IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-11-22 08:56:43 -06:00
Code Issues Packages Projects Releases Wiki Activity
1c08e58605
grafana/pkg/middleware/middleware_test.go

591 lines
18 KiB
Go
Raw Normal View History

Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
package middleware
import (
Auth: Enable retries and transaction for some db calls for auth tokens (#16785) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.
2019-04-30 07:42:01 -05:00
"context"
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
"encoding/json"
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
"fmt"
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
"net/http"
"net/http/httptest"
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
"path/filepath"
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
"testing"
changes needed for api/middleware due to configuration settings
2019-02-05 14:14:23 -06:00
"time"
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
Security: Responses from backend should not be cached (#16848) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845
2019-05-06 02:22:59 -05:00
"github.com/grafana/grafana/pkg/api/dtos"
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
"github.com/grafana/grafana/pkg/bus"
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
"github.com/grafana/grafana/pkg/infra/remotecache"
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
m "github.com/grafana/grafana/pkg/models"
support get user tokens/revoke all user tokens in UserTokenService
2019-03-08 08:15:17 -06:00
"github.com/grafana/grafana/pkg/services/auth"
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
"github.com/grafana/grafana/pkg/setting"
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
"github.com/grafana/grafana/pkg/util"
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
. "github.com/smartystreets/goconvey/convey"
fix(build): fixed dependency and build issue
2016-01-13 08:38:54 -06:00
"gopkg.in/macaron.v1"
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
)
middleware: fix Strict-Transport-Security header (#17644) fixes #17641
2019-06-18 13:24:23 -05:00
func TestMiddleWareSecurityHeaders(t *testing.T) {
setting.ERR_TEMPLATE_NAME = "error-template"
Convey("Given the grafana middleware", t, func() {
middlewareScenario(t, "middleware should get correct x-xss-protection header", func(sc *scenarioContext) {
setting.XSSProtectionHeader = true
sc.fakeReq("GET", "/api/").exec()
So(sc.resp.Header().Get("X-XSS-Protection"), ShouldEqual, "1; mode=block")
})
middlewareScenario(t, "middleware should not get x-xss-protection when disabled", func(sc *scenarioContext) {
setting.XSSProtectionHeader = false
sc.fakeReq("GET", "/api/").exec()
So(sc.resp.Header().Get("X-XSS-Protection"), ShouldBeEmpty)
})
middlewareScenario(t, "middleware should add correct Strict-Transport-Security header", func(sc *scenarioContext) {
setting.StrictTransportSecurity = true
setting.Protocol = setting.HTTPS
setting.StrictTransportSecurityMaxAge = 64000
sc.fakeReq("GET", "/api/").exec()
So(sc.resp.Header().Get("Strict-Transport-Security"), ShouldEqual, "max-age=64000")
setting.StrictTransportSecurityPreload = true
sc.fakeReq("GET", "/api/").exec()
So(sc.resp.Header().Get("Strict-Transport-Security"), ShouldEqual, "max-age=64000; preload")
setting.StrictTransportSecuritySubDomains = true
sc.fakeReq("GET", "/api/").exec()
So(sc.resp.Header().Get("Strict-Transport-Security"), ShouldEqual, "max-age=64000; preload; includeSubDomains")
})
})
}
Refactoring, worked on middleware unit tests, and began thinking about api unit tests, #1921
2015-05-01 09:23:36 -05:00
func TestMiddlewareContext(t *testing.T) {
fixed to template PR issues, #13938
2018-11-02 04:49:46 -05:00
setting.ERR_TEMPLATE_NAME = "error-template"
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
Convey("Given the grafana middleware", t, func() {
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "middleware should add context to injector", func(sc *scenarioContext) {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.fakeReq("GET", "/").exec()
Refactoring, worked on middleware unit tests, and began thinking about api unit tests, #1921
2015-05-01 09:23:36 -05:00
So(sc.context, ShouldNotBeNil)
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Default middleware should allow get request", func(sc *scenarioContext) {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.fakeReq("GET", "/").exec()
Refactoring, worked on middleware unit tests, and began thinking about api unit tests, #1921
2015-05-01 09:23:36 -05:00
So(sc.resp.Code, ShouldEqual, 200)
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
})
Refactoring, worked on middleware unit tests, and began thinking about api unit tests, #1921
2015-05-01 09:23:36 -05:00
Security: Responses from backend should not be cached (#16848) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845
2019-05-06 02:22:59 -05:00
middlewareScenario(t, "middleware should add Cache-Control header for requests to API", func(sc *scenarioContext) {
api: adds no-cache header for GET requests Fixes #5356. Internet Explorer aggressively caches GET requests which means that all API calls fetching data are cached. This fix adds a Cache-Control header with the value no-cache to all GET requests to the API.
