Skip to content

Commit 8ba6f76

Browse files
mergify[bot]mergify[bot]
authored
Merge pull request #6681 from okurz/feature/condense_t_03_auth
t: Use proper test description strings in 03-auth.t
2 parents 2244bd4 + 51e00d9 commit 8ba6f76

File tree

1 file changed

+25
-56
lines changed

1 file changed

+25
-56
lines changed

t/api/03-auth.t

Lines changed: 25 additions & 56 deletions
Original file line numberDiff line numberDiff line change
@@ -37,17 +37,13 @@ my $mock_asset = Test::MockModule->new('OpenQA::Schema::Result::Assets');
3737
$mock_asset->redefine(remove_from_disk => sub { $mock_asset_remove_callcount++; return 1; });
3838

3939
subtest 'authentication routes for plugins' => sub {
40-
my $public = $t->app->routes->find('api_public');
41-
ok $public, 'api_pubic route found';
40+
ok my $public = $t->app->routes->find('api_public'), 'api_pubic route found';
4241
$public->put('/public_plugin' => sub { shift->render(text => 'API public plugin works!') });
43-
my $ensure_user = $t->app->routes->find('api_ensure_user');
44-
ok $ensure_user, 'api_ensure_user route found';
42+
ok my $ensure_user = $t->app->routes->find('api_ensure_user'), 'api_ensure_user route found';
4543
$ensure_user->put('/user_plugin' => sub { shift->render(text => 'API user plugin works!') });
46-
my $ensure_admin = $t->app->routes->find('api_ensure_admin');
47-
ok $ensure_admin, 'api_ensure_admin route found';
44+
ok my $ensure_admin = $t->app->routes->find('api_ensure_admin'), 'api_ensure_admin route found';
4845
$ensure_admin->put('/admin_plugin' => sub { shift->render(text => 'API admin plugin works!') });
49-
my $ensure_operator = $t->app->routes->find('api_ensure_operator');
50-
ok $ensure_operator, 'api_ensure_operator route found';
46+
ok my $ensure_operator = $t->app->routes->find('api_ensure_operator'), 'api_ensure_operator route found';
5147
$ensure_operator->put('/operator_plugin' => sub { shift->render(text => 'API operator plugin works!') });
5248
};
5349

@@ -180,57 +176,38 @@ subtest 'personal access token' => sub {
180176
$t->ua->once(start => sub ($ua, $tx) { $tx->req->url->userinfo($userinfo) });
181177
return $t;
182178
};
183-
184-
# No access token
185179
my $t = Test::Mojo->new('OpenQA::WebAPI');
186-
$t->delete_ok('/api/v1/assets/1')->status_is(403)->json_is({error => 'no api key'});
187-
188-
# Valid access token
189-
$t->$userinfo('artie:ARTHURKEY01:EXCALIBUR')->delete_ok('/api/v1/assets/1')->status_is(404);
190-
191-
# Valid access token (OpenID user)
180+
$t->delete_ok('/api/v1/assets/1')->status_is(403)
181+
->json_is({error => 'no api key'}, undef, 'access token is required');
182+
$t->$userinfo('artie:ARTHURKEY01:EXCALIBUR')->delete_ok('/api/v1/assets/1')->status_is(404, 'valid access token');
192183
$t->$userinfo('lance:LANCELOTKEY01:MANYPEOPLEKNOW')->post_ok('/api/v1/feature' => form => {version => 100})
193-
->status_is(200);
194-
195-
# Invalid access token
184+
->status_is(200, 'valid access token (OpenID user)');
196185
$t->$userinfo('invalid:invalid')->delete_ok('/api/v1/assets/1')->status_is(403)
197-
->json_is({error => 'invalid personal access token'});
198-
199-
# Invalid username
186+
->json_is({error => 'invalid personal access token'}, undef, 'invalid access token denied');
200187
$t->$userinfo('invalid:ARTHURKEY01:EXCALIBUR')->delete_ok('/api/v1/assets/1')->status_is(403)
201-
->json_is({error => 'invalid personal access token'});
202-
203-
# Invalid key
188+
->json_is({error => 'invalid personal access token'}, undef, 'invalid username denied');
204189
$t->$userinfo('artie:INVALID:EXCALIBUR')->delete_ok('/api/v1/assets/1')->status_is(403)
205-
->json_is({error => 'invalid personal access token'});
206-
207-
# Invalid secret
190+
->json_is({error => 'invalid personal access token'}, undef, 'invalid key denied');
208191
$t->$userinfo('artie:ARTHURKEY01:INVALID')->delete_ok('/api/v1/assets/1')->status_is(403)
209-
->json_is({error => 'invalid personal access token'});
210-
211-
# Invalid secret (OpenID user)
192+
->json_is({error => 'invalid personal access token'}, undef, 'invalid secret denied');
212193
$t->$userinfo('lance:LANCELOTKEY01:INVALIDTOO')->post_ok('/api/v1/feature' => form => {version => 100})
213-
->status_is(403)->json_is({error => 'invalid personal access token'});
214-
215-
# Valid access token (again)
216-
$t->$userinfo('artie:ARTHURKEY01:EXCALIBUR')->delete_ok('/api/v1/assets/1')->status_is(404);
194+
->status_is(403)->json_is({error => 'invalid personal access token'}, undef, 'invalid secret (OpenID) denied');
195+
$t->$userinfo('artie:ARTHURKEY01:EXCALIBUR')->delete_ok('/api/v1/assets/1')
196+
->status_is(404, 'valid access token (again)');
217197

