From 1262d254736229618582f0963c9c30c4e66efb98 Mon Sep 17 00:00:00 2001 From: Christopher Speller Date: Wed, 31 Jan 2018 09:49:15 -0800 Subject: User based rate limiting (#8152) --- app/authentication_test.go | 52 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 app/authentication_test.go (limited to 'app/authentication_test.go') diff --git a/app/authentication_test.go b/app/authentication_test.go new file mode 100644 index 000000000..f3014b1b8 --- /dev/null +++ b/app/authentication_test.go @@ -0,0 +1,52 @@ +// Copyright (c) 2017-present Mattermost, Inc. All Rights Reserved. +// See License.txt for license information. + +package app + +import ( + "net/http" + "net/http/httptest" + "strconv" + "testing" + + "github.com/mattermost/mattermost-server/model" + "github.com/stretchr/testify/require" +) + +func TestParseAuthTokenFromRequest(t *testing.T) { + cases := []struct { + header string + cookie string + query string + expectedToken string + expectedLocation TokenLocation + }{ + {"", "", "", "", TokenLocationNotFound}, + {"token mytoken", "", "", "mytoken", TokenLocationHeader}, + {"BEARER mytoken", "", "", "mytoken", TokenLocationHeader}, + {"", "mytoken", "", "mytoken", TokenLocationCookie}, + {"", "", "mytoken", "mytoken", TokenLocationQueryString}, + } + + for testnum, tc := range cases { + pathname := "/test/here" + if tc.query != "" { + pathname += "?access_token=" + tc.query + } + req := httptest.NewRequest("GET", pathname, nil) + if tc.header != "" { + req.Header.Add(model.HEADER_AUTH, tc.header) + } + if tc.cookie != "" { + req.AddCookie(&http.Cookie{ + Name: model.SESSION_COOKIE_TOKEN, + Value: tc.cookie, + }) + } + + token, location := ParseAuthTokenFromRequest(req) + + require.Equal(t, tc.expectedToken, token, "Wrong token on test "+strconv.Itoa(testnum)) + require.Equal(t, tc.expectedLocation, location, "Wrong location on test "+strconv.Itoa(testnum)) + } +} -- cgit v1.2.3-1-g7c22