mirror of
https://github.com/strukturag/nextcloud-spreed-signaling
synced 2024-06-17 05:06:14 +02:00
proxy: Add more token tests.
This commit is contained in:
parent
75060b25aa
commit
d63b1cf14a
|
@ -93,6 +93,92 @@ func newProxyServerForTest(t *testing.T) (*ProxyServer, *rsa.PrivateKey) {
|
|||
return server, key
|
||||
}
|
||||
|
||||
func TestTokenValid(t *testing.T) {
|
||||
signaling.CatchLogForTest(t)
|
||||
server, key := newProxyServerForTest(t)
|
||||
|
||||
claims := &signaling.TokenClaims{
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge / 2)),
|
||||
Issuer: TokenIdForTest,
|
||||
},
|
||||
}
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
|
||||
tokenString, err := token.SignedString(key)
|
||||
if err != nil {
|
||||
t.Fatalf("could not create token: %s", err)
|
||||
}
|
||||
|
||||
hello := &signaling.HelloProxyClientMessage{
|
||||
Version: "1.0",
|
||||
Token: tokenString,
|
||||
}
|
||||
session, err := server.NewSession(hello)
|
||||
if session != nil {
|
||||
defer session.Close()
|
||||
} else if err != nil {
|
||||
t.Error(err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestTokenNotSigned(t *testing.T) {
|
||||
signaling.CatchLogForTest(t)
|
||||
server, _ := newProxyServerForTest(t)
|
||||
|
||||
claims := &signaling.TokenClaims{
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge / 2)),
|
||||
Issuer: TokenIdForTest,
|
||||
},
|
||||
}
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodNone, claims)
|
||||
tokenString, err := token.SignedString(jwt.UnsafeAllowNoneSignatureType)
|
||||
if err != nil {
|
||||
t.Fatalf("could not create token: %s", err)
|
||||
}
|
||||
|
||||
hello := &signaling.HelloProxyClientMessage{
|
||||
Version: "1.0",
|
||||
Token: tokenString,
|
||||
}
|
||||
session, err := server.NewSession(hello)
|
||||
if session != nil {
|
||||
defer session.Close()
|
||||
t.Errorf("should not have created session")
|
||||
} else if err != TokenAuthFailed {
|
||||
t.Errorf("could have failed with TokenAuthFailed, got %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestTokenUnknown(t *testing.T) {
|
||||
signaling.CatchLogForTest(t)
|
||||
server, key := newProxyServerForTest(t)
|
||||
|
||||
claims := &signaling.TokenClaims{
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge / 2)),
|
||||
Issuer: TokenIdForTest + "2",
|
||||
},
|
||||
}
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
|
||||
tokenString, err := token.SignedString(key)
|
||||
if err != nil {
|
||||
t.Fatalf("could not create token: %s", err)
|
||||
}
|
||||
|
||||
hello := &signaling.HelloProxyClientMessage{
|
||||
Version: "1.0",
|
||||
Token: tokenString,
|
||||
}
|
||||
session, err := server.NewSession(hello)
|
||||
if session != nil {
|
||||
defer session.Close()
|
||||
t.Errorf("should not have created session")
|
||||
} else if err != TokenAuthFailed {
|
||||
t.Errorf("could have failed with TokenAuthFailed, got %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestTokenInFuture(t *testing.T) {
|
||||
signaling.CatchLogForTest(t)
|
||||
server, key := newProxyServerForTest(t)
|
||||
|
@ -122,6 +208,35 @@ func TestTokenInFuture(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func TestTokenExpired(t *testing.T) {
|
||||
signaling.CatchLogForTest(t)
|
||||
server, key := newProxyServerForTest(t)
|
||||
|
||||
claims := &signaling.TokenClaims{
|
||||
RegisteredClaims: jwt.RegisteredClaims{
|
||||
IssuedAt: jwt.NewNumericDate(time.Now().Add(-maxTokenAge * 2)),
|
||||
Issuer: TokenIdForTest,
|
||||
},
|
||||
}
|
||||
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
|
||||
tokenString, err := token.SignedString(key)
|
||||
if err != nil {
|
||||
t.Fatalf("could not create token: %s", err)
|
||||
}
|
||||
|
||||
hello := &signaling.HelloProxyClientMessage{
|
||||
Version: "1.0",
|
||||
Token: tokenString,
|
||||
}
|
||||
session, err := server.NewSession(hello)
|
||||
if session != nil {
|
||||
defer session.Close()
|
||||
t.Errorf("should not have created session")
|
||||
} else if err != TokenExpired {
|
||||
t.Errorf("could have failed with TokenExpired, got %s", err)
|
||||
}
|
||||
}
|
||||
|
||||
func TestPublicIPs(t *testing.T) {
|
||||
public := []string{
|
||||
"8.8.8.8",
|
||||
|
|
Loading…
Reference in a new issue