-
Notifications
You must be signed in to change notification settings - Fork 348
Expand file tree
/
Copy pathdebug_auth_test.go
More file actions
105 lines (86 loc) · 2.52 KB
/
debug_auth_test.go
File metadata and controls
105 lines (86 loc) · 2.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
package root
import (
"bytes"
"encoding/base64"
"encoding/json"
"fmt"
"testing"
"time"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func buildTestJWT(claims map[string]any) string {
header := base64.RawURLEncoding.EncodeToString([]byte(`{"alg":"HS256","typ":"JWT"}`))
payload, _ := json.Marshal(claims)
payloadB64 := base64.RawURLEncoding.EncodeToString(payload)
sig := base64.RawURLEncoding.EncodeToString([]byte("fakesig"))
return fmt.Sprintf("%s.%s.%s", header, payloadB64, sig)
}
func TestParseAuthInfo_ValidToken(t *testing.T) {
t.Parallel()
now := time.Now()
exp := now.Add(time.Hour)
token := buildTestJWT(map[string]any{
"sub": "user-123",
"iss": "docker",
"iat": now.Unix(),
"exp": exp.Unix(),
})
info, err := parseAuthInfo(token)
require.NoError(t, err)
assert.Equal(t, token, info.Token)
assert.Equal(t, "user-123", info.Subject)
assert.Equal(t, "docker", info.Issuer)
assert.False(t, info.Expired)
assert.WithinDuration(t, now, info.IssuedAt, time.Second)
assert.WithinDuration(t, exp, info.ExpiresAt, time.Second)
}
func TestParseAuthInfo_ExpiredToken(t *testing.T) {
t.Parallel()
exp := time.Now().Add(-time.Hour)
token := buildTestJWT(map[string]any{
"sub": "user-456",
"exp": exp.Unix(),
})
info, err := parseAuthInfo(token)
require.NoError(t, err)
assert.True(t, info.Expired)
assert.Equal(t, "user-456", info.Subject)
}
func TestParseAuthInfo_InvalidToken(t *testing.T) {
t.Parallel()
_, err := parseAuthInfo("not-a-jwt")
require.Error(t, err)
}
func TestPrintAuthInfoText(t *testing.T) {
t.Parallel()
info := &authInfo{
Token: "eyJhbGciOiJIUzI1NiJ9.xxxxxxxxxxxx.yyyyyyyy1234567890",
Username: "testuser",
Email: "test@example.com",
Subject: "sub-123",
Issuer: "docker",
IssuedAt: time.Date(2025, 1, 1, 0, 0, 0, 0, time.UTC),
ExpiresAt: time.Date(2099, 1, 1, 0, 0, 0, 0, time.UTC),
Expired: false,
}
var buf bytes.Buffer
printAuthInfoText(&buf, info)
output := buf.String()
assert.Contains(t, output, "testuser")
assert.Contains(t, output, "test@example.com")
assert.Contains(t, output, "sub-123")
assert.Contains(t, output, "docker")
assert.Contains(t, output, "✅ Valid")
}
func TestPrintAuthInfoText_Expired(t *testing.T) {
t.Parallel()
info := &authInfo{
Token: "eyJhbGciOiJIUzI1NiJ9.xxxxxxxxxxxx.yyyyyyyy1234567890",
ExpiresAt: time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC),
Expired: true,
}
var buf bytes.Buffer
printAuthInfoText(&buf, info)
assert.Contains(t, buf.String(), "❌ Expired")
}