Cutlery/Kyoo
1
0
Fork 0
mirror of https://github.com/zoriya/Kyoo.git synced 2025-05-31 12:14:46 -04:00
Code Issues Packages Projects Releases Wiki Activity

Fix hurl test

Browse Source
This commit is contained in:
Zoe Roux 2025-04-23 22:48:13 +02:00
parent 667249bc81
commit fb908c95ef
No known key found for this signature in database
3 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
auth/apikey.go
View File

@ -174,7 +174,7 @@ func (h *Handler) ListApiKey(c echo.Context) error {
} }
func (h *Handler) createApiJwt(apikey string) (string, error) { func (h *Handler) createApiJwt(apikey string) (string, error) {
info := strings.Split(apikey, "-") info := strings.SplitN(apikey, "-", 2)
if len(info) != 2 { if len(info) != 2 {
return "", echo.NewHTTPError(http.StatusForbidden, "Invalid api key format") return "", echo.NewHTTPError(http.StatusForbidden, "Invalid api key format")
} }

19
auth/tests/apikey.hurl
View File

@ -4,7 +4,7 @@ POST {{host}}/keys
"name": "dryflower", "name": "dryflower",
"claims": { "claims": {
"isAdmin": true, "isAdmin": true,
"permssions": ["core.read"] "permissions": ["core.read"]
} }
} }
HTTP 401 HTTP 401
@ -16,18 +16,18 @@ X-API-KEY: hurl-1234apikey
"name": "dryflower", "name": "dryflower",
"claims": { "claims": {
"isAdmin": true, "isAdmin": true,
"permssions": ["core.read"] "permissions": ["apikeys.read"]
} }
} }
HTTP 201 HTTP 201
[Captures] [Captures]
id: jsonpath "$.id"
token: jsonpath "$.token" token: jsonpath "$.token"
GET {{host}}/jwt GET {{host}}/jwt
Authorization: Bearer {{token}} X-API-KEY: {{token}}
HTTP 200 HTTP 200
[Captures] [Captures]
id: jsonpath "$.id"
jwt: jsonpath "$.token" jwt: jsonpath "$.token"
# Duplicates email # Duplicates email
@ -37,22 +37,25 @@ X-API-KEY: hurl-1234apikey
"name": "dryflower", "name": "dryflower",
"claims": { "claims": {
"isAdmin": true, "isAdmin": true,
"permssions": ["core.read"] "permissions": ["core.read"]
} }
} }
HTTP 409 HTTP 409
# List # List
GET {{host}}/keys GET {{host}}/keys
Authorization: Bearer {{token}} Authorization: Bearer {{jwt}}
HTTP 200 HTTP 200
[Asserts] [Asserts]
jsonpath "$.items[0].id" == {{id}} jsonpath "$.items[0].id" == {{id}}
jsonpath "$.items[0].name" == "dryflower" jsonpath "$.items[0].name" == "dryflower"
jsonpath "$.items[0].claims.permissions" contains "core.read" jsonpath "$.items[0].claims.permissions" contains "apikeys.read"
DELETE {{host}}/keys/{{id}} DELETE {{host}}/keys/{{id}}
Authorization: Bearer {{jwt}} Authorization: Bearer {{jwt}}
HTTP 403
DELETE {{host}}/keys/{{id}}
X-API-KEY: hurl-1234apikey
HTTP 200 HTTP 200

2
auth/utils.go
View File

@ -71,7 +71,7 @@ func CheckPermissions(c echo.Context, perms []string) error {
permissions_claims, ok := claims["permissions"] permissions_claims, ok := claims["permissions"]
if !ok { if !ok {
return echo.NewHTTPError(403, fmt.Sprintf("Missing permissions: %s.", ", ")) return echo.NewHTTPError(403, fmt.Sprintf("No permissions on this account. Needs permissions: %s.", strings.Join(perms, ", ")))
} }
permissions_int, ok := permissions_claims.([]any) permissions_int, ok := permissions_claims.([]any)
if !ok { if !ok {