From 020405400516ccfca9ea67460caad1d8065bb776 Mon Sep 17 00:00:00 2001
From: Joel Speed <Joel.speed@hotmail.co.uk>
Date: Mon, 6 May 2019 22:34:43 +0100
Subject: [PATCH] Add tests to check cookies set by SessionStores

---
 pkg/sessions/session_store_test.go | 152 ++++++++++++++++++++++++++++-
 1 file changed, 150 insertions(+), 2 deletions(-)

diff --git a/pkg/sessions/session_store_test.go b/pkg/sessions/session_store_test.go
index 590d181..e841fb9 100644
--- a/pkg/sessions/session_store_test.go
+++ b/pkg/sessions/session_store_test.go
@@ -1,11 +1,14 @@
 package sessions_test
 
 import (
+	"net/http"
 	"testing"
+	"time"
 
 	. "github.com/onsi/ginkgo"
 	. "github.com/onsi/gomega"
 	"github.com/pusher/oauth2_proxy/pkg/apis/options"
+	sessionsapi "github.com/pusher/oauth2_proxy/pkg/apis/sessions"
 	"github.com/pusher/oauth2_proxy/pkg/sessions"
 	"github.com/pusher/oauth2_proxy/pkg/sessions/cookie"
 )
@@ -19,9 +22,150 @@ var _ = Describe("NewSessionStore", func() {
 	var opts *options.SessionOptions
 	var cookieOpts *options.CookieOptions
 
+	var request *http.Request
+	var response http.ResponseWriter
+	var session *sessionsapi.SessionState
+
+	CheckCookieOptions := func() {
+		Context("the cookies returned", func() {
+			var cookies []*http.Cookie
+			BeforeEach(func() {
+				req := http.Request{}
+				req.Header.Add("Cookie", response.Header().Get("Set-Cookie"))
+				cookies = req.Cookies()
+			})
+
+			It("have the correct name set", func() {
+				if len(cookies) == 1 {
+					Expect(cookies[0].Name).To(Equal(cookieOpts.CookieName))
+				} else {
+					for _, cookie := range cookies {
+						Expect(cookie.Name).To(ContainSubstring(cookieOpts.CookieName))
+					}
+				}
+			})
+
+			It("have the correct path set", func() {
+				for _, cookie := range cookies {
+					Expect(cookie.Path).To(Equal(cookieOpts.CookiePath))
+				}
+			})
+
+			It("have the correct domain set", func() {
+				for _, cookie := range cookies {
+					Expect(cookie.Domain).To(Equal(cookieOpts.CookieDomain))
+				}
+			})
+
+			It("have the correct HTTPOnly set", func() {
+				for _, cookie := range cookies {
+					Expect(cookie.HttpOnly).To(Equal(cookieOpts.CookieHTTPOnly))
+				}
+			})
+
+			It("have the correct secure set", func() {
+				for _, cookie := range cookies {
+					Expect(cookie.Secure).To(Equal(cookieOpts.CookieSecure))
+				}
+			})
+
+		})
+	}
+
+	RunCookieTests := func() {
+		var ss sessionsapi.SessionStore
+
+		Context("with default options", func() {
+			BeforeEach(func() {
+				var err error
+				ss, err = sessions.NewSessionStore(opts, cookieOpts)
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			Context("when SaveSession is called", func() {
+				BeforeEach(func() {
+					err := ss.SaveSession(response, request, session)
+					Expect(err).ToNot(HaveOccurred())
+				})
+
+				It("sets a `set-cookie` header in the response", func() {
+					Expect(response.Header().Get("Set-Cookie")).ToNot(BeEmpty())
+				})
+
+				CheckCookieOptions()
+			})
+
+			Context("when ClearSession is called", func() {
+				BeforeEach(func() {
+					err := ss.ClearSession(response, request)
+					Expect(err).ToNot(HaveOccurred())
+				})
+
+				It("sets a `set-cookie` header in the response", func() {
+					Expect(response.Header().Get("set-cookie")).ToNot(BeEmpty())
+				})
+
+				CheckCookieOptions()
+			})
+		})
+
+		Context("with non-default options", func() {
+			BeforeEach(func() {
+				cookieOpts = &options.CookieOptions{
+					CookieName:     "_cookie_name",
+					CookiePath:     "/path",
+					CookieExpire:   time.Duration(72) * time.Hour,
+					CookieRefresh:  time.Duration(3600),
+					CookieSecure:   false,
+					CookieHTTPOnly: false,
+					CookieDomain:   "example.com",
+				}
+
+				var err error
+				ss, err = sessions.NewSessionStore(opts, cookieOpts)
+				Expect(err).ToNot(HaveOccurred())
+			})
+
+			Context("when SaveSession is called", func() {
+				BeforeEach(func() {
+					err := ss.SaveSession(response, request, session)
+					Expect(err).ToNot(HaveOccurred())
+				})
+
+				It("sets a `set-cookie` header in the response", func() {
+					Expect(response.Header().Get("Set-Cookie")).ToNot(BeEmpty())
+				})
+
+				CheckCookieOptions()
+			})
+
+			Context("when ClearSession is called", func() {
+				BeforeEach(func() {
+					err := ss.ClearSession(response, request)
+					Expect(err).ToNot(HaveOccurred())
+				})
+
+				It("sets a `set-cookie` header in the response", func() {
+					Expect(response.Header().Get("set-cookie")).ToNot(BeEmpty())
+				})
+
+				CheckCookieOptions()
+			})
+		})
+	}
+
 	BeforeEach(func() {
 		opts = &options.SessionOptions{}
-		cookieOpts = &options.CookieOptions{}
+
+		// Set default options in CookieOptions
+		cookieOpts = &options.CookieOptions{
+			CookieName:     "_oauth2_proxy",
+			CookiePath:     "/",
+			CookieExpire:   time.Duration(168) * time.Hour,
+			CookieRefresh:  time.Duration(0),
+			CookieSecure:   true,
+			CookieHTTPOnly: true,
+		}
 	})
 
 	Context("with type 'cookie'", func() {
@@ -29,11 +173,15 @@ var _ = Describe("NewSessionStore", func() {
 			opts.Type = options.CookieSessionStoreType
 		})
 
-		It("creates a CookieSessionStore", func() {
+		It("creates a cookie.SessionStore", func() {
 			ss, err := sessions.NewSessionStore(opts, cookieOpts)
 			Expect(err).NotTo(HaveOccurred())
 			Expect(ss).To(BeAssignableToTypeOf(&cookie.SessionStore{}))
 		})
+
+		Context("the cookie.SessionStore", func() {
+			RunCookieTests()
+		})
 	})
 
 	Context("with an invalid type", func() {