Middleware: Rewrite tests to use standard library (#29535)

* middleware: Rewrite tests to use standard library Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
2025-07-31 07:52:21 +08:00 · 2020-12-03 08:28:54 +01:00
parent 0b6434d0e8
commit 58dbf96a12
10 changed files with 1008 additions and 898 deletions
--- a/pkg/middleware/middleware_basic_auth_test.go
+++ b/pkg/middleware/middleware_basic_auth_test.go
@ -4,149 +4,136 @@ import (
 	"encoding/json"
 	"testing"

-	. "github.com/smartystreets/goconvey/convey"
-
 	"github.com/grafana/grafana/pkg/bus"
 	authLogin "github.com/grafana/grafana/pkg/login"
 	"github.com/grafana/grafana/pkg/models"
 	"github.com/grafana/grafana/pkg/setting"
 	"github.com/grafana/grafana/pkg/util"
+	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )

 func TestMiddlewareBasicAuth(t *testing.T) {
-	Convey("Given the basic auth", t, func() {
-		var oldBasicAuthEnabled = setting.BasicAuthEnabled
-		var oldDisableBruteForceLoginProtection = setting.DisableBruteForceLoginProtection
-		var id int64 = 12
+	var origBasicAuthEnabled = setting.BasicAuthEnabled
+	var origDisableBruteForceLoginProtection = setting.DisableBruteForceLoginProtection
+	t.Cleanup(func() {
+		setting.BasicAuthEnabled = origBasicAuthEnabled
+		setting.DisableBruteForceLoginProtection = origDisableBruteForceLoginProtection
+	})
+	setting.BasicAuthEnabled = true
+	setting.DisableBruteForceLoginProtection = true

-		Convey("Setup", func() {
-			setting.BasicAuthEnabled = true
-			setting.DisableBruteForceLoginProtection = true
-			bus.ClearBusHandlers()
+	bus.ClearBusHandlers()
+
+	const id int64 = 12
+
+	middlewareScenario(t, "Valid API key", func(sc *scenarioContext) {
+		const orgID int64 = 2
+		keyhash, err := util.EncodePassword("v5nAwpMafFP6znaS4urhdWDLS5511M42", "asd")
+		require.NoError(t, err)
+
+		bus.AddHandler("test", func(query *models.GetApiKeyByNameQuery) error {
+			query.Result = &models.ApiKey{OrgId: orgID, Role: models.ROLE_EDITOR, Key: keyhash}
+			return nil
 		})

-		middlewareScenario(t, "Valid API key", func(sc *scenarioContext) {
-			var orgID int64 = 2
-			keyhash, err := util.EncodePassword("v5nAwpMafFP6znaS4urhdWDLS5511M42", "asd")
-			So(err, ShouldBeNil)
+		authHeader := util.GetBasicAuthHeader("api_key", "eyJrIjoidjVuQXdwTWFmRlA2em5hUzR1cmhkV0RMUzU1MTFNNDIiLCJuIjoiYXNkIiwiaWQiOjF9")
+		sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()

-			bus.AddHandler("test", func(query *models.GetApiKeyByNameQuery) error {
-				query.Result = &models.ApiKey{OrgId: orgID, Role: models.ROLE_EDITOR, Key: keyhash}
-				return nil
-			})
+		assert.Equal(t, 200, sc.resp.Code)
+		assert.True(t, sc.context.IsSignedIn)
+		assert.Equal(t, orgID, sc.context.OrgId)
+		assert.Equal(t, models.ROLE_EDITOR, sc.context.OrgRole)
+	})

-			authHeader := util.GetBasicAuthHeader("api_key", "eyJrIjoidjVuQXdwTWFmRlA2em5hUzR1cmhkV0RMUzU1MTFNNDIiLCJuIjoiYXNkIiwiaWQiOjF9")
-			sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
+	middlewareScenario(t, "Handle auth", func(sc *scenarioContext) {
+		const password = "MyPass"
+		const salt = "Salt"
+		const orgID int64 = 2

-			Convey("Should return 200", func() {
-				So(sc.resp.Code, ShouldEqual, 200)
-			})
+		t.Cleanup(bus.ClearBusHandlers)

-			Convey("Should init middleware context", func() {
-				So(sc.context.IsSignedIn, ShouldEqual, true)
-				So(sc.context.OrgId, ShouldEqual, orgID)
-				So(sc.context.OrgRole, ShouldEqual, models.ROLE_EDITOR)
-			})
+		bus.AddHandler("grafana-auth", func(query *models.LoginUserQuery) error {
+			encoded, err := util.EncodePassword(password, salt)
+			if err != nil {
+				return err
+			}
+			query.User = &models.User{
+				Password: encoded,
+				Salt:     salt,
+			}
+			return nil
 		})

