diff --git a/pkg/server/token.go b/pkg/server/token.go index 7b1f21b11..38629b5d2 100644 --- a/pkg/server/token.go +++ b/pkg/server/token.go @@ -6,6 +6,7 @@ import ( "github.com/gin-gonic/gin" "github.com/gin-gonic/gin/binding" + "github.com/drone/drone/pkg/server/session" common "github.com/drone/drone/pkg/types" ) @@ -13,7 +14,6 @@ import ( func PostToken(c *gin.Context) { settings := ToSettings(c) store := ToDatastore(c) - sess := ToSession(c) user := ToUser(c) // if a session secret is not defined there is no way to @@ -39,13 +39,24 @@ func PostToken(c *gin.Context) { err := store.AddToken(token) if err != nil { - c.Fail(400, err) + c.Fail(500, err) + return + } + + var sess session.Session + val, _ := c.Get("session") + if val != nil { + sess = val.(session.Session) + } else { + sess = session.New(settings.Session) } jwt, err := sess.GenerateToken(token) if err != nil { c.Fail(400, err) + return } + c.JSON(200, struct { *common.Token Hash string `json:"hash"` @@ -61,10 +72,12 @@ func DelToken(c *gin.Context) { token, err := store.TokenLabel(user, label) if err != nil { c.Fail(404, err) + return } err = store.DelToken(token) if err != nil { c.Fail(400, err) + return } c.Writer.WriteHeader(200) diff --git a/pkg/server/token_test.go b/pkg/server/token_test.go new file mode 100644 index 000000000..12c59df98 --- /dev/null +++ b/pkg/server/token_test.go @@ -0,0 +1,87 @@ +package server + +import ( + "bytes" + "database/sql" + "encoding/json" + "net/http" + "testing" + + "github.com/dgrijalva/jwt-go" + "github.com/drone/drone/pkg/server/recorder" + "github.com/drone/drone/pkg/server/session" + "github.com/drone/drone/pkg/settings" + "github.com/drone/drone/pkg/store/mock" + "github.com/drone/drone/pkg/types" + . "github.com/franela/goblin" + "github.com/gin-gonic/gin" + "github.com/stretchr/testify/mock" +) + +var tokenTests = []struct { + inLabel string + inBody string + inSession *settings.Session + inHaveSess bool + storeErr error + outCode int + outKind string +}{ + {"", `{}`, nil, false, nil, 500, ""}, + {"", `{}`, &settings.Session{Secret: "Otto"}, false, sql.ErrNoRows, 500, ""}, + {"app1", `{"label": "app1"}`, &settings.Session{Secret: "Otto"}, true, nil, 200, types.TokenUser}, + {"app2", `{"label": "app2"}`, &settings.Session{Secret: "Otto"}, false, nil, 200, types.TokenUser}, +} + +func TestToken(t *testing.T) { + store := new(mocks.Store) + + g := Goblin(t) + g.Describe("Token", func() { + g.It("should create tokens", func() { + for _, test := range tokenTests { + rw := recorder.New() + ctx := gin.Context{Engine: gin.Default(), Writer: rw} + body := bytes.NewBufferString(test.inBody) + ctx.Request, _ = http.NewRequest("POST", "/api/user/tokens", body) + + ctx.Set("datastore", store) + ctx.Set("user", &types.User{Login: "Freya"}) + + config := settings.Settings{Session: test.inSession} + ctx.Set("settings", &config) + if test.inSession != nil { + // only set these up if we've got Session configuration + if test.inHaveSess { + ctx.Set("session", session.New(test.inSession)) + } + + // prepare the mock datastore + store.On("AddToken", mock.AnythingOfType("*types.Token")).Return(test.storeErr).Once() + } + + PostToken(&ctx) + + g.Assert(rw.Code).Equal(test.outCode) + if test.outCode != 200 { + continue + } + + var respjson map[string]interface{} + json.Unmarshal(rw.Body.Bytes(), &respjson) + g.Assert(respjson["kind"]).Equal(types.TokenUser) + g.Assert(respjson["label"]).Equal(test.inLabel) + + // this is probably going too far... maybe just validate hash is not empty? + jwt.Parse(respjson["hash"].(string), func(token *jwt.Token) (interface{}, error) { + _, ok := token.Method.(*jwt.SigningMethodHMAC) + g.Assert(ok).IsTrue() + g.Assert(token.Claims["label"]).Equal(test.inLabel) + return nil, nil + }) + } + }) + + g.It("should delete tokens") + }) +}