loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit c6291ca7e9a5c99f8bd7c119d189ce03d6c98556
parent 5e951624dd8ea697a86f501883e3001c1e3b35b2
Author: Shannon Wynter <me@example.com>
Date:   Fri,  9 Jun 2017 11:15:35 +1000

In response to feedback, fixed typos, more tests, more english :D

Diffstat:
MREADME.md | 16++++++++--------
Mhttpupstream/auth_test.go | 26++++++++++++++++++++++++++
Mhttpupstream/backend.go | 4+++-
Mhttpupstream/backend_test.go | 2+-
4 files changed, 38 insertions(+), 10 deletions(-)

diff --git a/README.md b/README.md @@ -26,7 +26,7 @@ The following providers (login backends) are supported. * [Htpasswd](#htpasswd) * [OSIAM](#osiam) * [Simple](#simple) (user/password pairs by configuration) -* [Httpupstreem](#httpupstream) +* [Httpupstream](#httpupstream) * [Oauth2](#oauth2) * Github Login * .. Google and Facebook will come soon .. @@ -198,15 +198,15 @@ Example: loginsrv -backend 'provider=htpasswd,file=users ``` -### Httpupstreem -Authentication against an upstream http server by performing a simple simple authenticated request +### Httpupstream +Authentication against an upstream http server by performing a http basic authenticated request and checking the response for a http 200 OK status code. Anything other than a 200 OK status code will result in a failure to authenticate. Parameters for the provider: -| Parameter-Name | Description | -| ------------------|--------------------------------------------------------| -| upstream | http/https url to call | -| skipverify | true to ignore TLS errors (optional, false by default) | -| timeout | request timeout (optional 1m by default) | +| Parameter-Name | Description | +| ------------------|---------------------------------------------------------------------------| +| upstream | http/https url to call | +| skipverify | true to ignore TLS errors (optional, false by default) | +| timeout | request timeout (optional 1m by default, go duration syntax is supported) | Example: ``` diff --git a/httpupstream/auth_test.go b/httpupstream/auth_test.go @@ -20,3 +20,29 @@ func TestAuth_UnknownUser(t *testing.T) { NoError(t, err) False(t, authenticated) } + +func TestAuth_KnownUser(t *testing.T) { + ts := newTestServer() + defer ts.Close() + u, _ := url.Parse(ts.URL) + + auth, err := NewAuth(u, time.Second, false) + NoError(t, err) + + authenticated, err := auth.Authenticate("bob-bcrypt", "s3krud") + NoError(t, err) + False(t, authenticated) +} + +func TestAuth_ValidCredentials(t *testing.T) { + ts := newTestServer() + defer ts.Close() + u, _ := url.Parse(ts.URL) + + auth, err := NewAuth(u, time.Second, false) + NoError(t, err) + + authenticated, err := auth.Authenticate("bob-bcrypt", "secret") + NoError(t, err) + False(t, authenticated) +} diff --git a/httpupstream/backend.go b/httpupstream/backend.go @@ -14,6 +14,8 @@ import ( // ProviderName const const ProviderName = "httpupstream" +const defaultTimeout = time.Minute + func init() { login.RegisterProvider( &login.ProviderDescription{ @@ -39,7 +41,7 @@ func BackendFactory(config map[string]string) (login.Backend, error) { } v := false - t := time.Minute + t := defaultTimeout if te { t, err = time.ParseDuration(ts) diff --git a/httpupstream/backend_test.go b/httpupstream/backend_test.go @@ -51,7 +51,7 @@ func TestSetup_Default(t *testing.T) { false, backend.(*Backend).auth.skipverify) Equal(t, - time.Second*60, + defaultTimeout, backend.(*Backend).auth.timeout) }