From 020405400516ccfca9ea67460caad1d8065bb776 Mon Sep 17 00:00:00 2001 From: Joel Speed Date: Mon, 6 May 2019 22:34:43 +0100 Subject: [PATCH] Add tests to check cookies set by SessionStores --- pkg/sessions/session_store_test.go | 152 ++++++++++++++++++++++++++++- 1 file changed, 150 insertions(+), 2 deletions(-) diff --git a/pkg/sessions/session_store_test.go b/pkg/sessions/session_store_test.go index 590d181..e841fb9 100644 --- a/pkg/sessions/session_store_test.go +++ b/pkg/sessions/session_store_test.go @@ -1,11 +1,14 @@ package sessions_test import ( + "net/http" "testing" + "time" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" "github.com/pusher/oauth2_proxy/pkg/apis/options" + sessionsapi "github.com/pusher/oauth2_proxy/pkg/apis/sessions" "github.com/pusher/oauth2_proxy/pkg/sessions" "github.com/pusher/oauth2_proxy/pkg/sessions/cookie" ) @@ -19,9 +22,150 @@ var _ = Describe("NewSessionStore", func() { var opts *options.SessionOptions var cookieOpts *options.CookieOptions + var request *http.Request + var response http.ResponseWriter + var session *sessionsapi.SessionState + + CheckCookieOptions := func() { + Context("the cookies returned", func() { + var cookies []*http.Cookie + BeforeEach(func() { + req := http.Request{} + req.Header.Add("Cookie", response.Header().Get("Set-Cookie")) + cookies = req.Cookies() + }) + + It("have the correct name set", func() { + if len(cookies) == 1 { + Expect(cookies[0].Name).To(Equal(cookieOpts.CookieName)) + } else { + for _, cookie := range cookies { + Expect(cookie.Name).To(ContainSubstring(cookieOpts.CookieName)) + } + } + }) + + It("have the correct path set", func() { + for _, cookie := range cookies { + Expect(cookie.Path).To(Equal(cookieOpts.CookiePath)) + } + }) + + It("have the correct domain set", func() { + for _, cookie := range cookies { + Expect(cookie.Domain).To(Equal(cookieOpts.CookieDomain)) + } + }) + + It("have the correct HTTPOnly set", func() { + for _, cookie := range cookies { + Expect(cookie.HttpOnly).To(Equal(cookieOpts.CookieHTTPOnly)) + } + }) + + It("have the correct secure set", func() { + for _, cookie := range cookies { + Expect(cookie.Secure).To(Equal(cookieOpts.CookieSecure)) + } + }) + + }) + } + + RunCookieTests := func() { + var ss sessionsapi.SessionStore + + Context("with default options", func() { + BeforeEach(func() { + var err error + ss, err = sessions.NewSessionStore(opts, cookieOpts) + Expect(err).ToNot(HaveOccurred()) + }) + + Context("when SaveSession is called", func() { + BeforeEach(func() { + err := ss.SaveSession(response, request, session) + Expect(err).ToNot(HaveOccurred()) + }) + + It("sets a `set-cookie` header in the response", func() { + Expect(response.Header().Get("Set-Cookie")).ToNot(BeEmpty()) + }) + + CheckCookieOptions() + }) + + Context("when ClearSession is called", func() { + BeforeEach(func() { + err := ss.ClearSession(response, request) + Expect(err).ToNot(HaveOccurred()) + }) + + It("sets a `set-cookie` header in the response", func() { + Expect(response.Header().Get("set-cookie")).ToNot(BeEmpty()) + }) + + CheckCookieOptions() + }) + }) + + Context("with non-default options", func() { + BeforeEach(func() { + cookieOpts = &options.CookieOptions{ + CookieName: "_cookie_name", + CookiePath: "/path", + CookieExpire: time.Duration(72) * time.Hour, + CookieRefresh: time.Duration(3600), + CookieSecure: false, + CookieHTTPOnly: false, + CookieDomain: "example.com", + } + + var err error + ss, err = sessions.NewSessionStore(opts, cookieOpts) + Expect(err).ToNot(HaveOccurred()) + }) + + Context("when SaveSession is called", func() { + BeforeEach(func() { + err := ss.SaveSession(response, request, session) + Expect(err).ToNot(HaveOccurred()) + }) + + It("sets a `set-cookie` header in the response", func() { + Expect(response.Header().Get("Set-Cookie")).ToNot(BeEmpty()) + }) + + CheckCookieOptions() + }) + + Context("when ClearSession is called", func() { + BeforeEach(func() { + err := ss.ClearSession(response, request) + Expect(err).ToNot(HaveOccurred()) + }) + + It("sets a `set-cookie` header in the response", func() { + Expect(response.Header().Get("set-cookie")).ToNot(BeEmpty()) + }) + + CheckCookieOptions() + }) + }) + } + BeforeEach(func() { opts = &options.SessionOptions{} - cookieOpts = &options.CookieOptions{} + + // Set default options in CookieOptions + cookieOpts = &options.CookieOptions{ + CookieName: "_oauth2_proxy", + CookiePath: "/", + CookieExpire: time.Duration(168) * time.Hour, + CookieRefresh: time.Duration(0), + CookieSecure: true, + CookieHTTPOnly: true, + } }) Context("with type 'cookie'", func() { @@ -29,11 +173,15 @@ var _ = Describe("NewSessionStore", func() { opts.Type = options.CookieSessionStoreType }) - It("creates a CookieSessionStore", func() { + It("creates a cookie.SessionStore", func() { ss, err := sessions.NewSessionStore(opts, cookieOpts) Expect(err).NotTo(HaveOccurred()) Expect(ss).To(BeAssignableToTypeOf(&cookie.SessionStore{})) }) + + Context("the cookie.SessionStore", func() { + RunCookieTests() + }) }) Context("with an invalid type", func() {