Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

repatriation of servant-auth in the main servant repo #1471

Merged
merged 7 commits into from
Oct 29, 2021
Merged

repatriation of servant-auth in the main servant repo #1471

merged 7 commits into from
Oct 29, 2021

Conversation

akhesaCaro
Copy link
Contributor

@akhesaCaro akhesaCaro commented Oct 26, 2021
edited
Loading

Following #1404
Preceding ##1467

Move Servant-auth into Servant repo

Excluded dependencies against GHC >= 9

  • servant-auth-swagger (need swagger using base < 4.15 and GHC needs base >= 4.15)
  • servant-auth-client - test only (tests failed)
  • servant-auth-server - test only (tests failed)

Additional tasks :

  • Put servant-auth repo read-only
  • Add a README message on servant-auth repo
  • What to do with the issues?
  • What to do with the current PRs?

@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch 2 times, most recently from 90980c5 to ad17b0b Compare October 26, 2021 16:17
@akhesaCaro
Copy link
Contributor Author

servant-auth-swagger
Swagger has a constraint base < 4.15 but GHC > 9 needs it.

@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch 2 times, most recently from 3147eb7 to ad48a9f Compare October 26, 2021 16:37
@akhesaCaro
Copy link
Contributor Author

akhesaCaro commented Oct 26, 2021
edited
Loading

servant-auth-server
Tests failed against GHC >= 9

Test suite spec: RUNNING...

Servant.Auth.Server
  The Auth combinator
    returns a 401 if all authentications are Indefinite
    succeeds if one authentication suceeds FAILED [1]
    fails (403) if one authentication fails
      # PENDING: Authentications don't yet fail, only are Indefinite
    doesn't clobber pre-existing response headers FAILED [2]
    Raw
      gets the response body FAILED [3]
      doesn't clobber pre-existing reponse headers FAILED [4]
    Setting cookies
      sets cookies that it itself accepts FAILED [5]
      uses the Expiry from the configuration FAILED [6]
      sets the token cookie as HttpOnly FAILED [7]
  The Auth combinator
    With XSRF check
      fails if XSRF header and cookie don't match
        +++ OK, passed 100 tests.
      fails with no XSRF header or cookie
        +++ OK, passed 100 tests.
      succeeds if XSRF header and cookie match, and JWT is valid FAILED [8]
      sets and clears the right cookies FAILED [9]
    With no XSRF check for GET requests
      succeeds with no XSRF header or cookie for GET FAILED [10]
      fails with no XSRF header or cookie for POST
        +++ OK, passed 100 tests.
    With no XSRF check at all
      succeeds with no XSRF header or cookie for GET FAILED [11]
      succeeds with no XSRF header or cookie for POST FAILED [12]
      sets and clears the right cookies FAILED [13]
  The JWT combinator
    fails if 'aud' does not match predicate
      +++ OK, passed 100 tests.
    succeeds if 'aud' does match predicate FAILED [14]
    fails if 'nbf' is set to a future date
      +++ OK, passed 100 tests.
    fails if 'exp' is set to a past date
      +++ OK, passed 100 tests.
    succeeds if 'exp' is set to a future date FAILED [15]
    fails if JWT is not signed
      +++ OK, passed 100 tests.
    fails if JWT does not use expected algorithm
      # PENDING: Need https://github.com/frasertweedale/hs-jose/issues/19
    fails if data is not valid JSON
    suceeds as wreq's oauth2Bearer FAILED [16]
  throwAll
    works for plain values
    works for function types
      +++ OK, passed 100 tests.
  The BasicAuth combinator
    succeeds with the correct password and username
    fails with non-existent user
    fails with incorrect password
    fails with no auth header

Failures:

  test/Servant/Auth/ServerSpec.hs:85:3: 
  1) Servant.Auth.Server, The Auth combinator, succeeds if one authentication suceeds
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 40595
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:44 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 40595
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/succeeds if one authentication suceeds/"

  test/Servant/Auth/ServerSpec.hs:95:3: 
  2) Servant.Auth.Server, The Auth combinator, doesn't clobber pre-existing response headers
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 34203
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/header"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:45 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 34203
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/header"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/doesn't clobber pre-existing response headers/"

