From a38c78f14dd88f80fba97cb54127c4ad6c45816f Mon Sep 17 00:00:00 2001 From: ryokusnadi Date: Tue, 13 Jun 2023 23:35:33 +0700 Subject: [PATCH 1/2] Add Skipper Unit Test In BasicBasicAuthConfig and Add More detail explanation regarding BasicAuthValidator --- middleware/basic_auth.go | 2 ++ middleware/basic_auth_test.go | 19 ++++++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/middleware/basic_auth.go b/middleware/basic_auth.go index f9e8caafe..07a5761b8 100644 --- a/middleware/basic_auth.go +++ b/middleware/basic_auth.go @@ -25,6 +25,8 @@ type ( } // BasicAuthValidator defines a function to validate BasicAuth credentials. + // The function should return a boolean indicating whether the credentials are valid, + // and an error if any error occurs during the validation process. BasicAuthValidator func(string, string, echo.Context) (bool, error) ) diff --git a/middleware/basic_auth_test.go b/middleware/basic_auth_test.go index 20e769214..740d29c7a 100644 --- a/middleware/basic_auth_test.go +++ b/middleware/basic_auth_test.go @@ -1,6 +1,7 @@ package middleware import ( + "bytes" "encoding/base64" "net/http" "net/http/httptest" @@ -25,6 +26,17 @@ func TestBasicAuth(t *testing.T) { h := BasicAuth(f)(func(c echo.Context) error { return c.String(http.StatusOK, "test") }) + s := func(c echo.Context) bool { + auth := c.Request().Header.Get(echo.HeaderAuthorization) + if strings.HasPrefix(auth, basic) { + decoded, err := base64.StdEncoding.DecodeString(auth[len(basic)+1:]) + if err != nil { + return false + } + return bytes.Equal(decoded, []byte("joe:skip")) + } + return false + } // Valid credentials auth := basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:secret")) @@ -32,13 +44,18 @@ func TestBasicAuth(t *testing.T) { assert.NoError(t, h(c)) h = BasicAuthWithConfig(BasicAuthConfig{ - Skipper: nil, + Skipper: s, Validator: f, Realm: "someRealm", })(func(c echo.Context) error { return c.String(http.StatusOK, "test") }) + // Skipped Request + auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:skip")) + req.Header.Set(echo.HeaderAuthorization, auth) + assert.NoError(t, h(c)) + // Valid credentials auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:secret")) req.Header.Set(echo.HeaderAuthorization, auth) From 78026c1f2fbb05c1eac1c623edcf5b766e331ef6 Mon Sep 17 00:00:00 2001 From: ryokusnadi Date: Sat, 11 Nov 2023 17:32:22 +0700 Subject: [PATCH 2/2] Simplify Skipper Unit Test --- middleware/basic_auth_test.go | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/middleware/basic_auth_test.go b/middleware/basic_auth_test.go index 740d29c7a..2e133e071 100644 --- a/middleware/basic_auth_test.go +++ b/middleware/basic_auth_test.go @@ -1,7 +1,6 @@ package middleware import ( - "bytes" "encoding/base64" "net/http" "net/http/httptest" @@ -26,17 +25,6 @@ func TestBasicAuth(t *testing.T) { h := BasicAuth(f)(func(c echo.Context) error { return c.String(http.StatusOK, "test") }) - s := func(c echo.Context) bool { - auth := c.Request().Header.Get(echo.HeaderAuthorization) - if strings.HasPrefix(auth, basic) { - decoded, err := base64.StdEncoding.DecodeString(auth[len(basic)+1:]) - if err != nil { - return false - } - return bytes.Equal(decoded, []byte("joe:skip")) - } - return false - } // Valid credentials auth := basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:secret")) @@ -44,18 +32,12 @@ func TestBasicAuth(t *testing.T) { assert.NoError(t, h(c)) h = BasicAuthWithConfig(BasicAuthConfig{ - Skipper: s, Validator: f, Realm: "someRealm", })(func(c echo.Context) error { return c.String(http.StatusOK, "test") }) - // Skipped Request - auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:skip")) - req.Header.Set(echo.HeaderAuthorization, auth) - assert.NoError(t, h(c)) - // Valid credentials auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:secret")) req.Header.Set(echo.HeaderAuthorization, auth) @@ -89,4 +71,20 @@ func TestBasicAuth(t *testing.T) { req.Header.Set(echo.HeaderAuthorization, auth) he = h(c).(*echo.HTTPError) assert.Equal(t, http.StatusUnauthorized, he.Code) + + h = BasicAuthWithConfig(BasicAuthConfig{ + Validator: f, + Realm: "someRealm", + Skipper: func(c echo.Context) bool { + return true + }, + })(func(c echo.Context) error { + return c.String(http.StatusOK, "test") + }) + + // Skipped Request + auth = basic + " " + base64.StdEncoding.EncodeToString([]byte("joe:skip")) + req.Header.Set(echo.HeaderAuthorization, auth) + assert.NoError(t, h(c)) + }