80 lines
2.7 KiB
Clojure
80 lines
2.7 KiB
Clojure
(ns ring-homogeneous-auth-middleware.core-test
|
|
(:require [ring-homogeneous-auth-middleware.core :as sut]
|
|
[ring-homogeneous-auth-middleware.schemas :refer [IdentityInfo]]
|
|
[clojure.test :as t :refer [is use-fixtures]]
|
|
[schema.test :refer [deftest]]
|
|
[schema.core :as s]))
|
|
|
|
(use-fixtures :once schema.test/validate-schemas)
|
|
|
|
;; Extractor code example for some JWT
|
|
|
|
(s/defn extract-identity-info :- IdentityInfo
|
|
[jwt-info]
|
|
{:user {:id (:sub jwt-info)
|
|
:name (:sub jwt-info)}
|
|
:groups #{{:id (:org_guid jwt-info)
|
|
:name (:org_name jwt-info)}}
|
|
:roles (if (= "true"
|
|
;; this test handle the case when :admin is a string
|
|
;; and when its a boolean
|
|
(str (:admin jwt-info)))
|
|
#{:admin :user}
|
|
#{:user})
|
|
:auth-type :jwt
|
|
:jwt jwt-info})
|
|
|
|
(s/defn jwt-extractor :- (s/maybe IdentityInfo)
|
|
[req]
|
|
(some-> req
|
|
:jwt
|
|
extract-identity-info))
|
|
|
|
;; Extractor code example for API Key
|
|
|
|
(s/defn api-key-extractor :- (s/maybe IdentityInfo)
|
|
[req]
|
|
(some-> req
|
|
:api-key-infos
|
|
(assoc :auth-type :api-key)))
|
|
|
|
;; Tests
|
|
|
|
(deftest wrap-auths-test
|
|
(let [base-request {:server-port 8080
|
|
:server-name "localhost"
|
|
:remote-addr "127.0.0.1"
|
|
:uri "/"
|
|
:scheme :http
|
|
:request-method :get
|
|
:protocol "HTTP/1.1"
|
|
:headers {}}
|
|
|
|
jwt {:admin true
|
|
:sub "testuser@cisco.com"
|
|
:org_name "IROH Testing"
|
|
:org_guid "00000000-0000-0000-00000000000000000"
|
|
:nbf 1487167750
|
|
:jti "aaaaaaaa-aaaa-aaaa-aaaaaaaaaaaaaaaaa"
|
|
:iat 1487168050
|
|
:exp 1487772850}
|
|
|
|
id-info {:user {:id "testuser@cisco.com"
|
|
:name "testuser@cisco.com"}
|
|
:groups #{{:id "00000000-0000-0000-00000000000000000"
|
|
:name "IROH Testing"}}
|
|
:roles #{:admin :user}
|
|
:auth-type :jwt
|
|
:jwt jwt}
|
|
|
|
request-jwt (assoc base-request :jwt jwt)
|
|
request-api-key (assoc base-request :api-key-infos id-info)
|
|
app ((sut/wrap-auths-fn [jwt-extractor api-key-extractor]) identity)]
|
|
(is (nil? (:identity-info (app base-request)))
|
|
"without any :jwt nor :api-key there shouldnt be any identity-info")
|
|
(is (= (:identity-info (app request-jwt))
|
|
id-info)
|
|
"Should provide identity-info from a jwt field")
|
|
(is (= (:identity-info (app request-api-key))
|
|
(assoc id-info :auth-type :api-key))
|
|
"Should provide identity-info from a api-key field")))
|