grpcoauth/auth_test.go at main · hyperscale-stack/grpcoauth · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
package grpcoauth

import (
	"context"
	"testing"

	"github.com/stretchr/testify/assert"
	"google.golang.org/grpc"
	"google.golang.org/grpc/metadata"
)

type FakeStreamServer struct {
	ctx context.Context
}

func (f *FakeStreamServer) SetHeader(metadata.MD) error {
	return nil
}

func (f *FakeStreamServer) SendHeader(metadata.MD) error {
	return nil
}

func (f *FakeStreamServer) SetTrailer(metadata.MD) {
}

func (f *FakeStreamServer) Context() context.Context {
	return f.ctx
}

func (f *FakeStreamServer) SendMsg(m interface{}) error {
	return nil
}

func (f *FakeStreamServer) RecvMsg(m interface{}) error {
	return nil
}

func TestStreamServerInterceptor(t *testing.T) {
	authF := func(ctx context.Context, creds *OAuthCredentials) (context.Context, error) {
		assert.Equal(t, "foo", creds.ClientID)
		assert.Equal(t, "bar", creds.ClientSecret)

		return ctx, nil
	}

	fss := &FakeStreamServer{
		ctx: metadata.NewIncomingContext(context.Background(), metadata.MD{
			"authorization": []string{"basic Zm9vOmJhcg=="},
		}),
	}

	err := StreamServerInterceptor(authF)(nil, fss, &grpc.StreamServerInfo{
		FullMethod: "/foo.bar",
	}, func(srv interface{}, stream grpc.ServerStream) error {

		return nil
	})
	assert.NoError(t, err)
}

func TestStreamServerInterceptorWithBadBasicAuthString(t *testing.T) {
	authF := func(ctx context.Context, creds *OAuthCredentials) (context.Context, error) {
		assert.Equal(t, "foo", creds.ClientID)
		assert.Equal(t, "bar", creds.ClientSecret)

		return ctx, nil
	}

	fss := &FakeStreamServer{
		ctx: metadata.NewIncomingContext(context.Background(), metadata.MD{
			"authorization": []string{"basic ="},
		}),
	}

	err := StreamServerInterceptor(authF)(nil, fss, &grpc.StreamServerInfo{
		FullMethod: "/foo.bar",
	}, func(srv interface{}, stream grpc.ServerStream) error {

		return nil
	})

	assert.EqualError(t, err, "rpc error: code = Unauthenticated desc = Basic auth invalid")
}

func TestStreamServerInterceptorWithBadBase64BasicAuthString(t *testing.T) {
	authF := func(ctx context.Context, creds *OAuthCredentials) (context.Context, error) {
		assert.Equal(t, "foo", creds.ClientID)
		assert.Equal(t, "bar", creds.ClientSecret)

		return ctx, nil
	}

	fss := &FakeStreamServer{
		ctx: metadata.NewIncomingContext(context.Background(), metadata.MD{
			"authorization": []string{"basic YmFk"},
		}),
	}

	err := StreamServerInterceptor(authF)(nil, fss, &grpc.StreamServerInfo{
		FullMethod: "/foo.bar",
	}, func(srv interface{}, stream grpc.ServerStream) error {

		return nil
	})

	assert.EqualError(t, err, "rpc error: code = Unauthenticated desc = Basic auth invalid")
}