mirror of
https://github.com/mainflux/mainflux.git
synced 2025-05-01 13:48:56 +08:00
530f925c4d
* remove owner id Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add users endpoint for retrieving users from group Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups from things and users Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move groups into auth Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * separate endpoints for users and things Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix problems with retrieving members Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add groups test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups from users Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups from things Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename constant Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add new errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove unnecessary constants Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix validation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * create groups db mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * adding tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * revert changes to docker related files Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups endpoints from users openapi Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups endpoints from users openapi Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move constant from postgres to groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move constant from postgres to groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move constant from postgres to groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove testing group Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * renam typ to groupType Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add error for max level Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove print Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove groups.Member interface Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix query building and add test cases Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * uncomment tests Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * move groups package Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove group type, add bulk assign and unassign Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update openapi, remove parentID from create request, reorder endpoints Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update openapi Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * update openapi for users and things Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix groups test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix linter errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename assignReq structure Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor mocks, response, remove type from endpoint Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * some refactor, renaming, errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * simplify check Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove package alias Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix naming and comment Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * additional comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add members grpc endpoint test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix retrieving members for different types Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix retrieving members for different types Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove unecessary structure Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix api grpc Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename const Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactore retrieve parents and children with common function Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * small changes for errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix compile error Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix sorting in mock Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove regexp for groups Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * revert as change is made by mistake Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * revert as change is made by mistake Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * refactor groups and keys package Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix