From a58b367c90090ea04a1367f41ba230e65b1cc8b9 Mon Sep 17 00:00:00 2001 From: cduvray Date: Mon, 6 Feb 2023 23:02:21 +0100 Subject: [PATCH] fix: tests --- jwt-authorizer/{src => tests}/tests.rs | 100 +++++++++++++------------ 1 file changed, 51 insertions(+), 49 deletions(-) rename jwt-authorizer/{src => tests}/tests.rs (62%) diff --git a/jwt-authorizer/src/tests.rs b/jwt-authorizer/tests/tests.rs similarity index 62% rename from jwt-authorizer/src/tests.rs rename to jwt-authorizer/tests/tests.rs index b980765..dbbf61a 100644 --- a/jwt-authorizer/src/tests.rs +++ b/jwt-authorizer/tests/tests.rs @@ -1,12 +1,14 @@ #[cfg(test)] mod tests { - use crate::{JwtClaims, JwtAuthorizer}; use axum::{ body::Body, http::{Request, StatusCode}, - routing::get, Router, response::Response, + response::Response, + routing::get, + Router, }; use http::{header, HeaderValue}; + use jwt_authorizer::{JwtAuthorizer, JwtClaims}; use serde::Deserialize; use tower::ServiceExt; @@ -17,49 +19,51 @@ mod tests { sub: String, } - fn app(jwt_auth: JwtAuthorizer) -> Router { - - Router::new() - .route("/public", get(|| async { "hello" })) - .route( - "/protected", - get(|JwtClaims(user): JwtClaims| async move { - format!("hello: {}", user.sub) - }) - .layer(jwt_auth.layer().unwrap()), - ) + async fn app(jwt_auth: JwtAuthorizer) -> Router { + Router::new().route("/public", get(|| async { "hello" })).route( + "/protected", + get(|JwtClaims(user): JwtClaims| async move { format!("hello: {}", user.sub) }) + .layer(jwt_auth.layer().await.unwrap()), + ) } async fn make_proteced_request(jwt_auth: JwtAuthorizer, bearer: &str) -> Response { app(jwt_auth) - .oneshot(Request::builder().uri("/protected").header("Authorization", bearer).body(Body::empty()).unwrap()) + .await + .oneshot( + Request::builder() + .uri("/protected") + .header("Authorization", bearer) + .body(Body::empty()) + .unwrap(), + ) .await .unwrap() } #[tokio::test] async fn protected_without_jwt() { - let jwt_auth: JwtAuthorizer = JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub"); let response = app(jwt_auth) + .await .oneshot(Request::builder().uri("/protected").body(Body::empty()).unwrap()) .await .unwrap(); assert_eq!(response.status(), StatusCode::UNAUTHORIZED); - - assert!(response.headers().get(header::WWW_AUTHENTICATE).is_some(), "Must have a WWW-Authenticate header!"); - assert_eq!(response.headers().get(header::WWW_AUTHENTICATE).unwrap(), &"Bearer"); // TODO: realm="example" + + assert!( + response.headers().get(header::WWW_AUTHENTICATE).is_some(), + "Must have a WWW-Authenticate header!" + ); + assert_eq!(response.headers().get(header::WWW_AUTHENTICATE).unwrap(), &"Bearer"); + // TODO: realm="example" } #[tokio::test] async fn protected_with_jwt() { - - let response = make_proteced_request( - JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub"), - JWT_RSA_OK - ).await; + let response = make_proteced_request(JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub"), JWT_RSA_OK).await; assert_eq!(response.status(), StatusCode::OK); @@ -69,11 +73,7 @@ mod tests { #[tokio::test] async fn protected_with_bad_jwt() { - - let response = make_proteced_request( - JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub"), - "xxx.xxx.xxx" - ).await; + let response = make_proteced_request(JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub"), "xxx.xxx.xxx").await; assert_eq!(response.status(), StatusCode::UNAUTHORIZED); // TODO: check error code (https://datatracker.ietf.org/doc/html/rfc6750#section-3.1) @@ -81,49 +81,51 @@ mod tests { #[tokio::test] async fn protected_with_claims_check() { - let rsp_ok = make_proteced_request( - JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub").with_check(|_|true), - JWT_RSA_OK - ).await; + JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub").check(|_| true), + JWT_RSA_OK, + ) + .await; assert_eq!(rsp_ok.status(), StatusCode::OK); let rsp_ko = make_proteced_request( - JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub").with_check(|_|false), - JWT_RSA_OK - ).await; + JwtAuthorizer::from_rsa_pem("../config/jwtRS256.key.pub").check(|_| false), + JWT_RSA_OK, + ) + .await; assert_eq!(rsp_ko.status(), StatusCode::FORBIDDEN); let h = rsp_ko.headers().get(http::header::WWW_AUTHENTICATE); assert!(h.is_some(), "WWW-AUTHENTICATE header missing!"); - assert_eq!(h.unwrap(), HeaderValue::from_static("Bearer error=\"insufficient_scope\""), "Bad WWW-AUTHENTICATE header!"); + assert_eq!( + h.unwrap(), + HeaderValue::from_static("Bearer error=\"insufficient_scope\""), + "Bad WWW-AUTHENTICATE header!" + ); } // Unreachable jwks endpoint, should build (endpoint can comme on line later ), // but should be 500 when checking. #[tokio::test] async fn protected_with_bad_jwks_url() { - - let response = make_proteced_request( - JwtAuthorizer::from_jwks_url("http://bad-url/xxx/yyy"), - JWT_RSA_OK - ).await; + let response = make_proteced_request(JwtAuthorizer::from_jwks_url("http://bad-url/xxx/yyy"), JWT_RSA_OK).await; assert_eq!(response.status(), StatusCode::INTERNAL_SERVER_ERROR); } #[tokio::test] async fn extract_from_public_500() { - let app = Router::new().route("/public", - get(|JwtClaims(user): JwtClaims| async move { - format!("hello: {}", user.sub) - })); - let response = app.oneshot(Request::builder().uri("/public").body(Body::empty()).unwrap()) - .await - .unwrap(); + let app = Router::new().route( + "/public", + get(|JwtClaims(user): JwtClaims| async move { format!("hello: {}", user.sub) }), + ); + let response = app + .oneshot(Request::builder().uri("/public").body(Body::empty()).unwrap()) + .await + .unwrap(); assert_eq!(response.status(), StatusCode::INTERNAL_SERVER_ERROR); } -} \ No newline at end of file +}