2017-07-04 09:33:37 -05:00
sc.fakeReq("GET", "/api/search").exec()
So(sc.resp.Header().Get("Cache-Control"), ShouldEqual, "no-cache")
api: add no cache headers for IE11 Adds pragma and expires headers for API calls so that IE11 does not cache GET calls. Ref #5356
2017-07-06 11:56:22 -05:00
So(sc.resp.Header().Get("Pragma"), ShouldEqual, "no-cache")
So(sc.resp.Header().Get("Expires"), ShouldEqual, "-1")
api: adds no-cache header for GET requests Fixes #5356. Internet Explorer aggressively caches GET requests which means that all API calls fetching data are cached. This fix adds a Cache-Control header with the value no-cache to all GET requests to the API.
2017-07-04 09:33:37 -05:00
})
Security: Responses from backend should not be cached (#16848) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845
2019-05-06 02:22:59 -05:00
middlewareScenario(t, "middleware should not add Cache-Control header for requests to datasource proxy API", func(sc *scenarioContext) {
sc.fakeReq("GET", "/api/datasources/proxy/1/test").exec()
api: adds no-cache header for GET requests Fixes #5356. Internet Explorer aggressively caches GET requests which means that all API calls fetching data are cached. This fix adds a Cache-Control header with the value no-cache to all GET requests to the API.
2017-07-04 09:33:37 -05:00
So(sc.resp.Header().Get("Cache-Control"), ShouldBeEmpty)
Security: Responses from backend should not be cached (#16848) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845
2019-05-06 02:22:59 -05:00
So(sc.resp.Header().Get("Pragma"), ShouldBeEmpty)
So(sc.resp.Header().Get("Expires"), ShouldBeEmpty)
})
Security: Add new setting allow_embedding (#16853) When allow_embedding is false (default) the Grafana backend will set the http header `X-Frame-Options: deny` in all responses to non-static content which will instruct browser to not allow Grafana to be embedded in `<frame>`, `<iframe>`, `<embed>` or `<object>`. Closes #14189
2019-05-06 02:56:23 -05:00
middlewareScenario(t, "middleware should add Cache-Control header for requests with html response", func(sc *scenarioContext) {
Security: Responses from backend should not be cached (#16848) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845
2019-05-06 02:22:59 -05:00
sc.handler(func(c *m.ReqContext) {
data := &dtos.IndexViewData{
User: &dtos.CurrentUser{},
Settings: map[string]interface{}{},
NavTree: []*dtos.NavLink{},
}
c.HTML(200, "index-template", data)
})
sc.fakeReq("GET", "/").exec()
So(sc.resp.Code, ShouldEqual, 200)
So(sc.resp.Header().Get("Cache-Control"), ShouldEqual, "no-cache")
So(sc.resp.Header().Get("Pragma"), ShouldEqual, "no-cache")
So(sc.resp.Header().Get("Expires"), ShouldEqual, "-1")
api: adds no-cache header for GET requests Fixes #5356. Internet Explorer aggressively caches GET requests which means that all API calls fetching data are cached. This fix adds a Cache-Control header with the value no-cache to all GET requests to the API.
