mirror of
https://github.com/TwiN/gatus.git
synced 2024-12-22 14:41:01 +01:00
test(security): Add tests for basic auth with bcrypt
This commit is contained in:
parent
9cb8c37298
commit
c466542990
@ -2,7 +2,7 @@ package security
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestBasicConfig_IsValid(t *testing.T) {
|
||||
func TestBasicConfig_IsValidUsingSHA512(t *testing.T) {
|
||||
basicConfig := &BasicConfig{
|
||||
Username: "admin",
|
||||
PasswordSha512Hash: Sha512("test"),
|
||||
@ -12,7 +12,7 @@ func TestBasicConfig_IsValid(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestBasicConfig_IsValidWhenPasswordIsInvalid(t *testing.T) {
|
||||
func TestBasicConfig_IsValidWhenPasswordIsInvalidUsingSHA512(t *testing.T) {
|
||||
basicConfig := &BasicConfig{
|
||||
Username: "admin",
|
||||
PasswordSha512Hash: "",
|
||||
@ -21,3 +21,23 @@ func TestBasicConfig_IsValidWhenPasswordIsInvalid(t *testing.T) {
|
||||
t.Error("basicConfig shouldn't have been valid")
|
||||
}
|
||||
}
|
||||
|
||||
func TestBasicConfig_IsValidUsingBcrypt(t *testing.T) {
|
||||
basicConfig := &BasicConfig{
|
||||
Username: "admin",
|
||||
PasswordBcryptHashBase64Encoded: "JDJhJDA4JDFoRnpPY1hnaFl1OC9ISlFsa21VS09wOGlPU1ZOTDlHZG1qeTFvb3dIckRBUnlHUmNIRWlT",
|
||||
}
|
||||
if !basicConfig.isValid() {
|
||||
t.Error("basicConfig should've been valid")
|
||||
}
|
||||
}
|
||||
|
||||
func TestBasicConfig_IsValidWhenPasswordIsInvalidUsingBcrypt(t *testing.T) {
|
||||
basicConfig := &BasicConfig{
|
||||
Username: "admin",
|
||||
PasswordBcryptHashBase64Encoded: "",
|
||||
}
|
||||
if basicConfig.isValid() {
|
||||
t.Error("basicConfig shouldn't have been valid")
|
||||
}
|
||||
}
|
||||
|
@ -23,6 +23,7 @@ func TestConfig_ApplySecurityMiddleware(t *testing.T) {
|
||||
///////////
|
||||
// BASIC //
|
||||
///////////
|
||||
// SHA512 (DEPRECATED)
|
||||
c := &Config{Basic: &BasicConfig{
|
||||
Username: "john.doe",
|
||||
PasswordSha512Hash: "6b97ed68d14eb3f1aa959ce5d49c7dc612e1eb1dafd73b1e705847483fd6a6c809f2ceb4e8df6ff9984c6298ff0285cace6614bf8daa9f0070101b6c89899e22",
|
||||
@ -31,7 +32,9 @@ func TestConfig_ApplySecurityMiddleware(t *testing.T) {
|
||||
api.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
})
|
||||
c.ApplySecurityMiddleware(api)
|
||||
if err := c.ApplySecurityMiddleware(api); err != nil {
|
||||
t.Error("expected no error, but was", err)
|
||||
}
|
||||
// Try to access the route without basic auth
|
||||
request, _ := http.NewRequest("GET", "/test", http.NoBody)
|
||||
responseRecorder := httptest.NewRecorder()
|
||||
@ -47,6 +50,33 @@ func TestConfig_ApplySecurityMiddleware(t *testing.T) {
|
||||
if responseRecorder.Code != http.StatusOK {
|
||||
t.Error("expected code to be 200, but was", responseRecorder.Code)
|
||||
}
|
||||
// Bcrypt
|
||||
c = &Config{Basic: &BasicConfig{
|
||||
Username: "john.doe",
|
||||
PasswordBcryptHashBase64Encoded: "JDJhJDA4JDFoRnpPY1hnaFl1OC9ISlFsa21VS09wOGlPU1ZOTDlHZG1qeTFvb3dIckRBUnlHUmNIRWlT",
|
||||
}}
|
||||
api = mux.NewRouter()
|
||||
api.HandleFunc("/test", func(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
})
|
||||
if err := c.ApplySecurityMiddleware(api); err != nil {
|
||||
t.Error("expected no error, but was", err)
|
||||
}
|
||||
// Try to access the route without basic auth
|
||||
request, _ = http.NewRequest("GET", "/test", http.NoBody)
|
||||
responseRecorder = httptest.NewRecorder()
|
||||
api.ServeHTTP(responseRecorder, request)
|
||||
if responseRecorder.Code != http.StatusUnauthorized {
|
||||
t.Error("expected code to be 401, but was", responseRecorder.Code)
|
||||
}
|
||||
// Try again, but with basic auth
|
||||
request, _ = http.NewRequest("GET", "/test", http.NoBody)
|
||||
responseRecorder = httptest.NewRecorder()
|
||||
request.SetBasicAuth("john.doe", "hunter2")
|
||||
api.ServeHTTP(responseRecorder, request)
|
||||
if responseRecorder.Code != http.StatusOK {
|
||||
t.Error("expected code to be 200, but was", responseRecorder.Code)
|
||||
}
|
||||
//////////
|
||||
// OIDC //
|
||||
//////////
|
||||
@ -63,7 +93,9 @@ func TestConfig_ApplySecurityMiddleware(t *testing.T) {
|
||||
verifier: nil,
|
||||
}
|
||||
c.Basic = nil
|
||||
c.ApplySecurityMiddleware(api)
|
||||
if err := c.ApplySecurityMiddleware(api); err != nil {
|
||||
t.Error("expected no error, but was", err)
|
||||
}
|
||||
// Try without any session cookie
|
||||
request, _ = http.NewRequest("GET", "/test", http.NoBody)
|
||||
responseRecorder = httptest.NewRecorder()
|
||||
|
Loading…
Reference in New Issue
Block a user