-
Notifications
You must be signed in to change notification settings - Fork 3
/
api_key_test.go
155 lines (121 loc) · 3.76 KB
/
api_key_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
package main
import (
"net/http"
"net/http/httptest"
"testing"
)
type KeyTestStorage struct {
NullStorage
NextError error
FoundAccount *Account
AccountName *string
Appended *string
Revoked *string
}
func (storage *KeyTestStorage) consumeError() error {
err := storage.NextError
storage.NextError = nil
return err
}
func (storage *KeyTestStorage) FindAccount(name string) (*Account, error) {
if err := storage.consumeError(); err != nil {
return nil, err
}
return storage.FoundAccount, nil
}
func (storage *KeyTestStorage) AddKeyToAccount(name, key string) error {
if err := storage.consumeError(); err != nil {
return err
}
storage.AccountName = &name
storage.Appended = &key
return nil
}
func (storage *KeyTestStorage) RevokeKeyFromAccount(name, key string) error {
if err := storage.consumeError(); err != nil {
return err
}
storage.AccountName = &name
storage.Revoked = &key
return nil
}
func TestKeyGenerationSuccess(t *testing.T) {
r := HTTPRequest(t, "POST", "https://localhost/v1/keys",
`accountName=someone%40gmail.com&password=secret`)
w := httptest.NewRecorder()
a, err := NewAccount("[email protected]", "secret")
if err != nil {
t.Fatalf("Unable to create account: %v", err)
}
s := &KeyTestStorage{FoundAccount: a}
c := &Context{Storage: s}
KeyHandler(c, w, r)
if w.Code != http.StatusOK {
t.Errorf("Expected response code %d, but was %d", http.StatusOK, w.Code)
}
if ctype := w.HeaderMap.Get("Content-Type"); ctype != "text/plain" {
t.Errorf("Expected content type of [text/plain], but got [%s]", ctype)
}
key := w.Body.String()
if key == "" {
t.Error("Expected response to contain an API key")
}
t.Logf("Generated API key: [%s]", key)
if s.AccountName == nil || s.Appended == nil {
t.Fatal("Expected generated key to be appended to storage")
}
if *s.AccountName != "[email protected]" {
t.Errorf("Expected account [[email protected]] to be modified, but was [%s]", *s.AccountName)
}
if *s.Appended != key {
t.Errorf("Expected API key [%s] to be appended to account, but was [%s]", key, *s.Appended)
}
}
func TestKeyGenerationBadPassword(t *testing.T) {
r := HTTPRequest(t, "POST", "https://localhost/v1/keys",
`accountName=someone%40gmail.com&password=wrongwrongwrong`)
w := httptest.NewRecorder()
a, err := NewAccount("[email protected]", "correct")
if err != nil {
t.Fatalf("Unable to create account: %v", err)
}
s := &KeyTestStorage{FoundAccount: a}
c := &Context{Storage: s}
KeyHandler(c, w, r)
if w.Code != http.StatusUnauthorized {
t.Errorf("Expected response code %d, but was %d", http.StatusUnauthorized, w.Code)
}
}
func TestKeyGenerationBadAccountName(t *testing.T) {
r := HTTPRequest(t, "POST", "https://localhost/v1/keys",
`accountName=unknown%40gmail.com&password=vacuouslytrue`)
w := httptest.NewRecorder()
c := &Context{Storage: &KeyTestStorage{}}
KeyHandler(c, w, r)
if w.Code != http.StatusUnauthorized {
t.Errorf("Expected response code %d, but was %d", http.StatusUnauthorized, w.Code)
}
}
func TestKeyRevocationSuccess(t *testing.T) {
r := HTTPRequest(t, "DELETE", "https://localhost/v1/keys?accountName=someone&apiKey=123abc", "")
w := httptest.NewRecorder()
a, err := NewAccount("someone", "secret")
if err != nil {
t.Fatalf("Unable to create account: %v", err)
}
s := &KeyTestStorage{FoundAccount: a}
c := &Context{Storage: s}
KeyRevocationHandler(c, w, r)
if w.Code != http.StatusNoContent {
t.Errorf("Expected response code %d, but was %d", http.StatusNoContent, w.Code)
}
if s.AccountName == nil || s.Revoked == nil {
t.Fatal("Expected storage to process key revocation")
}
if *s.AccountName != "someone" {
t.Errorf("Unexpected account name [%s]", *s.AccountName)
}
if *s.Revoked != "123abc" {
t.Errorf("Unexpected revoked key [%s]", *s.Revoked)
}
}