forked from golang-jwt/jwt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
request_test.go
104 lines (96 loc) · 2.4 KB
/
request_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
package request
import (
"fmt"
"net/http"
"net/url"
"reflect"
"strings"
"testing"
"github.com/golang-jwt/jwt/v5"
"github.com/golang-jwt/jwt/v5/test"
)
var requestTestData = []struct {
name string
claims jwt.MapClaims
extractor Extractor
headers map[string]string
query url.Values
valid bool
}{
{
"authorization bearer token",
jwt.MapClaims{"foo": "bar"},
AuthorizationHeaderExtractor,
map[string]string{"Authorization": "Bearer %v"},
url.Values{},
true,
},
{
"oauth bearer token - header",
jwt.MapClaims{"foo": "bar"},
OAuth2Extractor,
map[string]string{"Authorization": "Bearer %v"},
url.Values{},
true,
},
{
"oauth bearer token - url",
jwt.MapClaims{"foo": "bar"},
OAuth2Extractor,
map[string]string{},
url.Values{"access_token": {"%v"}},
true,
},
{
"url token",
jwt.MapClaims{"foo": "bar"},
ArgumentExtractor{"token"},
map[string]string{},
url.Values{"token": {"%v"}},
true,
},
}
func TestParseRequest(t *testing.T) {
// load keys from disk
privateKey := test.LoadRSAPrivateKeyFromDisk("../test/sample_key")
publicKey := test.LoadRSAPublicKeyFromDisk("../test/sample_key.pub")
keyfunc := func(*jwt.Token) (interface{}, error) {
return publicKey, nil
}
// Bearer token request
for _, data := range requestTestData {
// Make token from claims
tokenString := test.MakeSampleToken(data.claims, jwt.SigningMethodRS256, privateKey)
// Make query string
for k, vv := range data.query {
for i, v := range vv {
if strings.Contains(v, "%v") {
data.query[k][i] = fmt.Sprintf(v, tokenString)
}
}
}
// Make request from test struct
r, _ := http.NewRequest("GET", fmt.Sprintf("/?%v", data.query.Encode()), nil)
for k, v := range data.headers {
if strings.Contains(v, "%v") {
r.Header.Set(k, fmt.Sprintf(v, tokenString))
} else {
r.Header.Set(k, tokenString)
}
}
token, err := ParseFromRequestWithClaims(r, data.extractor, jwt.MapClaims{}, keyfunc)
if token == nil {
t.Errorf("[%v] Token was not found: %v", data.name, err)
continue
}
if !reflect.DeepEqual(data.claims, token.Claims) {
t.Errorf("[%v] Claims mismatch. Expecting: %v Got: %v", data.name, data.claims, token.Claims)
}
if data.valid && err != nil {
t.Errorf("[%v] Error while verifying token: %v", data.name, err)
}
if !data.valid && err == nil {
t.Errorf("[%v] Invalid token passed validation", data.name)
}
}
}