technofab/jwt-authorizer
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/jwt-authorizer.git synced 2025-12-11 23:50:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

test: jwks store unavailable should be error 500

Browse source 
- refactor
This commit is contained in:
cduvray 2023-01-15 15:56:29 +01:00
parent 89006df2af
commit 4c696471de
1 changed files with 33 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

51
jwt-authorizer/src/tests.rs
View file

@ -4,7 +4,7 @@ mod tests {
use axum::{ use axum::{
body::Body, body::Body,
http::{Request, StatusCode}, http::{Request, StatusCode},
routing::get, Router, routing::get, Router, response::Response,
}; };
use serde::Deserialize; use serde::Deserialize;
use tower::ServiceExt; use tower::ServiceExt;
@ -16,10 +16,7 @@ mod tests {
sub: String, sub: String,
} }
fn app() -> Router { fn app(jwt_auth: JwtAuthorizer<User>) -> Router {
let jwt_auth: JwtAuthorizer<User> = JwtAuthorizer::new()
.from_rsa_pem("../config/jwtRS256.key.pub");
Router::new() Router::new()
.route("/public", get(|| async { "hello" })) .route("/public", get(|| async { "hello" }))
@ -32,10 +29,20 @@ mod tests {
) )
} }
async fn make_proteced_request(jwt_auth: JwtAuthorizer<User>, bearer: &str) -> Response {
app(jwt_auth)
.oneshot(Request::builder().uri("/protected").header("Authorization", bearer).body(Body::empty()).unwrap())
.await
.unwrap()
}
#[tokio::test] #[tokio::test]
async fn protected_without_jwt() { async fn protected_without_jwt() {
let response = app() let jwt_auth: JwtAuthorizer<User> = JwtAuthorizer::new()
.from_rsa_pem("../config/jwtRS256.key.pub");
let response = app(jwt_auth)
.oneshot(Request::builder().uri("/protected").body(Body::empty()).unwrap()) .oneshot(Request::builder().uri("/protected").body(Body::empty()).unwrap())
.await .await
.unwrap(); .unwrap();
@ -47,12 +54,10 @@ mod tests {
#[tokio::test] #[tokio::test]
async fn protected_with_jwt() { async fn protected_with_jwt() {
let response = app() let response = make_proteced_request(
.oneshot( JwtAuthorizer::new().from_rsa_pem("../config/jwtRS256.key.pub"),
Request::builder().uri("/protected").header("Authorization", JWT_RSA_OK).body(Body::empty()).unwrap() JWT_RSA_OK
) ).await;
.await
.unwrap();
assert_eq!(response.status(), StatusCode::OK); assert_eq!(response.status(), StatusCode::OK);
@ -63,15 +68,25 @@ mod tests {
#[tokio::test] #[tokio::test]
async fn protected_with_bad_jwt() { async fn protected_with_bad_jwt() {
let response = app() let response = make_proteced_request(
.oneshot( JwtAuthorizer::new().from_rsa_pem("../config/jwtRS256.key.pub"),
Request::builder().uri("/protected").header("Authorization", "xxx.xxx.xxx").body(Body::empty()).unwrap() "xxx.xxx.xxx"
) ).await;
.await
.unwrap();
assert_eq!(response.status(), StatusCode::FORBIDDEN); assert_eq!(response.status(), StatusCode::FORBIDDEN);
// TODO: check error code (https://datatracker.ietf.org/doc/html/rfc6750#section-3.1) // TODO: check error code (https://datatracker.ietf.org/doc/html/rfc6750#section-3.1)
} }
// Unreachable jwks endpoint, should build (endpoint can comme on line later ),
// but should be 500 when checking.
#[tokio::test]
async fn protected_with_bad_jwks_url() {
let response = make_proteced_request(
JwtAuthorizer::new().from_jwks_url("http://bad-url/xxx/yyy"),
JWT_RSA_OK
).await;
assert_eq!(response.status(), StatusCode::INTERNAL_SERVER_ERROR);
}
} }