mirror of
https://github.com/strukturag/nextcloud-spreed-signaling
synced 2024-05-30 12:34:13 +02:00
proxy: Add more token tests.
This commit is contained in:
parent
d54cd37d0f
commit
affa0a0f53
|
@ -93,6 +93,92 @@ func newProxyServerForTest(t *testing.T) (*ProxyServer, *rsa.PrivateKey) {
|
||||||
return server, key
|
return server, key
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestTokenValid(t *testing.T) {
|
||||||
|
signaling.CatchLogForTest(t)
|
||||||
|
server, key := newProxyServerForTest(t)
|
||||||
|
|
||||||
|
claims := &signaling.TokenClaims{
|
||||||
|
RegisteredClaims: jwt.RegisteredClaims{
|
||||||
|
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge / 2)),
|
||||||
|
Issuer: TokenIdForTest,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
|
||||||
|
tokenString, err := token.SignedString(key)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("could not create token: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
hello := &signaling.HelloProxyClientMessage{
|
||||||
|
Version: "1.0",
|
||||||
|
Token: tokenString,
|
||||||
|
}
|
||||||
|
session, err := server.NewSession(hello)
|
||||||
|
if session != nil {
|
||||||
|
defer session.Close()
|
||||||
|
} else if err != nil {
|
||||||
|
t.Error(err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestTokenNotSigned(t *testing.T) {
|
||||||
|
signaling.CatchLogForTest(t)
|
||||||
|
server, _ := newProxyServerForTest(t)
|
||||||
|
|
||||||
|
claims := &signaling.TokenClaims{
|
||||||
|
RegisteredClaims: jwt.RegisteredClaims{
|
||||||
|
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge / 2)),
|
||||||
|
Issuer: TokenIdForTest,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
token := jwt.NewWithClaims(jwt.SigningMethodNone, claims)
|
||||||
|
tokenString, err := token.SignedString(jwt.UnsafeAllowNoneSignatureType)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("could not create token: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
hello := &signaling.HelloProxyClientMessage{
|
||||||
|
Version: "1.0",
|
||||||
|
Token: tokenString,
|
||||||
|
}
|
||||||
|
session, err := server.NewSession(hello)
|
||||||
|
if session != nil {
|
||||||
|
defer session.Close()
|
||||||
|
t.Errorf("should not have created session")
|
||||||
|
} else if err != TokenAuthFailed {
|
||||||
|
t.Errorf("could have failed with TokenAuthFailed, got %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestTokenUnknown(t *testing.T) {
|
||||||
|
signaling.CatchLogForTest(t)
|
||||||
|
server, key := newProxyServerForTest(t)
|
||||||
|
|
||||||
|
claims := &signaling.TokenClaims{
|
||||||
|
RegisteredClaims: jwt.RegisteredClaims{
|
||||||
|
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge / 2)),
|
||||||
|
Issuer: TokenIdForTest + "2",
|
||||||
|
},
|
||||||
|
}
|
||||||
|
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
|
||||||
|
tokenString, err := token.SignedString(key)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("could not create token: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
hello := &signaling.HelloProxyClientMessage{
|
||||||
|
Version: "1.0",
|
||||||
|
Token: tokenString,
|
||||||
|
}
|
||||||
|
session, err := server.NewSession(hello)
|
||||||
|
if session != nil {
|
||||||
|
defer session.Close()
|
||||||
|
t.Errorf("should not have created session")
|
||||||
|
} else if err != TokenAuthFailed {
|
||||||
|
t.Errorf("could have failed with TokenAuthFailed, got %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestTokenInFuture(t *testing.T) {
|
func TestTokenInFuture(t *testing.T) {
|
||||||
signaling.CatchLogForTest(t)
|
signaling.CatchLogForTest(t)
|
||||||
server, key := newProxyServerForTest(t)
|
server, key := newProxyServerForTest(t)
|
||||||
|
@ -122,6 +208,35 @@ func TestTokenInFuture(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestTokenExpired(t *testing.T) {
|
||||||
|
signaling.CatchLogForTest(t)
|
||||||
|
server, key := newProxyServerForTest(t)
|
||||||
|
|
||||||
|
claims := &signaling.TokenClaims{
|
||||||
|
RegisteredClaims: jwt.RegisteredClaims{
|
||||||
|
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge * 2)),
|
||||||
|
Issuer: TokenIdForTest,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
|
||||||
|
tokenString, err := token.SignedString(key)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("could not create token: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
hello := &signaling.HelloProxyClientMessage{
|
||||||
|
Version: "1.0",
|
||||||
|
Token: tokenString,
|
||||||
|
}
|
||||||
|
session, err := server.NewSession(hello)
|
||||||
|
if session != nil {
|
||||||
|
defer session.Close()
|
||||||
|
t.Errorf("should not have created session")
|
||||||
|
} else if err != TokenExpired {
|
||||||
|
t.Errorf("could have failed with TokenExpired, got %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestPublicIPs(t *testing.T) {
|
func TestPublicIPs(t *testing.T) {
|
||||||
public := []string{
|
public := []string{
|
||||||
"8.8.8.8",
|
"8.8.8.8",
|
||||||
|
|
Loading…
Reference in a new issue