2015-05-07 14:10:48 -05:00
|
|
|
package setup
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2015-08-30 13:07:43 -05:00
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"strings"
|
2015-05-07 14:10:48 -05:00
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/mholt/caddy/middleware/basicauth"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestBasicAuth(t *testing.T) {
|
2015-06-20 08:59:33 -05:00
|
|
|
c := NewTestController(`basicauth user pwd`)
|
2015-05-07 14:10:48 -05:00
|
|
|
|
|
|
|
mid, err := BasicAuth(c)
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("Expected no errors, but got: %v", err)
|
|
|
|
}
|
|
|
|
if mid == nil {
|
|
|
|
t.Fatal("Expected middleware, was nil instead")
|
|
|
|
}
|
|
|
|
|
2015-06-20 08:59:33 -05:00
|
|
|
handler := mid(EmptyNext)
|
2015-05-07 14:10:48 -05:00
|
|
|
myHandler, ok := handler.(basicauth.BasicAuth)
|
|
|
|
if !ok {
|
|
|
|
t.Fatalf("Expected handler to be type BasicAuth, got: %#v", handler)
|
|
|
|
}
|
|
|
|
|
2015-06-20 08:59:33 -05:00
|
|
|
if !SameNext(myHandler.Next, EmptyNext) {
|
2015-05-07 14:10:48 -05:00
|
|
|
t.Error("'Next' field of handler was not set properly")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestBasicAuthParse(t *testing.T) {
|
2015-08-30 13:07:43 -05:00
|
|
|
htpasswdPasswd := "IedFOuGmTpT8"
|
|
|
|
htpasswdFile := `sha1:{SHA}dcAUljwz99qFjYR0YLTXx0RqLww=
|
|
|
|
md5:$apr1$l42y8rex$pOA2VJ0x/0TwaFeAF9nX61`
|
|
|
|
|
|
|
|
var skipHtpassword bool
|
2015-10-13 19:16:43 -05:00
|
|
|
htfh, err := ioutil.TempFile(".", "basicauth-")
|
2015-08-30 13:07:43 -05:00
|
|
|
if err != nil {
|
2015-09-10 16:04:33 -05:00
|
|
|
t.Logf("Error creating temp file (%v), will skip htpassword test", err)
|
2015-08-30 13:07:43 -05:00
|
|
|
skipHtpassword = true
|
|
|
|
} else {
|
|
|
|
if _, err = htfh.Write([]byte(htpasswdFile)); err != nil {
|
|
|
|
t.Fatalf("write htpasswd file %q: %v", htfh.Name(), err)
|
|
|
|
}
|
|
|
|
htfh.Close()
|
|
|
|
defer os.Remove(htfh.Name())
|
|
|
|
}
|
|
|
|
|
2015-05-07 14:10:48 -05:00
|
|
|
tests := []struct {
|
|
|
|
input string
|
|
|
|
shouldErr bool
|
2015-08-30 13:07:43 -05:00
|
|
|
password string
|
2015-05-07 14:10:48 -05:00
|
|
|
expected []basicauth.Rule
|
|
|
|
}{
|
2015-08-30 13:07:43 -05:00
|
|
|
{`basicauth user pwd`, false, "pwd", []basicauth.Rule{
|
|
|
|
{Username: "user"},
|
2015-05-07 14:10:48 -05:00
|
|
|
}},
|
|
|
|
{`basicauth user pwd {
|
2015-08-30 13:07:43 -05:00
|
|
|
}`, false, "pwd", []basicauth.Rule{
|
|
|
|
{Username: "user"},
|
2015-05-07 14:10:48 -05:00
|
|
|
}},
|
|
|
|
{`basicauth user pwd {
|
|
|
|
/resource1
|
|
|
|
/resource2
|
2015-08-30 13:07:43 -05:00
|
|
|
}`, false, "pwd", []basicauth.Rule{
|
|
|
|
{Username: "user", Resources: []string{"/resource1", "/resource2"}},
|
2015-05-07 14:10:48 -05:00
|
|
|
}},
|
2015-08-30 13:07:43 -05:00
|
|
|
{`basicauth /resource user pwd`, false, "pwd", []basicauth.Rule{
|
|
|
|
{Username: "user", Resources: []string{"/resource"}},
|
2015-05-07 14:10:48 -05:00
|
|
|
}},
|
|
|
|
{`basicauth /res1 user1 pwd1
|
2015-08-30 13:07:43 -05:00
|
|
|
basicauth /res2 user2 pwd2`, false, "pwd", []basicauth.Rule{
|
|
|
|
{Username: "user1", Resources: []string{"/res1"}},
|
|
|
|
{Username: "user2", Resources: []string{"/res2"}},
|
|
|
|
}},
|
|
|
|
{`basicauth user`, true, "", []basicauth.Rule{}},
|
|
|
|
{`basicauth`, true, "", []basicauth.Rule{}},
|
|
|
|
{`basicauth /resource user pwd asdf`, true, "", []basicauth.Rule{}},
|
|
|
|
|
|
|
|
{`basicauth sha1 htpasswd=` + htfh.Name(), false, htpasswdPasswd, []basicauth.Rule{
|
|
|
|
{Username: "sha1"},
|
2015-05-07 14:10:48 -05:00
|
|
|
}},
|
|
|
|
}
|
|
|
|
|
|
|
|
for i, test := range tests {
|
2015-06-20 08:59:33 -05:00
|
|
|
c := NewTestController(test.input)
|
2015-05-07 14:10:48 -05:00
|
|
|
actual, err := basicAuthParse(c)
|
|
|
|
|
|
|
|
if err == nil && test.shouldErr {
|
|
|
|
t.Errorf("Test %d didn't error, but it should have", i)
|
|
|
|
} else if err != nil && !test.shouldErr {
|
|
|
|
t.Errorf("Test %d errored, but it shouldn't have; got '%v'", i, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(actual) != len(test.expected) {
|
|
|
|
t.Fatalf("Test %d expected %d rules, but got %d",
|
|
|
|
i, len(test.expected), len(actual))
|
|
|
|
}
|
|
|
|
|
|
|
|
for j, expectedRule := range test.expected {
|
|
|
|
actualRule := actual[j]
|
|
|
|
|
|
|
|
if actualRule.Username != expectedRule.Username {
|
|
|
|
t.Errorf("Test %d, rule %d: Expected username '%s', got '%s'",
|
|
|
|
i, j, expectedRule.Username, actualRule.Username)
|
|
|
|
}
|
|
|
|
|
2015-08-30 13:07:43 -05:00
|
|
|
if strings.Contains(test.input, "htpasswd=") && skipHtpassword {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
pwd := test.password
|
|
|
|
if len(actual) > 1 {
|
|
|
|
pwd = fmt.Sprintf("%s%d", pwd, j+1)
|
|
|
|
}
|
|
|
|
if !actualRule.Password(pwd) || actualRule.Password(test.password+"!") {
|
2015-09-10 21:59:19 -05:00
|
|
|
t.Errorf("Test %d, rule %d: Expected password '%v', got '%v'",
|
2015-08-30 13:07:43 -05:00
|
|
|
i, j, test.password, actualRule.Password)
|
2015-05-07 14:10:48 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
expectedRes := fmt.Sprintf("%v", expectedRule.Resources)
|
|
|
|
actualRes := fmt.Sprintf("%v", actualRule.Resources)
|
|
|
|
if actualRes != expectedRes {
|
|
|
|
t.Errorf("Test %d, rule %d: Expected resource list %s, but got %s",
|
|
|
|
i, j, expectedRes, actualRes)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|