woodpecker/shared/token/token_test.go

package token_test

import (
	"testing"

	"github.com/golang-jwt/jwt/v5"
	"github.com/stretchr/testify/assert"

	"go.woodpecker-ci.org/woodpecker/v3/shared/token"
)

const jwtSecret = "secret-to-sign-the-token"

func TestTokenValid(t *testing.T) {
	_token := token.New(token.UserToken)
	_token.Set("user-id", "1")
	signedToken, err := _token.Sign(jwtSecret)
	assert.NoError(t, err)

	parsed, err := token.Parse([]token.Type{token.UserToken}, signedToken, func(_ *token.Token) (string, error) {
		return jwtSecret, nil
	})

	assert.NoError(t, err)
	assert.NotNil(t, parsed)
	assert.Equal(t, "1", parsed.Get("user-id"))
}

func TestTokenWrongType(t *testing.T) {
	_token := token.New(token.UserToken)
	_token.Set("user-id", "1")
	signedToken, err := _token.Sign(jwtSecret)
	assert.NoError(t, err)

	_, err = token.Parse([]token.Type{token.AgentToken}, signedToken, func(_ *token.Token) (string, error) {
		return jwtSecret, nil
	})

	assert.ErrorIs(t, err, jwt.ErrInvalidType)
}

func TestTokenWrongSecret(t *testing.T) {
	_token := token.New(token.UserToken)
	_token.Set("user-id", "1")
	signedToken, err := _token.Sign(jwtSecret)
	assert.NoError(t, err)

	_, err = token.Parse([]token.Type{token.UserToken}, signedToken, func(_ *token.Token) (string, error) {
		return "this-is-a-wrong-secret", nil
	})

	assert.ErrorIs(t, err, jwt.ErrSignatureInvalid)
}
Enhance token checking (#3842) 2024-06-26 22:08:59 +00:00			`package token_test`

			`import (`
			`"testing"`

			`"github.com/golang-jwt/jwt/v5"`
			`"github.com/stretchr/testify/assert"`

Update Go imports paths (#4605) Co-authored-by: Robert Kaussow <mail@thegeeklab.de> 2024-12-22 09:44:34 +00:00			`"go.woodpecker-ci.org/woodpecker/v3/shared/token"`
Enhance token checking (#3842) 2024-06-26 22:08:59 +00:00			`)`

Migrate away from goblin (#4624) Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Robert Kaussow <mail@thegeeklab.de> 2024-12-30 06:08:53 +00:00			`const jwtSecret = "secret-to-sign-the-token"`

			`func TestTokenValid(t *testing.T) {`
			`_token := token.New(token.UserToken)`
			`_token.Set("user-id", "1")`
			`signedToken, err := _token.Sign(jwtSecret)`
			`assert.NoError(t, err)`

			`parsed, err := token.Parse([]token.Type{token.UserToken}, signedToken, func(_ *token.Token) (string, error) {`
			`return jwtSecret, nil`
			`})`

			`assert.NoError(t, err)`
			`assert.NotNil(t, parsed)`
			`assert.Equal(t, "1", parsed.Get("user-id"))`
			`}`

			`func TestTokenWrongType(t *testing.T) {`
			`_token := token.New(token.UserToken)`
			`_token.Set("user-id", "1")`
			`signedToken, err := _token.Sign(jwtSecret)`
			`assert.NoError(t, err)`

			`_, err = token.Parse([]token.Type{token.AgentToken}, signedToken, func(_ *token.Token) (string, error) {`
			`return jwtSecret, nil`
Enhance token checking (#3842) 2024-06-26 22:08:59 +00:00			`})`
Migrate away from goblin (#4624) Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Robert Kaussow <mail@thegeeklab.de> 2024-12-30 06:08:53 +00:00
			`assert.ErrorIs(t, err, jwt.ErrInvalidType)`
			`}`

			`func TestTokenWrongSecret(t *testing.T) {`
			`_token := token.New(token.UserToken)`
			`_token.Set("user-id", "1")`
			`signedToken, err := _token.Sign(jwtSecret)`
			`assert.NoError(t, err)`

			`_, err = token.Parse([]token.Type{token.UserToken}, signedToken, func(_ *token.Token) (string, error) {`
			`return "this-is-a-wrong-secret", nil`
			`})`

			`assert.ErrorIs(t, err, jwt.ErrSignatureInvalid)`
Enhance token checking (#3842) 2024-06-26 22:08:59 +00:00			`}`