iris/middleware/jwt/jwt_test.go

package jwt_test

import (
	"fmt"
	"testing"
	"time"

	"github.com/kataras/iris/v12"
	"github.com/kataras/iris/v12/httptest"
	"github.com/kataras/iris/v12/middleware/jwt"
)

var testAlg, testSecret = jwt.HS256, []byte("sercrethatmaycontainch@r$")

type fooClaims struct {
	Foo string `json:"foo"`
}

// The actual tests are inside the kataras/jwt repository.
// This runs simple checks of just the middleware part.
func TestJWT(t *testing.T) {
	app := iris.New()

	signer := jwt.NewSigner(testAlg, testSecret, 3*time.Second)
	app.Get("/", func(ctx iris.Context) {
		claims := fooClaims{Foo: "bar"}
		token, err := signer.Sign(claims)
		if err != nil {
			ctx.StopWithError(iris.StatusInternalServerError, err)
			return
		}
		ctx.Write(token)
	})

	verifier := jwt.NewVerifier(testAlg, testSecret)
	verifier.ErrorHandler = func(ctx iris.Context, err error) { // app.OnErrorCode(401, ...)
		ctx.StopWithError(iris.StatusUnauthorized, err)
	}
	middleware := verifier.Verify(func() interface{} { return new(fooClaims) })
	app.Get("/protected", middleware, func(ctx iris.Context) {
		claims := jwt.Get(ctx).(*fooClaims)
		ctx.WriteString(claims.Foo)
	})

	e := httptest.New(t, app)

	// Get generated token.
	token := e.GET("/").Expect().Status(iris.StatusOK).Body().Raw()
	// Test Header.
	headerValue := fmt.Sprintf("Bearer %s", token)
	e.GET("/protected").WithHeader("Authorization", headerValue).Expect().
		Status(iris.StatusOK).Body().Equal("bar")
	// Test URL query.
	e.GET("/protected").WithQuery("token", token).Expect().
		Status(iris.StatusOK).Body().Equal("bar")

	// Test unauthorized.
	e.GET("/protected").Expect().Status(iris.StatusUnauthorized)
	e.GET("/protected").WithHeader("Authorization", "missing bearer").Expect().Status(iris.StatusUnauthorized)
	e.GET("/protected").WithQuery("token", "invalid_token").Expect().Status(iris.StatusUnauthorized)
	// Test expired (note checks happen based on second round).
	time.Sleep(5 * time.Second)
	e.GET("/protected").WithHeader("Authorization", headerValue).Expect().
		Status(iris.StatusUnauthorized).Body().Equal("jwt: token expired")
}
New builtin JWT middleware - this one supports encryption and ed25519 Former-commit-id: ca20d256b766e3e8717e91de7a3f3b5f213af0bc 2020-05-27 11:02:17 +02:00			`package jwt_test`

			`import (`
As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`"fmt"`
New builtin JWT middleware - this one supports encryption and ed25519 Former-commit-id: ca20d256b766e3e8717e91de7a3f3b5f213af0bc 2020-05-27 11:02:17 +02:00			`"testing"`
			`"time"`

			`"github.com/kataras/iris/v12"`
			`"github.com/kataras/iris/v12/httptest"`
			`"github.com/kataras/iris/v12/middleware/jwt"`
			`)`

As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`var testAlg, testSecret = jwt.HS256, []byte("sercrethatmaycontainch@r$")`
New JWT features and changes (examples updated). Improvements on the Context User and Private Error features TODO: Write the new e-book JWT section and the HISTORY entry of the chnages and add a simple example on site docs 2020-10-17 05:40:17 +02:00
As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`type fooClaims struct {`
			Foo string `json:"foo"`
New JWT features and changes (examples updated). Improvements on the Context User and Private Error features TODO: Write the new e-book JWT section and the HISTORY entry of the chnages and add a simple example on site docs 2020-10-17 05:40:17 +02:00			`}`

As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`// The actual tests are inside the kataras/jwt repository.`
			`// This runs simple checks of just the middleware part.`
			`func TestJWT(t *testing.T) {`
New JWT features and changes (examples updated). Improvements on the Context User and Private Error features TODO: Write the new e-book JWT section and the HISTORY entry of the chnages and add a simple example on site docs 2020-10-17 05:40:17 +02:00			`app := iris.New()`

As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`signer := jwt.NewSigner(testAlg, testSecret, 3*time.Second)`
			`app.Get("/", func(ctx iris.Context) {`
			`claims := fooClaims{Foo: "bar"}`
			`token, err := signer.Sign(claims)`
New JWT features and changes (examples updated). Improvements on the Context User and Private Error features TODO: Write the new e-book JWT section and the HISTORY entry of the chnages and add a simple example on site docs 2020-10-17 05:40:17 +02:00			`if err != nil {`
			`ctx.StopWithError(iris.StatusInternalServerError, err)`
			`return`
			`}`
As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`ctx.Write(token)`
New JWT features and changes (examples updated). Improvements on the Context User and Private Error features TODO: Write the new e-book JWT section and the HISTORY entry of the chnages and add a simple example on site docs 2020-10-17 05:40:17 +02:00			`})`

As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`verifier := jwt.NewVerifier(testAlg, testSecret)`
			`verifier.ErrorHandler = func(ctx iris.Context, err error) { // app.OnErrorCode(401, ...)`
			`ctx.StopWithError(iris.StatusUnauthorized, err)`
			`}`
			`middleware := verifier.Verify(func() interface{} { return new(fooClaims) })`
			`app.Get("/protected", middleware, func(ctx iris.Context) {`
			`claims := jwt.Get(ctx).(*fooClaims)`
			`ctx.WriteString(claims.Foo)`
New JWT features and changes (examples updated). Improvements on the Context User and Private Error features TODO: Write the new e-book JWT section and the HISTORY entry of the chnages and add a simple example on site docs 2020-10-17 05:40:17 +02:00			`})`

			`e := httptest.New(t, app)`

As noticed in my previous commit, the existing jwt libraries added a lot of performance cost between jwt-featured requests and simple requests. That's why a new custom JWT parser was created. This commit adds our custom jwt parser as the underline token signer and verifier 2020-10-30 21:12:16 +01:00			`// Get generated token.`
			`token := e.GET("/").Expect().Status(iris.StatusOK).Body().Raw()`
			`// Test Header.`
			`headerValue := fmt.Sprintf("Bearer %s", token)`
			`e.GET("/protected").WithHeader("Authorization", headerValue).Expect().`
			`Status(iris.StatusOK).Body().Equal("bar")`
			`// Test URL query.`
			`e.GET("/protected").WithQuery("token", token).Expect().`
			`Status(iris.StatusOK).Body().Equal("bar")`

			`// Test unauthorized.`
			`e.GET("/protected").Expect().Status(iris.StatusUnauthorized)`
			`e.GET("/protected").WithHeader("Authorization", "missing bearer").Expect().Status(iris.StatusUnauthorized)`
			`e.GET("/protected").WithQuery("token", "invalid_token").Expect().Status(iris.StatusUnauthorized)`
			`// Test expired (note checks happen based on second round).`
			`time.Sleep(5 * time.Second)`
			`e.GET("/protected").WithHeader("Authorization", headerValue).Expect().`
minor test fix 2021-03-04 17:10:13 +01:00			`Status(iris.StatusUnauthorized).Body().Equal("jwt: token expired")`
New builtin JWT middleware - this one supports encryption and ed25519 Former-commit-id: ca20d256b766e3e8717e91de7a3f3b5f213af0bc 2020-05-27 11:02:17 +02:00			`}`