-
Notifications
You must be signed in to change notification settings - Fork 36
/
json_token_validator_test.go
104 lines (97 loc) · 2.45 KB
/
json_token_validator_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
package paseto
import (
"testing"
"time"
"github.com/stretchr/testify/assert"
errors "golang.org/x/xerrors"
)
func TestJsonToken_Validate(t *testing.T) {
now := time.Now()
exp := now.Add(24 * time.Hour)
nbt := now
jsonToken := JSONToken{
Audience: "test",
Issuer: "test_service",
Jti: "123",
Subject: "test_subject",
IssuedAt: now,
Expiration: exp,
NotBefore: nbt,
}
err := jsonToken.Validate(ForAudience("test"), IdentifiedBy("123"), IssuedBy("test_service"),
Subject("test_subject"), ValidAt(now.Add(2*time.Hour)))
assert.NoError(t, err)
}
func TestJsonToken_Validate_Err(t *testing.T) {
cases := map[string]struct {
token JSONToken
validator Validator
err error
errStr string
}{
"Audience does not match": {
token: JSONToken{
Audience: "abcd",
},
validator: ForAudience("test"),
err: ErrTokenValidationError,
errStr: "token was not intended for",
},
"Jti does not match": {
token: JSONToken{
Jti: "abcd",
},
validator: IdentifiedBy("test"),
err: ErrTokenValidationError,
errStr: "token was expected to be identified by",
},
"Issuer does not match": {
token: JSONToken{
Issuer: "abcd",
},
validator: IssuedBy("test"),
err: ErrTokenValidationError,
errStr: "token was not issued by",
},
"Subject does not match": {
token: JSONToken{
Subject: "abcd",
},
validator: Subject("test"),
err: ErrTokenValidationError,
errStr: "token was not related to subject",
},
"Issued in the future": {
token: JSONToken{
IssuedAt: time.Now().Add(2 * time.Hour),
},
validator: ValidAt(time.Now()),
err: ErrTokenValidationError,
errStr: "token was issued in the future",
},
"time.Now < NotBefore": {
token: JSONToken{
NotBefore: time.Now().Add(2 * time.Hour),
},
validator: ValidAt(time.Now()),
err: ErrTokenValidationError,
errStr: "token cannot be used yet",
},
"Expired token": {
token: JSONToken{
Expiration: time.Now().Add(-2 * time.Hour),
},
validator: ValidAt(time.Now()),
err: ErrTokenValidationError,
errStr: "token has expired",
},
}
for name, test := range cases {
t.Run(name, func(t *testing.T) {
if err := test.token.Validate(test.validator); assert.Error(t, err) {
assert.Truef(t, errors.Is(err, test.err), "want: %s, got %s", test.err, err)
assert.Contains(t, err.Error(), test.errStr)
}
})
}
}