mirror of
https://github.com/nais/wonderwall.git
synced 2026-05-01 22:16:44 +00:00
206 lines
4.7 KiB
Go
206 lines
4.7 KiB
Go
package cookie_test
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/nais/wonderwall/internal/crypto"
|
|
"github.com/nais/wonderwall/pkg/cookie"
|
|
)
|
|
|
|
var encryptionKey = `G8Roe6AcoBpdr5GhO3cs9iORl4XIC8eq` // 256 bits key
|
|
|
|
func TestMake(t *testing.T) {
|
|
opts := cookie.DefaultOptions()
|
|
|
|
name := "some-cookie"
|
|
value := "some-value"
|
|
|
|
result := cookie.Make(name, value, opts)
|
|
|
|
assert.True(t, result.Expires.IsZero())
|
|
assert.Equal(t, 0, result.MaxAge)
|
|
assert.True(t, result.HttpOnly)
|
|
assert.Equal(t, name, result.Name)
|
|
assert.Equal(t, value, result.Value)
|
|
assert.Equal(t, opts.SameSite, result.SameSite)
|
|
assert.Equal(t, opts.Secure, result.Secure)
|
|
assert.Equal(t, "/", result.Path)
|
|
assert.Empty(t, result.Domain)
|
|
}
|
|
|
|
func TestMakeWithDomain(t *testing.T) {
|
|
opts := cookie.DefaultOptions().WithDomain(".some.domain")
|
|
result := cookie.Make("some-cookie", "some-value", opts)
|
|
assert.Equal(t, ".some.domain", result.Domain)
|
|
}
|
|
|
|
func TestMakeWithPath(t *testing.T) {
|
|
for _, test := range []struct {
|
|
name string
|
|
path string
|
|
want string
|
|
}{
|
|
{
|
|
name: "path with multiple subpaths",
|
|
path: "/some/path",
|
|
want: "/some/path",
|
|
},
|
|
{
|
|
name: "empty path",
|
|
path: "",
|
|
want: "/",
|
|
},
|
|
{
|
|
name: "root path",
|
|
path: "/",
|
|
want: "/",
|
|
},
|
|
} {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
opts := cookie.DefaultOptions().WithPath(test.path)
|
|
result := cookie.Make("some-cookie", "some-value", opts)
|
|
assert.Equal(t, test.want, result.Path)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestClear(t *testing.T) {
|
|
opts := cookie.DefaultOptions()
|
|
name := "some-name"
|
|
|
|
writer := httptest.NewRecorder()
|
|
cookie.Clear(writer, name, opts)
|
|
|
|
cookies := writer.Result().Cookies()
|
|
|
|
var result *http.Cookie
|
|
for _, c := range cookies {
|
|
if c.Name == name {
|
|
result = c
|
|
}
|
|
}
|
|
|
|
assert.NotNil(t, result)
|
|
assert.True(t, result.Expires.Before(time.Now()))
|
|
assert.True(t, result.Expires.Equal(time.Unix(0, 0)))
|
|
assert.Equal(t, -1, result.MaxAge)
|
|
assert.True(t, result.HttpOnly)
|
|
assert.Equal(t, name, result.Name)
|
|
assert.Equal(t, "", result.Value)
|
|
assert.Equal(t, opts.SameSite, result.SameSite)
|
|
assert.Equal(t, opts.Secure, result.Secure)
|
|
assert.Equal(t, "/", result.Path)
|
|
}
|
|
|
|
func TestClearWithDomain(t *testing.T) {
|
|
opts := cookie.DefaultOptions().WithDomain(".some.domain")
|
|
name := "some-cookie"
|
|
|
|
writer := httptest.NewRecorder()
|
|
cookie.Clear(writer, name, opts)
|
|
|
|
cookies := writer.Result().Cookies()
|
|
|
|
var result *http.Cookie
|
|
for _, c := range cookies {
|
|
if c.Name == name {
|
|
result = c
|
|
}
|
|
}
|
|
|
|
assert.NotNil(t, result)
|
|
assert.Equal(t, "some.domain", result.Domain)
|
|
}
|
|
|
|
func TestClearWithPath(t *testing.T) {
|
|
for _, test := range []struct {
|
|
name string
|
|
path string
|
|
want string
|
|
}{
|
|
{
|
|
name: "path with multiple subpaths",
|
|
path: "/some/path",
|
|
want: "/some/path",
|
|
},
|
|
{
|
|
name: "empty path",
|
|
path: "",
|
|
want: "/",
|
|
},
|
|
{
|
|
name: "root path",
|
|
path: "/",
|
|
want: "/",
|
|
},
|
|
} {
|
|
t.Run(test.name, func(t *testing.T) {
|
|
opts := cookie.DefaultOptions().WithPath(test.path)
|
|
name := "some-cookie"
|
|
|
|
writer := httptest.NewRecorder()
|
|
cookie.Clear(writer, name, opts)
|
|
|
|
cookies := writer.Result().Cookies()
|
|
|
|
var result *http.Cookie
|
|
for _, c := range cookies {
|
|
if c.Name == name {
|
|
result = c
|
|
}
|
|
}
|
|
|
|
assert.NotNil(t, result)
|
|
assert.Equal(t, test.want, result.Path)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestCookie_Encrypt(t *testing.T) {
|
|
crypter := crypto.NewCrypter([]byte(encryptionKey))
|
|
|
|
opts := cookie.DefaultOptions()
|
|
name := "some-name"
|
|
value := "some-value"
|
|
|
|
plaintextCookie := cookie.Make(name, value, opts)
|
|
encryptedCookie, err := plaintextCookie.Encrypt(crypter)
|
|
assert.NoError(t, err)
|
|
assert.NotEqual(t, value, encryptedCookie.Value)
|
|
}
|
|
|
|
func TestCookie_Decrypt(t *testing.T) {
|
|
crypter := crypto.NewCrypter([]byte(encryptionKey))
|
|
|
|
opts := cookie.DefaultOptions()
|
|
name := "some-name"
|
|
value := "some-value"
|
|
|
|
plaintextCookie := cookie.Make(name, value, opts)
|
|
encryptedCookie, err := plaintextCookie.Encrypt(crypter)
|
|
assert.NoError(t, err)
|
|
assert.NotEqual(t, value, encryptedCookie.Value)
|
|
|
|
plaintext, err := encryptedCookie.Decrypt(crypter)
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, value, plaintext)
|
|
}
|
|
|
|
func TestCookieNames(t *testing.T) {
|
|
assert.Equal(t, "io.nais.wonderwall.callback", cookie.Login)
|
|
assert.Equal(t, "io.nais.wonderwall.logout", cookie.Logout)
|
|
assert.Equal(t, "io.nais.wonderwall.retry", cookie.Retry)
|
|
assert.Equal(t, "io.nais.wonderwall.session", cookie.Session)
|
|
|
|
cookie.ConfigureCookieNamesWithPrefix("some-prefix")
|
|
assert.Equal(t, "some-prefix.callback", cookie.Login)
|
|
assert.Equal(t, "some-prefix.logout", cookie.Logout)
|
|
assert.Equal(t, "some-prefix.retry", cookie.Retry)
|
|
assert.Equal(t, "some-prefix.session", cookie.Session)
|
|
}
|