summaryrefslogtreecommitdiffhomepage
path: root/config/setup/basicauth_test.go
blob: a94d6e695eaf8fd1da0d01cedac53b1d878877cb (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
package setup

import (
	"fmt"
	"io/ioutil"
	"os"
	"strings"
	"testing"

	"github.com/mholt/caddy/middleware/basicauth"
)

func TestBasicAuth(t *testing.T) {
	c := NewTestController(`basicauth user pwd`)

	mid, err := BasicAuth(c)
	if err != nil {
		t.Errorf("Expected no errors, but got: %v", err)
	}
	if mid == nil {
		t.Fatal("Expected middleware, was nil instead")
	}

	handler := mid(EmptyNext)
	myHandler, ok := handler.(basicauth.BasicAuth)
	if !ok {
		t.Fatalf("Expected handler to be type BasicAuth, got: %#v", handler)
	}

	if !SameNext(myHandler.Next, EmptyNext) {
		t.Error("'Next' field of handler was not set properly")
	}
}

func TestBasicAuthParse(t *testing.T) {
	htpasswdPasswd := "IedFOuGmTpT8"
	htpasswdFile := `sha1:{SHA}dcAUljwz99qFjYR0YLTXx0RqLww=
md5:$apr1$l42y8rex$pOA2VJ0x/0TwaFeAF9nX61`

	var skipHtpassword bool
	htfh, err := ioutil.TempFile(".", "basicauth-")
	if err != nil {
		t.Logf("Error creating temp file (%v), will skip htpassword test", err)
		skipHtpassword = true
	} else {
		if _, err = htfh.Write([]byte(htpasswdFile)); err != nil {
			t.Fatalf("write htpasswd file %q: %v", htfh.Name(), err)
		}
		htfh.Close()
		defer os.Remove(htfh.Name())
	}

	tests := []struct {
		input     string
		shouldErr bool
		password  string
		expected  []basicauth.Rule
	}{
		{`basicauth user pwd`, false, "pwd", []basicauth.Rule{
			{Username: "user"},
		}},
		{`basicauth user pwd {
		}`, false, "pwd", []basicauth.Rule{
			{Username: "user"},
		}},
		{`basicauth user pwd {
			/resource1
			/resource2
		}`, false, "pwd", []basicauth.Rule{
			{Username: "user", Resources: []string{"/resource1", "/resource2"}},
		}},
		{`basicauth /resource user pwd`, false, "pwd", []basicauth.Rule{
			{Username: "user", Resources: []string{"/resource"}},
		}},
		{`basicauth /res1 user1 pwd1
		  basicauth /res2 user2 pwd2`, false, "pwd", []basicauth.Rule{
			{Username: "user1", Resources: []string{"/res1"}},
			{Username: "user2", Resources: []string{"/res2"}},
		}},
		{`basicauth user`, true, "", []basicauth.Rule{}},
		{`basicauth`, true, "", []basicauth.Rule{}},
		{`basicauth /resource user pwd asdf`, true, "", []basicauth.Rule{}},

		{`basicauth sha1 htpasswd=` + htfh.Name(), false, htpasswdPasswd, []basicauth.Rule{
			{Username: "sha1"},
		}},
	}

	for i, test := range tests {
		c := NewTestController(test.input)
		actual, err := basicAuthParse(c)

		if err == nil && test.shouldErr {
			t.Errorf("Test %d didn't error, but it should have", i)
		} else if err != nil && !test.shouldErr {
			t.Errorf("Test %d errored, but it shouldn't have; got '%v'", i, err)
		}

		if len(actual) != len(test.expected) {
			t.Fatalf("Test %d expected %d rules, but got %d",
				i, len(test.expected), len(actual))
		}

		for j, expectedRule := range test.expected {
			actualRule := actual[j]

			if actualRule.Username != expectedRule.Username {
				t.Errorf("Test %d, rule %d: Expected username '%s', got '%s'",
					i, j, expectedRule.Username, actualRule.Username)
			}

			if strings.Contains(test.input, "htpasswd=") && skipHtpassword {
				continue
			}
			pwd := test.password
			if len(actual) > 1 {
				pwd = fmt.Sprintf("%s%d", pwd, j+1)
			}
			if !actualRule.Password(pwd) || actualRule.Password(test.password+"!") {
				t.Errorf("Test %d, rule %d: Expected password '%v', got '%v'",
					i, j, test.password, actualRule.Password)
			}

			expectedRes := fmt.Sprintf("%v", expectedRule.Resources)
			actualRes := fmt.Sprintf("%v", actualRule.Resources)
			if actualRes != expectedRes {
				t.Errorf("Test %d, rule %d: Expected resource list %s, but got %s",
					i, j, expectedRes, actualRes)
			}
		}
	}
}