2017-07-04 09:33:37 -05:00
})
Security: Add new setting allow_embedding (#16853) When allow_embedding is false (default) the Grafana backend will set the http header `X-Frame-Options: deny` in all responses to non-static content which will instruct browser to not allow Grafana to be embedded in `<frame>`, `<iframe>`, `<embed>` or `<object>`. Closes #14189
2019-05-06 02:56:23 -05:00
middlewareScenario(t, "middleware should add X-Frame-Options header with deny for request when not allowing embedding", func(sc *scenarioContext) {
sc.fakeReq("GET", "/api/search").exec()
So(sc.resp.Header().Get("X-Frame-Options"), ShouldEqual, "deny")
})
middlewareScenario(t, "middleware should not add X-Frame-Options header for request when allowing embedding", func(sc *scenarioContext) {
setting.AllowEmbedding = true
sc.fakeReq("GET", "/api/search").exec()
So(sc.resp.Header().Get("X-Frame-Options"), ShouldBeEmpty)
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Invalid api key", func(sc *scenarioContext) {
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
sc.apiKey = "invalid_key_test"
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.fakeReq("GET", "/").exec()
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
Convey("Should not init session", func() {
So(sc.resp.Header().Get("Set-Cookie"), ShouldBeEmpty)
})
Convey("Should return 401", func() {
So(sc.resp.Code, ShouldEqual, 401)
So(sc.respJson["message"], ShouldEqual, "Invalid API key")
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Using basic auth", func(sc *scenarioContext) {
Auth: You can now authenicate against api with username / password using basic auth, Closes #2218
2015-06-30 02:37:52 -05:00
bus.AddHandler("test", func(query *m.GetUserByLoginQuery) error {
query.Result = &m.User{
Password: util.EncodePassword("myPass", "salt"),
Salt: "salt",
}
return nil
})
shared library for managing external user accounts
2018-02-08 16:13:58 -06:00
bus.AddHandler("test", func(loginUserQuery *m.LoginUserQuery) error {
Fixed failing tests (#6941)
2016-12-13 03:00:33 -06:00
return nil
})
Auth: You can now authenicate against api with username / password using basic auth, Closes #2218
2015-06-30 02:37:52 -05:00
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
return nil
})
setting.BasicAuthEnabled = true
authHeader := util.GetBasicAuthHeader("myUser", "myPass")
support passing api token in Basic auth password (#12416)
2018-06-28 05:08:32 -05:00
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
Auth: You can now authenicate against api with username / password using basic auth, Closes #2218
2015-06-30 02:37:52 -05:00
Convey("Should init middleware context with user", func() {
So(sc.context.IsSignedIn, ShouldEqual, true)
So(sc.context.OrgId, ShouldEqual, 2)
So(sc.context.UserId, ShouldEqual, 12)
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Valid api key", func(sc *scenarioContext) {
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
keyhash := util.EncodePassword("v5nAwpMafFP6znaS4urhdWDLS5511M42", "asd")
bus.AddHandler("test", func(query *m.GetApiKeyByNameQuery) error {
query.Result = &m.ApiKey{OrgId: 12, Role: m.ROLE_EDITOR, Key: keyhash}
return nil
})
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.fakeReq("GET", "/").withValidApiKey().exec()
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
Convey("Should return 200", func() {
So(sc.resp.Code, ShouldEqual, 200)
})
Convey("Should init middleware context", func() {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
So(sc.context.IsSignedIn, ShouldEqual, true)
More middleware unit test, starting to look really good
2015-05-01 15:26:16 -05:00
So(sc.context.OrgId, ShouldEqual, 12)
So(sc.context.OrgRole, ShouldEqual, m.ROLE_EDITOR)
