Skip to content

Commit

Permalink
Enhance test
Browse files Browse the repository at this point in the history
  • Loading branch information
afflerbach committed Jul 29, 2021
1 parent 49683de commit 20deb86
Showing 1 changed file with 80 additions and 9 deletions.
89 changes: 80 additions & 9 deletions server/http_oauth2_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,6 @@ import (
"time"

"github.com/dgrijalva/jwt-go/v4"
uuid "github.com/satori/go.uuid"

"github.com/avenga/couper/accesscontrol"
"github.com/avenga/couper/eval/lib"
Expand Down Expand Up @@ -378,20 +377,24 @@ func TestOAuth2_AccessControl(t *testing.T) {

func TestOAuth2_Locking(t *testing.T) {
helper := test.New(t)
token := uuid.NewV4().String()

token := "token-"
var oauthRequestCount int32
oauthOrigin := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
atomic.AddInt32(&oauthRequestCount, 1)
if req.URL.Path == "/oauth2" {
rw.Header().Set("Content-Type", "application/json")
rw.WriteHeader(http.StatusOK)

n := fmt.Sprintf("%d", atomic.LoadInt32(&oauthRequestCount))
body := []byte(`{
"access_token": "` + token + `",
"access_token": "` + token + n + `",
"token_type": "bearer",
"expires_in": 100
"expires_in": 1.5
}`)

// Slow down token request to test locking.
time.Sleep(1 * time.Second)

_, werr := rw.Write(body)
helper.Must(werr)

Expand All @@ -404,8 +407,8 @@ func TestOAuth2_Locking(t *testing.T) {

ResourceOrigin := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
if req.URL.Path == "/resource" {
if req.Header.Get("Authorization") == "Bearer "+token {
rw.Header().Set("Token", token)
if auth := req.Header.Get("Authorization"); auth != "" {
rw.Header().Set("Token", auth[len("Bearer "):])
rw.WriteHeader(http.StatusNoContent)
}

Expand Down Expand Up @@ -466,16 +469,84 @@ func TestOAuth2_Locking(t *testing.T) {
t.Errorf("Expected status NoContent, got: %d", res.StatusCode)
}

if token != res.Header.Get("Token") {
t.Errorf("Invalid token given: want %s, got: %s", token, res.Header.Get("Token"))
if token+"1" != res.Header.Get("Token") {
t.Errorf("Invalid token given: want %s1, got: %s", token, res.Header.Get("Token"))
}
}

if oauthRequestCount != 1 {
t.Errorf("Too many OAuth2 requests: want 1, got: %d", oauthRequestCount)
}

// Wait until token has expired.
time.Sleep(2 * time.Second)

// Fetch new token.
go func() {
res, err := newClient().Do(req)
helper.Must(err)

if token+"2" != res.Header.Get("Token") {
t.Errorf("Received wrong token: want %s2, got: %s", token, res.Header.Get("Token"))
}
}()

// Slow response due to lock
go func() {
start := time.Now()
res, err := newClient().Do(req)
helper.Must(err)
timeElapsed := time.Since(start).Seconds()

if token+"2" != res.Header.Get("Token") {
t.Errorf("Received wrong token: want %s2, got: %s", token, res.Header.Get("Token"))
}

if timeElapsed < 1 {
t.Errorf("Response came too fast: dysfunctional lock?! (%v s)", timeElapsed)
}
}()

// Wait again until token has expired.
time.Sleep(2 * time.Second)

// Request fresh token and store in memstore
res, err := newClient().Do(req)
helper.Must(err)
if res.StatusCode != http.StatusNoContent {
t.Errorf("Unexpected response status: want %d, got: %d", http.StatusNoContent, res.StatusCode)
}

if token+"3" != res.Header.Get("Token") {
t.Errorf("Received wrong token: want %s3, got: %s", token, res.Header.Get("Token"))
}

if oauthRequestCount != 3 {
t.Errorf("Unexpected number of OAuth2 requests: want 3, got: %d", oauthRequestCount)
}

// Disconnect OAuth server
oauthOrigin.Close()

// Next request gets token from memstore
res, err = newClient().Do(req)
helper.Must(err)
if res.StatusCode != http.StatusNoContent {
t.Errorf("Unexpected response status: want %d, got: %d", http.StatusNoContent, res.StatusCode)
}

if token+"3" != res.Header.Get("Token") {
t.Errorf("Wrong token from mem store: want %s3, got: %s", token, res.Header.Get("Token"))
}

// Wait until token has expired. Next request accesses the OAuth server again.
time.Sleep(2 * time.Second)
res, err = newClient().Do(req)
helper.Must(err)
if res.StatusCode != http.StatusBadGateway {
t.Errorf("Unexpected response status: want %d, got: %d", http.StatusBadGateway, res.StatusCode)
}

ResourceOrigin.Close()
shutdown()
}

0 comments on commit 20deb86

Please sign in to comment.