Add Basic Auth session loader middleware

2025-12-03 22:59:10 +02:00 · 2020-07-05 17:24:11 +01:00
parent c81a7ed197
commit 7d6f2a3f45
6 changed files with 358 additions and 60 deletions
--- a/pkg/middleware/session_utils_test.go
+++ b/pkg/middleware/session_utils_test.go
@@ -0,0 +1,103 @@
+package middleware
+
+import (
+	"errors"
+
+	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/ginkgo/extensions/table"
+	. "github.com/onsi/gomega"
+)
+
+var _ = Describe("Session utilities suite", func() {
+	Context("splitAuthHeader", func() {
+		type splitAuthTableInput struct {
+			header             string
+			expectedErr        error
+			expectedTokenType  string
+			expectedTokenValue string
+		}
+
+		DescribeTable("with a header value",
+			func(in splitAuthTableInput) {
+				tt, tv, err := splitAuthHeader(in.header)
+				if in.expectedErr != nil {
+					Expect(err).To(MatchError(in.expectedErr))
+				} else {
+					Expect(err).ToNot(HaveOccurred())
+				}
+				Expect(tt).To(Equal(in.expectedTokenType))
+				Expect(tv).To(Equal(in.expectedTokenValue))
+			},
+			Entry("Bearer abcdef", splitAuthTableInput{
+				header:             "Bearer abcdef",
+				expectedErr:        nil,
+				expectedTokenType:  "Bearer",
+				expectedTokenValue: "abcdef",
+			}),
+			Entry("Bearer", splitAuthTableInput{
+				header:             "Bearer",
+				expectedErr:        errors.New("invalid authorization header: \"Bearer\""),
+				expectedTokenType:  "",
+				expectedTokenValue: "",
+			}),
+			Entry("Bearer abc def", splitAuthTableInput{
+				header:             "Bearer abc def",
+				expectedErr:        errors.New("invalid authorization header: \"Bearer abc def\""),
+				expectedTokenType:  "",
+				expectedTokenValue: "",
+			}),
+		)
+	})
+
+	Context("getBasicAuthCredentials", func() {
+		type getBasicAuthCredentialsTableInput struct {
+			token            string
+			expectedErr      error
+			expectedUser     string
+			expectedPassword string
+		}
+
+		DescribeTable("from token",
+			func(in getBasicAuthCredentialsTableInput) {
+				user, password, err := getBasicAuthCredentials(in.token)
+				if in.expectedErr != nil {
+					Expect(err).To(MatchError(in.expectedErr))
+				} else {
+					Expect(err).ToNot(HaveOccurred())
+				}
+				Expect(user).To(Equal(in.expectedUser))
+				Expect(password).To(Equal(in.expectedPassword))
+			},
+			Entry("<no value>", getBasicAuthCredentialsTableInput{
+				token:            "",
+				expectedErr:      errors.New("invalid format: \"\""),
+				expectedUser:     "",
+				expectedPassword: "",
+			}),
+			Entry("invalid-base64", getBasicAuthCredentialsTableInput{
+				token:            "invalid-base64",
+				expectedErr:      errors.New("invalid basic auth token: illegal base64 data at input byte 7"),
+				expectedUser:     "",
+				expectedPassword: "",
+			}),
+			Entry("Base64(some-user:some-password)", getBasicAuthCredentialsTableInput{
+				token:            "c29tZS11c2VyOnNvbWUtcGFzc3dvcmQ=",
+				expectedErr:      nil,
+				expectedUser:     "some-user",
+				expectedPassword: "some-password",
+			}),
+			Entry("Base64(no-password:)", getBasicAuthCredentialsTableInput{
+				token:            "bm8tcGFzc3dvcmQ6",
+				expectedErr:      nil,
+				expectedUser:     "no-password",
+				expectedPassword: "",
+			}),
+			Entry("Base64(:no-user)", getBasicAuthCredentialsTableInput{
+				token:            "Om5vLXVzZXI=",
+				expectedErr:      nil,
+				expectedUser:     "",
+				expectedPassword: "no-user",
+			}),
+		)
+	})
+})