  test/Servant/Auth/ServerSpec.hs:105:5: 
  3) Servant.Auth.Server, The Auth combinator, Raw, gets the response body
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 45951
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/raw"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:45 GMT"),("Server","Warp/3.3.17"),("Set-Cookie","TheyDinedOnMince=1CHpH6w1WlIa3gRO1y0hAqkSVvkWLf0RqOX0Iz+Be7k=; Path=/; Expires=Wed, 01-Jan-2070 00:00:00 GMT")], responseBody = (), responseCookieJar = CJ {expose = [Cookie {cookie_name = "TheyDinedOnMince", cookie_value = "1CHpH6w1WlIa3gRO1y0hAqkSVvkWLf0RqOX0Iz+Be7k=", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:45.925017574 UTC, cookie_last_access_time = 2021-10-26 16:17:45.925017574 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = False}]}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 45951
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/raw"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/Raw/gets the response body/"

  test/Servant/Auth/ServerSpec.hs:111:5: 
  4) Servant.Auth.Server, The Auth combinator, Raw, doesn't clobber pre-existing reponse headers
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 45495
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/raw"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:46 GMT"),("Server","Warp/3.3.17"),("Set-Cookie","TheyDinedOnMince=jO8aPhSJwD9OOmNpa66wgEQnAdNlBC5rW8LCNR2rnk8=; Path=/; Expires=Wed, 01-Jan-2070 00:00:00 GMT")], responseBody = (), responseCookieJar = CJ {expose = [Cookie {cookie_name = "TheyDinedOnMince", cookie_value = "jO8aPhSJwD9OOmNpa66wgEQnAdNlBC5rW8LCNR2rnk8=", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:46.340224498 UTC, cookie_last_access_time = 2021-10-26 16:17:46.340224498 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = False}]}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 45495
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/raw"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/Raw/doesn't clobber pre-existing reponse headers/"

  test/Servant/Auth/ServerSpec.hs:122:5: 
  5) Servant.Auth.Server, The Auth combinator, Setting cookies, sets cookies that it itself accepts
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 45723
         secure               = False
         requestHeaders       = [("Cookie","RuncibleSpoon=eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA;TheyDinedOnMince=lJOggbyb1ZSPFLP5U2JsooN9zm1Lo9/AQQ6Wi494Wa0="),("AndSlicesOfQuince","lJOggbyb1ZSPFLP5U2JsooN9zm1Lo9/AQQ6Wi494Wa0="),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:46 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = [Cookie {cookie_name = "TheyDinedOnMince", cookie_value = "lJOggbyb1ZSPFLP5U2JsooN9zm1Lo9/AQQ6Wi494Wa0=", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:46.709512041 UTC, cookie_last_access_time = 2021-10-26 16:17:46.713588773 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = False},Cookie {cookie_name = "RuncibleSpoon", cookie_value = "eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:46.709512041 UTC, cookie_last_access_time = 2021-10-26 16:17:46.713588773 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = True}]}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 45723
         secure               = False
         requestHeaders       = [("Cookie","RuncibleSpoon=eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA;TheyDinedOnMince=lJOggbyb1ZSPFLP5U2JsooN9zm1Lo9/AQQ6Wi494Wa0="),("AndSlicesOfQuince","lJOggbyb1ZSPFLP5U2JsooN9zm1Lo9/AQQ6Wi494Wa0="),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 33 tests)
         User {name = "\ESC=P\24653XZ^\94625\NUL\133214ft\131737:", _id = ":8\1026473\ETX\f\143146\"!,&\1053013@,`F&L.\SYN\ENQ\SI\153566Gz\1064280"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/Setting cookies/sets cookies that it itself accepts/"

  test/Servant/Auth/ServerSpec.hs:138:5: 
  6) Servant.Auth.Server, The Auth combinator, Setting cookies, uses the Expiry from the configuration
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 34237
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=blah; RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("AndSlicesOfQuince","blah"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:46 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 34237
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=blah; RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("AndSlicesOfQuince","blah"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/Setting cookies/uses the Expiry from the configuration/"

  test/Servant/Auth/ServerSpec.hs:150:5: 
  7) Servant.Auth.Server, The Auth combinator, Setting cookies, sets the token cookie as HttpOnly
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 41767
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=blah; RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("AndSlicesOfQuince","blah"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:47 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 41767
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=blah; RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("AndSlicesOfQuince","blah"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/Setting cookies/sets the token cookie as HttpOnly/"

  test/Servant/Auth/ServerSpec.hs:188:9: 
  8) Servant.Auth.Server, The Auth combinator, With XSRF check, succeeds if XSRF header and cookie match, and JWT is valid
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 37401
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=blah; RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("AndSlicesOfQuince","blah"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:48 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 37401
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=blah; RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("AndSlicesOfQuince","blah"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/With XSRF check/succeeds if XSRF header and cookie match, and JWT is valid/"

