2017-04-06 18:40:57 +00:00
|
|
|
package oauth2
|
2017-02-16 21:42:43 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"net/http"
|
|
|
|
"net/http/cookiejar"
|
|
|
|
"net/http/httptest"
|
|
|
|
"net/url"
|
|
|
|
"testing"
|
|
|
|
"time"
|
|
|
|
|
|
|
|
clog "github.com/influxdata/chronograf/log"
|
|
|
|
)
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
var testTime = time.Date(1985, time.October, 25, 18, 0, 0, 0, time.UTC)
|
2017-02-16 22:28:14 +00:00
|
|
|
|
2017-02-17 17:41:14 +00:00
|
|
|
// setupMuxTest produces an http.Client and an httptest.Server configured to
|
2017-04-06 18:40:57 +00:00
|
|
|
// use a particular http.Handler selected from a AuthMux. As this selection is
|
2017-02-17 17:41:14 +00:00
|
|
|
// done during the setup process, this configuration is performed by providing
|
|
|
|
// a function, and returning the desired handler. Cleanup is still the
|
|
|
|
// responsibility of the test writer, so the httptest.Server's Close() method
|
|
|
|
// should be deferred.
|
2017-04-06 18:40:57 +00:00
|
|
|
func setupMuxTest(selector func(*AuthMux) http.Handler) (*http.Client, *httptest.Server, *httptest.Server) {
|
2017-02-17 17:41:14 +00:00
|
|
|
provider := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
|
|
|
rw.WriteHeader(http.StatusOK)
|
|
|
|
}))
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
now := func() time.Time {
|
2017-02-16 21:42:43 +00:00
|
|
|
return testTime
|
|
|
|
}
|
2017-04-06 18:40:57 +00:00
|
|
|
mp := &MockProvider{"biff@example.com", provider.URL}
|
|
|
|
mt := &YesManTokenizer{}
|
|
|
|
auth := &cookie{
|
2017-04-14 07:35:30 +00:00
|
|
|
Name: DefaultCookieName,
|
|
|
|
Lifespan: 1 * time.Hour,
|
|
|
|
Inactivity: DefaultInactivityDuration,
|
|
|
|
Now: now,
|
|
|
|
Tokens: mt,
|
2017-04-06 18:40:57 +00:00
|
|
|
}
|
2017-02-16 21:42:43 +00:00
|
|
|
|
2017-05-03 23:34:05 +00:00
|
|
|
jm := NewAuthMux(mp, auth, mt, "", clog.New(clog.ParseLevel("debug")))
|
2017-02-17 17:41:14 +00:00
|
|
|
ts := httptest.NewServer(selector(jm))
|
2017-02-16 21:42:43 +00:00
|
|
|
jar, _ := cookiejar.New(nil)
|
|
|
|
hc := http.Client{
|
|
|
|
Jar: jar,
|
|
|
|
CheckRedirect: func(r *http.Request, via []*http.Request) error {
|
|
|
|
return http.ErrUseLastResponse
|
|
|
|
},
|
|
|
|
}
|
2017-02-17 17:41:14 +00:00
|
|
|
return &hc, ts, provider
|
|
|
|
}
|
|
|
|
|
|
|
|
// teardownMuxTest cleans up any resources created by setupMuxTest. This should
|
|
|
|
// be deferred in your test after setupMuxTest is called
|
|
|
|
func teardownMuxTest(hc *http.Client, backend *httptest.Server, provider *httptest.Server) {
|
|
|
|
provider.Close()
|
|
|
|
backend.Close()
|
|
|
|
}
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
func Test_AuthMux_Logout_DeletesSessionCookie(t *testing.T) {
|
2017-02-17 17:41:14 +00:00
|
|
|
t.Parallel()
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
hc, ts, prov := setupMuxTest(func(j *AuthMux) http.Handler {
|
2017-02-17 17:41:14 +00:00
|
|
|
return j.Logout()
|
|
|
|
})
|
|
|
|
defer teardownMuxTest(hc, ts, prov)
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
tsURL, _ := url.Parse(ts.URL)
|
2017-02-17 17:41:14 +00:00
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
hc.Jar.SetCookies(tsURL, []*http.Cookie{
|
2017-02-16 21:42:43 +00:00
|
|
|
&http.Cookie{
|
2017-04-06 18:40:57 +00:00
|
|
|
Name: DefaultCookieName,
|
2017-02-16 21:42:43 +00:00
|
|
|
Value: "",
|
|
|
|
},
|
|
|
|
