forked from TykTechnologies/tyk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmiddleware_auth_key_test.go
111 lines (96 loc) · 3.08 KB
/
middleware_auth_key_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package main
import (
"net/http"
"net/http/httptest"
"testing"
"net/url"
"time"
"io/ioutil"
"github.com/justinas/alice"
)
func createAuthKeyAuthSession() SessionState {
var thisSession SessionState
// essentially non-throttled
thisSession.Rate = 100.0
thisSession.Allowance = thisSession.Rate
thisSession.LastCheck = time.Now().Unix()
thisSession.Per = 1.0
thisSession.Expires = 0
thisSession.QuotaRenewalRate = 300 // 5 minutes
thisSession.QuotaRenews = time.Now().Unix()
thisSession.QuotaRemaining = 10
thisSession.QuotaMax = 10
thisSession.AccessRights = map[string]AccessDefinition{"31": AccessDefinition{APIName: "Tyk Auth Key Test", APIID: "31", Versions: []string{"default"}}}
return thisSession
}
func getAuthKeyChain(spec APISpec) http.Handler {
remote, _ := url.Parse(spec.Proxy.TargetURL)
proxy := TykNewSingleHostReverseProxy(remote, &spec)
proxyHandler := http.HandlerFunc(ProxyHandler(proxy, &spec))
tykMiddleware := &TykMiddleware{&spec, proxy}
chain := alice.New(
CreateMiddleware(&IPWhiteListMiddleware{tykMiddleware}, tykMiddleware),
CreateMiddleware(&AuthKey{tykMiddleware}, tykMiddleware),
CreateMiddleware(&VersionCheck{TykMiddleware: tykMiddleware}, tykMiddleware),
CreateMiddleware(&KeyExpired{tykMiddleware}, tykMiddleware),
CreateMiddleware(&AccessRightsCheck{tykMiddleware}, tykMiddleware),
CreateMiddleware(&RateLimitAndQuotaCheck{tykMiddleware}, tykMiddleware)).Then(proxyHandler)
return chain
}
func TestBearerTokenAuthKeySession(t *testing.T) {
spec := createDefinitionFromString(authKeyDef)
redisStore := RedisClusterStorageManager{KeyPrefix: "apikey-"}
healthStore := &RedisClusterStorageManager{KeyPrefix: "apihealth."}
orgStore := &RedisClusterStorageManager{KeyPrefix: "orgKey."}
spec.Init(&redisStore, &redisStore, healthStore, orgStore)
thisSession := createAuthKeyAuthSession()
customToken := "54321111"
// AuthKey sessions are stored by {token}
spec.SessionManager.UpdateSession(customToken, thisSession, 60)
recorder := httptest.NewRecorder()
req, err := http.NewRequest("GET", "/auth_key_test/", nil)
if err != nil {
log.Error("Problem creating new request object.", err)
}
req.Header.Add("authorization", "Bearer " + customToken)
chain := getAuthKeyChain(spec)
chain.ServeHTTP(recorder, req)
if recorder.Code != 200 {
t.Error("Initial request failed with non-200 code, should have gone through!: \n", recorder.Code)
t.Error(ioutil.ReadAll(recorder.Body))
}
}
var authKeyDef string = `
{
"name": "Tyk Auth Key Test",
"api_id": "31",
"org_id": "default",
"use_keyless": false,
"definition": {
"location": "header",
"key": "version"
},
"auth": {
"auth_header_name": "authorization"
},
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true,
"expires": "3000-01-02 15:04",
"paths": {
"ignored": [],
"white_list": [],
"black_list": []
}
}
}
},
"proxy": {
"listen_path": "/auth_key_test/",
"target_url": "http://example.com/",
"strip_listen_path": true
}
}`