mirror of
https://github.com/raseels-repos/golang-saas-starter-kit.git
synced 2025-06-06 23:46:29 +02:00
b4535820d4
Updated authenticator to store JWT private keys in AWS secret manager. This improvement reduces the need to generate a local privite key for the application to start on its initial run.
89 lines
2.3 KiB
Go
89 lines
2.3 KiB
Go
package auth_test
|
|
|
|
import (
|
|
"os"
|
|
"testing"
|
|
"time"
|
|
|
|
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/auth"
|
|
"geeks-accelerator/oss/saas-starter-kit/example-project/internal/platform/tests"
|
|
"github.com/pborman/uuid"
|
|
)
|
|
|
|
var test *tests.Test
|
|
|
|
// TestMain is the entry point for testing.
|
|
func TestMain(m *testing.M) {
|
|
os.Exit(testMain(m))
|
|
}
|
|
|
|
func testMain(m *testing.M) int {
|
|
test = tests.New()
|
|
defer test.TearDown()
|
|
|
|
return m.Run()
|
|
}
|
|
|
|
func TestAuthenticator(t *testing.T) {
|
|
|
|
awsSecretID := "jwt-key" + uuid.NewRandom().String()
|
|
|
|
var authTests = []struct {
|
|
name string
|
|
awsSecretID string
|
|
now time.Time
|
|
keyExpiration time.Duration
|
|
error error
|
|
}{
|
|
{"NoKeyExpiration", awsSecretID, time.Now(), time.Duration(0), nil},
|
|
{"KeyExpirationOk", awsSecretID, time.Now(), time.Duration(time.Second * 3600), nil},
|
|
{"KeyExpirationDisabled", awsSecretID, time.Now().Add(time.Second * 3600 * 3), time.Duration(time.Second * 3600), nil},
|
|
}
|
|
|
|
// Generate the token.
|
|
signedClaims := auth.Claims{
|
|
Roles: []string{auth.RoleAdmin},
|
|
}
|
|
|
|
t.Log("Given the need to validate initiating a new Authenticator by key expiration.")
|
|
{
|
|
for i, tt := range authTests {
|
|
t.Logf("\tTest: %d\tWhen running test: %s", i, tt.name)
|
|
{
|
|
a, err := auth.NewAuthenticator(test.AwsSession, tt.awsSecretID, tt.now, tt.keyExpiration)
|
|
if err != tt.error {
|
|
t.Log("\t\tGot :", err)
|
|
t.Log("\t\tWant:", tt.error)
|
|
t.Fatalf("\t%s\tNewAuthenticator failed.", tests.Failed)
|
|
}
|
|
|
|
tknStr, err := a.GenerateToken(signedClaims)
|
|
if err != nil {
|
|
t.Log("\t\tGot :", err)
|
|
t.Fatalf("\t%s\tGenerateToken failed.", tests.Failed)
|
|
}
|
|
|
|
parsedClaims, err := a.ParseClaims(tknStr)
|
|
if err != nil {
|
|
t.Log("\t\tGot :", err)
|
|
t.Fatalf("\t%s\tParseClaims failed.", tests.Failed)
|
|
}
|
|
|
|
// Assert expected claims.
|
|
if exp, got := len(signedClaims.Roles), len(parsedClaims.Roles); exp != got {
|
|
t.Log("\t\tGot :", got)
|
|
t.Log("\t\tWant:", exp)
|
|
t.Fatalf("\t%s\tShould got the same number of roles.", tests.Failed)
|
|
}
|
|
if exp, got := signedClaims.Roles[0], parsedClaims.Roles[0]; exp != got {
|
|
t.Log("\t\tGot :", got)
|
|
t.Log("\t\tWant:", exp)
|
|
t.Fatalf("\t%s\tShould got the same role name.", tests.Failed)
|
|
}
|
|
|
|
t.Logf("\t%s\tNewAuthenticator ok.", tests.Success)
|
|
}
|
|
}
|
|
}
|
|
}
|