  test/Servant/Auth/ServerSpec.hs:197:9: 
  9) Servant.Auth.Server, The Auth combinator, With XSRF check, sets and clears the right cookies
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 36373
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=lwAk78e5tUxSwFZE/EeJ5hV4gL70DXWC8Qd+JRl/5Dw=;RuncibleSpoon=eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA"),("AndSlicesOfQuince","lwAk78e5tUxSwFZE/EeJ5hV4gL70DXWC8Qd+JRl/5Dw="),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:48 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = [Cookie {cookie_name = "RuncibleSpoon", cookie_value = "eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:48.789075727 UTC, cookie_last_access_time = 2021-10-26 16:17:48.791391393 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = True},Cookie {cookie_name = "TheyDinedOnMince", cookie_value = "lwAk78e5tUxSwFZE/EeJ5hV4gL70DXWC8Qd+JRl/5Dw=", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:48.789075727 UTC, cookie_last_access_time = 2021-10-26 16:17:48.791391393 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = False}]}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 36373
         secure               = False
         requestHeaders       = [("Cookie","TheyDinedOnMince=lwAk78e5tUxSwFZE/EeJ5hV4gL70DXWC8Qd+JRl/5Dw=;RuncibleSpoon=eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA"),("AndSlicesOfQuince","lwAk78e5tUxSwFZE/EeJ5hV4gL70DXWC8Qd+JRl/5Dw="),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 33 tests)
         User {name = "\ESC=P\24653XZ^\94625\NUL\133214ft\131737:", _id = ":8\1026473\ETX\f\143146\"!,&\1053013@,`F&L.\SYN\ENQ\SI\153566Gz\1064280"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/With XSRF check/sets and clears the right cookies/"

  test/Servant/Auth/ServerSpec.hs:232:9: 
  10) Servant.Auth.Server, The Auth combinator, With no XSRF check for GET requests, succeeds with no XSRF header or cookie for GET
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 38095
         secure               = False
         requestHeaders       = [("Cookie","RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:49 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 38095
         secure               = False
         requestHeaders       = [("Cookie","RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/With no XSRF check for GET requests/succeeds with no XSRF header or cookie for GET/"

  test/Servant/Auth/ServerSpec.hs:249:9: 
  11) Servant.Auth.Server, The Auth combinator, With no XSRF check at all, succeeds with no XSRF header or cookie for GET
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 43697
         secure               = False
         requestHeaders       = [("Cookie","RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:49 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 43697
         secure               = False
         requestHeaders       = [("Cookie","RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IvCilYXourtGO1x1MDAxMl4l9IicgVlcdTAwMDY287iDtvCkvoRGdX5cdTAwMGZg6JSq4bWXXHUwMDE087OmtzMiLCJfaWQiOiJcdTAwMDZ1XHUwMDEyZVx1MDAxZVkifX0.v8QI83mUhOHIC-S4y7FSBjDpEOc9m5m9SdGyJ8f_FuE"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/With no XSRF check at all/succeeds with no XSRF header or cookie for GET/"

  test/Servant/Auth/ServerSpec.hs:256:9: 
  12) Servant.Auth.Server, The Auth combinator, With no XSRF check at all, succeeds with no XSRF header or cookie for POST
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 45245
         secure               = False
         requestHeaders       = [("Content-Type","application/json"),("Cookie","RuncibleSpoon=eyJhbGciOiJIUzI1NiJ9.eyJkYXQiOnsibmFtZSI6IkxieVVcdTAwMWR_75OeWlx1MDAwYyB5X_Cjrb00RFx1MDAxNCIsIl9pZCI6Ilx1MDAwN383PFx1MDAxM1x1MDAwZjBdSm5QXHUwMDFjYUUj8768rFx1MDAwY_O_sawifX0.Gl1lCgjuuq-SZfTe8QHFK_QHSv6qDdyxLA-i_DJA8nc"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "POST"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (ConnectionFailure Network.Socket.connect: <socket: 8>: does not exist (Connection refused))
       (after 40 tests and 1 shrink)
         User {name = "LbyU\GS\DEL\62686Z\f y_\146301\&4D\DC4", _id = "\a\DEL7<\DC3\SI0]JnP\FSaE#\1044268\f\1047660"}
         0

