Merge pull request #141 from SpectoLabs/develop

Develop

authentication/jwt_backend_test.go

@@ -0,0 +1,87 @@
+package authentication
+
+import (
+	"os"
+	"testing"
+
+	"github.com/SpectoLabs/hoverfly/authentication/backends"
+	"github.com/dgrijalva/jwt-go"
+)
+
+// TestMain prepares database for testing and then performs a cleanup
+func TestMain(m *testing.M) {
+	setup()
+	retCode := m.Run()
+	// delete test database
+	teardown()
+	// call with result of m.Run()
+	os.Exit(retCode)
+}
+
+func TestGenerateToken(t *testing.T) {
+	ab := backends.NewBoltDBAuthBackend(TestDB, []byte(backends.TokenBucketName), []byte(backends.UserBucketName))
+	jwtBackend := InitJWTAuthenticationBackend(ab, []byte("verysecret"), 100)
+
+	token, err := jwtBackend.GenerateToken("userUUIDhereVeryLong", "userx")
+	expect(t, err, nil)
+	expect(t, len(token) > 0, true)
+}
+
+func TestAuthenticate(t *testing.T) {
+	ab := backends.NewBoltDBAuthBackend(TestDB, []byte(backends.TokenBucketName), []byte(backends.UserBucketName))
+	username := []byte("beloveduser")
+	passw := []byte("12345")
+	ab.AddUser(username, passw, true)
+
+	jwtBackend := InitJWTAuthenticationBackend(ab, []byte("verysecret"), 100)
+	user := &backends.User{
+		Username: string(username),
+		Password: string(passw),
+		UUID:     "uuid_here",
+		IsAdmin:  true}
+
+	success := jwtBackend.Authenticate(user)
+	expect(t, success, true)
+}
+
+func TestAuthenticateFail(t *testing.T) {
+	ab := backends.NewBoltDBAuthBackend(TestDB, []byte(backends.TokenBucketName), GetRandomName(10))
+
+	jwtBackend := InitJWTAuthenticationBackend(ab, []byte("verysecret"), 100)
+	user := &backends.User{
+		Username: "shouldntbehere",
+		Password: "secret",
+		UUID:     "uuid_here",
+		IsAdmin:  true}
+
+	success := jwtBackend.Authenticate(user)
+	expect(t, success, false)
+}
+
+func TestLogout(t *testing.T) {
+	ab := backends.NewBoltDBAuthBackend(TestDB, GetRandomName(10), GetRandomName(10))
+
+	jwtBackend := InitJWTAuthenticationBackend(ab, []byte("verysecret"), 100)
+
+	tokenString := "exampletokenstring"
+	token := jwt.New(jwt.SigningMethodHS512)
+
+	err := jwtBackend.Logout(tokenString, token)
+	expect(t, err, nil)
+
+	// checking whether token is in blacklist
+
+	blacklisted := jwtBackend.IsInBlacklist(tokenString)
+	expect(t, blacklisted, true)
+}
+
+func TestNotBlacklisted(t *testing.T) {
+	ab := backends.NewBoltDBAuthBackend(TestDB, GetRandomName(10), GetRandomName(10))
+
+	jwtBackend := InitJWTAuthenticationBackend(ab, []byte("verysecret"), 100)
+
+	tokenString := "exampleTokenStringThatIsNotBlacklisted"
+
+	blacklisted := jwtBackend.IsInBlacklist(tokenString)
+	expect(t, blacklisted, false)
+}

