diff --git a/pkg/session/session_test.go b/pkg/session/session_test.go index 91058696..99645410 100644 --- a/pkg/session/session_test.go +++ b/pkg/session/session_test.go @@ -66,3 +66,23 @@ func TestSessionTokenEncoding(t *testing.T) { require.Equal(t, tok, tok2) }) } + +func TestToken_VerifySignature(t *testing.T) { + t.Run("nil", func(t *testing.T) { + var tok *session.Token + + require.False(t, tok.VerifySignature()) + }) + + t.Run("unsigned", func(t *testing.T) { + tok := sessiontest.Generate() + + require.False(t, tok.VerifySignature()) + }) + + t.Run("signed", func(t *testing.T) { + tok := sessiontest.GenerateSigned() + + require.True(t, tok.VerifySignature()) + }) +} diff --git a/pkg/session/test/token.go b/pkg/session/test/token.go index 39249849..8d51720c 100644 --- a/pkg/session/test/token.go +++ b/pkg/session/test/token.go @@ -11,6 +11,8 @@ import ( ) // Generate returns random session.Token. +// +// Resulting token is unsigned. func Generate() *session.Token { tok := session.NewToken() @@ -33,3 +35,17 @@ func Generate() *session.Token { return tok } + +// GenerateSigned returns signed random session.Token. +// +// Panics if token could not be signed (actually unexpected). +func GenerateSigned() *session.Token { + tok := Generate() + + err := tok.Sign(test.DecodeKey(0)) + if err != nil { + panic(err) + } + + return tok +}