forked from TykTechnologies/tyk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmw_basic_auth_test.go
48 lines (40 loc) · 1.77 KB
/
mw_basic_auth_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
package main
import (
"encoding/base64"
"fmt"
"strings"
"testing"
"github.com/TykTechnologies/tyk/test"
"github.com/TykTechnologies/tyk/user"
)
func genAuthHeader(username, password string) string {
toEncode := strings.Join([]string{username, password}, ":")
encodedPass := base64.StdEncoding.EncodeToString([]byte(toEncode))
return fmt.Sprintf("Basic %s", encodedPass)
}
func TestBasicAuth(t *testing.T) {
ts := newTykTestServer()
defer ts.Close()
session := createStandardSession()
session.BasicAuthData.Password = "password"
session.AccessRights = map[string]user.AccessDefinition{"test": {APIID: "test", Versions: []string{"v1"}}}
buildAndLoadAPI(func(spec *APISpec) {
spec.UseBasicAuth = true
spec.UseKeylessAccess = false
spec.Proxy.ListenPath = "/"
spec.OrgID = "default"
})
validPassword := map[string]string{"Authorization": genAuthHeader("user", "password")}
wrongPassword := map[string]string{"Authorization": genAuthHeader("user", "wrong")}
wrongFormat := map[string]string{"Authorization": genAuthHeader("user", "password:more")}
malformed := map[string]string{"Authorization": "not base64"}
ts.Run(t, []test.TestCase{
// Create base auth based key
{Method: "POST", Path: "/tyk/keys/defaultuser", Data: session, AdminAuth: true, Code: 200},
{Method: "GET", Path: "/", Code: 401, BodyMatch: `Authorization field missing`},
{Method: "GET", Path: "/", Headers: validPassword, Code: 200},
{Method: "GET", Path: "/", Headers: wrongPassword, Code: 401},
{Method: "GET", Path: "/", Headers: wrongFormat, Code: 400, BodyMatch: `Attempted access with malformed header, values not in basic auth format`},
{Method: "GET", Path: "/", Headers: malformed, Code: 400, BodyMatch: `Attempted access with malformed header, auth data not encoded correctly`},
}...)
}