(t *testing.T)
| 46 | } |
| 47 | |
| 48 | func TestAPIKey(t *testing.T) { |
| 49 | t.Parallel() |
| 50 | |
| 51 | // assertActorOk asserts all the properties of the user auth are ok. |
| 52 | assertActorOk := func(t *testing.T, r *http.Request) { |
| 53 | t.Helper() |
| 54 | |
| 55 | actor, ok := dbauthz.ActorFromContext(r.Context()) |
| 56 | assert.True(t, ok, "dbauthz actor ok") |
| 57 | if ok { |
| 58 | _, err := actor.Roles.Expand() |
| 59 | assert.NoError(t, err, "actor roles ok") |
| 60 | |
| 61 | _, err = actor.Scope.Expand() |
| 62 | assert.NoError(t, err, "actor scope ok") |
| 63 | |
| 64 | err = actor.RegoValueOk() |
| 65 | assert.NoError(t, err, "actor rego ok") |
| 66 | } |
| 67 | |
| 68 | auth, ok := httpmw.UserAuthorizationOptional(r.Context()) |
| 69 | assert.True(t, ok, "httpmw auth ok") |
| 70 | if ok { |
| 71 | _, err := auth.Roles.Expand() |
| 72 | assert.NoError(t, err, "auth roles ok") |
| 73 | |
| 74 | _, err = auth.Scope.Expand() |
| 75 | assert.NoError(t, err, "auth scope ok") |
| 76 | |
| 77 | err = auth.RegoValueOk() |
| 78 | assert.NoError(t, err, "auth rego ok") |
| 79 | } |
| 80 | } |
| 81 | |
| 82 | successHandler := http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { |
| 83 | // Only called if the API key passes through the handler. |
| 84 | httpapi.Write(context.Background(), rw, http.StatusOK, codersdk.Response{ |
| 85 | Message: "It worked!", |
| 86 | }) |
| 87 | }) |
| 88 | |
| 89 | t.Run("NoCookie", func(t *testing.T) { |
| 90 | t.Parallel() |
| 91 | var ( |
| 92 | db, _ = dbtestutil.NewDB(t) |
| 93 | r = httptest.NewRequest("GET", "/", nil) |
| 94 | rw = httptest.NewRecorder() |
| 95 | ) |
| 96 | httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{ |
| 97 | DB: db, |
| 98 | RedirectToLogin: false, |
| 99 | })(successHandler).ServeHTTP(rw, r) |
| 100 | res := rw.Result() |
| 101 | defer res.Body.Close() |
| 102 | require.Equal(t, http.StatusUnauthorized, res.StatusCode) |
| 103 | }) |
| 104 | |
| 105 | t.Run("NoCookieRedirects", func(t *testing.T) { |
nothing calls this directly
no test coverage detected