Starz uses github oauth to login and then does a simple query on a github account to return their public repos and how many stars each one has.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

291 lines
7.6 KiB

  1. package starz
  2. import (
  3. "bytes"
  4. "io"
  5. "net/http"
  6. "net/http/httptest"
  7. "strings"
  8. "testing"
  9. "github.com/gorilla/sessions"
  10. )
  11. var server = Server{}
  12. func init() {
  13. store = sessions.NewCookieStore([]byte(""))
  14. }
  15. func TestHealth(t *testing.T) {
  16. req, err := http.NewRequest("GET", "/healthz", nil)
  17. if err != nil {
  18. t.Fatal(err)
  19. }
  20. rr := httptest.NewRecorder()
  21. handler := http.HandlerFunc(server.health)
  22. handler.ServeHTTP(rr, req)
  23. if status := rr.Code; status != http.StatusOK {
  24. t.Errorf("handler returned wrong status code: got %v want %v",
  25. status, http.StatusOK)
  26. }
  27. expected := `{"alive": true}`
  28. if rr.Body.String() != expected {
  29. t.Errorf("handler returned unexpected body: got %v want %v",
  30. rr.Body.String(), expected)
  31. }
  32. }
  33. func TestInfo(t *testing.T) {
  34. req, err := http.NewRequest("GET", "/info", nil)
  35. if err != nil {
  36. t.Fatal(err)
  37. }
  38. rr := httptest.NewRecorder()
  39. handler := http.HandlerFunc(server.serverInfo)
  40. handler.ServeHTTP(rr, req)
  41. if status := rr.Code; status != http.StatusOK {
  42. t.Errorf("handler returned wrong status code: got %v want %v",
  43. status, http.StatusOK)
  44. }
  45. }
  46. func TestListWithAuth(t *testing.T) {
  47. req, err := http.NewRequest("GET", "/api/v0/list/dmmcquay/", nil)
  48. if err != nil {
  49. t.Fatal(err)
  50. }
  51. rr := httptest.NewRecorder()
  52. handler := http.HandlerFunc(server.list)
  53. session, _ := store.Get(req, "creds")
  54. session.Values["authenticated"] = true
  55. session.Values["uname"] = "dmmcquay"
  56. if err := session.Save(req, rr); err != nil {
  57. t.Errorf("could not store session info")
  58. return
  59. }
  60. handler.ServeHTTP(rr, req)
  61. if status := rr.Code; status != http.StatusBadRequest {
  62. t.Errorf("handler returned wrong status code: got %v want %v",
  63. status, http.StatusBadRequest)
  64. }
  65. }
  66. func TestListWithoutAuth(t *testing.T) {
  67. req, err := http.NewRequest("GET", "/api/v0/list/dmmcquay/", nil)
  68. if err != nil {
  69. t.Fatal(err)
  70. }
  71. rr := httptest.NewRecorder()
  72. handler := http.HandlerFunc(server.list)
  73. session, _ := store.Get(req, "creds")
  74. session.Values["authenticated"] = false
  75. session.Values["uname"] = "bobo"
  76. if err := session.Save(req, rr); err != nil {
  77. t.Errorf("could not store session info")
  78. return
  79. }
  80. handler.ServeHTTP(rr, req)
  81. if status := rr.Code; status != http.StatusTemporaryRedirect {
  82. t.Errorf("handler returned wrong status code: got %v want %v",
  83. status, http.StatusTemporaryRedirect)
  84. }
  85. }
  86. func TestListWrongMethod(t *testing.T) {
  87. req, err := http.NewRequest("POST", "/api/v0/list/dmmcquay/", nil)
  88. if err != nil {
  89. t.Fatal(err)
  90. }
  91. rr := httptest.NewRecorder()
  92. handler := http.HandlerFunc(server.list)
  93. session, _ := store.Get(req, "creds")
  94. session.Values["authenticated"] = true
  95. session.Values["uname"] = "bobo"
  96. if err := session.Save(req, rr); err != nil {
  97. t.Errorf("could not store session info")
  98. return
  99. }
  100. handler.ServeHTTP(rr, req)
  101. if status := rr.Code; status != http.StatusBadRequest {
  102. t.Errorf("handler returned wrong status code: got %v want %v",
  103. status, http.StatusBadRequest)
  104. }
  105. }
  106. func TestListBadURL(t *testing.T) {
  107. req, err := http.NewRequest("GET", "/api/v0/list/ ", nil)
  108. if err != nil {
  109. t.Fatal(err)
  110. }
  111. rr := httptest.NewRecorder()
  112. handler := http.HandlerFunc(server.list)
  113. session, _ := store.Get(req, "creds")
  114. session.Values["authenticated"] = true
  115. session.Values["uname"] = "bobo"
  116. if err := session.Save(req, rr); err != nil {
  117. t.Errorf("could not store session info")
  118. return
  119. }
  120. handler.ServeHTTP(rr, req)
  121. if status := rr.Code; status != http.StatusMovedPermanently {
  122. t.Errorf("handler returned wrong status code: got %v want %v",
  123. status, http.StatusMovedPermanently)
  124. }
  125. }
  126. func TestLogin(t *testing.T) {
  127. req, err := http.NewRequest("GET", "/api/v0/login/", nil)
  128. if err != nil {
  129. t.Fatal(err)
  130. }
  131. rr := httptest.NewRecorder()
  132. handler := http.HandlerFunc(server.login)
  133. handler.ServeHTTP(rr, req)
