wn/traefik-forward-auth
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Redirect to login on cookie expiry + simplify ValidateCookie function

Browse Source 
Possible fix for #31
This commit is contained in:
Thom Seddon
2019-06-13 15:13:52 +01:00
parent 3e92400202
commit 3e6ccc8f45
5 changed files with 86 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
internal/auth_test.go
View File

@ -24,28 +24,24 @@ func TestAuthValidateCookie(t *testing.T) {
// Should require 3 parts
c.Value = ""
valid, _, err := ValidateCookie(r, c)
assert.False(valid)
_, err := ValidateCookie(r, c)
if assert.Error(err) {
assert.Equal("Invalid cookie format", err.Error())
}
c.Value = "1|2"
valid, _, err = ValidateCookie(r, c)
assert.False(valid)
_, err = ValidateCookie(r, c)
if assert.Error(err) {
assert.Equal("Invalid cookie format", err.Error())
}
c.Value = "1|2|3|4"
valid, _, err = ValidateCookie(r, c)
assert.False(valid)
_, err = ValidateCookie(r, c)
if assert.Error(err) {
assert.Equal("Invalid cookie format", err.Error())
}
// Should catch invalid mac
c.Value = "MQ==|2|3"
valid, _, err = ValidateCookie(r, c)
assert.False(valid)
_, err = ValidateCookie(r, c)
if assert.Error(err) {
assert.Equal("Invalid cookie mac", err.Error())
}
@ -53,8 +49,7 @@ func TestAuthValidateCookie(t *testing.T) {
// Should catch expired
config.Lifetime = time.Second * time.Duration(-1)
c = MakeCookie(r, "test@test.com")
valid, _, err = ValidateCookie(r, c)
assert.False(valid)
_, err = ValidateCookie(r, c)
if assert.Error(err) {
assert.Equal("Cookie has expired", err.Error())
}
@ -62,8 +57,7 @@ func TestAuthValidateCookie(t *testing.T) {
// Should accept valid cookie
config.Lifetime = time.Second * time.Duration(10)
c = MakeCookie(r, "test@test.com")
valid, email, err := ValidateCookie(r, c)
assert.True(valid, "valid request should return valid")
email, err := ValidateCookie(r, c)
assert.Nil(err, "valid request should not return an error")
assert.Equal("test@test.com", email, "valid request should return user email")
}
@ -244,8 +238,8 @@ func TestAuthMakeCookie(t *testing.T) {
assert.Equal("_forward_auth", c.Name)
parts := strings.Split(c.Value, "|")
assert.Len(parts, 3, "cookie should be 3 parts")
valid, _, _ := ValidateCookie(r, c)
assert.True(valid, "should generate valid cookie")
_, err := ValidateCookie(r, c)
assert.Nil(err, "should generate valid cookie")
assert.Equal("/", c.Path)
assert.Equal("app.example.com", c.Domain)
assert.True(c.Secure)