3cff8ccd64
* Rewrite the code handling basic auth to make it easier to extend for other types of auth. * The behaviour of the existing code is maintained. * No changes to how basic auth is configured from a user's perspective. https://gitlab.com/hectorjsmith/fail2ban-prometheus-exporter/-/merge_requests/89
53 lines
1.3 KiB
Go
53 lines
1.3 KiB
Go
package auth
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func Test_GIVEN_BasicAuthSet_WHEN_CallingIsAllowedWithCorrectCreds_THEN_TrueReturned(t *testing.T) {
|
|
// assemble
|
|
username := "u1"
|
|
password := HashString("abc")
|
|
request := httptest.NewRequest(http.MethodGet, "http://example.com", nil)
|
|
request.SetBasicAuth(username, password)
|
|
provider := NewBasicAuthProvider(username, password)
|
|
|
|
// act
|
|
result := provider.IsAllowed(request)
|
|
|
|
// assert
|
|
if !result {
|
|
t.Errorf("expected request to be allowed, but failed")
|
|
}
|
|
}
|
|
|
|
func Test_GIVEN_BasicAuthSet_WHEN_CallingIsAllowedWithoutCreds_THEN_FalseReturned(t *testing.T) {
|
|
// assemble
|
|
request := httptest.NewRequest(http.MethodGet, "http://example.com", nil)
|
|
provider := NewBasicAuthProvider("u1", "p1")
|
|
|
|
// act
|
|
result := provider.IsAllowed(request)
|
|
|
|
// assert
|
|
if result {
|
|
t.Errorf("expected request to be denied, but was allowed")
|
|
}
|
|
}
|
|
|
|
func Test_GIVEN_BasicAuthSet_WHEN_CallingIsAllowedWithWrongCreds_THEN_FalseReturned(t *testing.T) {
|
|
// assemble
|
|
request := httptest.NewRequest(http.MethodGet, "http://example.com", nil)
|
|
request.SetBasicAuth("wrong", "pw")
|
|
provider := NewBasicAuthProvider("u1", "p1")
|
|
|
|
// act
|
|
result := provider.IsAllowed(request)
|
|
|
|
// assert
|
|
if result {
|
|
t.Errorf("expected request to be denied, but was allowed")
|
|
}
|
|
}
|