Skip to content

Commit

Permalink
🐛 token authenticate (#621)
Browse files Browse the repository at this point in the history 
fix for issue / #619 
Missing Bearer token return error instead of panicking. 
Also updated [Client.send()
method](https://github.com/konveyor/tackle2-hub/blob/main/binding/client.go#L639)
to work with bearer tokens.

---------

Signed-off-by: Ross <ross@roceb.xyz>
Co-authored-by: Ross <ross@roceb.xyz>
  • Loading branch information
@roceb
roceb and Ross committed Jun 11, 2024
1 parent 695da1e commit c28822e
Show file tree
Hide file tree
Showing 3 changed files with 82 additions and 3 deletions.
17 changes: 15 additions & 2 deletions auth/builtin.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,15 +62,28 @@ func (r *NoAuth) Refresh(refresh string) (token Token, err error) {
type Builtin struct {
}

// Parse Token out of a string
func parseToken(requestToken string) (token string, err error) {
splitToken := strings.Fields(requestToken)
if len(splitToken) != 2 || strings.ToLower(splitToken[0]) != "bearer" {
err = liberr.Wrap(&NotValid{Token: requestToken})
return
}
token = splitToken[1]
return
}

// Authenticate the token
func (r *Builtin) Authenticate(request *Request) (jwToken *jwt.Token, err error) {
token := strings.Replace(request.Token, "Bearer", "", 1)
token = strings.Fields(token)[0]
defer func() {
if err != nil {
Log.Info(err.Error())
}
}()
token, err := parseToken(request.Token)
if err != nil {
return
}
jwToken, err = jwt.Parse(
token,
func(jwToken *jwt.Token) (secret interface{}, err error) {
Expand Down
66 changes: 66 additions & 0 deletions auth/builtin_test.go
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,66 @@
package auth

import "testing"

func TestParseToken(t *testing.T) {
type args struct {
requestToken string
}
tests := []struct {
name string
args args
want string
wantErr bool
}{
{
name: "Valid Bearer token",
args: args{requestToken: "Bearer AAAAAAAAAAAAAAAAAAAAMLheAAAAAAA0%2BuSeid%2BULvsea4JtiGRiSDSJSI%3DEUifiRBkKG5E2XzMDjRfl76ZC9Ub0wnz4XsNiRVBChTYbJcE3F"},
want: "AAAAAAAAAAAAAAAAAAAAMLheAAAAAAA0%2BuSeid%2BULvsea4JtiGRiSDSJSI%3DEUifiRBkKG5E2XzMDjRfl76ZC9Ub0wnz4XsNiRVBChTYbJcE3F",
wantErr: false,
},
{
name: "Empty Bearer token",
args: args{
requestToken: "Bearer ",
},
want: "",
wantErr: true,
},
{
name: "Empty Bearer token no whitespace",
args: args{
requestToken: "Bearer",
},
want: "",
wantErr: true,
},
{
name: "Empty request Token",
args: args{
requestToken: "",
},
want: "",
wantErr: true,
},
{
name: "Misspelled Bearer",
args: args{
requestToken: "Bearr AAAAAAAAAAAAAAAAAAAAMLheAAAAAAA0%2BuSeid%2BULvsea4JtiGRiSDSJSI%3DEUifiRBkKG5E2XzMDjRfl76ZC9Ub0wnz4XsNiRVBChTYbJcE3F",
},
want: "",
wantErr: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := parseToken(tt.args.requestToken)
if (err != nil) != tt.wantErr {
t.Errorf("parseToken() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != tt.want {
t.Errorf("parseToken() = %v, want %v", got, tt.want)
}
})
}
}
2 changes: 1 addition & 1 deletion binding/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -636,7 +636,7 @@ func (r *Client) send(rb func() (*http.Request, error)) (response *http.Response
if err != nil {
return
}
request.Header.Set(api.Authorization, r.token.Token)
request.Header.Set(api.Authorization, "Bearer "+r.token.Token)
client := http.Client{Transport: r.transport}
response, err = client.Do(request)
if err != nil {
Expand Down

0 comments on commit c28822e

Please sign in to comment.