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/With no XSRF check at all/succeeds with no XSRF header or cookie for POST/"

  test/Servant/Auth/ServerSpec.hs:263:9: 
  13) Servant.Auth.Server, The Auth combinator, With no XSRF check at all, sets and clears the right cookies
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 41817
         secure               = False
         requestHeaders       = [("Cookie","NO-XSRF-TOKEN=;RuncibleSpoon=eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:50 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = [Cookie {cookie_name = "RuncibleSpoon", cookie_value = "eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:50.314533188 UTC, cookie_last_access_time = 2021-10-26 16:17:50.316397741 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = True},Cookie {cookie_name = "NO-XSRF-TOKEN", cookie_value = "", cookie_expiry_time = 2070-01-01 00:00:00 UTC, cookie_domain = "localhost", cookie_path = "/", cookie_creation_time = 2021-10-26 16:17:50.314533188 UTC, cookie_last_access_time = 2021-10-26 16:17:50.316397741 UTC, cookie_persistent = True, cookie_host_only = True, cookie_secure_only = False, cookie_http_only = False}]}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 41817
         secure               = False
         requestHeaders       = [("Cookie","NO-XSRF-TOKEN=;RuncibleSpoon=eyJhbGciOiJIUzUxMiJ9.eyJkYXQiOnsibmFtZSI6Ilx1MDAxYj1Q5oGNWFpe8JeGoVx1MDAwMPCgoZ5mdPCgipk6IiwiX2lkIjoiOjjzuqapXHUwMDAzXHUwMDBj8KK8qlwiISwm9IGFlUAsYEYmTC5cdTAwMTZcdTAwMDVcdTAwMGbwpZ-eR3r0g7WYIn0sImV4cCI6MzE1NTc2MDAwMH0.p_26K9JVMH_QCyi7WC-OWTW8fFPTuheGohR1XZiAtN6socf4atliKProg2gZxku4FqZY-T8u7wmpWPmFvFNEmA"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 33 tests)
         User {name = "\ESC=P\24653XZ^\94625\NUL\133214ft\131737:", _id = ":8\1026473\ETX\f\143146\"!,&\1053013@,`F&L.\SYN\ENQ\SI\153566Gz\1064280"}

  To rerun use: --match "/Servant.Auth.Server/The Auth combinator/With no XSRF check at all/sets and clears the right cookies/"

  test/Servant/Auth/ServerSpec.hs:309:3: 
  14) Servant.Auth.Server, The JWT combinator, succeeds if 'aud' does match predicate
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 35041
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:50 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 35041
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 1 test)
         User {name = "", _id = ""}

  To rerun use: --match "/Servant.Auth.Server/The JWT combinator/succeeds if 'aud' does match predicate/"

  test/Servant/Auth/ServerSpec.hs:330:3: 
  15) Servant.Auth.Server, The JWT combinator, succeeds if 'exp' is set to a future date
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 41189
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:51 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 41189
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 33 tests)
         User {name = "\ESC=P\24653XZ^\94625\NUL\133214ft\131737:", _id = ":8\1026473\ETX\f\143146\"!,&\1053013@,`F&L.\SYN\ENQ\SI\153566Gz\1064280"}

  To rerun use: --match "/Servant.Auth.Server/The JWT combinator/succeeds if 'exp' is set to a future date/"

  test/Servant/Auth/ServerSpec.hs:351:3: 
  16) Servant.Auth.Server, The JWT combinator, suceeds as wreq's oauth2Bearer
       uncaught exception: HttpException
       HttpExceptionRequest Request {
         host                 = "localhost"
         port                 = 43019
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
        (StatusCodeException (Response {responseStatus = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseVersion = HTTP/1.1, responseHeaders = [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:17:52 GMT"),("Server","Warp/3.3.17")], responseBody = (), responseCookieJar = CJ {expose = []}, responseClose' = ResponseClose, responseOriginalRequest = Request {
         host                 = "localhost"
         port                 = 43019
         secure               = False
         requestHeaders       = [("Authorization","<REDACTED>"),("User-Agent","haskell wreq-0.5.3.3")]
         path                 = "/"
         queryString          = ""
         method               = "GET"
         proxy                = Nothing
         rawBody              = False
         redirectCount        = 10
         responseTimeout      = ResponseTimeoutDefault
         requestVersion       = HTTP/1.1
         proxySecureMode      = ProxySecureWithConnect
       }
       }) "")
       (after 53 tests)
         User {name = "\140613\36539F;\DC2^%\1083137Y\ACK6\1016054\151428Fu~\SI`\34090\7511\DC4\997815\&3", _id = "\ACKu\DC2e\RSY"}