218198
subtest 'Bearer token' => sub {
219199
subtest 'Valid token' => sub {
220200
$t->post_ok('/api/v1/feature' => {Authorization => 'Bearer lance:LANCELOTKEY01:MANYPEOPLEKNOW'} => form =>
221201
{version => 100})->status_is(200);
222202
};
223-
224203
subtest 'Invalid username' => sub {
225204
$t->post_ok('/api/v1/feature' => {Authorization => 'Bearer invalid:LANCELOTKEY01:MANYPEOPLEKNOW'} => form =>
226205
{version => 100})->status_is(403)->json_is({error => 'invalid personal access token'});
227206
};
228-
229207
subtest 'Invalid key' => sub {
230208
$t->post_ok('/api/v1/feature' => {Authorization => 'Bearer lance:LANCELOTKEY02:MANYPEOPLEKNOW'} => form =>
231209
{version => 100})->status_is(403)->json_is({error => 'invalid personal access token'});
232210
};
233-
234211
subtest 'Invalid secret' => sub {
235212
$t->post_ok('/api/v1/feature' => {Authorization => 'Bearer lance:LANCELOTKEY01:MANYPEOPLEKNOWS'} => form =>
236213
{version => 100})->status_is(403)->json_is({error => 'invalid personal access token'});
@@ -248,29 +225,21 @@ subtest 'personal access token (with reverse proxy)' => sub {
248225
});
249226
return $t;
250227
};
251-
252-
# Not HTTPS or localhost
253228
local $ENV{MOJO_REVERSE_PROXY} = 1;
254229
my $t = Test::Mojo->new('OpenQA::WebAPI');
255230
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '192.168.2.1', 'http')->delete_ok('/api/v1/assets/1')->status_is(403)
256-
->json_is({error => 'personal access token can only be used via HTTPS or from localhost'});
257-
258-
# HTTPS
231+
->json_is({error => 'personal access token can only be used via HTTPS or from localhost'},
232+
undef, 'not https or localhost denied');
259233
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '192.168.2.1', 'https')->delete_ok('/api/v1/assets/1')
260-
->status_is(404);
261-
262-
# localhost
263-
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '127.0.0.1', 'http')->delete_ok('/api/v1/assets/1')->status_is(404);
264-
265-
# localhost (IPv6)
266-
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '::1', 'http')->delete_ok('/api/v1/assets/1')->status_is(404);
267-
268-
# HTTPS and localhost
269-
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '127.0.0.1', 'https')->delete_ok('/api/v1/assets/1')->status_is(404);
270-
271-
# HTTPS but invalid key
234+
->status_is(404, 'https not found');
235+
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '127.0.0.1', 'http')->delete_ok('/api/v1/assets/1')
236+
->status_is(404, 'localhost not found');
237+
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '::1', 'http')->delete_ok('/api/v1/assets/1')
238+
->status_is(404, 'localhost ipv6 not found');
239+
$t->$forwarded('artie:ARTHURKEY01:EXCALIBUR', '127.0.0.1', 'https')->delete_ok('/api/v1/assets/1')
240+
->status_is(404, 'https and localhost not found');
272241
$t->$forwarded('artie:INVALID:EXCALIBUR', '192.168.2.1', 'https')->delete_ok('/api/v1/assets/1')->status_is(403)
273-
->json_is({error => 'invalid personal access token'});
242+
->json_is({error => 'invalid personal access token'}, undef, 'HTTPS but invalid key');
274243
};
275244

276245
subtest 'auth forbidden via domain' => sub {

0 commit comments

Comments
 (0)