})
|
|
|
|
|
|
|
|
resp, err := hc.Get(ts.URL)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error communicating with Logout() handler: err:", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if resp.StatusCode < 300 || resp.StatusCode >= 400 {
|
|
|
|
t.Fatal("Expected to be redirected, but received status code", resp.StatusCode)
|
|
|
|
}
|
|
|
|
|
|
|
|
cookies := resp.Cookies()
|
|
|
|
if len(cookies) != 1 {
|
|
|
|
t.Fatal("Expected that cookie would be present but wasn't")
|
|
|
|
}
|
|
|
|
|
|
|
|
c := cookies[0]
|
2017-04-06 18:40:57 +00:00
|
|
|
if c.Name != DefaultCookieName || c.Expires != testTime.Add(-1*time.Hour) {
|
2017-02-16 21:42:43 +00:00
|
|
|
t.Fatal("Expected cookie to be expired but wasn't")
|
|
|
|
}
|
|
|
|
}
|
2017-02-16 22:28:14 +00:00
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
func Test_AuthMux_Login_RedirectsToCorrectURL(t *testing.T) {
|
2017-02-16 22:28:14 +00:00
|
|
|
t.Parallel()
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
hc, ts, prov := setupMuxTest(func(j *AuthMux) http.Handler {
|
2017-02-17 17:41:14 +00:00
|
|
|
return j.Login() // Use Login handler for httptest server.
|
|
|
|
})
|
|
|
|
defer teardownMuxTest(hc, ts, prov)
|
2017-02-16 22:28:14 +00:00
|
|
|
|
|
|
|
resp, err := hc.Get(ts.URL)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error communicating with Login() handler: err:", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Ensure we were redirected
|
|
|
|
if resp.StatusCode < 300 || resp.StatusCode >= 400 {
|
|
|
|
t.Fatal("Expected to be redirected, but received status code", resp.StatusCode)
|
|
|
|
}
|
|
|
|
|
|
|
|
loc, err := resp.Location()
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Expected a location to be redirected to, but wasn't present")
|
|
|
|
}
|
|
|
|
|
|
|
|
if state := loc.Query().Get("state"); state != "HELLO?!MCFLY?!ANYONEINTHERE?!" {
|
2017-04-06 18:40:57 +00:00
|
|
|
t.Fatalf("Expected state to be %s set but was %s", "HELLO?!MCFLY?!ANYONEINTHERE?!", state)
|
2017-02-16 22:28:14 +00:00
|
|
|
}
|
|
|
|
}
|
2017-02-17 17:41:14 +00:00
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
func Test_AuthMux_Callback_SetsCookie(t *testing.T) {
|
|
|
|
hc, ts, prov := setupMuxTest(func(j *AuthMux) http.Handler {
|
2017-02-17 17:41:14 +00:00
|
|
|
return j.Callback()
|
|
|
|
})
|
|
|
|
defer teardownMuxTest(hc, ts, prov)
|
|
|
|
|
|
|
|
tsURL, _ := url.Parse(ts.URL)
|
|
|
|
|
|
|
|
v := url.Values{
|
|
|
|
"code": {"4815162342"},
|
|
|
|
"state": {"foobar"},
|
|
|
|
}
|
|
|
|
|
|
|
|
tsURL.RawQuery = v.Encode()
|
|
|
|
|
|
|
|
resp, err := hc.Get(tsURL.String())
|
|
|
|
if err != nil {
|
|
|
|
t.Fatal("Error communicating with Callback() handler: err", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Ensure we were redirected
|
|
|
|
if resp.StatusCode < 300 || resp.StatusCode >= 400 {
|
|
|
|
t.Fatal("Expected to be redirected, but received status code", resp.StatusCode)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check that cookie was set
|
|
|
|
cookies := resp.Cookies()
|
|
|
|
if count := len(cookies); count != 1 {
|
|
|
|
t.Fatal("Expected exactly one cookie to be set but found", count)
|
|
|
|
}
|
|
|
|
|
|
|
|
c := cookies[0]
|
|
|
|
|
2017-04-06 18:40:57 +00:00
|
|
|
if c.Name != DefaultCookieName {
|
|
|
|
t.Fatal("Expected cookie to be named", DefaultCookieName, "but was", c.Name)
|
2017-02-17 17:41:14 +00:00
|
|
|
}
|
|
|
|
}
|