MCPcopy Index your code
hub / github.com/coder/coder / TestAPIKey

Function TestAPIKey

coderd/httpmw/apikey_test.go:48–1133  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

46}
47
48func TestAPIKey(t *testing.T) {
49 t.Parallel()
50
51 // assertActorOk asserts all the properties of the user auth are ok.
52 assertActorOk := func(t *testing.T, r *http.Request) {
53 t.Helper()
54
55 actor, ok := dbauthz.ActorFromContext(r.Context())
56 assert.True(t, ok, "dbauthz actor ok")
57 if ok {
58 _, err := actor.Roles.Expand()
59 assert.NoError(t, err, "actor roles ok")
60
61 _, err = actor.Scope.Expand()
62 assert.NoError(t, err, "actor scope ok")
63
64 err = actor.RegoValueOk()
65 assert.NoError(t, err, "actor rego ok")
66 }
67
68 auth, ok := httpmw.UserAuthorizationOptional(r.Context())
69 assert.True(t, ok, "httpmw auth ok")
70 if ok {
71 _, err := auth.Roles.Expand()
72 assert.NoError(t, err, "auth roles ok")
73
74 _, err = auth.Scope.Expand()
75 assert.NoError(t, err, "auth scope ok")
76
77 err = auth.RegoValueOk()
78 assert.NoError(t, err, "auth rego ok")
79 }
80 }
81
82 successHandler := http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
83 // Only called if the API key passes through the handler.
84 httpapi.Write(context.Background(), rw, http.StatusOK, codersdk.Response{
85 Message: "It worked!",
86 })
87 })
88
89 t.Run("NoCookie", func(t *testing.T) {
90 t.Parallel()
91 var (
92 db, _ = dbtestutil.NewDB(t)
93 r = httptest.NewRequest("GET", "/", nil)
94 rw = httptest.NewRecorder()
95 )
96 httpmw.ExtractAPIKeyMW(httpmw.ExtractAPIKeyConfig{
97 DB: db,
98 RedirectToLogin: false,
99 })(successHandler).ServeHTTP(rw, r)
100 res := rw.Result()
101 defer res.Body.Close()
102 require.Equal(t, http.StatusUnauthorized, res.StatusCode)
103 })
104
105 t.Run("NoCookieRedirects", func(t *testing.T) {

Callers

nothing calls this directly

Calls 15

EXPECTMethod · 0.95
GetAPIKeyByIDMethod · 0.95
InsertUserLinkMethod · 0.95
ActorFromContextFunction · 0.92
WriteFunction · 0.92
NewDBFunction · 0.92
ExtractAPIKeyMWFunction · 0.92
NewMockStoreFunction · 0.92
UserFunction · 0.92
APIKeyFunction · 0.92

Tested by

no test coverage detected