naming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix test for timestamp compare Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix error handling Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * remove errors not being used Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * var renaming Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * minor changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix test Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * add endpoints for groups into nginx Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * reorganize endpoints, remove some errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * reorganize endpoints, remove some errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * small fix Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix linter errors Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * minor changes Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * resolve comments Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix group save path problem Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * description constant Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * rename variables Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix validation Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * get back return Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com> * fix compile Signed-off-by: Mirko Teodorovic <mirko.teodorovic@gmail.com>
290 lines
7.1 KiB
Go
290 lines
7.1 KiB
Go
// Copyright (c) Mainflux
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package keys_test
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/mainflux/mainflux/auth"
|
|
httpapi "github.com/mainflux/mainflux/auth/api/http"
|
|
"github.com/mainflux/mainflux/auth/jwt"
|
|
"github.com/mainflux/mainflux/auth/mocks"
|
|
"github.com/mainflux/mainflux/pkg/uuid"
|
|
"github.com/opentracing/opentracing-go/mocktracer"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
const (
|
|
secret = "secret"
|
|
contentType = "application/json"
|
|
id = "123e4567-e89b-12d3-a456-000000000001"
|
|
email = "user@example.com"
|
|
)
|
|
|
|
type issueRequest struct {
|
|
Duration time.Duration `json:"duration,omitempty"`
|
|
Type uint32 `json:"type,omitempty"`
|
|
}
|
|
|
|
type testRequest struct {
|
|
client *http.Client
|
|
method string
|
|
url string
|
|
contentType string
|
|
token string
|
|
body io.Reader
|
|
}
|
|
|
|
func (tr testRequest) make() (*http.Response, error) {
|
|
req, err := http.NewRequest(tr.method, tr.url, tr.body)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
if tr.token != "" {
|
|
req.Header.Set("Authorization", tr.token)
|
|
}
|
|
if tr.contentType != "" {
|
|
req.Header.Set("Content-Type", tr.contentType)
|
|
}
|
|
|
|
req.Header.Set("Referer", "http://localhost")
|
|
return tr.client.Do(req)
|
|
}
|
|
|
|
func newService() auth.Service {
|
|
repo := mocks.NewKeyRepository()
|
|
groupRepo := mocks.NewGroupRepository()
|
|
idProvider := uuid.NewMock()
|
|
t := jwt.New(secret)
|
|
return auth.New(repo, groupRepo, idProvider, t)
|
|
}
|
|
|
|
func newServer(svc auth.Service) *httptest.Server {
|
|
mux := httpapi.MakeHandler(svc, mocktracer.New())
|
|
return httptest.NewServer(mux)
|
|
}
|
|
|
|
func toJSON(data interface{}) string {
|
|
jsonData, _ := json.Marshal(data)
|
|
return string(jsonData)
|
|
}
|
|
|
|
func TestIssue(t *testing.T) {
|
|
svc := newService()
|
|
_, loginSecret, err := svc.Issue(context.Background(), "", auth.Key{Type: auth.UserKey, IssuedAt: time.Now(), IssuerID: id, Subject: email})
|
|
assert.Nil(t, err, fmt.Sprintf("Issuing user key expected to succeed: %s", err))
|
|
|
|
ts := newServer(svc)
|
|
defer ts.Close()
|
|
client := ts.Client()
|
|
|
|
uk := issueRequest{Type: auth.UserKey}
|
|
ak := issueRequest{Type: auth.APIKey, Duration: time.Hour}
|
|
rk := issueRequest{Type: auth.RecoveryKey}
|
|
|
|
cases := []struct {
|
|
desc string
|
|
req string
|
|
ct string
|
|
token string
|
|
status int
|
|
}{
|
|
{
|
|
desc: "issue user key",
|
|
req: toJSON(uk),
|
|
ct: contentType,
|
|
token: "",
|
|
status: http.StatusCreated,
|
|
},
|
|
{
|
|
desc: "issue API key",
|
|
req: toJSON(ak),
|
|
ct: contentType,
|
|
token: loginSecret,
|
|
status: http.StatusCreated,
|
|
},
|
|
{
|
|
desc: "issue recovery key",
|
|
req: toJSON(rk),
|
|
ct: contentType,
|
|
token: loginSecret,
|
|
status: http.StatusBadRequest,
|
|
},
|
|
{
|
|
desc: "issue user key wrong content type",
|
|
req: toJSON(uk),
|
|
ct: "",
|
|
token: loginSecret,
|
