Added key auth middleware

Signed-off-by: Vishal Rana <vr@labstack.com>
2025-07-05 00:58:47 +02:00 · 2017-01-02 20:12:06 -08:00
parent ab203bf19c
commit 412823eabb
11 changed files with 319 additions and 57 deletions
--- a/middleware/basic_auth_test.go
+++ b/middleware/basic_auth_test.go
@ -30,21 +30,21 @@ func TestBasicAuth(t *testing.T) {
 	req.Header.Set(echo.HeaderAuthorization, auth)
 	assert.NoError(t, h(c))

-	// Incorrect password
-	auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:password"))
+	// Invalid credentials
+	auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:invalid-password"))
 	req.Header.Set(echo.HeaderAuthorization, auth)
 	he := h(c).(*echo.HTTPError)
 	assert.Equal(t, http.StatusUnauthorized, he.Code)
 	assert.Equal(t, basic+" realm=Restricted", res.Header().Get(echo.HeaderWWWAuthenticate))

-	// Empty Authorization header
-	req.Header.Set(echo.HeaderAuthorization, "")
+	// Missing Authorization header
+	req.Header.Del(echo.HeaderAuthorization)
 	he = h(c).(*echo.HTTPError)
-	assert.Equal(t, http.StatusUnauthorized, he.Code)
+	assert.Equal(t, http.StatusBadRequest, he.Code)

 	// Invalid Authorization header
 	auth = base64.StdEncoding.EncodeToString([]byte("invalid"))
 	req.Header.Set(echo.HeaderAuthorization, auth)
 	he = h(c).(*echo.HTTPError)
-	assert.Equal(t, http.StatusUnauthorized, he.Code)
+	assert.Equal(t, http.StatusBadRequest, he.Code)
 }