authentication/test_tools.go

@@ -0,0 +1,88 @@
+package authentication
+
+import (
+	"math/rand"
+	"net/http"
+	"os"
+	"reflect"
+	"testing"
+	"time"
+
+	log "github.com/Sirupsen/logrus"
+	"github.com/boltdb/bolt"
+)
+
+const letterBytes = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
+const (
+	letterIdxBits = 6                    // 6 bits to represent a letter index
+	letterIdxMask = 1<<letterIdxBits - 1 // All 1-bits, as many as letterIdxBits
+	letterIdxMax  = 63 / letterIdxBits   // # of letter indices fitting in 63 bits
+)
+
+const testingDatabaseName = "test.db"
+
+// Client structure to be injected into functions to perform HTTP calls
+type Client struct {
+	HTTPClient *http.Client
+}
+
+func expect(t *testing.T, a interface{}, b interface{}) {
+	if a != b {
+		t.Errorf("Expected %v (type %v) - Got %v (type %v)", b, reflect.TypeOf(b), a, reflect.TypeOf(a))
+	}
+}
+
+func refute(t *testing.T, a interface{}, b interface{}) {
+	if a == b {
+		t.Errorf("Did not expect %v (type %v) - Got %v (type %v)", b, reflect.TypeOf(b), a, reflect.TypeOf(a))
+	}
+}
+
+// TestDB - holds connection to database during tests
+var TestDB *bolt.DB
+
+// GetDB returns BoltDB instance
+func GetDB(name string) *bolt.DB {
+	log.WithFields(log.Fields{
+		"databaseName": name,
+	}).Info("Initiating database")
+	db, err := bolt.Open(name, 0600, nil)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	return db
+}
+
+var src = rand.NewSource(time.Now().UnixNano())
+
+// GetRandomName - provides random name for buckets. Each test case gets it's own bucket
+func GetRandomName(n int) []byte {
+	b := make([]byte, n)
+	for i, cache, remain := n-1, src.Int63(), letterIdxMax; i >= 0; {
+		if remain == 0 {
+			cache, remain = src.Int63(), letterIdxMax
+		}
+		if idx := int(cache & letterIdxMask); idx < len(letterBytes) {
+			b[i] = letterBytes[idx]
+			i--
+		}
+		cache >>= letterIdxBits
+		remain--
+	}
+
+	return b
+}
+
+func setup() {
+	// we don't really want to see what's happening
+	log.SetLevel(log.FatalLevel)
+	db := GetDB(testingDatabaseName)
+	TestDB = db
+}
+
+// teardown does some cleanup after tests
+func teardown() {
+	TestDB.Close()
+	os.Remove(testingDatabaseName)
+}

cmd/hoverfly/main.go

@@ -30,6 +30,19 @@ import (
 	"os"
 )
 
+type arrayFlags []string
+
+func (i *arrayFlags) String() string {
+	return "my string representation"
+}
+
+func (i *arrayFlags) Set(value string) error {
+	*i = append(*i, value)
+	return nil
+}
+
+var importFlags arrayFlags
+
 func main() {
 	log.SetFormatter(&log.JSONFormatter{})
 
@@ -61,7 +74,7 @@ func main() {
 	dev := flag.Bool("dev", false, "supply -dev flag to serve directly from ./static/dist instead from statik binary")
 
 	// import flag
-	imp := flag.String("import", "", "import from file or from URL (i.e. '-import my_service.json' or '-import http://mypage.com/service_x.json'")
+	flag.Var(&importFlags, "import", "import from file or from URL (i.e. '-import my_service.json' or '-import http://mypage.com/service_x.json'")
 
 	// adding new user
 	addNew := flag.Bool("add", false, "add new user '-add -username hfadmin -password hfpass'")
@@ -182,13 +195,20 @@ func main() {
 	}
 
 	// importing stuff
-	if *imp != "" {
-		err := dbClient.Import(*imp)
-		if err != nil {
-			log.WithFields(log.Fields{
-				"error":  err.Error(),
-				"import": *imp,
-			}).Fatal("Failed to import given resource")
+	if len(importFlags) > 0 {
+		for _, v := range importFlags {
+			if v != "" {
+				log.WithFields(log.Fields{
+					"import": v,
+				}).Debug("Importing given resource")
+				err := dbClient.Import(v)
+				if err != nil {
+					log.WithFields(log.Fields{
+						"error":  err.Error(),
+						"import": v,
+					}).Fatal("Failed to import given resource")
+				}
+			}
 		}
 	}