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Valid api key, but does not match db hash", func(sc *scenarioContext) {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
keyhash := "something_not_matching"
bus.AddHandler("test", func(query *m.GetApiKeyByNameQuery) error {
query.Result = &m.ApiKey{OrgId: 12, Role: m.ROLE_EDITOR, Key: keyhash}
return nil
})
sc.fakeReq("GET", "/").withValidApiKey().exec()
Convey("Should return api key invalid", func() {
So(sc.resp.Code, ShouldEqual, 401)
So(sc.respJson["message"], ShouldEqual, "Invalid API key")
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Valid api key via Basic auth", func(sc *scenarioContext) {
support passing api token in Basic auth password (#12416)
2018-06-28 05:08:32 -05:00
keyhash := util.EncodePassword("v5nAwpMafFP6znaS4urhdWDLS5511M42", "asd")
bus.AddHandler("test", func(query *m.GetApiKeyByNameQuery) error {
query.Result = &m.ApiKey{OrgId: 12, Role: m.ROLE_EDITOR, Key: keyhash}
return nil
})
authHeader := util.GetBasicAuthHeader("api_key", "eyJrIjoidjVuQXdwTWFmRlA2em5hUzR1cmhkV0RMUzU1MTFNNDIiLCJuIjoiYXNkIiwiaWQiOjF9")
sc.fakeReq("GET", "/").withAuthorizationHeader(authHeader).exec()
Convey("Should return 200", func() {
So(sc.resp.Code, ShouldEqual, 200)
})
Convey("Should init middleware context", func() {
So(sc.context.IsSignedIn, ShouldEqual, true)
So(sc.context.OrgId, ShouldEqual, 12)
So(sc.context.OrgRole, ShouldEqual, m.ROLE_EDITOR)
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Non-expired auth token in cookie which not are being rotated", func(sc *scenarioContext) {
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
sc.withTokenSessionCookie("token")
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
return nil
})
Auth: Enable retries and transaction for some db calls for auth tokens (#16785) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.
2019-04-30 07:42:01 -05:00
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*m.UserToken, error) {
move UserToken and UserTokenService to models package
2019-02-06 09:45:48 -06:00
return &m.UserToken{
change UserToken from interface to struct
2019-02-06 09:21:16 -06:00
UserId: 12,
UnhashedToken: unhashedToken,
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
}, nil
passing middleware tests
2019-01-22 06:51:55 -06:00
}
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.fakeReq("GET", "/").exec()
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
Convey("should init context with user info", func() {
So(sc.context.IsSignedIn, ShouldBeTrue)
So(sc.context.UserId, ShouldEqual, 12)
change UserToken from interface to struct
2019-02-06 09:21:16 -06:00
So(sc.context.UserToken.UserId, ShouldEqual, 12)
So(sc.context.UserToken.UnhashedToken, ShouldEqual, "token")
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
})
Convey("should not set cookie", func() {
So(sc.resp.Header().Get("Set-Cookie"), ShouldEqual, "")
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Non-expired auth token in cookie which are being rotated", func(sc *scenarioContext) {
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
sc.withTokenSessionCookie("token")
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
return nil
})
Auth: Enable retries and transaction for some db calls for auth tokens (#16785) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.
2019-04-30 07:42:01 -05:00
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*m.UserToken, error) {
move UserToken and UserTokenService to models package
2019-02-06 09:45:48 -06:00
return &m.UserToken{
change UserToken from interface to struct
2019-02-06 09:21:16 -06:00
UserId: 12,
UnhashedToken: "",
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
}, nil
}
Auth: Enable retries and transaction for some db calls for auth tokens (#16785) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.
