add test for failted auth refresh with blocking

go-pkgz · Jan 2, 2019 · 0fb28bf · 0fb28bf
1 parent 8a9b27f
commit 0fb28bf
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 2 deletions.
diff --git a/go.sum b/go.sum
@@ -16,6 +16,7 @@ github.com/go-pkgz/rest v1.1.4 h1:/Lrg9kBWBjNah7nmCDHLszRAfVVBIy5ajf0vVgpHPi0=
 github.com/go-pkgz/rest v1.1.4/go.mod h1:DIxxm3vSt6e+IY+UQUOFsfB2YaHLmGoOfPLWN5pxQSA=
 github.com/go-pkgz/rest v1.1.5 h1:5br4mnscfLb27yxv5hJFLBVmAt09PrmIBP+meA3CfHc=
 github.com/go-pkgz/rest v1.1.5/go.mod h1:DIxxm3vSt6e+IY+UQUOFsfB2YaHLmGoOfPLWN5pxQSA=
+github.com/hashicorp/golang-lru v0.5.0 h1:CL2msUPvZTLb5O648aiLNJw3hnBxN2+1Jq8rCOH9wdo=
 github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
 github.com/nullrocks/identicon v0.0.0-20180626043057-7875f45b0022 h1:Ys0rDzh8s4UMlGaDa1UTA0sfKgvF0hQZzTYX8ktjiDc=
 github.com/nullrocks/identicon v0.0.0-20180626043057-7875f45b0022/go.mod h1:x4NsS+uc7ecH/Cbm9xKQ6XzmJM57rWTkjywjfB2yQ18=

diff --git a/logger/logger_test.go b/logger/logger_test.go
@@ -2,6 +2,7 @@ package logger
 
 import (
 	"bytes"
+	"errors"
 	"fmt"
 	"log"
 	"os"
@@ -19,6 +20,9 @@ func TestLogger(t *testing.T) {
 
 	lg.Logf("blah %s %d something", "str", 123)
 	assert.Equal(t, "blah str 123 something", buff.String())
+
+	Std.Logf("blah %s %d something", "str", 123)
+	Std.Logf("[DEBUG] auth failed, %s", errors.New("blah blah"))
 }
 
 func TestStd(t *testing.T) {

diff --git a/middleware/auth_test.go b/middleware/auth_test.go
@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"io/ioutil"
 	"log"
 	"net/http"
 	"net/http/cookiejar"
@@ -120,6 +121,30 @@ func TestAuthJWTRefresh(t *testing.T) {
 	ts := time.Unix(claims.ExpiresAt, 0)
 	assert.True(t, ts.After(time.Now()), "expiration in the future")
 	log.Print(time.Unix(claims.ExpiresAt, 0))
+
+}
+
+func TestAuthJWTRefreshFailed(t *testing.T) {
+	a := makeTestAuth(t)
+	a.Validator = token.ValidatorFunc(func(token string, claims token.Claims) bool { return false })
+	server := httptest.NewServer(makeTestMux(t, a, true))
+	defer server.Close()
+
+	jar, err := cookiejar.New(nil)
+	require.Nil(t, err)
+	client := &http.Client{Jar: jar, Timeout: 5 * time.Second}
+
+	req, err := http.NewRequest("GET", server.URL+"/auth", nil)
+	require.NoError(t, err)
+	req.Header.Add("X-JWT", testJwtExpired)
+	resp, err := client.Do(req)
+	require.NoError(t, err)
+	defer resp.Body.Close()
+	assert.Equal(t, 401, resp.StatusCode)
+
+	data, err := ioutil.ReadAll(resp.Body)
+	require.NoError(t, err)
+	assert.Equal(t, "Unauthorized\n", string(data))
 }
 
 func TestAuthJWtBlocked(t *testing.T) {
@@ -248,7 +273,7 @@ func makeTestAuth(t *testing.T) Authenticator {
 	j := token.NewService(token.Opts{
 		SecretReader:   token.SecretFunc(func(aud string) (string, error) { return "xyz 12345", nil }),
 		SecureCookies:  false,
-		TokenDuration:  time.Hour,
+		TokenDuration:  time.Second,
 		CookieDuration: time.Hour * 24 * 31,
 		ClaimsUpd: token.ClaimsUpdFunc(func(claims token.Claims) token.Claims {
 			claims.User.SetStrAttr("stra", "stra-val")
@@ -261,6 +286,6 @@ func makeTestAuth(t *testing.T) Authenticator {
 		AdminPasswd: "123456",
 		JWTService:  j,
 		Validator:   token.ValidatorFunc(func(token string, claims token.Claims) bool { return true }),
-		L:           logger.Func(func(fmt string, args ...interface{}) { log.Printf(fmt, args) }),
+		L:           logger.Std,
 	}
 }