test: added more tests for auth with concrete type and nil case

Signed-off-by: Frederic BIDON <fredbi@yahoo.com>

Author: fredbi

middleware/route_authenticator_test.go

@@ -14,6 +14,8 @@ import (
 	"github.com/go-openapi/runtime"
 )
 
+const testAuthenticator = "auth1"
+
 type principalType struct {
 	Name string
 }
@@ -44,49 +46,80 @@ var (
 	noApplyAuth = runtime.AuthenticatorFunc(func(_ any) (bool, any, error) {
 		return false, nil, nil
 	})
-	successAuthWithPointer = runtime.AuthenticatorFunc(func(_ interface{}) (bool, interface{}, error) {
+	successAuthWithPointer = runtime.AuthenticatorFunc(func(_ any) (bool, any, error) {
 		return true, &principalType{Name: "the user"}, nil
 	})
-	failAuthWithPointer = runtime.AuthenticatorFunc(func(_ interface{}) (bool, interface{}, error) {
+	failAuthWithPointer = runtime.AuthenticatorFunc(func(_ any) (bool, any, error) {
 		var typedPrincipal *principalType
 		return true, typedPrincipal, errors.New("unauthenticated")
 	})
-	failAuthWithNilPointer = runtime.AuthenticatorFunc(func(_ interface{}) (bool, interface{}, error) {
+	failAuthWithNilPointer = runtime.AuthenticatorFunc(func(_ any) (bool, any, error) {
 		var typedPrincipal *principalType
 		return true, typedPrincipal, nil
 	})
 )
 
 func TestAuthenticateSingle(t *testing.T) {
-	ra := RouteAuthenticator{
-		Authenticator: map[string]runtime.Authenticator{
-			"auth1": successAuthWithPointer,
-		},
-		Schemes: []string{"auth1"},
-		Scopes:  map[string][]string{"auth1": nil},
-	}
-	ras := RouteAuthenticators([]RouteAuthenticator{ra})
-	require.FalseT(t, ras.AllowsAnonymous())
-
-	req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
-	route := &MatchedRoute{}
-	ok, prin, err := ras.Authenticate(req, route)
-	require.NoError(t, err)
-	require.TrueT(t, ok)
-	require.Equal(t, "the user", prin)
+	t.Parallel()
+
+	t.Run("with string", func(t *testing.T) {
+		t.Parallel()
+
+		ra := RouteAuthenticator{
+			Authenticator: map[string]runtime.Authenticator{
+				testAuthenticator: successAuth,
+			},
+			Schemes: []string{testAuthenticator},
+			Scopes:  map[string][]string{testAuthenticator: nil},
+		}
+		ras := RouteAuthenticators([]RouteAuthenticator{ra})
+		require.FalseT(t, ras.AllowsAnonymous())
+
+		req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
+		route := &MatchedRoute{}
+		ok, prin, err := ras.Authenticate(req, route)
+		require.NoError(t, err)
+		require.TrueT(t, ok)
+		require.Equal(t, "the user", prin)
+
+		require.Equal(t, ra, *route.Authenticator)
+	})
 
-	require.Equal(t, ra, *route.Authenticator)
+	t.Run("with pointer", func(t *testing.T) {
+		t.Parallel()
+
+		ra := RouteAuthenticator{
+			Authenticator: map[string]runtime.Authenticator{
+				testAuthenticator: successAuthWithPointer,
+			},
+			Schemes: []string{testAuthenticator},
+			Scopes:  map[string][]string{testAuthenticator: nil},
+		}
+		ras := RouteAuthenticators([]RouteAuthenticator{ra})
+		require.FalseT(t, ras.AllowsAnonymous())
+
+		req, _ := http.NewRequestWithContext(context.Background(), http.MethodGet, "/", nil)
+		route := &MatchedRoute{}
+		ok, prin, err := ras.Authenticate(req, route)
+		require.NoError(t, err)
+		require.TrueT(t, ok)
+		typed, ok := prin.(*principalType)
+		require.TrueT(t, ok)
+		require.EqualT(t, "the user", typed.Name)
+
+		require.Equal(t, ra, *route.Authenticator)
+	})
 }
 
 func TestAuthenticateWrong(t *testing.T) {
 	t.Run("with principal as a pointer to a concrete type", func(t *testing.T) {
 		t.Run("should authenticate", func(t *testing.T) {
 			ra := RouteAuthenticator{
 				Authenticator: map[string]runtime.Authenticator{
-					"auth1": successAuthWithPointer,
+					testAuthenticator: successAuthWithPointer,
 				},
-				Schemes: []string{"auth1"},
-				Scopes:  map[string][]string{"auth1": nil},
+				Schemes: []string{testAuthenticator},
+				Scopes:  map[string][]string{testAuthenticator: nil},
 			}
 			ras := RouteAuthenticators([]RouteAuthenticator{ra})
 
