From 0fbdc0df84fd7df8ab7c096844a756243a5a21ca Mon Sep 17 00:00:00 2001
From: cduvray <c_duvray@proton.me>
Date: Mon, 14 Aug 2023 08:02:56 +0200
Subject: [PATCH] test: add multiple authorizer tests

---
 jwt-authorizer/tests/tests.rs | 38 ++++++++++++++++++++++++++++++++---
 1 file changed, 35 insertions(+), 3 deletions(-)

diff --git a/jwt-authorizer/tests/tests.rs b/jwt-authorizer/tests/tests.rs
index e2cf54a..0811022 100644
--- a/jwt-authorizer/tests/tests.rs
+++ b/jwt-authorizer/tests/tests.rs
@@ -23,7 +23,7 @@ mod tests {
         sub: String,
     }
 
-    async fn app(jwt_auth: JwtAuthorizer<User>) -> Router {
+    async fn app(jwt_auth: impl ToAuthorizationLayer<User>) -> Router {
         Router::new().route("/public", get(|| async { "hello" })).route(
             "/protected",
             get(|JwtClaims(user): JwtClaims<User>| async move { format!("hello: {}", user.sub) }).layer(
@@ -38,7 +38,11 @@ mod tests {
         )
     }
 
-    async fn proteced_request_with_header(jwt_auth: JwtAuthorizer<User>, header_name: &str, header_value: &str) -> Response {
+    async fn proteced_request_with_header(
+        jwt_auth: impl ToAuthorizationLayer<User>,
+        header_name: &str,
+        header_value: &str,
+    ) -> Response {
         app(jwt_auth)
             .await
             .oneshot(
@@ -52,7 +56,7 @@ mod tests {
             .unwrap()
     }
 
-    async fn make_proteced_request(jwt_auth: JwtAuthorizer<User>, bearer: &str) -> Response {
+    async fn make_proteced_request(jwt_auth: impl ToAuthorizationLayer<User>, bearer: &str) -> Response {
         proteced_request_with_header(jwt_auth, "Authorization", &format!("Bearer {bearer}")).await
     }
 
@@ -332,4 +336,32 @@ mod tests {
             &"Bearer error=\"invalid_token\""
         );
     }
+
+    // --------------------------
+    //      Multiple Authorizers
+    // --------------------------
+    #[tokio::test]
+    async fn multiple_authorizers() {
+        let auths: Vec<JwtAuthorizer<User>> = vec![
+            JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem"),
+            JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem").jwt_source(JwtSource::Cookie("ccc".to_owned())),
+        ];
+
+        // OK
+        let response =
+            proteced_request_with_header(auths, header::COOKIE.as_str(), &format!("ccc={}", common::JWT_RSA1_OK)).await;
+        assert_eq!(response.status(), StatusCode::OK);
+
+        let auths: Vec<JwtAuthorizer<User>> = vec![
+            JwtAuthorizer::from_ec_pem("../config/ecdsa-public1.pem"),
+            JwtAuthorizer::from_rsa_pem("../config/rsa-public1.pem").jwt_source(JwtSource::Cookie("ccc".to_owned())),
+        ];
+
+        // Cookie missing
+        let response =
+            proteced_request_with_header(auths, header::COOKIE.as_str(), &format!("bad_cookie={}", common::JWT_EC2_OK))
+                .await;
+        assert_eq!(response.status(), StatusCode::UNAUTHORIZED);
+        assert_eq!(response.headers().get(header::WWW_AUTHENTICATE).unwrap(), &"Bearer");
+    }
 }