Skip to content

Commit

Permalink
test basic auth middleware
Browse files Browse the repository at this point in the history
  • Loading branch information
jheth committed Apr 8, 2020
1 parent 3b60bb7 commit daa3326
Show file tree
Hide file tree
Showing 2 changed files with 63 additions and 4 deletions.
4 changes: 2 additions & 2 deletions pkg/config/env.go
Original file line number Diff line number Diff line change
Expand Up @@ -193,8 +193,8 @@ var Config = struct {
BasicAuthEnabled bool `env:"FLAGR_BASIC_AUTH_ENABLED" envDefault:"false"`
BasicAuthUsername string `env:"FLAGR_BASIC_AUTH_USERNAME" envDefault:""`
BasicAuthPassword string `env:"FLAGR_BASIC_AUTH_PASSWORD" envDefault:""`
BasicAuthPrefixWhitelistPaths []string `env:"FLAGR_BASIC_AUTH_WHITELIST_PATHS" envDefault:"/api/v1/evaluation,/static" envSeparator:","`
BasicAuthExactWhitelistPaths []string `env:"FLAGR_BASIC_AUTH_EXACT_WHITELIST_PATHS" envDefault:",/" envSeparator:","`
BasicAuthPrefixWhitelistPaths []string `env:"FLAGR_BASIC_AUTH_WHITELIST_PATHS" envDefault:"/api/v1/flags,/api/v1/evaluation,/api/v1/evaluation/batch" envSeparator:","`
BasicAuthExactWhitelistPaths []string `env:"FLAGR_BASIC_AUTH_EXACT_WHITELIST_PATHS" envDefault:"" envSeparator:","`

// WebPrefix - base path for web and API
// e.g. FLAGR_WEB_PREFIX=/foo
Expand Down
63 changes: 61 additions & 2 deletions pkg/config/middleware_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@ func TestSetupGlobalMiddleware(t *testing.T) {
Config.PProfEnabled = true
}

func TestAuthMiddleware(t *testing.T) {
func TestJWTAuthMiddleware(t *testing.T) {
h := &okHandler{}

t.Run("it will redirect if jwt enabled but no cookie passed", func(t *testing.T) {
Expand Down Expand Up @@ -255,7 +255,7 @@ o2kQ+X5xK9cipRgEKwIDAQAB
})
}

func TestAuthMiddlewareWithUnauthorized(t *testing.T) {
func TestJWTAuthMiddlewareWithUnauthorized(t *testing.T) {
h := &okHandler{}

t.Run("it will return 401 if no cookie passed", func(t *testing.T) {
Expand Down Expand Up @@ -315,3 +315,62 @@ func TestAuthMiddlewareWithUnauthorized(t *testing.T) {
}
})
}

func TestBasicAuthMiddleware(t *testing.T) {
h := &okHandler{}

t.Run("it will return 200 for web paths when disabled", func(t *testing.T) {
testPaths := []string{"/", "", "/#", "/#/", "/static", "/static/"}
for _, path := range testPaths {
t.Run(fmt.Sprintf("path: %s", path), func(t *testing.T) {
hh := SetupGlobalMiddleware(h)
res := httptest.NewRecorder()
res.Body = new(bytes.Buffer)
req, _ := http.NewRequest("GET", fmt.Sprintf("http://localhost:18000%s", path), nil)
hh.ServeHTTP(res, req)
assert.Equal(t, http.StatusOK, res.Code)
})
}
})

t.Run("it will return 200 for whitelist path if basic auth is enabled", func(t *testing.T) {
Config.BasicAuthEnabled = true
Config.BasicAuthUsername = "admin"
Config.BasicAuthPassword = "password"
defer func() {
Config.BasicAuthEnabled = false
Config.BasicAuthUsername = ""
Config.BasicAuthPassword = ""
}()

hh := SetupGlobalMiddleware(h)
res := httptest.NewRecorder()
res.Body = new(bytes.Buffer)
req, _ := http.NewRequest("GET", "http://localhost:18000/api/v1/flags", nil)
hh.ServeHTTP(res, req)
assert.Equal(t, http.StatusOK, res.Code)
})

t.Run("it will return 401 for web paths when enabled", func(t *testing.T) {
Config.BasicAuthEnabled = true
Config.BasicAuthUsername = "admin"
Config.BasicAuthPassword = "password"
defer func() {
Config.BasicAuthEnabled = false
Config.BasicAuthUsername = ""
Config.BasicAuthPassword = ""
}()

testPaths := []string{"/", "", "/#", "/#/", "/static", "/static/"}
for _, path := range testPaths {
t.Run(fmt.Sprintf("path: %s", path), func(t *testing.T) {
hh := SetupGlobalMiddleware(h)
res := httptest.NewRecorder()
res.Body = new(bytes.Buffer)
req, _ := http.NewRequest("GET", fmt.Sprintf("http://localhost:18000%s", path), nil)
hh.ServeHTTP(res, req)
assert.Equal(t, http.StatusUnauthorized, res.Code)
})
}
})
}

0 comments on commit daa3326

Please sign in to comment.