@@ -102,10 +135,10 @@ func TestAuthenticateWrong(t *testing.T) {
 		t.Run("should not authenticate", func(t *testing.T) {
 			ra := RouteAuthenticator{
 				Authenticator: map[string]runtime.Authenticator{
-					"auth1": failAuthWithPointer,
+					testAuthenticator: failAuthWithPointer,
 				},
-				Schemes: []string{"auth1"},
-				Scopes:  map[string][]string{"auth1": nil},
+				Schemes: []string{testAuthenticator},
+				Scopes:  map[string][]string{testAuthenticator: nil},
 			}
 			ras := RouteAuthenticators([]RouteAuthenticator{ra})
 
@@ -121,10 +154,10 @@ func TestAuthenticateWrong(t *testing.T) {
 		t.Run("should yield nil principal", func(t *testing.T) {
 			ra := RouteAuthenticator{
 				Authenticator: map[string]runtime.Authenticator{
-					"auth1": failAuthWithNilPointer,
+					testAuthenticator: failAuthWithNilPointer,
 				},
-				Schemes: []string{"auth1"},
-				Scopes:  map[string][]string{"auth1": nil},
+				Schemes: []string{testAuthenticator},
+				Scopes:  map[string][]string{testAuthenticator: nil},
 			}
 			ras := RouteAuthenticators([]RouteAuthenticator{ra})
 
@@ -134,7 +167,7 @@ func TestAuthenticateWrong(t *testing.T) {
 			route := &MatchedRoute{}
 			ok, prin, err := ras.Authenticate(req, route)
 			require.NoError(t, err)
-			require.True(t, ok)
+			require.FalseT(t, ok, "should not be authenticated: the principal is nil")
 			require.Nil(t, prin)
 		})
 	})
@@ -143,10 +176,10 @@ func TestAuthenticateWrong(t *testing.T) {
 func TestAuthenticateLogicalOr(t *testing.T) {
 	ra1 := RouteAuthenticator{
 		Authenticator: map[string]runtime.Authenticator{
-			"auth1": noApplyAuth,
+			testAuthenticator: noApplyAuth,
 		},
-		Schemes: []string{"auth1"},
-		Scopes:  map[string][]string{"auth1": nil},
+		Schemes: []string{testAuthenticator},
+		Scopes:  map[string][]string{testAuthenticator: nil},
 	}
 	ra2 := RouteAuthenticator{
 		Authenticator: map[string]runtime.Authenticator{
@@ -185,10 +218,10 @@ func TestAuthenticateLogicalOr(t *testing.T) {
 func TestAuthenticateLogicalAnd(t *testing.T) {
 	ra1 := RouteAuthenticator{
 		Authenticator: map[string]runtime.Authenticator{
-			"auth1": noApplyAuth,
+			testAuthenticator: noApplyAuth,
 		},
-		Schemes: []string{"auth1"},
-		Scopes:  map[string][]string{"auth1": nil},
+		Schemes: []string{testAuthenticator},
+		Scopes:  map[string][]string{testAuthenticator: nil},
 	}
 	authorizer := newCountAuthenticator(true, "the user", nil)
 	ra2 := RouteAuthenticator{
@@ -288,10 +321,10 @@ func TestAuthenticateTypedNilPrincipal(t *testing.T) {
 
 	ra := RouteAuthenticator{
 		Authenticator: map[string]runtime.Authenticator{
-			"auth1": typedNilAuth,
+			testAuthenticator: typedNilAuth,
 		},
-		Schemes: []string{"auth1"},
-		Scopes:  map[string][]string{"auth1": nil},
+		Schemes: []string{testAuthenticator},
+		Scopes:  map[string][]string{testAuthenticator: nil},
 	}
 	ras := RouteAuthenticators([]RouteAuthenticator{ra})
 
@@ -308,10 +341,10 @@ func TestAuthenticateTypedNilPrincipal(t *testing.T) {
 func TestAuthenticateOptional(t *testing.T) {
 	ra1 := RouteAuthenticator{
 		Authenticator: map[string]runtime.Authenticator{
-			"auth1": noApplyAuth,
+			testAuthenticator: noApplyAuth,
 		},
-		Schemes: []string{"auth1"},
-		Scopes:  map[string][]string{"auth1": nil},
+		Schemes: []string{testAuthenticator},
+		Scopes:  map[string][]string{testAuthenticator: nil},
 	}
 	ra2 := RouteAuthenticator{
 		allowAnonymous: true,
@@ -341,10 +374,10 @@ func TestAuthenticateOptional(t *testing.T) {
 
 	ra4 := RouteAuthenticator{
 		Authenticator: map[string]runtime.Authenticator{
-			"auth1": noApplyAuth,
+			testAuthenticator: noApplyAuth,
 		},
-		Schemes: []string{"auth1"},
-		Scopes:  map[string][]string{"auth1": nil},
+		Schemes: []string{testAuthenticator},
+		Scopes:  map[string][]string{testAuthenticator: nil},
 	}
 	ra5 := RouteAuthenticator{
 		allowAnonymous: true,