mirror of
				https://github.com/caddyserver/caddy.git
				synced 2025-10-26 00:02:45 -04:00 
			
		
		
		
	I am not a lawyer, but according to the appendix of the license, these boilerplate notices should be included with every source file.
		
			
				
	
	
		
			179 lines
		
	
	
		
			5.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			179 lines
		
	
	
		
			5.0 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright 2015 Light Code Labs, LLC
 | |
| //
 | |
| // Licensed under the Apache License, Version 2.0 (the "License");
 | |
| // you may not use this file except in compliance with the License.
 | |
| // You may obtain a copy of the License at
 | |
| //
 | |
| //     http://www.apache.org/licenses/LICENSE-2.0
 | |
| //
 | |
| // Unless required by applicable law or agreed to in writing, software
 | |
| // distributed under the License is distributed on an "AS IS" BASIS,
 | |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | |
| // See the License for the specific language governing permissions and
 | |
| // limitations under the License.
 | |
| 
 | |
| package basicauth
 | |
| 
 | |
| import (
 | |
| 	"fmt"
 | |
| 	"io/ioutil"
 | |
| 	"os"
 | |
| 	"strings"
 | |
| 	"testing"
 | |
| 
 | |
| 	"github.com/mholt/caddy"
 | |
| 	"github.com/mholt/caddy/caddyhttp/httpserver"
 | |
| )
 | |
| 
 | |
| func TestSetup(t *testing.T) {
 | |
| 	c := caddy.NewTestController("http", `basicauth user pwd`)
 | |
| 	err := setup(c)
 | |
| 	if err != nil {
 | |
| 		t.Errorf("Expected no errors, but got: %v", err)
 | |
| 	}
 | |
| 	mids := httpserver.GetConfig(c).Middleware()
 | |
| 	if len(mids) == 0 {
 | |
| 		t.Fatal("Expected middleware, got 0 instead")
 | |
| 	}
 | |
| 
 | |
| 	handler := mids[0](httpserver.EmptyNext)
 | |
| 	myHandler, ok := handler.(BasicAuth)
 | |
| 	if !ok {
 | |
| 		t.Fatalf("Expected handler to be type BasicAuth, got: %#v", handler)
 | |
| 	}
 | |
| 
 | |
| 	if !httpserver.SameNext(myHandler.Next, httpserver.EmptyNext) {
 | |
| 		t.Error("'Next' field of handler was not set properly")
 | |
| 	}
 | |
| }
 | |
| 
 | |
| func TestBasicAuthParse(t *testing.T) {
 | |
| 	htpasswdPasswd := "IedFOuGmTpT8"
 | |
| 	htpasswdFile := `sha1:{SHA}dcAUljwz99qFjYR0YLTXx0RqLww=
 | |
| md5:$apr1$l42y8rex$pOA2VJ0x/0TwaFeAF9nX61`
 | |
| 
 | |
| 	var skipHtpassword bool
 | |
| 	htfh, err := ioutil.TempFile(".", "basicauth-")
 | |
| 	if err != nil {
 | |
| 		t.Logf("Error creating temp file (%v), will skip htpassword test", err)
 | |
| 		skipHtpassword = true
 | |
| 	} else {
 | |
| 		if _, err = htfh.Write([]byte(htpasswdFile)); err != nil {
 | |
| 			t.Fatalf("write htpasswd file %q: %v", htfh.Name(), err)
 | |
| 		}
 | |
| 		htfh.Close()
 | |
| 		defer os.Remove(htfh.Name())
 | |
| 	}
 | |
| 
 | |
| 	tests := []struct {
 | |
| 		input     string
 | |
| 		shouldErr bool
 | |
| 		password  string
 | |
| 		expected  []Rule
 | |
| 	}{
 | |
| 		{`basicauth user pwd`, false, "pwd", []Rule{
 | |
| 			{Username: "user"},
 | |
| 		}},
 | |
| 		{`basicauth user pwd {
 | |
| 		}`, false, "pwd", []Rule{
 | |
| 			{Username: "user"},
 | |
| 		}},
 | |
| 		{`basicauth /resource1 user pwd {
 | |
| 		}`, false, "pwd", []Rule{
 | |
| 			{Username: "user", Resources: []string{"/resource1"}},
 | |
| 		}},
 | |
| 		{`basicauth /resource1 user pwd {
 | |
| 			realm Resources
 | |
| 		}`, false, "pwd", []Rule{
 | |
