Permalink
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
125 lines (111 sloc) 3.52 KB
// Singed Cookie implementation for WCG.
//
// Copyright (C) 2014 Yohei Sasaki
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
package wcg
import (
"encoding/base64"
"net/http"
"net/http/httptest"
"testing"
)
func TestSignedCookie(t *testing.T) {
key := "whitelove"
uc := new(http.Cookie)
uc.Name = "rawcookie"
uc.Value = "ilovespeed"
sc := new(http.Cookie)
sc.Name = uc.Name
sc.Value = Sign(uc.Value, key)
r, _ := http.NewRequest("GET", "http://example.com/foo", nil)
r.AddCookie(sc)
req := NewRequest(r)
c, err := req.SignedCookie(sc.Name, key)
if c.Value != uc.Value {
t.Errorf("SingedCookie error: (%q)\n"+
"\twant: %q\n\tgot:%q", err, uc.Value, c.Value)
}
// invalid key case.
c, err = req.SignedCookie(sc.Name, "invalidkey")
if c != nil {
t.Errorf("SingedCookie should not return a cookie but got %v", c)
}
if err != ErrSignatureModified {
t.Errorf("SignedCookie should return an ErrSignatureModified if invalid key is passed, but got none")
}
// not found case.
c, err = req.SignedCookie("notfound", key)
if c != nil {
t.Errorf("SingedCookie should not return a cookie but got %v", c)
}
if err != http.ErrNoCookie {
t.Errorf("SignedCookie should return http.ErrNoCookie but got %v", err)
}
// invalid format value passed from a client.
sc.Value = "foo"
r, _ = http.NewRequest("GET", "http://example.com/foo", nil)
r.AddCookie(sc)
req = NewRequest(r)
c, err = req.SignedCookie(sc.Name, key)
if err != ErrWrongSignatureFormat {
t.Errorf("SignedCookie should return ErrWrongSignatureFormat but got %v", err)
}
}
func TestSetSignedCookie(t *testing.T) {
key := "whitelove"
uc := new(http.Cookie)
uc.Name = "rawcookie"
uc.Value = "ilovespeed"
sc := new(http.Cookie)
sc.Name = uc.Name
sc.Value = Sign(uc.Value, key)
w := httptest.NewRecorder()
r, _ := http.NewRequest("GET", "http://example.com/foo", nil)
req := NewRequest(r)
res := NewResponse(w, req)
res.SetSignedCookie(uc, key)
c := ParseCookie(w.Header().Get("set-cookie"))
if c.Value != sc.Value {
t.Errorf("SetSingedCookie error:\n"+
"\twant: %q\n\tgot:%q", sc.Value, c.Value)
}
}
func TestSignAndUnsign(t *testing.T) {
str := "ilovespeed"
key := "whitelove"
signed := Sign(str, key)
unsigned, err := Unsign(signed, key)
if err != nil {
t.Errorf("Unsign should not return error, but got: %s", err)
}
if str != unsigned {
t.Errorf("Unsign should return the original string, but got: %s", unsigned)
}
// unsign mismatch
_, err = Unsign(signed, "snowkiss")
if err != ErrSignatureModified {
t.Errorf("Unsign should return ErrSignatureModified if the wrong key is passed but got %v", err)
}
// wrong format
_, err = Unsign(base64.StdEncoding.EncodeToString([]byte("speed")), key)
if err != ErrWrongSignatureFormat {
t.Errorf("Unsign should return ErrWrongSignatureFormat if the wrong format is passed.")
}
// non-base64 string.
_, err = Unsign("foo", key)
if err != ErrWrongSignatureFormat {
t.Errorf("Unsign should return an ErrWrongSignatureFormat if the non-base64 value is passed.")
}
}