  To rerun use: --match "/Servant.Auth.Server/The JWT combinator/suceeds as wreq's oauth2Bearer/"

Randomized with seed 2015530381

Finished in 8.2452 seconds
33 examples, 16 failures, 2 pending
Test suite spec: FAIL

@akhesaCaro
Copy link
Contributor Author

akhesaCaro commented Oct 26, 2021
edited
Loading

servant-auth-client

Test suite spec: RUNNING...

Servant.Auth.Client
  The JWT combinator
    HasClient
      succeeds when the token does not have expiry FAILED [1]
      succeeds when the token is not expired FAILED [2]
      fails when token is expired
        +++ OK, passed 100 tests.

Failures:

  test/Servant/Auth/ClientSpec.hs:66:7: 
  1) Servant.Auth.Client, The JWT combinator, HasClient, succeeds when the token does not have expiry
       Falsifiable (after 18 tests):
         User {name = "\1027657\r\1045135h~H\NAK!", _id = "a"}
       expected: Right 8
        but got: Left (FailureResponse (Request {requestPath = (BaseUrl {baseUrlScheme = Http, baseUrlHost = "localhost", baseUrlPort = 42305, baseUrlPath = ""},""), requestQueryString = fromList [], requestBody = Nothing, requestAccept = fromList [application/json;charset=utf-8,application/json], requestHeaders = fromList [("Authorization","<REDACTED>")]), requestHttpVersion = HTTP/1.1, requestMethod = "GET"} (Response {responseStatusCode = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseHeaders = fromList [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:42:32 GMT"),("Server","Warp/3.3.17")], responseHttpVersion = HTTP/1.1, responseBody = ""}))

  To rerun use: --match "/Servant.Auth.Client/The JWT combinator/HasClient/succeeds when the token does not have expiry/"

  test/Servant/Auth/ClientSpec.hs:71:7: 
  2) Servant.Auth.Client, The JWT combinator, HasClient, succeeds when the token is not expired
       Falsifiable (after 13 tests):
         User {name = "\4452t", _id = ""}
       expected: Right 2
        but got: Left (FailureResponse (Request {requestPath = (BaseUrl {baseUrlScheme = Http, baseUrlHost = "localhost", baseUrlPort = 43133, baseUrlPath = ""},""), requestQueryString = fromList [], requestBody = Nothing, requestAccept = fromList [application/json;charset=utf-8,application/json], requestHeaders = fromList [("Authorization","<REDACTED>")]), requestHttpVersion = HTTP/1.1, requestMethod = "GET"} (Response {responseStatusCode = Status {statusCode = 401, statusMessage = "Unauthorized"}, responseHeaders = fromList [("Transfer-Encoding","chunked"),("Date","Tue, 26 Oct 2021 16:42:32 GMT"),("Server","Warp/3.3.17")], responseHttpVersion = HTTP/1.1, responseBody = ""}))

  To rerun use: --match "/Servant.Auth.Client/The JWT combinator/HasClient/succeeds when the token is not expired/"

Randomized with seed 524635070

Finished in 0.1085 seconds
3 examples, 2 failures
Test suite spec: FAIL

@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch 4 times, most recently from 8fb2c2b to bd4d570 Compare October 26, 2021 17:10
@akhesaCaro akhesaCaro marked this pull request as ready for review October 26, 2021 17:19
@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch from bd4d570 to b9951a1 Compare October 26, 2021 20:29
@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch 2 times, most recently from 2e2af6b to 46a1bec Compare October 27, 2021 16:30
@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch from 46a1bec to fe4882e Compare October 27, 2021 16:31
@akhesaCaro akhesaCaro force-pushed the monorepo_servant_auth branch from fe4882e to e05826a Compare October 27, 2021 16:32
@akhesaCaro akhesaCaro merged commit bd9e4b1 into haskell-servant:master Oct 29, 2021
@akhesaCaro akhesaCaro deleted the monorepo_servant_auth branch October 29, 2021 13:03
@akhesaCaro akhesaCaro restored the monorepo_servant_auth branch October 29, 2021 13:03
This was referenced Oct 29, 2021
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gdeest gdeest gdeest approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@akhesaCaro @gdeest