|
status: http.StatusUnsupportedMediaType,
|
|
},
|
|
{
|
|
desc: "issue recovery key wrong content type",
|
|
req: toJSON(rk),
|
|
ct: "",
|
|
token: loginSecret,
|
|
status: http.StatusUnsupportedMediaType,
|
|
},
|
|
{
|
|
desc: "issue key unauthorized",
|
|
req: toJSON(ak),
|
|
ct: contentType,
|
|
token: "wrong",
|
|
status: http.StatusForbidden,
|
|
},
|
|
{
|
|
desc: "issue recovery key with empty token",
|
|
req: toJSON(rk),
|
|
ct: contentType,
|
|
token: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
{
|
|
desc: "issue key with invalid request",
|
|
req: "{",
|
|
ct: contentType,
|
|
token: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
{
|
|
desc: "issue key with invalid JSON",
|
|
req: "{invalid}",
|
|
ct: contentType,
|
|
token: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
{
|
|
desc: "issue key with invalid JSON content",
|
|
req: `{"Type":{"key":"value"}}`,
|
|
ct: contentType,
|
|
token: "",
|
|
status: http.StatusBadRequest,
|
|
},
|
|
}
|
|
|
|
for _, tc := range cases {
|
|
req := testRequest{
|
|
client: client,
|
|
method: http.MethodPost,
|
|
url: fmt.Sprintf("%s/keys", ts.URL),
|
|
contentType: tc.ct,
|
|
token: tc.token,
|
|
body: strings.NewReader(tc.req),
|
|
}
|
|
res, err := req.make()
|
|
assert.Nil(t, err, fmt.Sprintf("%s: unexpected error %s", tc.desc, err))
|
|
assert.Equal(t, tc.status, res.StatusCode, fmt.Sprintf("%s: expected status code %d got %d", tc.desc, tc.status, res.StatusCode))
|
|
}
|
|
}
|
|
|
|
func TestRetrieve(t *testing.T) {
|
|
svc := newService()
|
|
_, loginSecret, err := svc.Issue(context.Background(), "", auth.Key{Type: auth.UserKey, IssuedAt: time.Now(), IssuerID: id, Subject: email})
|
|
assert.Nil(t, err, fmt.Sprintf("Issuing login key expected to succeed: %s", err))
|
|
key := auth.Key{Type: auth.APIKey, IssuedAt: time.Now(), IssuerID: id, Subject: email}
|
|
|
|
k, _, err := svc.Issue(context.Background(), loginSecret, key)
|
|
assert.Nil(t, err, fmt.Sprintf("Issuing login key expected to succeed: %s", err))
|
|
|
|
ts := newServer(svc)
|
|
defer ts.Close()
|
|
client := ts.Client()
|
|
|
|
cases := []struct {
|
|
desc string
|
|
id string
|
|
token string
|
|
status int
|
|
}{
|
|
{
|
|
desc: "retrieve an existing key",
|
|
id: k.ID,
|
|
token: loginSecret,
|
|
status: http.StatusOK,
|
|
},
|
|
{
|
|
desc: "retrieve a non-existing key",
|
|
id: "non-existing",
|
|
token: loginSecret,
|
|
status: http.StatusNotFound,
|
|
},
|
|
{
|
|
desc: "retrieve a key unauthorized",
|
|
id: k.ID,
|
|
token: "wrong",
|
|
status: http.StatusForbidden,
|
|
},
|
|
}
|
|
|
|
for _, tc := range cases {
|
|
req := testRequest{
|
|
client: client,
|
|
method: http.MethodGet,
|
|
url: fmt.Sprintf("%s/keys/%s", ts.URL, tc.id),
|
|
token: tc.token,
|
|
}
|
|
res, err := req.make()
|
|
assert.Nil(t, err, fmt.Sprintf("%s: unexpected error %s", tc.desc, err))
|
|
assert.Equal(t, tc.status, res.StatusCode, fmt.Sprintf("%s: expected status code %d got %d", tc.desc, tc.status, res.StatusCode))
|
|
}
|
|
}
|
|
|
|
func TestRevoke(t *testing.T) {
|
|
svc := newService()
|
|
_, loginSecret, err := svc.Issue(context.Background(), "", auth.Key{Type: auth.UserKey, IssuedAt: time.Now(), IssuerID: id, Subject: email})
|
|
assert.Nil(t, err, fmt.Sprintf("Issuing user key expected to succeed: %s", err))
|
|
key := auth.Key{Type: auth.APIKey, IssuedAt: time.Now(), IssuerID: id, Subject: email}
|
|
|
|
k, _, err := svc.Issue(context.Background(), loginSecret, key)
|
|
assert.Nil(t, err, fmt.Sprintf("Issuing user key expected to succeed: %s", err))
|
|
|
|
ts := newServer(svc)
|
|
defer ts.Close()
|
|
client := ts.Client()
|
|
|
|
cases := []struct {
|
|
desc string
|
|
id string
|
|
token string
|
|
status int
|
|
}{
|
|
{
|
|
desc: "revoke an existing key",
|
|
id: k.ID,
|
|
token: loginSecret,
|
|
status: http.StatusNoContent,
|
|
},
|
|
{
|
|
desc: "revoke a non-existing key",
|
|
id: "non-existing",
|
|
token: loginSecret,
|
|
status: http.StatusNoContent,
|
|
},
|
|
{
|
|
desc: "revoke a key unauthorized",
|
|
id: k.ID,
|
|
token: "wrong",
|
|
status: http.StatusForbidden},
|
|
}
|
|
|
|
for _, tc := range cases {
|
|
req := testRequest{
|
|
client: client,
|
|
method: http.MethodDelete,
|
|
url: fmt.Sprintf("%s/keys/%s", ts.URL, tc.id),
|
|
token: tc.token,
|
|
}
|
|
res, err := req.make()
|
|
assert.Nil(t, err, fmt.Sprintf("%s: unexpected error %s", tc.desc, err))
|
|
assert.Equal(t, tc.status, res.StatusCode, fmt.Sprintf("%s: expected status code %d got %d", tc.desc, tc.status, res.StatusCode))
|
|
}
|
|
}
|