-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathsigner_test.go
157 lines (133 loc) · 3.15 KB
/
signer_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
package signer
import (
"strings"
"testing"
)
var signTests = []struct {
name string
url string
validURL bool
hasError bool
}{
{
name: "signable query params",
url: "https://example.com/test?id=1",
validURL: true,
hasError: false,
},
{
name: "signable long path query params",
url: "https://example.com/password/reset/[email protected]",
validURL: true,
hasError: false,
},
{
name: "signable no query params",
url: "https://example.com/test",
validURL: true,
hasError: false,
},
{
name: "empty url",
url: "",
validURL: false,
hasError: true,
},
{
name: "not url",
url: "fish",
validURL: false,
hasError: true,
},
}
func TestSignature_SignURL(t *testing.T) {
sign := Signature{Secret: "abc123"}
for _, e := range signTests {
signed, err := sign.SignURL(e.url)
if e.validURL && !strings.Contains(signed, e.url) {
t.Errorf("%s: was not returned correctly", e.url)
}
if err == nil && e.hasError {
t.Errorf("%s: does not have error, and should", e.name)
}
if err != nil && !e.hasError {
t.Errorf("%s: has error, and should not have one", e.name)
}
if len(signed) > 0 && len(e.url) != 0 && e.validURL && e.hasError {
t.Errorf("%s: failed to sign non-empty, valid url", e.name)
}
if !e.validURL && err == nil {
t.Errorf("%s: signed non valid url", e.name)
}
}
}
var verifyTests = []struct {
name string
url string
validURL bool
shouldPass bool
}{
{
name: "valid url and sig",
url: "https://example.com/test?id=1",
shouldPass: true,
validURL: true,
},
{
name: "valid url and invalid sig",
url: "https://www.example.com/some/url",
shouldPass: false,
validURL: false,
},
{
name: "not a url",
url: "not a url",
shouldPass: false,
validURL: false,
},
}
func TestSignature_VerifyToken(t *testing.T) {
sign := Signature{Secret: "abc123"}
for _, e := range verifyTests {
var signed string
if e.validURL {
signed, _ = sign.SignURL(e.url)
} else {
signed = e.url
}
valid, err := sign.VerifyURL(signed)
if err != nil && e.validURL {
t.Errorf("%s: error when validating url %s", e.name, e.url)
}
if !valid && e.shouldPass {
t.Errorf("%s: valid token shows as invalid", e.name)
}
if valid && !e.validURL {
t.Errorf("%s: returned valid on non url %s", e.name, e.url)
}
}
}
func TestSignature_Expired(t *testing.T) {
sign := Signature{Secret: "abc123"}
signed, _ := sign.SignURL("http://example.com/test?id=1")
expired := sign.Expired(signed, 1)
if !expired {
t.Error("token shows expired when it should not")
}
expired = sign.Expired(signed, -1)
if expired {
t.Error("token shows that it is not expired when it should be")
}
}
func TestSignature_ExpiredSeconds(t *testing.T) {
sign := Signature{Secret: "abc123"}
signed, _ := sign.SignURL("http://example.com/test?id=1")
expired := sign.ExpiredSeconds(signed, 1)
if !expired {
t.Error("token shows expired when it should not")
}
expired = sign.ExpiredSeconds(signed, -1)
if expired {
t.Error("token shows that it is not expired when it should be")
}
}