[英]How to test authenticate JWT routes in go
I want to test protected routes in go with JWT authentication.我想使用 JWT 身份验证测试受保护的路由。
Already try to receive a response and try to pass a token, but its only returns 401 as code response.已经尝试接收响应并尝试传递令牌,但它仅返回 401 作为代码响应。
package routes
import (
"fmt"
"github.com/stretchr/testify/assert"
"net/http"
"net/http/httptest"
"testing"
)
func performRequest(r http.Handler, method, path string, t *testing.T) *httptest.ResponseRecorder {
token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InJ1aWJsYWVzZUBnbWFpbC5jb20iLCJleHAiOjE1NTk0MjQxMjIsIm9yaWdfaWF0IjoxNTU5NDIwNTIyfQ.kdIRkLjRc63VQvDcHECId45_8rlCr8QlAmVBcEG2tlE"
w := httptest.NewRecorder()
req, _ := http.NewRequest(method, path, nil)
req.Header.Set("Authorization", fmt.Sprintf("Bearer %v", token))
r.ServeHTTP(w, req)
assert.Equal(t, w.Code, http.StatusOK)
return w
}
func TestStartRouter(t *testing.T) {
// Assert we encoded correctly,
// the request gives a 200
// Perform a GET request with that handler.
router := StartRouter()
w := performRequest(router, "GET", "/",t)
assert.Equal(t, http.StatusOK, w.Code)
w = performRequest(router, "POST", "/api/v1/signin",t)
assert.Equal(t, http.StatusOK, w.Code)
w = performRequest(router, "POST", "/api/v1/signup",t)
assert.Equal(t, http.StatusOK, w.Code)
w = performRequest(router, "GET", "/user",t)
assert.Equal(t, http.StatusOK, w.Code)
w = performRequest(router, "GET", "/user/id",t)
assert.Equal(t, http.StatusOK, w.Code)
w = performRequest(router, "GET", "/customer",t)
assert.Equal(t, http.StatusOK, w.Code)
w = performRequest(router, "GET", "/customer/id",t)
assert.Equal(t, http.StatusOK, w.Code)
}
for now when I run go test, I only get code 401, but want to get HTTP response code 200.现在当我运行 go test 时,我只得到代码 401,但想要得到 HTTP 响应代码 200。
just use a function that's validates your token, here is an example with jwt-go只需使用验证您的令牌的函数,这是jwt-go的示例
func isValidToken(tokenString, yourSecret string) bool {
token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
}
return []byte(yourSecret), nil
})
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
return true
}
return false
}
Surely it depends on your used packages, but I don't see any test of the token inside a handler.当然,这取决于您使用的包,但我在处理程序中没有看到对令牌的任何测试。 It's inside the header, but that's all.
它在标题内,但仅此而已。
Maybe you take a look on how I test my JWT wrapper for my JWT packages.也许您可以看看我如何为 JWT 包测试 JWT 包装器。 You find it at
你可以在
https://github.com/tideland/go/blob/170f9d31dde003d7fdab1f643119acb8f4e24879/net/webbox/wrapper_test.go#L197 https://github.com/tideland/go/blob/170f9d31dde003d7fdab1f643119acb8f4e24879/net/webbox/wrapper_test.go#L197
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.