forked from adhearsion/mojoauth.go
/
mojoauth_test.go
88 lines (77 loc) · 2.63 KB
/
mojoauth_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package mojoauth
import (
"fmt"
"testing"
"time"
"unicode/utf8"
)
func TestCreateSecret(t *testing.T) {
const length = 93
if secret := CreateSecret(); utf8.RuneCountInString(secret) != length {
t.Errorf("CreateSecret created a string that wasn't %v characters", length)
}
}
func TestCorrectCredentialsWithId(t *testing.T) {
const user_id = "mojo"
secret := CreateSecret()
username, password := CreateCredentials(user_id, secret)
result, id := TestCredentials(username, password, secret)
if result == false {
t.Errorf("Credentials should have been valid")
}
if id != user_id {
t.Errorf("ID should have been %s, instead it was %s", user_id, id)
}
}
func TestCorrectCredentialsWithIdAndTTL(t *testing.T) {
const user_id = "mojo"
secret := CreateSecret()
username, password := CreateCredentials(user_id, secret, 10000)
result, id := TestCredentials(username, password, secret)
if result == false {
t.Errorf("Credentials should have been valid")
}
if id != user_id {
t.Errorf("ID should have been %s, instead it was %s", user_id, id)
}
}
func TestCorrectCredentialsWithoutId(t *testing.T) {
const user_id = ""
secret := CreateSecret()
username, password := CreateCredentials(user_id, secret)
result, id := TestCredentials(username, password, secret)
if result == false {
t.Errorf("Credentials should have been valid")
}
if id != user_id {
t.Errorf("ID should have been %s, instead it was %s", user_id, id)
}
}
func TestIncorrectCredentialsWithId(t *testing.T) {
const user_id = "mojo"
secret := CreateSecret()
username, password := CreateCredentials(user_id, secret)
result, _ := TestCredentials(username, "password", secret)
if result == true {
t.Errorf("Credentials should have been invalid with a wrong password")
}
result, _ = TestCredentials("username", password, secret)
if result == true {
t.Errorf("Credentials should have been invalid with a wrong username")
}
result, _ = TestCredentials(username, password, "this is wrong")
if result == true {
t.Errorf("Credentials should have been invalid with a different secret")
}
new_timestamp := time.Date(2020, time.October, 10, 23, 0, 0, 0, time.UTC)
forged_username := fmt.Sprintf("%d:%s", new_timestamp.Unix(), user_id)
result, _ = TestCredentials(forged_username, password, secret)
if result == true {
t.Errorf("Credentials should have been invalid with an username with a forged TTL")
}
old_timestamp := int(time.Date(2010, time.October, 10, 23, 0, 0, 0, time.UTC).Unix())
result, _ = TestCredentials(forged_username, password, secret, old_timestamp)
if result == true {
t.Errorf("Credentials should have been invalid with a timestamp that is expired")
}
}