package hmac import ( "encoding/base64" "strconv" "testing" "time" ) func TestGenerateCredentials(t *testing.T) { secret := "secret" timeToLive := 1 * time.Hour v := NewTimedHMAC(secret, timeToLive) creds, err := v.GenerateToken() if err != nil { t.Fatalf("expected no error, got %v", err) } if creds.Payload == "" { t.Fatalf("expected non-empty payload") } _, err = strconv.ParseInt(creds.Payload, 10, 64) if err != nil { t.Fatalf("expected payload to be a valid unix timestamp, got %v", err) } _, err = base64.StdEncoding.DecodeString(creds.Signature) if err != nil { t.Fatalf("expected signature to be base64 encoded, got %v", err) } } func TestValidateCredentials(t *testing.T) { secret := "supersecret" timeToLive := 1 * time.Hour manager := NewTimedHMAC(secret, timeToLive) // Test valid token creds, err := manager.GenerateToken() if err != nil { t.Fatalf("expected no error, got %v", err) } if err := manager.Validate(*creds); err != nil { t.Fatalf("expected valid token: %s", err) } } func TestInvalidSignature(t *testing.T) { secret := "supersecret" timeToLive := 1 * time.Hour manager := NewTimedHMAC(secret, timeToLive) creds, err := manager.GenerateToken() if err != nil { t.Fatalf("expected no error, got %v", err) } invalidCreds := &Token{ Payload: creds.Payload, Signature: "invalidsignature", } if err = manager.Validate(*invalidCreds); err == nil { t.Fatalf("expected invalid token due to signature mismatch") } } func TestExpired(t *testing.T) { secret := "supersecret" v := NewTimedHMAC(secret, -1*time.Hour) expiredCreds, err := v.GenerateToken() if err != nil { t.Fatalf("expected no error, got %v", err) } if err = v.Validate(*expiredCreds); err == nil { t.Fatalf("expected invalid token due to expiration") } } func TestInvalidPayload(t *testing.T) { secret := "supersecret" timeToLive := 1 * time.Hour v := NewTimedHMAC(secret, timeToLive) creds, err := v.GenerateToken() if err != nil { t.Fatalf("expected no error, got %v", err) } // Test invalid payload invalidPayloadCreds := &Token{ Payload: "invalidtimestamp", Signature: creds.Signature, } if err = v.Validate(*invalidPayloadCreds); err == nil { t.Fatalf("expected invalid token due to invalid payload") } }