2019-04-30 07:42:01 -05:00
sc.userAuthTokenService.TryRotateTokenProvider = func(ctx context.Context, userToken *m.UserToken, clientIP, userAgent string) (bool, error) {
change UserToken from interface to struct
2019-02-06 09:21:16 -06:00
userToken.UnhashedToken = "rotated"
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
return true, nil
}
changes needed for api/middleware due to configuration settings
2019-02-05 14:14:23 -06:00
maxAgeHours := (time.Duration(setting.LoginMaxLifetimeDays) * 24 * time.Hour)
maxAge := (maxAgeHours + time.Hour).Seconds()
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
expectedCookie := &http.Cookie{
changes needed for api/middleware due to configuration settings
2019-02-05 14:14:23 -06:00
Name: setting.LoginCookieName,
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
Value: "rotated",
Path: setting.AppSubUrl + "/",
HttpOnly: true,
changes needed for api/middleware due to configuration settings
2019-02-05 14:14:23 -06:00
MaxAge: int(maxAge),
Secure: setting.CookieSecure,
SameSite: setting.CookieSameSite,
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
}
sc.fakeReq("GET", "/").exec()
Convey("should init context with user info", func() {
So(sc.context.IsSignedIn, ShouldBeTrue)
So(sc.context.UserId, ShouldEqual, 12)
change UserToken from interface to struct
2019-02-06 09:21:16 -06:00
So(sc.context.UserToken.UserId, ShouldEqual, 12)
So(sc.context.UserToken.UnhashedToken, ShouldEqual, "rotated")
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
})
Convey("should set cookie", func() {
So(sc.resp.Header().Get("Set-Cookie"), ShouldEqual, expectedCookie.String())
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "Invalid/expired auth token in cookie", func(sc *scenarioContext) {
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
sc.withTokenSessionCookie("token")
Auth: Enable retries and transaction for some db calls for auth tokens (#16785) the WithSession wrapper handles retries and connection management so the caller dont have to worry about it.
2019-04-30 07:42:01 -05:00
sc.userAuthTokenService.LookupTokenProvider = func(ctx context.Context, unhashedToken string) (*m.UserToken, error) {
fix
2019-02-06 10:30:17 -06:00
return nil, m.ErrUserTokenNotFound
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
}
sc.fakeReq("GET", "/").exec()
Convey("should not init context with user info", func() {
So(sc.context.IsSignedIn, ShouldBeFalse)
So(sc.context.UserId, ShouldEqual, 0)
So(sc.context.UserToken, ShouldBeNil)
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
})
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "When anonymous access is enabled", func(sc *scenarioContext) {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
setting.AnonymousEnabled = true
setting.AnonymousOrgName = "test"
setting.AnonymousOrgRole = string(m.ROLE_EDITOR)
bus.AddHandler("test", func(query *m.GetOrgByNameQuery) error {
So(query.Name, ShouldEqual, "test")
query.Result = &m.Org{Id: 2, Name: "test"}
return nil
})
sc.fakeReq("GET", "/").exec()
Convey("should init context with org info", func() {
So(sc.context.UserId, ShouldEqual, 0)
So(sc.context.OrgId, ShouldEqual, 2)
So(sc.context.OrgRole, ShouldEqual, m.ROLE_EDITOR)
})
Convey("context signed in should be false", func() {
So(sc.context.IsSignedIn, ShouldBeFalse)
})
})
Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921
2015-05-02 05:06:58 -05:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
Convey("auth_proxy", func() {
Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921
2015-05-02 05:06:58 -05:00
setting.AuthProxyEnabled = true
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
setting.AuthProxyWhitelist = ""
setting.AuthProxyAutoSignUp = true
LDAP: consistently name the LDAP entities (#17203)
2019-05-22 07:30:03 -05:00
setting.LDAPEnabled = true
Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921
2015-05-02 05:06:58 -05:00
setting.AuthProxyHeaderName = "X-WEBAUTH-USER"
setting.AuthProxyHeaderProperty = "username"
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
name := "markelog"
Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921
