5a877ca1a1
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Add auth-svc /validate endpoint for token checking Add chat-svc with auth client and Redis task queue Add worker-svc chat handler for task processing Co-Authored-By: Claude Code <claude@anthropic.com>
119 lines
2.9 KiB
Go
119 lines
2.9 KiB
Go
package authclient
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
|
|
"git.threesix.ai/jordan/sp4-debug-1770477266/pkg/auth"
|
|
"git.threesix.ai/jordan/sp4-debug-1770477266/pkg/httpclient"
|
|
"git.threesix.ai/jordan/sp4-debug-1770477266/pkg/logging"
|
|
)
|
|
|
|
func newMockAuthServer(t *testing.T) *httptest.Server {
|
|
t.Helper()
|
|
return httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
authHeader := r.Header.Get("Authorization")
|
|
if authHeader == "Bearer valid-token" {
|
|
w.Header().Set("Content-Type", "application/json")
|
|
json.NewEncoder(w).Encode(ValidateResponse{
|
|
Data: ValidateData{
|
|
UserID: "user-123",
|
|
Email: "test@example.com",
|
|
},
|
|
})
|
|
return
|
|
}
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
json.NewEncoder(w).Encode(map[string]any{"error": "invalid token"})
|
|
}))
|
|
}
|
|
|
|
func TestMiddleware_ValidToken(t *testing.T) {
|
|
server := newMockAuthServer(t)
|
|
defer server.Close()
|
|
|
|
client := &Client{
|
|
baseURL: server.URL,
|
|
httpClient: httpclient.New(httpclient.Config{MaxRetries: 1}),
|
|
logger: logging.Nop(),
|
|
}
|
|
|
|
var capturedUserID string
|
|
r := chi.NewRouter()
|
|
r.Use(Middleware(client))
|
|
r.Get("/test", func(w http.ResponseWriter, r *http.Request) {
|
|
user := auth.GetUser(r.Context())
|
|
if user != nil {
|
|
capturedUserID = user.ID
|
|
}
|
|
w.WriteHeader(http.StatusOK)
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
|
req.Header.Set("Authorization", "Bearer valid-token")
|
|
w := httptest.NewRecorder()
|
|
r.ServeHTTP(w, req)
|
|
|
|
if w.Code != http.StatusOK {
|
|
t.Errorf("expected status 200, got %d: %s", w.Code, w.Body.String())
|
|
}
|
|
if capturedUserID != "user-123" {
|
|
t.Errorf("expected user ID 'user-123', got '%s'", capturedUserID)
|
|
}
|
|
}
|
|
|
|
func TestMiddleware_MissingToken(t *testing.T) {
|
|
server := newMockAuthServer(t)
|
|
defer server.Close()
|
|
|
|
client := &Client{
|
|
baseURL: server.URL,
|
|
httpClient: httpclient.New(httpclient.Config{MaxRetries: 1}),
|
|
logger: logging.Nop(),
|
|
}
|
|
|
|
r := chi.NewRouter()
|
|
r.Use(Middleware(client))
|
|
r.Get("/test", func(w http.ResponseWriter, r *http.Request) {
|
|
w.WriteHeader(http.StatusOK)
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
|
w := httptest.NewRecorder()
|
|
r.ServeHTTP(w, req)
|
|
|
|
if w.Code != http.StatusUnauthorized {
|
|
t.Errorf("expected status 401, got %d", w.Code)
|
|
}
|
|
}
|
|
|
|
func TestMiddleware_InvalidToken(t *testing.T) {
|
|
server := newMockAuthServer(t)
|
|
defer server.Close()
|
|
|
|
client := &Client{
|
|
baseURL: server.URL,
|
|
httpClient: httpclient.New(httpclient.Config{MaxRetries: 1}),
|
|
logger: logging.Nop(),
|
|
}
|
|
|
|
r := chi.NewRouter()
|
|
r.Use(Middleware(client))
|
|
r.Get("/test", func(w http.ResponseWriter, r *http.Request) {
|
|
w.WriteHeader(http.StatusOK)
|
|
})
|
|
|
|
req := httptest.NewRequest(http.MethodGet, "/test", nil)
|
|
req.Header.Set("Authorization", "Bearer invalid-token")
|
|
w := httptest.NewRecorder()
|
|
r.ServeHTTP(w, req)
|
|
|
|
if w.Code != http.StatusUnauthorized {
|
|
t.Errorf("expected status 401, got %d", w.Code)
|
|
}
|
|
}
|