mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
de2c5836fd
* [Buildkite] Introduce CI linting with golangci-lint and reviewdog * Initial pass of golangci-lint * Add gosimple (megacheck) recommendations * Add golint recommendations * [BUGFIX] Migrate authentication traces from v3 mongodb * Add deadcode recommendations * [BUGFIX] Fix ShortTimeouts suite when run in dev workflow * Add unused recommendations * Add unparam recommendations * Disable linting on unfixable errors instead of skipping files * Adjust nolint notation for unparam * Fix ineffectual assignment to err raised by linter. * Export environment variable in agent hook * Add ineffassign recommendations * Add staticcheck recommendations * Add gocyclo recommendations * Adjust ineffassign recommendations Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
91 lines
2.6 KiB
Go
91 lines
2.6 KiB
Go
package handlers
|
|
|
|
import (
|
|
"fmt"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/dgrijalva/jwt-go"
|
|
"github.com/golang/mock/gomock"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/suite"
|
|
|
|
"github.com/authelia/authelia/internal/middlewares"
|
|
"github.com/authelia/authelia/internal/mocks"
|
|
)
|
|
|
|
type HandlerRegisterU2FStep1Suite struct {
|
|
suite.Suite
|
|
|
|
mock *mocks.MockAutheliaCtx
|
|
}
|
|
|
|
func (s *HandlerRegisterU2FStep1Suite) SetupTest() {
|
|
s.mock = mocks.NewMockAutheliaCtx(s.T())
|
|
|
|
userSession := s.mock.Ctx.GetSession()
|
|
userSession.Username = "john"
|
|
s.mock.Ctx.SaveSession(userSession)
|
|
}
|
|
|
|
func (s *HandlerRegisterU2FStep1Suite) TearDownTest() {
|
|
s.mock.Close()
|
|
}
|
|
|
|
func createToken(secret string, username string, action string, expiresAt time.Time) string {
|
|
claims := &middlewares.IdentityVerificationClaim{
|
|
StandardClaims: jwt.StandardClaims{
|
|
ExpiresAt: expiresAt.Unix(),
|
|
Issuer: "Authelia",
|
|
},
|
|
Action: action,
|
|
Username: username,
|
|
}
|
|
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
|
|
ss, _ := token.SignedString([]byte(secret))
|
|
return ss
|
|
}
|
|
|
|
func (s *HandlerRegisterU2FStep1Suite) TestShouldRaiseWhenXForwardedProtoIsMissing() {
|
|
token := createToken(s.mock.Ctx.Configuration.JWTSecret, "john", U2FRegistrationAction,
|
|
time.Now().Add(1*time.Minute))
|
|
s.mock.Ctx.Request.SetBodyString(fmt.Sprintf("{\"token\":\"%s\"}", token))
|
|
|
|
s.mock.StorageProviderMock.EXPECT().
|
|
FindIdentityVerificationToken(gomock.Eq(token)).
|
|
Return(true, nil)
|
|
|
|
s.mock.StorageProviderMock.EXPECT().
|
|
RemoveIdentityVerificationToken(gomock.Eq(token)).
|
|
Return(nil)
|
|
|
|
SecondFactorU2FIdentityFinish(s.mock.Ctx)
|
|
|
|
assert.Equal(s.T(), 200, s.mock.Ctx.Response.StatusCode())
|
|
assert.Equal(s.T(), "Missing header X-Fowarded-Proto", s.mock.Hook.LastEntry().Message)
|
|
}
|
|
|
|
func (s *HandlerRegisterU2FStep1Suite) TestShouldRaiseWhenXForwardedHostIsMissing() {
|
|
s.mock.Ctx.Request.Header.Add("X-Forwarded-Proto", "http")
|
|
token := createToken(s.mock.Ctx.Configuration.JWTSecret, "john", U2FRegistrationAction,
|
|
time.Now().Add(1*time.Minute))
|
|
s.mock.Ctx.Request.SetBodyString(fmt.Sprintf("{\"token\":\"%s\"}", token))
|
|
|
|
s.mock.StorageProviderMock.EXPECT().
|
|
FindIdentityVerificationToken(gomock.Eq(token)).
|
|
Return(true, nil)
|
|
|
|
s.mock.StorageProviderMock.EXPECT().
|
|
RemoveIdentityVerificationToken(gomock.Eq(token)).
|
|
Return(nil)
|
|
|
|
SecondFactorU2FIdentityFinish(s.mock.Ctx)
|
|
|
|
assert.Equal(s.T(), 200, s.mock.Ctx.Response.StatusCode())
|
|
assert.Equal(s.T(), "Missing header X-Fowarded-Host", s.mock.Hook.LastEntry().Message)
|
|
}
|
|
|
|
func TestShouldRunHandlerRegisterU2FStep1Suite(t *testing.T) {
|
|
suite.Run(t, new(HandlerRegisterU2FStep1Suite))
|
|
}
|