2015-05-02 05:06:58 -05:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "should not sync the user if it's in the cache", func(sc *scenarioContext) {
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
Chore: refactor auth proxy (#16504) * Chore: refactor auth proxy Introduced the helper struct for auth_proxy middleware. Added couple unit-tests, but it seems "integration" tests already cover most of the code paths. Although it might be good idea to test every bit of it, hm. Haven't refactored the extraction of the header logic that much Fixes #16147 * Fix: make linters happy
2019-04-16 07:09:18 -05:00
query.Result = &m.SignedInUser{OrgId: 4, UserId: query.UserId}
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
return nil
})
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
key := fmt.Sprintf(cachePrefix, name)
sc.remoteCacheService.Set(key, int64(33), 0)
sc.fakeReq("GET", "/")
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
sc.req.Header.Add(setting.AuthProxyHeaderName, name)
sc.exec()
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
Convey("Should init user via cache", func() {
So(sc.context.IsSignedIn, ShouldBeTrue)
Chore: refactor auth proxy (#16504) * Chore: refactor auth proxy Introduced the helper struct for auth_proxy middleware. Added couple unit-tests, but it seems "integration" tests already cover most of the code paths. Although it might be good idea to test every bit of it, hm. Haven't refactored the extraction of the header logic that much Fixes #16147 * Fix: make linters happy
2019-04-16 07:09:18 -05:00
So(sc.context.UserId, ShouldEqual, 33)
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
So(sc.context.OrgId, ShouldEqual, 4)
})
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "should create an user from a header", func(sc *scenarioContext) {
LDAP: consistently name the LDAP entities (#17203)
2019-05-22 07:30:03 -05:00
setting.LDAPEnabled = false
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
setting.AuthProxyAutoSignUp = true
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
if query.UserId > 0 {
query.Result = &m.SignedInUser{OrgId: 4, UserId: 33}
return nil
}
return m.ErrUserNotFound
})
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(cmd *m.UpsertUserCommand) error {
cmd.Result = &m.User{Id: 33}
return nil
})
Adding tests for auth proxy CIDR support
2018-12-18 21:16:29 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
sc.fakeReq("GET", "/")
sc.req.Header.Add(setting.AuthProxyHeaderName, name)
sc.exec()
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
Convey("Should create user from header info", func() {
So(sc.context.IsSignedIn, ShouldBeTrue)
So(sc.context.UserId, ShouldEqual, 33)
So(sc.context.OrgId, ShouldEqual, 4)
})
switch to passing ReqContext as a property
2018-03-23 14:50:07 -05:00
})
update auth proxy
2018-03-22 16:02:34 -05:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "should get an existing user from header", func(sc *scenarioContext) {
LDAP: consistently name the LDAP entities (#17203)
2019-05-22 07:30:03 -05:00
setting.LDAPEnabled = false
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
query.Result = &m.SignedInUser{OrgId: 2, UserId: 12}
return nil
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(cmd *m.UpsertUserCommand) error {
cmd.Result = &m.User{Id: 12}
return nil
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
sc.fakeReq("GET", "/")
sc.req.Header.Add(setting.AuthProxyHeaderName, name)
sc.exec()
switch to passing ReqContext as a property
2018-03-23 14:50:07 -05:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
Convey("should init context with user info", func() {
So(sc.context.IsSignedIn, ShouldBeTrue)
So(sc.context.UserId, ShouldEqual, 12)
So(sc.context.OrgId, ShouldEqual, 2)
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "should allow the request from whitelist IP", func(sc *scenarioContext) {
setting.AuthProxyWhitelist = "192.168.1.0/24, 2001::0/120"
LDAP: consistently name the LDAP entities (#17203)
2019-05-22 07:30:03 -05:00
setting.LDAPEnabled = false
