technofab/jwt-authorizer
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/jwt-authorizer.git synced 2025-12-11 23:50:07 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

test: integration tests

Browse source
This commit is contained in:
cduvray 2023-01-14 09:07:02 +01:00
parent 8a687f0474
commit 7009f645e6
3 changed files with 83 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Cargo.lock generated
View file

@ -708,13 +708,14 @@ dependencies = [
[[package]] [[package]]
name = "jwt-authorizer" name = "jwt-authorizer"
version = "0.3.0" version = "0.3.1"
dependencies = [ dependencies = [
"axum", "axum",
"futures-core", "futures-core",
"futures-util", "futures-util",
"headers", "headers",
"http", "http",
"hyper",
"jsonwebtoken", "jsonwebtoken",
"pin-project", "pin-project",
"reqwest", "reqwest",
@ -722,6 +723,7 @@ dependencies = [
"serde_json", "serde_json",
"thiserror", "thiserror",
"tokio", "tokio",
"tower",
"tower-http", "tower-http",
"tower-layer", "tower-layer",
"tower-service", "tower-service",

5
jwt-authorizer/Cargo.toml
View file

@ -1,7 +1,7 @@
[package] [package]
name = "jwt-authorizer" name = "jwt-authorizer"
description = "jwt authorizer middleware for axum" description = "jwt authorizer middleware for axum"
version = "0.3.0" version = "0.3.1"
edition = "2021" edition = "2021"
authors = ["cduvray <c_duvray@proton.me>"] authors = ["cduvray <c_duvray@proton.me>"]
license = "MIT" license = "MIT"
@ -16,7 +16,6 @@ futures-core = "0.3.25"
headers = "0.3" headers = "0.3"
jsonwebtoken = "8.2.0" jsonwebtoken = "8.2.0"
http = "0.2.8" http = "0.2.8"
# pin-project-lite = "0.2.9"
pin-project = "1.0.12" pin-project = "1.0.12"
reqwest = { version = "0.11.13", features = ["json"] } reqwest = { version = "0.11.13", features = ["json"] }
serde = { version = "1.0", features = ["derive"] } serde = { version = "1.0", features = ["derive"] }
@ -30,4 +29,6 @@ tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["env-filter"] } tracing-subscriber = { version = "0.3", features = ["env-filter"] }
[dev-dependencies] [dev-dependencies]
hyper = { version = "0.14", features = ["full"] }
tower = { version = "0.4", features = ["util"] }
wiremock = "0.5" wiremock = "0.5"

78
jwt-authorizer/src/tests.rs
View file

@ -1 +1,77 @@
// TODO: tests #[cfg(test)]
mod tests {
use crate::{JwtClaims, JwtAuthorizer};
use axum::{
body::Body,
http::{Request, StatusCode},
routing::get, Router,
};
use serde::Deserialize;
use tower::ServiceExt;
const JWT_RSA_OK: &str = "Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImtleS1yc2EifQ.eyJzdWIiOiJiQGIuY29tIiwiZXhwIjoyMDAwMDAwMDAwfQ.K9QFjvVquRF2-Wt1QRfipOGwiYsmRs7SAwqKskHemFb9BRRZutpfV4oEoHaXMLomTUe8rH0TMjpKcweYK_H1I8D4r-mAN216oUfxCQiFWDB8T2VBI8um-efUg67i2myDZJr5VXdZH8ywj7bn9LyNS4I_xT-J3XvsngeCpuxVSRiYu4FkcUkLrPzbu2sDyBXFqYO9FOorZ8sl0Ninc93fWT2uUrEG8jRyWCa4xpoqbKbm7CN7T2tOKF7mx_xdSPTeSM-U9mUiHsMOrXi1S05IM0hvNJrBduLS6sMTFWrVhis6zqnuxDOirwZS-aN0_SgMDnZTFPsCh8dkqFde1Pv1IYjZfr5OOHjQ9QWj6UDjam6M1eWVPK6QLlxv5bU_gnlAiHm9wJX38-REwmVhIJIBzKxsgJAu1gnRBxe36OM3rkgYxpB86YvfDyOoFlqx8erdxYv38AtvJibe4HB6KLndp_QMm5XXQsbfyEXWGe8hzDwozdhGeQsJXz7PcI3KPlv19PrUM8njElFpOiyfAEXwbtp1EZTzMZ4ZNF6LLFy1fpLcosgyp05o_2YMvngltSnN3v0IPncJx50StdYsoxPN9Ac_nH8VbNlHfmPHMklD1plof0pYf5SiL8yCQP9Uiw9NrN2PeQzbveMKF1T1UNbn2tefxoxr3k6sgWiMH_g_kkk";
#[derive(Debug, Deserialize, Clone)]
struct User {
sub: String,
}
fn app() -> Router {
let jwt_auth: JwtAuthorizer<User> = JwtAuthorizer::new()
.from_rsa_pem("../config/jwtRS256.key.pub");
Router::new()
.route("/public", get(|| async { "hello" }))
.route(
"/protected",
get(|JwtClaims(user): JwtClaims<User>| async move {
format!("hello: {}", user.sub)
})
.layer(jwt_auth.layer().unwrap()),
)
}
#[tokio::test]
async fn protected_without_jwt() {
let response = app()
.oneshot(Request::builder().uri("/protected").body(Body::empty()).unwrap())
.await
.unwrap();
assert_eq!(response.status(), StatusCode::FORBIDDEN);
// TODO: check error code (https://datatracker.ietf.org/doc/html/rfc6750#section-3.1)
}
#[tokio::test]
async fn protected_with_jwt() {
let response = app()
.oneshot(
Request::builder().uri("/protected").header("Authorization", JWT_RSA_OK).body(Body::empty()).unwrap()
)
.await
.unwrap();
assert_eq!(response.status(), StatusCode::OK);
let body = hyper::body::to_bytes(response.into_body()).await.unwrap();
assert_eq!(&body[..], b"hello: b@b.com");
}
#[tokio::test]
async fn protected_with_bad_jwt() {
let response = app()
.oneshot(
Request::builder().uri("/protected").header("Authorization", "xxx.xxx.xxx").body(Body::empty()).unwrap()
)
.await
.unwrap();
assert_eq!(response.status(), StatusCode::FORBIDDEN);
// TODO: check error code (https://datatracker.ietf.org/doc/html/rfc6750#section-3.1)
}
}