| 			{Username: "user", Resources: []string{"/resource1"}, Realm: "Resources"},
 | |
| 		}},
 | |
| 		{`basicauth user pwd {
 | |
| 			/resource1
 | |
| 			/resource2
 | |
| 		}`, false, "pwd", []Rule{
 | |
| 			{Username: "user", Resources: []string{"/resource1", "/resource2"}},
 | |
| 		}},
 | |
| 		{`basicauth user pwd {
 | |
| 			/resource1
 | |
| 			/resource2
 | |
| 			realm "Secure resources"
 | |
| 		}`, false, "pwd", []Rule{
 | |
| 			{Username: "user", Resources: []string{"/resource1", "/resource2"}, Realm: "Secure resources"},
 | |
| 		}},
 | |
| 		{`basicauth user pwd {
 | |
| 			/resource1
 | |
| 			realm "Secure resources"
 | |
| 			realm Extra
 | |
| 			/resource2
 | |
| 		}`, true, "pwd", []Rule{}},
 | |
| 		{`basicauth user pwd {
 | |
| 			/resource1
 | |
| 			foo "Resources"
 | |
| 			/resource2
 | |
| 		}`, true, "pwd", []Rule{}},
 | |
| 		{`basicauth /resource user pwd`, false, "pwd", []Rule{
 | |
| 			{Username: "user", Resources: []string{"/resource"}},
 | |
| 		}},
 | |
| 		{`basicauth /res1 user1 pwd1
 | |
| 		  basicauth /res2 user2 pwd2`, false, "pwd", []Rule{
 | |
| 			{Username: "user1", Resources: []string{"/res1"}},
 | |
| 			{Username: "user2", Resources: []string{"/res2"}},
 | |
| 		}},
 | |
| 		{`basicauth user`, true, "", []Rule{}},
 | |
| 		{`basicauth`, true, "", []Rule{}},
 | |
| 		{`basicauth /resource user pwd asdf`, true, "", []Rule{}},
 | |
| 
 | |
| 		{`basicauth sha1 htpasswd=` + htfh.Name(), false, htpasswdPasswd, []Rule{
 | |
| 			{Username: "sha1"},
 | |
| 		}},
 | |
| 	}
 | |
| 
 | |
| 	for i, test := range tests {
 | |
| 		actual, err := basicAuthParse(caddy.NewTestController("http", test.input))
 | |
| 
 | |
| 		if err == nil && test.shouldErr {
 | |
| 			t.Errorf("Test %d didn't error, but it should have", i)
 | |
| 		} else if err != nil && !test.shouldErr {
 | |
| 			t.Errorf("Test %d errored, but it shouldn't have; got '%v'", i, err)
 | |
| 		}
 | |
| 
 | |
| 		if len(actual) != len(test.expected) {
 | |
| 			t.Fatalf("Test %d expected %d rules, but got %d",
 | |
| 				i, len(test.expected), len(actual))
 | |
| 		}
 | |
| 
 | |
| 		for j, expectedRule := range test.expected {
 | |
| 			actualRule := actual[j]
 | |
| 
 | |
| 			if actualRule.Username != expectedRule.Username {
 | |
| 				t.Errorf("Test %d, rule %d: Expected username '%s', got '%s'",
 | |
| 					i, j, expectedRule.Username, actualRule.Username)
 | |
| 			}
 | |
| 
 | |
| 			if actualRule.Realm != expectedRule.Realm {
 | |
| 				t.Errorf("Test %d, rule %d: Expected realm '%s', got '%s'",
 | |
| 					i, j, expectedRule.Realm, actualRule.Realm)
 | |
| 			}
 | |
| 
 | |
| 			if strings.Contains(test.input, "htpasswd=") && skipHtpassword {
 | |
| 				continue
 | |
| 			}
 | |
| 			pwd := test.password
 | |
| 			if len(actual) > 1 {
 | |
| 				pwd = fmt.Sprintf("%s%d", pwd, j+1)
 | |
| 			}
 | |
| 			if !actualRule.Password(pwd) || actualRule.Password(test.password+"!") {
 | |
| 				t.Errorf("Test %d, rule %d: Expected password '%v', got '%v'",
 | |
| 					i, j, test.password, actualRule.Password(""))
 | |
| 			}
 | |
| 
 | |
| 			expectedRes := fmt.Sprintf("%v", expectedRule.Resources)
 | |
| 			actualRes := fmt.Sprintf("%v", actualRule.Resources)
 | |
| 			if actualRes != expectedRes {
 | |
| 				t.Errorf("Test %d, rule %d: Expected resource list %s, but got %s",
 | |
| 					i, j, expectedRes, actualRes)
 | |
| 			}
 | |
| 		}
 | |
| 	}
 | |
| }
 |