-		middlewareScenario(t, "Handle auth", func(sc *scenarioContext) {
-			var password = "MyPass"
-			var salt = "Salt"
-			var orgID int64 = 2
-
-			bus.AddHandler("grafana-auth", func(query *models.LoginUserQuery) error {
-				encoded, err := util.EncodePassword(password, salt)
-				if err != nil {
-					return err
-				}
-				query.User = &models.User{
-					Password: encoded,
-					Salt:     salt,
-				}
-				return nil
-			})
-
-			bus.AddHandler("get-sign-user", func(query *models.GetSignedInUserQuery) error {
-				query.Result = &models.SignedInUser{OrgId: orgID, UserId: id}
-				return nil
-			})
-
-			authHeader := util.GetBasicAuthHeader("myUser", password)
-			sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
-
-			Convey("Should init middleware context with users", func() {
-				So(sc.context.IsSignedIn, ShouldEqual, true)
-				So(sc.context.OrgId, ShouldEqual, orgID)
-				So(sc.context.UserId, ShouldEqual, id)
-			})
-
-			bus.ClearBusHandlers()
+		bus.AddHandler("get-sign-user", func(query *models.GetSignedInUserQuery) error {
+			query.Result = &models.SignedInUser{OrgId: orgID, UserId: id}
+			return nil
 		})

-		middlewareScenario(t, "Auth sequence", func(sc *scenarioContext) {
-			var password = "MyPass"
-			var salt = "Salt"
+		authHeader := util.GetBasicAuthHeader("myUser", password)
+		sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()

-			authLogin.Init()
+		assert.True(t, sc.context.IsSignedIn)
+		assert.Equal(t, orgID, sc.context.OrgId)
+		assert.Equal(t, id, sc.context.UserId)
+	})

-			bus.AddHandler("user-query", func(query *models.GetUserByLoginQuery) error {
-				encoded, err := util.EncodePassword(password, salt)
-				if err != nil {
-					return err
-				}
-				query.Result = &models.User{
-					Password: encoded,
-					Id:       id,
-					Salt:     salt,
-				}
-				return nil
-			})
+	middlewareScenario(t, "Auth sequence", func(sc *scenarioContext) {
+		const password = "MyPass"
+		const salt = "Salt"

-			bus.AddHandler("get-sign-user", func(query *models.GetSignedInUserQuery) error {
-				query.Result = &models.SignedInUser{UserId: query.UserId}
-				return nil
-			})
+		authLogin.Init()

-			authHeader := util.GetBasicAuthHeader("myUser", password)
-			sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
-
-			Convey("Should init middleware context with user", func() {
-				So(sc.context.IsSignedIn, ShouldEqual, true)
-				So(sc.context.UserId, ShouldEqual, id)
-			})
+		bus.AddHandler("user-query", func(query *models.GetUserByLoginQuery) error {
+			encoded, err := util.EncodePassword(password, salt)
+			if err != nil {
+				return err
+			}
+			query.Result = &models.User{
+				Password: encoded,
+				Id:       id,
+				Salt:     salt,
+			}
+			return nil
 		})

-		middlewareScenario(t, "Should return error if user is not found", func(sc *scenarioContext) {
-			sc.fakeReq("GET", "/")
-			sc.req.SetBasicAuth("user", "password")
-			sc.exec()
-
-			err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
-			So(err, ShouldNotBeNil)
-
-			So(sc.resp.Code, ShouldEqual, 401)
-			So(sc.respJson["message"], ShouldEqual, errStringInvalidUsernamePassword)
+		bus.AddHandler("get-sign-user", func(query *models.GetSignedInUserQuery) error {
+			query.Result = &models.SignedInUser{UserId: query.UserId}
+			return nil
 		})

-		middlewareScenario(t, "Should return error if user & password do not match", func(sc *scenarioContext) {
-			bus.AddHandler("user-query", func(loginUserQuery *models.GetUserByLoginQuery) error {
-				return nil
-			})
+		authHeader := util.GetBasicAuthHeader("myUser", password)
+		sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()

-			sc.fakeReq("GET", "/")
-			sc.req.SetBasicAuth("killa", "gorilla")
-			sc.exec()
+		assert.True(t, sc.context.IsSignedIn)
+		assert.Equal(t, id, sc.context.UserId)
+	})

-			err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
-			So(err, ShouldNotBeNil)
+	middlewareScenario(t, "Should return error if user is not found", func(sc *scenarioContext) {
+		sc.fakeReq("GET", "/")
+		sc.req.SetBasicAuth("user", "password")
+		sc.exec()

-			So(sc.resp.Code, ShouldEqual, 401)
-			So(sc.respJson["message"], ShouldEqual, errStringInvalidUsernamePassword)
+		err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
+		require.Error(t, err)
+
+		assert.Equal(t, 401, sc.resp.Code)
+		assert.Equal(t, errStringInvalidUsernamePassword, sc.respJson["message"])
+	})
+
+	middlewareScenario(t, "Should return error if user & password do not match", func(sc *scenarioContext) {
+		bus.AddHandler("user-query", func(loginUserQuery *models.GetUserByLoginQuery) error {
+			return nil
 		})

-		Convey("Destroy", func() {
-			setting.BasicAuthEnabled = oldBasicAuthEnabled
-			setting.DisableBruteForceLoginProtection = oldDisableBruteForceLoginProtection
-		})
+		sc.fakeReq("GET", "/")
+		sc.req.SetBasicAuth("killa", "gorilla")
+		sc.exec()
+
+		err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
+		require.Error(t, err)
+
+		assert.Equal(t, 401, sc.resp.Code)
+		assert.Equal(t, errStringInvalidUsernamePassword, sc.respJson["message"])
 	})
 }