(c, Autologin(handler))
|
| + rr := call(c, router.MiddlewareChain{Autologin}, handler)
|
| So(rr.Code, ShouldEqual, 200)
|
| So(rr.Body.String(), ShouldEqual, "user:abc@example.com")
|
| })
|
| }
|
|
|
| func prepareCtx(m ...Method) context.Context {
|
| c := SetAuthenticator(context.Background(), Authenticator(m))
|
| c = UseDB(c, func(context.Context) (DB, error) {
|
| return &fakeDB{}, nil
|
| })
|
|
|
Chromium Code Reviews
Issue 2043423004:
Make HTTP middleware easier to use (Closed)
Base URL: https://github.com/luci/luci-go@master