  134. if status := rr.Code; status != http.StatusTemporaryRedirect {
  135. t.Errorf("handler returned wrong status code: got %v want %v",
  136. status, http.StatusTemporaryRedirect)
  137. }
  138. }
  139. func TestAuthNotAuthed(t *testing.T) {
  140. req, err := http.NewRequest("GET", "/api/v0/auth/", nil)
  141. if err != nil {
  142. t.Fatal(err)
  143. }
  144. rr := httptest.NewRecorder()
  145. handler := http.HandlerFunc(server.auth)
  146. handler.ServeHTTP(rr, req)
  147. if status := rr.Code; status != http.StatusUnauthorized {
  148. t.Errorf("handler returned wrong status code: got %v want %v",
  149. status, http.StatusUnauthorized)
  150. }
  151. expected := `{"auth":false}`
  152. actual := strings.Trim(rr.Body.String(), "\n ")
  153. if actual != expected {
  154. t.Errorf("handler returned unexpected body: got %v want %v",
  155. actual, expected)
  156. }
  157. }
  158. func TestAuthAuthed(t *testing.T) {
  159. req, err := http.NewRequest("GET", "/api/v0/auth/", nil)
  160. if err != nil {
  161. t.Fatal(err)
  162. }
  163. rr := httptest.NewRecorder()
  164. handler := http.HandlerFunc(server.auth)
  165. session, _ := store.Get(req, "creds")
  166. session.Values["authenticated"] = true
  167. session.Values["uname"] = "bobo"
  168. handler.ServeHTTP(rr, req)
  169. if status := rr.Code; status != http.StatusOK {
  170. t.Errorf("handler returned wrong status code: got %v want %v",
  171. status, http.StatusOK)
  172. }
  173. expected := `{"auth":true}`
  174. actual := strings.Trim(rr.Body.String(), "\n ")
  175. if actual != expected {
  176. t.Errorf("handler returned unexpected body: got %v want %v",
  177. actual, expected)
  178. }
  179. }
  180. func TestLogout(t *testing.T) {
  181. req, err := http.NewRequest("GET", "/api/v0/logout/", nil)
  182. if err != nil {
  183. t.Fatal(err)
  184. }
  185. rr := httptest.NewRecorder()
  186. handler := http.HandlerFunc(server.logout)
  187. session, _ := store.Get(req, "creds")
  188. session.Values["authenticated"] = true
  189. session.Values["uname"] = "bobo"
  190. handler.ServeHTTP(rr, req)
  191. if status := rr.Code; status != http.StatusSeeOther {
  192. t.Errorf("handler returned wrong status code: got %v want %v",
  193. status, http.StatusSeeOther)
  194. }
  195. if session.Values["authenticated"] != nil {
  196. t.Errorf("handler returned unexpected body: got %v want %v",
  197. session.Values["authenticated"], nil)
  198. }
  199. }
  200. func TestPlistNotAuthed(t *testing.T) {
  201. req, err := http.NewRequest("GET", "/static/", nil)
  202. if err != nil {
  203. t.Fatal(err)
  204. }
  205. rr := httptest.NewRecorder()
  206. handler := http.HandlerFunc(server.plist)
  207. handler.ServeHTTP(rr, req)
  208. if status := rr.Code; status != http.StatusTemporaryRedirect {
  209. t.Errorf("handler returned wrong status code: got %v want %v",
  210. status, http.StatusTemporaryRedirect)
  211. }
  212. }
  213. func TestPlistAuthed(t *testing.T) {
  214. req, err := http.NewRequest("GET", "/static/", nil)
  215. if err != nil {
  216. t.Fatal(err)
  217. }
  218. rr := httptest.NewRecorder()
  219. handler := http.HandlerFunc(server.plist)
  220. session, _ := store.Get(req, "creds")
  221. session.Values["authenticated"] = true
  222. session.Values["uname"] = "bobo"
  223. handler.ServeHTTP(rr, req)
  224. if status := rr.Code; status != http.StatusOK {
  225. t.Errorf("handler returned wrong status code: got %v want %v",
  226. status, http.StatusOK)
  227. }
  228. }
  229. func TestStaticAssests(t *testing.T) {
  230. req, err := http.NewRequest("GET", "/static/s/", nil)
  231. if err != nil {
  232. t.Fatal(err)
  233. }
  234. rr := httptest.NewRecorder()
  235. handler := http.HandlerFunc(
  236. func(w http.ResponseWriter, req *http.Request) {
  237. data, err := Asset("static/s/index.html")
  238. if err != nil {
  239. http.Error(w, err.Error(), http.StatusNotFound)
  240. return
  241. }
  242. r := bytes.NewReader(data)
  243. io.Copy(w, r)
  244. },
  245. )
  246. handler.ServeHTTP(rr, req)
  247. if status := rr.Code; status != http.StatusOK {
  248. t.Errorf("handler returned wrong status code: got %v want %v",
  249. status, http.StatusOK)
  250. }
  251. }
  252. func TestAddRoutes(t *testing.T) {
  253. //addRoutes(sm *http.ServeMux, server *Server, staticFiles string)
  254. sm := http.NewServeMux()
  255. _ = NewServer(
  256. sm,
  257. "",
  258. "",
  259. "",
  260. "",
  261. "",
  262. )
  263. expected := "/api/v0/github_oauth_cb/"
  264. if prefix["github"] != expected {
  265. t.Errorf("prefix didn't get populated correctly: got %v want %v",
  266. prefix["github"], expected)
  267. }
  268. }