forked from TrueCloudLab/distribution
2c3d738a05
The auth package has been updated to use "golang.org/x/net/context" for passing information between the application and the auth backend. AccessControllers should now set a "auth.user" context value to a AuthUser struct containing a single "Name" field for now with possible, optional, values in the future. The "silly" auth backend always sets the name to "silly", while the "token" auth backend will set the name to match the "subject" claim of the JWT. Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
70 lines
1.7 KiB
Go
70 lines
1.7 KiB
Go
package silly
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/docker/distribution/auth"
|
|
"golang.org/x/net/context"
|
|
)
|
|
|
|
func TestSillyAccessController(t *testing.T) {
|
|
ac := &accessController{
|
|
realm: "test-realm",
|
|
service: "test-service",
|
|
}
|
|
|
|
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
ctx := context.WithValue(nil, "http.request", r)
|
|
authCtx, err := ac.Authorized(ctx)
|
|
if err != nil {
|
|
switch err := err.(type) {
|
|
case auth.Challenge:
|
|
err.ServeHTTP(w, r)
|
|
return
|
|
default:
|
|
t.Fatalf("unexpected error authorizing request: %v", err)
|
|
}
|
|
}
|
|
|
|
userInfo, ok := authCtx.Value("auth.user").(auth.UserInfo)
|
|
if !ok {
|
|
t.Fatal("silly accessController did not set auth.user context")
|
|
}
|
|
|
|
if userInfo.Name != "silly" {
|
|
t.Fatalf("expected user name %q, got %q", "silly", userInfo.Name)
|
|
}
|
|
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}))
|
|
|
|
resp, err := http.Get(server.URL)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error during GET: %v", err)
|
|
}
|
|
defer resp.Body.Close()
|
|
|
|
// Request should not be authorized
|
|
if resp.StatusCode != http.StatusUnauthorized {
|
|
t.Fatalf("unexpected response status: %v != %v", resp.StatusCode, http.StatusUnauthorized)
|
|
}
|
|
|
|
req, err := http.NewRequest("GET", server.URL, nil)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error creating new request: %v", err)
|
|
}
|
|
req.Header.Set("Authorization", "seriously, anything")
|
|
|
|
resp, err = http.DefaultClient.Do(req)
|
|
if err != nil {
|
|
t.Fatalf("unexpected error during GET: %v", err)
|
|
}
|
|
defer resp.Body.Close()
|
|
|
|
// Request should not be authorized
|
|
if resp.StatusCode != http.StatusNoContent {
|
|
t.Fatalf("unexpected response status: %v != %v", resp.StatusCode, http.StatusNoContent)
|
|
}
|
|
}
|