Implement authentication

2025-12-18 16:30:44 +00:00 · 2024-02-21 23:40:54 +02:00
parent 790192bf5a
commit 6a40492c7b
11 changed files with 227 additions and 3 deletions
--- a/api/tests/authentication_test.go
+++ b/api/tests/authentication_test.go
@@ -0,0 +1,87 @@
+package tests_test
+
+import (
+	"context"
+	"errors"
+	"fmt"
+	"io"
+	"net/http"
+	"testing"
+
+	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
+	"github.com/Azure/azure-sdk-for-go/sdk/data/azcosmos"
+	"github.com/pikami/cosmium/api/config"
+	"github.com/pikami/cosmium/internal/repositories"
+	"github.com/stretchr/testify/assert"
+)
+
+func Test_Authentication(t *testing.T) {
+	ts := runTestServer()
+	defer ts.Close()
+
+	t.Run("Should get 200 when correct account key is used", func(t *testing.T) {
+		repositories.DeleteDatabase(testDatabaseName)
+		client, err := azcosmos.NewClientFromConnectionString(
+			fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, config.DefaultAccountKey),
+			&azcosmos.ClientOptions{},
+		)
+		assert.Nil(t, err)
+
+		createResponse, err := client.CreateDatabase(
+			context.TODO(),
+			azcosmos.DatabaseProperties{ID: testDatabaseName},
+			&azcosmos.CreateDatabaseOptions{})
+		assert.Nil(t, err)
+		assert.Equal(t, createResponse.DatabaseProperties.ID, testDatabaseName)
+	})
+
+	t.Run("Should get 200 when wrong account key is used, but authentication is dissabled", func(t *testing.T) {
+		config.Config.DisableAuth = true
+		repositories.DeleteDatabase(testDatabaseName)
+		client, err := azcosmos.NewClientFromConnectionString(
+			fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, "AAAA"),
+			&azcosmos.ClientOptions{},
+		)
+		assert.Nil(t, err)
+
+		createResponse, err := client.CreateDatabase(
+			context.TODO(),
+			azcosmos.DatabaseProperties{ID: testDatabaseName},
+			&azcosmos.CreateDatabaseOptions{})
+		assert.Nil(t, err)
+		assert.Equal(t, createResponse.DatabaseProperties.ID, testDatabaseName)
+		config.Config.DisableAuth = false
+	})
+
+	t.Run("Should get 401 when wrong account key is used", func(t *testing.T) {
+		repositories.DeleteDatabase(testDatabaseName)
+		client, err := azcosmos.NewClientFromConnectionString(
+			fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, "AAAA"),
+			&azcosmos.ClientOptions{},
+		)
+		assert.Nil(t, err)
+
+		_, err = client.CreateDatabase(
+			context.TODO(),
+			azcosmos.DatabaseProperties{ID: testDatabaseName},
+			&azcosmos.CreateDatabaseOptions{})
+
+		var respErr *azcore.ResponseError
+		if errors.As(err, &respErr) {
+			assert.Equal(t, respErr.StatusCode, http.StatusUnauthorized)
+		} else {
+			panic(err)
+		}
+	})
+
+	t.Run("Should allow unauthorized requests to /_explorer", func(t *testing.T) {
+		res, err := http.Get(ts.URL + "/_explorer/config.json")
+		assert.Nil(t, err)
+		defer res.Body.Close()
+		responseBody, err := io.ReadAll(res.Body)
+		assert.Nil(t, err)
+
+		assert.Equal(t, http.StatusOK, res.StatusCode)
+		assert.Contains(t, string(responseBody), "BACKEND_ENDPOINT")
+	})
+}
--- a/api/tests/collections_test.go
+++ b/api/tests/collections_test.go
@@ -9,6 +9,7 @@ import (

 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/data/azcosmos"
+	"github.com/pikami/cosmium/api/config"
 	"github.com/pikami/cosmium/internal/repositories"
 	repositorymodels "github.com/pikami/cosmium/internal/repository_models"
 	"github.com/stretchr/testify/assert"
@@ -19,7 +20,7 @@ func Test_Collections(t *testing.T) {
 	defer ts.Close()

 	client, err := azcosmos.NewClientFromConnectionString(
-		fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, "asas"),
+		fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, config.Config.AccountKey),
 		&azcosmos.ClientOptions{},
 	)
 	assert.Nil(t, err)
--- a/api/tests/config_test.go
+++ b/api/tests/config_test.go
@@ -4,9 +4,12 @@ import (
 	"net/http/httptest"

 	"github.com/pikami/cosmium/api"
+	"github.com/pikami/cosmium/api/config"
 )

 func runTestServer() *httptest.Server {
+	config.Config.AccountKey = config.DefaultAccountKey
+
 	return httptest.NewServer(api.CreateRouter())
 }

--- a/api/tests/databases_test.go
+++ b/api/tests/databases_test.go
@@ -9,6 +9,7 @@ import (

 	"github.com/Azure/azure-sdk-for-go/sdk/azcore"
 	"github.com/Azure/azure-sdk-for-go/sdk/data/azcosmos"
+	"github.com/pikami/cosmium/api/config"
 	"github.com/pikami/cosmium/internal/repositories"
 	repositorymodels "github.com/pikami/cosmium/internal/repository_models"
 	"github.com/stretchr/testify/assert"
@@ -19,13 +20,15 @@ func Test_Databases(t *testing.T) {
 	defer ts.Close()

 	client, err := azcosmos.NewClientFromConnectionString(
-		fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, "asas"),
+		fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, config.Config.AccountKey),
 		&azcosmos.ClientOptions{},
 	)
 	assert.Nil(t, err)

 	t.Run("Database Create", func(t *testing.T) {
 		t.Run("Should create database", func(t *testing.T) {
+			repositories.DeleteDatabase(testDatabaseName)
+
 			createResponse, err := client.CreateDatabase(context.TODO(), azcosmos.DatabaseProperties{
 				ID: testDatabaseName,
 			}, &azcosmos.CreateDatabaseOptions{})
--- a/api/tests/documents_test.go
+++ b/api/tests/documents_test.go
@@ -8,6 +8,7 @@ import (
 	"testing"

 	"github.com/Azure/azure-sdk-for-go/sdk/data/azcosmos"
+	"github.com/pikami/cosmium/api/config"
 	"github.com/pikami/cosmium/internal/repositories"
 	repositorymodels "github.com/pikami/cosmium/internal/repository_models"
 	"github.com/stretchr/testify/assert"
@@ -66,7 +67,7 @@ func Test_Documents(t *testing.T) {
 	defer ts.Close()

 	client, err := azcosmos.NewClientFromConnectionString(
-		fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, "asas"),
+		fmt.Sprintf("AccountEndpoint=%s;AccountKey=%s", ts.URL, config.Config.AccountKey),
 		&azcosmos.ClientOptions{},
 	)
 	assert.Nil(t, err)