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
query.Result = &m.SignedInUser{OrgId: 4, UserId: 33}
return nil
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(cmd *m.UpsertUserCommand) error {
cmd.Result = &m.User{Id: 33}
return nil
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
sc.fakeReq("GET", "/")
sc.req.Header.Add(setting.AuthProxyHeaderName, name)
sc.req.RemoteAddr = "[2001::23]:12345"
sc.exec()
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
Convey("Should init context with user info", func() {
So(sc.context.IsSignedIn, ShouldBeTrue)
So(sc.context.UserId, ShouldEqual, 33)
So(sc.context.OrgId, ShouldEqual, 4)
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
})
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
middlewareScenario(t, "should not allow the request from whitelist IP", func(sc *scenarioContext) {
setting.AuthProxyWhitelist = "8.8.8.8"
LDAP: consistently name the LDAP entities (#17203)
2019-05-22 07:30:03 -05:00
setting.LDAPEnabled = false
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(query *m.GetSignedInUserQuery) error {
query.Result = &m.SignedInUser{OrgId: 4, UserId: 33}
return nil
})
switch to passing ReqContext as a property
2018-03-23 14:50:07 -05:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
bus.AddHandler("test", func(cmd *m.UpsertUserCommand) error {
cmd.Result = &m.User{Id: 33}
return nil
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
sc.fakeReq("GET", "/")
sc.req.Header.Add(setting.AuthProxyHeaderName, name)
sc.req.RemoteAddr = "[2001::23]:12345"
sc.exec()
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
Convey("should return 407 status code", func() {
So(sc.resp.Code, ShouldEqual, 407)
So(sc.context, ShouldBeNil)
})
Auth Proxy improvements - adds the option to use ldap groups for authorization in combination with an auth proxy - adds an option to limit where auth proxy requests come from by configure a list of ip's - fixes a security issue, session could be reused
2016-02-23 07:22:28 -06:00
})
})
Began work on auth_proxy feature (#1932), and began work on testing http api, and auth middleware
2015-05-01 04:55:59 -05:00
})
}
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
func middlewareScenario(t *testing.T, desc string, fn scenarioFunc) {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
Convey(desc, func() {
defer bus.ClearBusHandlers()
changes needed for api/middleware due to configuration settings
2019-02-05 14:14:23 -06:00
setting.LoginCookieName = "grafana_session"
setting.LoginMaxLifetimeDays = 30
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc := &scenarioContext{}
restrict session usage to auth_proxy
2019-01-23 05:41:15 -06:00
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
viewsPath, _ := filepath.Abs("../../public/views")
sc.m = macaron.New()
Security: Responses from backend should not be cached (#16848) Currently all API requests set Cache-control: no-cache to avoid browsers caching sensitive data. This fixes so that all responses returned from backend not are cached using http headers. The exception is the data proxy where we don't add these http headers in case datasource backend needs to control whether data can be cached or not. Fixes #16845
2019-05-06 02:22:59 -05:00
sc.m.Use(AddDefaultResponseHeaders())
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.m.Use(macaron.Renderer(macaron.RenderOptions{
Directory: viewsPath,
Delims: macaron.Delims{Left: "[[", Right: "]]"},
}))
support get user tokens/revoke all user tokens in UserTokenService
2019-03-08 08:15:17 -06:00
sc.userAuthTokenService = auth.NewFakeUserAuthTokenService()
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
sc.remoteCacheService = remotecache.NewFakeStore(t)
sc.m.Use(GetContextHandler(sc.userAuthTokenService, sc.remoteCacheService))
restrict session usage to auth_proxy
2019-01-23 05:41:15 -06:00
middlware: change org when url contains orgid closes #6948 ref #1613
2017-02-17 08:02:14 -06:00
sc.m.Use(OrgRedirect())
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
rename Context to ReqContext
2018-03-07 10:54:50 -06:00
sc.defaultHandler = func(c *m.ReqContext) {
