mc/mcr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
Files
d5580f01f29852240c3cc9f92d61e3ed405f4bfe
mcr/internal/server/token_test.go
Kyle Isom d5580f01f2 Migrate module path from kyle/ to mc/ org 
All import paths updated to git.wntrmute.dev/mc/. Bumps mcdsl to v1.2.0.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-27 02:05:59 -07:00

99 lines
2.5 KiB
Go
Raw Blame History

package server
import (
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
"git.wntrmute.dev/mc/mcr/internal/auth"
)
type fakeLoginClient struct {
token string
expiresIn int
err error
}
func (f *fakeLoginClient) Login(_, _ string) (string, int, error) {
return f.token, f.expiresIn, f.err
}
func TestTokenHandlerSuccess(t *testing.T) {
t.Helper()
lc := &fakeLoginClient{token: "tok-xyz", expiresIn: 7200}
handler := TokenHandler(lc)
req := httptest.NewRequest(http.MethodGet, "/v2/token", nil)
req.SetBasicAuth("alice", "secret")
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
if rec.Code != http.StatusOK {
t.Fatalf("status: got %d, want %d", rec.Code, http.StatusOK)
}
var resp tokenResponse
if err := json.NewDecoder(rec.Body).Decode(&resp); err != nil {
t.Fatalf("decode response: %v", err)
}
if resp.Token != "tok-xyz" {
t.Fatalf("token: got %q, want %q", resp.Token, "tok-xyz")
}
if resp.ExpiresIn != 7200 {
t.Fatalf("expires_in: got %d, want %d", resp.ExpiresIn, 7200)
}
if resp.IssuedAt == "" {
t.Fatal("issued_at: expected non-empty RFC 3339 timestamp")
}
}
func TestTokenHandlerInvalidCreds(t *testing.T) {
t.Helper()
lc := &fakeLoginClient{err: auth.ErrUnauthorized}
handler := TokenHandler(lc)
req := httptest.NewRequest(http.MethodGet, "/v2/token", nil)
req.SetBasicAuth("alice", "wrong")
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
if rec.Code != http.StatusUnauthorized {
t.Fatalf("status: got %d, want %d", rec.Code, http.StatusUnauthorized)
}
var ociErr ociErrorResponse
if err := json.NewDecoder(rec.Body).Decode(&ociErr); err != nil {
t.Fatalf("decode OCI error: %v", err)
}
if len(ociErr.Errors) != 1 || ociErr.Errors[0].Code != "UNAUTHORIZED" {
t.Fatalf("OCI error: got %+v, want UNAUTHORIZED", ociErr.Errors)
}
}
func TestTokenHandlerMissingAuth(t *testing.T) {
t.Helper()
lc := &fakeLoginClient{token: "should-not-matter"}
handler := TokenHandler(lc)
req := httptest.NewRequest(http.MethodGet, "/v2/token", nil)
// No Authorization header.
rec := httptest.NewRecorder()
handler.ServeHTTP(rec, req)
if rec.Code != http.StatusUnauthorized {
t.Fatalf("status: got %d, want %d", rec.Code, http.StatusUnauthorized)
}
var ociErr ociErrorResponse
if err := json.NewDecoder(rec.Body).Decode(&ociErr); err != nil {
t.Fatalf("decode OCI error: %v", err)
}
if len(ociErr.Errors) != 1 || ociErr.Errors[0].Code != "UNAUTHORIZED" {
t.Fatalf("OCI error: got %+v, want UNAUTHORIZED", ociErr.Errors)
}
}
Reference in New Issue View Git Blame Copy Permalink