| 
									
										
										
										
											2020-07-08 13:56:37 +02:00
										 |  |  | package authz | 
					
						
							| 
									
										
										
										
											2020-03-23 07:01:59 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"context" | 
					
						
							|  |  |  | 	"testing" | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-04-27 01:01:45 +02:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/errors" | 
					
						
							| 
									
										
										
										
											2020-03-23 07:01:59 +01:00
										 |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-10-25 17:10:45 +02:00
										 |  |  | func Test_extractBearerToken(t *testing.T) { | 
					
						
							| 
									
										
										
										
											2020-03-23 07:01:59 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	type args struct { | 
					
						
							|  |  |  | 		ctx      context.Context | 
					
						
							|  |  |  | 		token    string | 
					
						
							| 
									
										
										
										
											2023-10-25 17:10:45 +02:00
										 |  |  | 		verifier AccessTokenVerifier | 
					
						
							| 
									
										
										
										
											2020-03-23 07:01:59 +01:00
										 |  |  | 	} | 
					
						
							|  |  |  | 	tests := []struct { | 
					
						
							|  |  |  | 		name    string | 
					
						
							|  |  |  | 		args    args | 
					
						
							|  |  |  | 		wantErr bool | 
					
						
							|  |  |  | 	}{ | 
					
						
							|  |  |  | 		{ | 
					
						
							|  |  |  | 			name: "no auth header set", | 
					
						
							|  |  |  | 			args: args{ | 
					
						
							|  |  |  | 				ctx:   context.Background(), | 
					
						
							|  |  |  | 				token: "", | 
					
						
							|  |  |  | 			}, | 
					
						
							|  |  |  | 			wantErr: true, | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 		{ | 
					
						
							|  |  |  | 			name: "wrong auth header set", | 
					
						
							|  |  |  | 			args: args{ | 
					
						
							|  |  |  | 				ctx:   context.Background(), | 
					
						
							|  |  |  | 				token: "Basic sds", | 
					
						
							|  |  |  | 			}, | 
					
						
							|  |  |  | 			wantErr: true, | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 		{ | 
					
						
							|  |  |  | 			name: "auth header set", | 
					
						
							|  |  |  | 			args: args{ | 
					
						
							|  |  |  | 				ctx:   context.Background(), | 
					
						
							|  |  |  | 				token: "Bearer AUTH", | 
					
						
							| 
									
										
										
										
											2023-10-25 17:10:45 +02:00
										 |  |  | 				verifier: AccessTokenVerifierFunc(func(context.Context, string) (string, string, string, string, string, error) { | 
					
						
							|  |  |  | 					return "", "", "", "", "", nil | 
					
						
							|  |  |  | 				}), | 
					
						
							| 
									
										
										
										
											2020-03-23 07:01:59 +01:00
										 |  |  | 			}, | 
					
						
							|  |  |  | 			wantErr: false, | 
					
						
							|  |  |  | 		}, | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	for _, tt := range tests { | 
					
						
							|  |  |  | 		t.Run(tt.name, func(t *testing.T) { | 
					
						
							| 
									
										
										
										
											2023-10-25 17:10:45 +02:00
										 |  |  | 			_, err := extractBearerToken(tt.args.token) | 
					
						
							| 
									
										
										
										
											2020-03-23 07:01:59 +01:00
										 |  |  | 			if tt.wantErr && err == nil { | 
					
						
							|  |  |  | 				t.Errorf("got wrong result, should get err: actual: %v ", err) | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			if !tt.wantErr && err != nil { | 
					
						
							|  |  |  | 				t.Errorf("got wrong result, should not get err: actual: %v ", err) | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 			if tt.wantErr && !errors.IsUnauthenticated(err) { | 
					
						
							|  |  |  | 				t.Errorf("got wrong err: %v ", err) | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 		}) | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | } |