From 58d555c8220630a9b2b0dcea696b2a3de2147d61 Mon Sep 17 00:00:00 2001 From: Max Mitchell Date: Tue, 12 Jan 2021 21:18:23 +0000 Subject: [PATCH] add tests --- internal/auth.go | 6 +++--- internal/auth_test.go | 16 ++++++++++++++++ 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/internal/auth.go b/internal/auth.go index 98892481..1fac6617 100644 --- a/internal/auth.go +++ b/internal/auth.go @@ -167,10 +167,10 @@ func useAuthDomain(r *http.Request) (bool, string) { // Cookie methods // MakeCookie creates an auth cookie -func MakeCookie(r *http.Request, email string) *http.Cookie { +func MakeCookie(r *http.Request, user string) *http.Cookie { expires := cookieExpiry() - mac := cookieSignature(r, email, fmt.Sprintf("%d", expires.Unix())) - value := fmt.Sprintf("%s|%d|%s", mac, expires.Unix(), email) + mac := cookieSignature(r, user, fmt.Sprintf("%d", expires.Unix())) + value := fmt.Sprintf("%s|%d|%s", mac, expires.Unix(), user) return &http.Cookie{ Name: config.CookieName, diff --git a/internal/auth_test.go b/internal/auth_test.go index 0f000603..931dd199 100644 --- a/internal/auth_test.go +++ b/internal/auth_test.go @@ -78,6 +78,12 @@ func TestAuthValidateUser(t *testing.T) { v = ValidateUser("test@test.com", "default") assert.True(v, "should allow user from allowed domain") + // Should block non whitelisted email address + config.Domains = []string{} + config.Whitelist = []string{"test@test.com"} + v = ValidateUser("one@two.com", "default") + assert.False(v, "should not allow user not in whitelist") + // Should allow matching whitelisted email address config.Domains = []string{} config.Whitelist = []string{"test@test.com"} @@ -91,6 +97,10 @@ func TestAuthValidateUser(t *testing.T) { config.Domains = []string{"example.com"} config.Whitelist = []string{"test@test.com"} config.MatchWhitelistOrDomain = false + v = ValidateUser("test@test.com", "default") + assert.True(v, "should allow user in whitelist") + v = ValidateUser("test@example.com", "default") + assert.False(v, "should not allow user from valid domain") v = ValidateUser("one@two.com", "default") assert.False(v, "should not allow user not in either") v = ValidateUser("test@example.com", "default") @@ -109,6 +119,8 @@ func TestAuthValidateUser(t *testing.T) { assert.True(v, "should allow user from allowed domain") v = ValidateUser("test@test.com", "default") assert.True(v, "should allow user in whitelist") + v = ValidateUser("test@example.com", "default") + assert.True(v, "should allow user from valid domain") // Rule testing @@ -138,6 +150,10 @@ func TestAuthValidateUser(t *testing.T) { v = ValidateUser("test@testrule.com", "test") assert.True(v, "should allow user from allowed domain") + // Should allow comma separated email + config.Whitelist = []string{"test@test.com", "test2@test2.com"} + v = ValidateUser("test2@test2.com", "default") + // Should allow matching whitelist in rule config.Domains = []string{} config.Whitelist = []string{"test@testglobal.com"}