mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-14 11:58:02 +00:00
e5731b0d3b
* add setup steps * refactoring * omitempty * cleanup * begin org * create org * setup org * setup org * merge * fixes * fixes * fixes * add project * add oidc application * fix app creation * add resourceOwner to writemodels * resource owner * cleanup * global org, iam project and iam member in setup * logs * logs * logs * cleanup * Update internal/v2/command/project.go Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * check project state Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
76 lines
1.5 KiB
Go
76 lines
1.5 KiB
Go
package authz
|
|
|
|
import (
|
|
"context"
|
|
"sync"
|
|
"testing"
|
|
|
|
"github.com/caos/zitadel/internal/errors"
|
|
)
|
|
|
|
func Test_VerifyAccessToken(t *testing.T) {
|
|
|
|
type args struct {
|
|
ctx context.Context
|
|
token string
|
|
verifier *TokenVerifier
|
|
method string
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "no auth header set",
|
|
args: args{
|
|
ctx: context.Background(),
|
|
token: "",
|
|
},
|
|
wantErr: true,
|
|
},
|
|
{
|
|
name: "wrong auth header set",
|
|
args: args{
|
|
ctx: context.Background(),
|
|
token: "Basic sds",
|
|
},
|
|
wantErr: true,
|
|
},
|
|
{
|
|
name: "auth header set",
|
|
args: args{
|
|
ctx: context.Background(),
|
|
token: "Bearer AUTH",
|
|
verifier: &TokenVerifier{
|
|
authZRepo: &testVerifier{grant: &Grant{}},
|
|
clients: func() sync.Map {
|
|
m := sync.Map{}
|
|
m.Store("service", &client{name: "name"})
|
|
return m
|
|
}(),
|
|
authMethods: MethodMapping{"/service/method": Option{Permission: "authenticated"}},
|
|
},
|
|
method: "/service/method",
|
|
},
|
|
wantErr: false,
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
_, _, _, _, _, err := verifyAccessToken(tt.args.ctx, tt.args.token, tt.args.verifier, tt.args.method)
|
|
if tt.wantErr && err == nil {
|
|
t.Errorf("got wrong result, should get err: actual: %v ", err)
|
|
}
|
|
|
|
if !tt.wantErr && err != nil {
|
|
t.Errorf("got wrong result, should not get err: actual: %v ", err)
|
|
}
|
|
|
|
if tt.wantErr && !errors.IsUnauthenticated(err) {
|
|
t.Errorf("got wrong err: %v ", err)
|
|
}
|
|
})
|
|
}
|
|
}
|