mirror of
https://github.com/grafana/grafana.git
synced 2024-12-28 18:01:40 -06:00
c2d3c90bc8
* Auth: check of auth_token in url and resolve user if present * check if auth_token is passed in url * Auth: Pass auth_token for request if present in path * no need to decode token in index * temp * use loadURLToken and set authorization header * cache token in memory and strip it from url * Use loadURLToken * Keep token in url * strip sensitive query strings from url used by context logger * adapt login by url to jwt token * add jwt iframe devenv * add jwt iframe devenv instructions * add access note * add test for cleaning request * ensure jwt token is not carried into handlers * do not reshuffle queries, might be important * add correct db dump location * prefer set token instead of cached token Co-authored-by: Ieva <ieva.vasiljeva@grafana.com> Co-authored-by: Karl Persson <kalle.persson@grafana.com> Co-authored-by: Ieva <ieva.vasiljeva@grafana.com>
58 lines
1.1 KiB
Go
58 lines
1.1 KiB
Go
package middleware
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/grafana/grafana/pkg/infra/log"
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func Test_sanitizeURL(t *testing.T) {
|
|
type args struct {
|
|
ctx *models.ReqContext
|
|
s string
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
want string
|
|
}{
|
|
{
|
|
name: "Receiving empty string should return it",
|
|
args: args{
|
|
ctx: &models.ReqContext{
|
|
Logger: log.New("test.logger"),
|
|
},
|
|
s: "",
|
|
},
|
|
want: "",
|
|
},
|
|
{
|
|
name: "Receiving valid URL string should return it parsed",
|
|
args: args{
|
|
ctx: &models.ReqContext{
|
|
Logger: log.New("test.logger"),
|
|
},
|
|
s: "https://grafana.com/",
|
|
},
|
|
want: "https://grafana.com/",
|
|
},
|
|
{
|
|
name: "Receiving invalid URL string should return empty string",
|
|
args: args{
|
|
ctx: &models.ReqContext{
|
|
Logger: log.New("test.logger"),
|
|
},
|
|
s: "this is not a valid URL",
|
|
},
|
|
want: "",
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
assert.Equalf(t, tt.want, SanitizeURL(tt.args.ctx, tt.args.s), "sanitizeURL(%v, %v)", tt.args.ctx, tt.args.s)
|
|
})
|
|
}
|
|
}
|