Add test for parsing bearer tokens.

jech · Dec 9, 2023 · 488b962 · 488b962
1 parent f9ef432
commit 488b962
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 4 deletions.
diff --git a/webserver/webserver_test.go b/webserver/webserver_test.go
@@ -61,6 +61,35 @@ func TestParseWhip(t *testing.T) {
 	}
 }
 
+func TestGetBearerToken(t *testing.T) {
+	a := []struct{ a, b string }{
+		{"", ""},
+		{"foo", ""},
+		{"foo bar", ""},
+		{" foo bar", ""},
+		{"foo bar ", ""},
+		{"Bearer", ""},
+		{"Bearer ", ""},
+		{"Bearer foo", "foo"},
+		{"bearer foo", "foo"},
+		{" Bearer foo", "foo"},
+		{"Bearer foo ", "foo"},
+		{" Bearer foo ", "foo"},
+		{"Bearer foo bar", ""},
+	}
+
+	for _, ab := range a {
+		t.Run(ab.a, func(t *testing.T) {
+			b := parseBearerToken(ab.a)
+			if b != ab.b {
+				t.Errorf("Bearer token %v, got %v, expected %v",
+					ab.a, b, ab.b,
+				)
+			}
+		})
+	}
+}
+
 func TestFormatICEServer(t *testing.T) {
 	a := []struct {
 		s webrtc.ICEServer

diff --git a/webserver/whip.go b/webserver/whip.go
@@ -52,8 +52,7 @@ func canPresent(perms []string) bool {
 	return false
 }
 
-func getBearerToken(r *http.Request) string {
-	auth := r.Header.Get("Authorization")
+func parseBearerToken(auth string) string {
 	auths := strings.Split(auth, ",")
 	for _, a := range auths {
 		a = strings.Trim(a, " \t")
@@ -178,7 +177,8 @@ func whipEndpointHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	token := getBearerToken(r)
+	token := parseBearerToken(r.Header.Get("Authorization"))
+
 	whip := "whip"
 	creds := group.ClientCredentials{
 		Username: &whip,
@@ -258,7 +258,7 @@ func whipResourceHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if t := c.Token(); t != "" {
-		token := getBearerToken(r)
+		token := parseBearerToken(r.Header.Get("Authorization"))
 		if token != t {
 			http.Error(w, "Forbidden", http.StatusForbidden)
 			return