loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit f55a65f7f89887be75886acfee74b316f47fa2f5
parent 88d3f39c61977554aa61af8adef8ffad9fc5b523
Author: Sebastian Mancke <s.mancke@tarent.de>
Date:   Sun, 20 Nov 2016 11:39:39 +0100

fixed line ending after token

Diffstat:
Mlogin/handler.go | 2+-
Mlogin/handler_test.go | 32+++++++++++++++++++++++++++++---
Mmain_test.go | 35++++++++++++++++-------------------
3 files changed, 46 insertions(+), 23 deletions(-)

diff --git a/login/handler.go b/login/handler.go @@ -129,7 +129,7 @@ func (h *Handler) respondAuthenticated(w http.ResponseWriter, r *http.Request, u w.Header().Set("Content-Type", contentTypeJWT) w.WriteHeader(200) - fmt.Fprintf(w, "%s\n", token) + fmt.Fprintf(w, "%s", token) } func (h *Handler) createToken(userInfo UserInfo) (string, error) { diff --git a/login/handler_test.go b/login/handler_test.go @@ -3,6 +3,7 @@ package login import ( "errors" "fmt" + "github.com/dgrijalva/jwt-go" "github.com/stretchr/testify/assert" "net/http" "net/http/httptest" @@ -86,9 +87,11 @@ func TestHandler_LoginJson(t *testing.T) { recorder := call(req("POST", "/context/login", `{"username": "bob", "password": "secret"}`, TypeJson, AcceptJwt)) assert.Equal(t, 200, recorder.Code) assert.Equal(t, recorder.Header().Get("Content-Type"), "application/jwt") - assert.True(t, recorder.Body.Len() > 30) - // TODO: verify the jwt token + // verify the token + claims, err := tokenAsMap(recorder.Body.String()) + assert.NoError(t, err) + assert.Equal(t, map[string]interface{}{"sub": "bob"}, claims) // wrong credentials recorder = call(req("POST", "/context/login", `{"username": "bob", "password": "FOOOBAR"}`, TypeJson, AcceptJwt)) @@ -100,9 +103,17 @@ func TestHandler_LoginWeb(t *testing.T) { // redirectSuccess recorder := call(req("POST", "/context/login", "username=bob&password=secret", TypeForm, AcceptHtml)) assert.Equal(t, 303, recorder.Code) - assert.Contains(t, recorder.Header().Get("Set-Cookie"), "jwt_token=") assert.Equal(t, "/", recorder.Header().Get("Location")) + // verify the token from the cookie + assert.Contains(t, recorder.Header().Get("Set-Cookie"), "jwt_token=") + headerParts := strings.SplitN(recorder.Header().Get("Set-Cookie"), "=", 2) + assert.Equal(t, 2, len(headerParts)) + assert.Equal(t, headerParts[0], "jwt_token") + claims, err := tokenAsMap(strings.SplitN(headerParts[1], ";", 2)[0]) + assert.NoError(t, err) + assert.Equal(t, map[string]interface{}{"sub": "bob"}, claims) + // show the login form again after authentication failed recorder = call(req("POST", "/context/login", "username=bob&password=FOOBAR", TypeForm, AcceptHtml)) assert.Equal(t, 403, recorder.Code) @@ -172,6 +183,21 @@ func req(method string, url string, body string, header ...string) *http.Request return r } +func tokenAsMap(tokenString string) (map[string]interface{}, error) { + token, err := jwt.Parse(tokenString, func(*jwt.Token) (interface{}, error) { + return []byte(DefaultConfig.JwtSecret), nil + }) + if err != nil { + return nil, err + } + + if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { + return map[string]interface{}(claims), nil + } else { + return nil, errors.New("token not valid") + } +} + type errorTestBackend string func (h errorTestBackend) Authenticate(username, password string) (bool, UserInfo, error) { diff --git a/main_test.go b/main_test.go @@ -1,10 +1,10 @@ package main import ( - //"github.com/dgrijalva/jwt-go" + "github.com/dgrijalva/jwt-go" "github.com/stretchr/testify/assert" - //"github.com/tarent/loginsrv/login" - //"io/ioutil" + "github.com/tarent/loginsrv/login" + "io/ioutil" "net/http" "os" "strings" @@ -33,20 +33,17 @@ func Test_BasicEndToEnd(t *testing.T) { assert.Equal(t, 200, r.StatusCode) assert.Equal(t, r.Header.Get("Content-Type"), "application/jwt") - /** - b, err := ioutil.ReadAll(r.Body) - assert.NoError(t, err) - fmt.Println(login.DefaultConfig.JwtSecret) - fmt.Println(string(b)) - token, err := jwt.Parse(string(b), func(*jwt.Token) (interface{}, error) { - return []byte(login.DefaultConfig.JwtSecret), nil - }) - assert.NoError(t, err) - - if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { - assert.Equal(t, "bob", claims["sub"]) - } else { - t.Fail() - } - **/ + b, err := ioutil.ReadAll(r.Body) + assert.NoError(t, err) + + token, err := jwt.Parse(string(b), func(*jwt.Token) (interface{}, error) { + return []byte(login.DefaultConfig.JwtSecret), nil + }) + assert.NoError(t, err) + + if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid { + assert.Equal(t, "bob", claims["sub"]) + } else { + t.Fail() + } }