add some more auth tests

It's going to be difficult to get 100% code coverage, but we can at least ensure that checkAuth works properly.
9 years ago · adbc1604dc
2 changed files with 38 additions and 1 deletions
--- a/auth_test.go
+++ b/auth_test.go
@ -0,0 +1,24 @@
+package main
+
+import (
+	"testing"
+)
+
+func TestCheckAuth(t *testing.T) {
+	authKeys := []string{
+		"vhvZ/PT1jeTbTAJ8JdoxddqFtebSxdVb0vwPlYO+4HM=",
+		"vFpNprT9wbHgwAubpvRxYCCpA2FQMAK6hFqPvAGrdZo=",
+	}
+
+	if r, err := checkAuth(authKeys, []byte("")); err != nil && r {
+		t.Fatal("Authorization passed for empty key")
+	}
+
+	if r, err := checkAuth(authKeys, []byte("thisisnotvalid")); err != nil && r {
+		t.Fatal("Authorization passed for invalid key")
+	}
+
+	if r, err := checkAuth(authKeys, []byte("haPVipRnGJ0QovA9nyqK")); err != nil && !r {
+		t.Fatal("Authorization failed for valid key")
+	}
+}
--- a/server_test.go
+++ b/server_test.go
@ -52,7 +52,7 @@ func TestIndex(t *testing.T) {
 	}
 }

-func TestAuthKeysRedirects(t *testing.T) {
+func TestAuthKeys(t *testing.T) {
 	Config.authFile = "/dev/null"

 	redirects := []string{
@ -77,6 +77,19 @@ func TestAuthKeysRedirects(t *testing.T) {
 		}
 	}

+	w := httptest.NewRecorder()
+
+	req, err := http.NewRequest("POST", "/paste/", nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	mux.ServeHTTP(w, req)
+
+	if w.Code != 401 {
+		t.Fatalf("Status code is not 401, but %d", w.Code)
+	}
+
 	Config.authFile = ""
 }