(t *testing.T)
| 19 | ) |
| 20 | |
| 21 | func TestRequireAPIKeyOrWorkspaceProxyAuth(t *testing.T) { |
| 22 | t.Parallel() |
| 23 | |
| 24 | t.Run("None", func(t *testing.T) { |
| 25 | t.Parallel() |
| 26 | |
| 27 | r := httptest.NewRequest(http.MethodGet, "/", nil) |
| 28 | rw := httptest.NewRecorder() |
| 29 | |
| 30 | httpmw.RequireAPIKeyOrWorkspaceProxyAuth()(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 31 | t.Error("should not have been called") |
| 32 | })).ServeHTTP(rw, r) |
| 33 | |
| 34 | require.Equal(t, http.StatusUnauthorized, rw.Code) |
| 35 | }) |
| 36 | |
| 37 | t.Run("APIKey", func(t *testing.T) { |
| 38 | t.Parallel() |
| 39 | |
| 40 | var ( |
| 41 | db, _ = dbtestutil.NewDB(t) |
| 42 | user = dbgen.User(t, db, database.User{}) |
| 43 | _, token = dbgen.APIKey(t, db, database.APIKey{ |
| 44 | UserID: user.ID, |
| 45 | ExpiresAt: dbtime.Now().AddDate(0, 0, 1), |
| 46 | }) |
| 47 | |
| 48 | r = httptest.NewRequest("GET", "/", nil) |
| 49 | rw = httptest.NewRecorder() |
| 50 | ) |
| 51 | r.Header.Set(codersdk.SessionTokenHeader, token) |
| 52 | |
| 53 | var called atomic.Int64 |
| 54 | httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{ |
| 55 | DB: db, |
| 56 | RedirectToLogin: false, |
| 57 | })( |
| 58 | httpmw.RequireAPIKeyOrWorkspaceProxyAuth()(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { |
| 59 | called.Add(1) |
| 60 | rw.WriteHeader(http.StatusOK) |
| 61 | }))). |
| 62 | ServeHTTP(rw, r) |
| 63 | |
| 64 | res := rw.Result() |
| 65 | defer res.Body.Close() |
| 66 | dump, err := httputil.DumpResponse(res, true) |
| 67 | require.NoError(t, err) |
| 68 | t.Log(string(dump)) |
| 69 | |
| 70 | require.Equal(t, http.StatusOK, rw.Code) |
| 71 | require.Equal(t, int64(1), called.Load()) |
| 72 | }) |
| 73 | |
| 74 | t.Run("WorkspaceProxy", func(t *testing.T) { |
| 75 | t.Parallel() |
| 76 | |
| 77 | var ( |
| 78 | db, _ = dbtestutil.NewDB(t) |
nothing calls this directly
no test coverage detected