mirror of
https://github.com/grafana/grafana.git
synced 2024-11-29 20:24:18 -06:00
8d5b0084f1
* Middleware: Simplify Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com> * middleware: Rename auth_proxy directory to authproxy Signed-off-by: Arve Knudsen <arve.knudsen@gmail.com>
89 lines
2.5 KiB
Go
89 lines
2.5 KiB
Go
package middleware
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"testing"
|
|
|
|
"github.com/grafana/grafana/pkg/bus"
|
|
"github.com/grafana/grafana/pkg/infra/log"
|
|
"github.com/grafana/grafana/pkg/infra/remotecache"
|
|
"github.com/grafana/grafana/pkg/middleware/authproxy"
|
|
"github.com/grafana/grafana/pkg/models"
|
|
"github.com/grafana/grafana/pkg/setting"
|
|
"github.com/stretchr/testify/require"
|
|
macaron "gopkg.in/macaron.v1"
|
|
)
|
|
|
|
// Test initContextWithAuthProxy with a cached user ID that is no longer valid.
|
|
//
|
|
// In this case, the cache entry should be ignored/cleared and another attempt should be done to sign the user
|
|
// in without cache.
|
|
func TestInitContextWithAuthProxy_CachedInvalidUserID(t *testing.T) {
|
|
const name = "markelog"
|
|
const userID = int64(1)
|
|
const orgID = int64(4)
|
|
|
|
upsertHandler := func(cmd *models.UpsertUserCommand) error {
|
|
require.Equal(t, name, cmd.ExternalUser.Login)
|
|
cmd.Result = &models.User{Id: userID}
|
|
return nil
|
|
}
|
|
getUserHandler := func(cmd *models.GetSignedInUserQuery) error {
|
|
// Simulate that the cached user ID is stale
|
|
if cmd.UserId != userID {
|
|
return models.ErrUserNotFound
|
|
}
|
|
|
|
cmd.Result = &models.SignedInUser{
|
|
UserId: userID,
|
|
OrgId: orgID,
|
|
}
|
|
return nil
|
|
}
|
|
|
|
origHeaderName := setting.AuthProxyHeaderName
|
|
origEnabled := setting.AuthProxyEnabled
|
|
origHeaderProperty := setting.AuthProxyHeaderProperty
|
|
bus.AddHandler("", upsertHandler)
|
|
bus.AddHandler("", getUserHandler)
|
|
t.Cleanup(func() {
|
|
setting.AuthProxyHeaderName = origHeaderName
|
|
setting.AuthProxyEnabled = origEnabled
|
|
setting.AuthProxyHeaderProperty = origHeaderProperty
|
|
bus.ClearBusHandlers()
|
|
})
|
|
|
|
setting.AuthProxyHeaderName = "X-Killa"
|
|
setting.AuthProxyEnabled = true
|
|
setting.AuthProxyHeaderProperty = "username"
|
|
req, err := http.NewRequest("POST", "http://example.com", nil)
|
|
require.NoError(t, err)
|
|
store := remotecache.NewFakeStore(t)
|
|
ctx := &models.ReqContext{
|
|
Context: &macaron.Context{
|
|
Req: macaron.Request{
|
|
Request: req,
|
|
},
|
|
Data: map[string]interface{}{},
|
|
},
|
|
Logger: log.New("Test"),
|
|
}
|
|
req.Header.Add(setting.AuthProxyHeaderName, name)
|
|
key := fmt.Sprintf(authproxy.CachePrefix, authproxy.HashCacheKey(name))
|
|
|
|
t.Logf("Injecting stale user ID in cache with key %q", key)
|
|
err = store.Set(key, int64(33), 0)
|
|
require.NoError(t, err)
|
|
|
|
authEnabled := initContextWithAuthProxy(store, ctx, orgID)
|
|
require.True(t, authEnabled)
|
|
|
|
require.Equal(t, userID, ctx.SignedInUser.UserId)
|
|
require.True(t, ctx.IsSignedIn)
|
|
|
|
i, err := store.Get(key)
|
|
require.NoError(t, err)
|
|
require.Equal(t, userID, i.(int64))
|
|
}
|