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.context = c
if sc.handlerFunc != nil {
sc.handlerFunc(sc.context)
}
Auth: Support for user authentication via reverse proxy header (like X-Authenticated-User, or X-WEBAUTH-USER), Closes #1921
2015-05-02 05:06:58 -05:00
}
sc.m.Get("/", sc.defaultHandler)
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
fn(sc)
})
}
type scenarioContext struct {
passing middleware tests
2019-01-22 06:51:55 -06:00
m *macaron.Macaron
context *m.ReqContext
resp *httptest.ResponseRecorder
apiKey string
authHeader string
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
tokenSessionCookie string
passing middleware tests
2019-01-22 06:51:55 -06:00
respJson map[string]interface{}
handlerFunc handlerFunc
defaultHandler macaron.Handler
url string
support get user tokens/revoke all user tokens in UserTokenService
2019-03-08 08:15:17 -06:00
userAuthTokenService *auth.FakeUserAuthTokenService
Chore: use remote cache instead of session storage (#16114) Replaces session storage in auth_proxy middleware with remote cache Fixes #15161
2019-04-08 06:31:46 -05:00
remoteCacheService *remotecache.RemoteCache
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
req *http.Request
}
func (sc *scenarioContext) withValidApiKey() *scenarioContext {
sc.apiKey = "eyJrIjoidjVuQXdwTWFmRlA2em5hUzR1cmhkV0RMUzU1MTFNNDIiLCJuIjoiYXNkIiwiaWQiOjF9"
return sc
}
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
func (sc *scenarioContext) withTokenSessionCookie(unhashedToken string) *scenarioContext {
sc.tokenSessionCookie = unhashedToken
return sc
}
support passing api token in Basic auth password (#12416)
2018-06-28 05:08:32 -05:00
func (sc *scenarioContext) withAuthorizationHeader(authHeader string) *scenarioContext {
Auth: You can now authenicate against api with username / password using basic auth, Closes #2218
2015-06-30 02:37:52 -05:00
sc.authHeader = authHeader
return sc
}
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
func (sc *scenarioContext) fakeReq(method, url string) *scenarioContext {
sc.resp = httptest.NewRecorder()
req, err := http.NewRequest(method, url, nil)
So(err, ShouldBeNil)
sc.req = req
return sc
}
dashboards: redirect from old url used to load dashboard to new url If legacy backend routes (/dashboard/db/<slug> and /dashboard-solo/db/<slug>) are requested we try to redirect to new routes with a 301 Moved Permanently #7883
2018-01-31 07:05:24 -06:00
func (sc *scenarioContext) fakeReqWithParams(method, url string, queryParams map[string]string) *scenarioContext {
sc.resp = httptest.NewRecorder()
req, err := http.NewRequest(method, url, nil)
q := req.URL.Query()
for k, v := range queryParams {
q.Add(k, v)
}
req.URL.RawQuery = q.Encode()
So(err, ShouldBeNil)
sc.req = req
return sc
}
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
func (sc *scenarioContext) handler(fn handlerFunc) *scenarioContext {
sc.handlerFunc = fn
return sc
}
func (sc *scenarioContext) exec() {
if sc.apiKey != "" {
sc.req.Header.Add("Authorization", "Bearer "+sc.apiKey)
}
Auth: You can now authenicate against api with username / password using basic auth, Closes #2218
2015-06-30 02:37:52 -05:00
if sc.authHeader != "" {
sc.req.Header.Add("Authorization", sc.authHeader)
}
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
if sc.tokenSessionCookie != "" {
sc.req.AddCookie(&http.Cookie{
changes needed for api/middleware due to configuration settings
2019-02-05 14:14:23 -06:00
Name: setting.LoginCookieName,
move auth token middleware/hooks to middleware package fix/adds auth token middleware tests
2019-02-04 16:44:28 -06:00
Value: sc.tokenSessionCookie,
})
}
More middleware unit tests cover all current auth mechanisms
2015-05-02 02:24:56 -05:00
sc.m.ServeHTTP(sc.resp, sc.req)
if sc.resp.Header().Get("Content-Type") == "application/json; charset=UTF-8" {
err := json.NewDecoder(sc.resp.Body).Decode(&sc.respJson)
So(err, ShouldBeNil)
}
}
type scenarioFunc func(c *scenarioContext)
rename Context to ReqContext
2018-03-07 10:54:50 -06:00
type handlerFunc func(c *m.ReqContext)
Reference in New Issue Copy Permalink