堆栈内存溢出
  简体   繁体   English

如何在 go 中测试验证 JWT 路由

[英]How to test authenticate JWT routes in go

 原文  2019-06-02 13:41:35       go/ routes/ jwt-auth/ jwt-go

问题描述

I want to test protected routes in go with JWT authentication.我想使用 JWT 身份验证测试受保护的路由。

Already try to receive a response and try to pass a token, but its only returns 401 as code response.已经尝试接收响应并尝试传递令牌,但它仅返回 401 作为代码响应。

package routes

import (
    "fmt"
    "github.com/stretchr/testify/assert"

    "net/http"
    "net/http/httptest"
    "testing"
)

func performRequest(r http.Handler, method, path string, t *testing.T) *httptest.ResponseRecorder {
    token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6InJ1aWJsYWVzZUBnbWFpbC5jb20iLCJleHAiOjE1NTk0MjQxMjIsIm9yaWdfaWF0IjoxNTU5NDIwNTIyfQ.kdIRkLjRc63VQvDcHECId45_8rlCr8QlAmVBcEG2tlE"
    w := httptest.NewRecorder()
    req, _ := http.NewRequest(method, path, nil)
    req.Header.Set("Authorization", fmt.Sprintf("Bearer %v", token))
    r.ServeHTTP(w, req)

    assert.Equal(t, w.Code, http.StatusOK)
    return w
}

func TestStartRouter(t *testing.T) {
    // Assert we encoded correctly,
    // the request gives a 200
    // Perform a GET request with that handler.
    router := StartRouter()

    w := performRequest(router, "GET", "/",t)
    assert.Equal(t, http.StatusOK, w.Code)
    w = performRequest(router, "POST", "/api/v1/signin",t)
    assert.Equal(t, http.StatusOK, w.Code)
    w = performRequest(router, "POST", "/api/v1/signup",t)
    assert.Equal(t, http.StatusOK, w.Code)
    w = performRequest(router, "GET", "/user",t)
    assert.Equal(t, http.StatusOK, w.Code)
    w = performRequest(router, "GET", "/user/id",t)
    assert.Equal(t, http.StatusOK, w.Code)
    w = performRequest(router, "GET", "/customer",t)
    assert.Equal(t, http.StatusOK, w.Code)
    w = performRequest(router, "GET", "/customer/id",t)
    assert.Equal(t, http.StatusOK, w.Code)

}

for now when I run go test, I only get code 401, but want to get HTTP response code 200.现在当我运行 go test 时,我只得到代码 401,但想要得到 HTTP 响应代码 200。

2 个解决方案

解决方案1
 1  2019-06-02 21:22:11

just use a function that's validates your token, here is an example with jwt-go只需使用验证您的令牌的函数,这是jwt-go的示例

func isValidToken(tokenString, yourSecret string) bool {
    token, err := jwt.Parse(tokenString, func(token *jwt.Token) (interface{}, error) {
        if _, ok := token.Method.(*jwt.SigningMethodHMAC); !ok {
            return nil, fmt.Errorf("Unexpected signing method: %v", token.Header["alg"])
        }
        return []byte(yourSecret), nil
    })

    if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
        return true
    }
    return false
}

解决方案2
 0  2019-06-02 16:36:03

Surely it depends on your used packages, but I don't see any test of the token inside a handler.当然,这取决于您使用的包,但我在处理程序中没有看到对令牌的任何测试。 It's inside the header, but that's all.它在标题内,但仅此而已。

Maybe you take a look on how I test my JWT wrapper for my JWT packages.也许您可以看看我如何为 JWT 包测试 JWT 包装器。 You find it at你可以在

https://github.com/tideland/go/blob/170f9d31dde003d7fdab1f643119acb8f4e24879/net/webbox/wrapper_test.go#L197 https://github.com/tideland/go/blob/170f9d31dde003d7fdab1f643119acb8f4e24879/net/webbox/wrapper_test.go#L197

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何解码 Go 中的 JWT 令牌? - How to decode a JWT token in Go? go-git:如何在远程服务器上进行身份验证? - go-git: How to authenticate at remote server? 如何通过Firestore Go SDK验证用户身份? - How to authenticate user to Firestore Go SDK? 如何在 jwt-go ParseWithClaims 中使用 RSA 解析 JWT 令牌? - How to parse a JWT token with RSA in jwt-go ParseWithClaims? 如何使用 Go 功能验证 Netlify 身份 - How to authenticate Netlify identity with Go function 如何验证 Go 中的 JWT 令牌并将其加载到结构中? - How to verify a JWT token in Go and load it into a struct? 如何在 Go 中使用 JWK 验证 JWT 签名? - How to verify JWT signature with JWK in Go? 如何在GO中获取Azure AD JWT - How to get Azure AD JWT in GO 如何通过 go 测试选择性测试 go 模块? - How to selective test go modules with go test? 如何在go中测试端点? - How to test an endpoint in go?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM