Add test for basic auth package

cloudlena · cloudlena · commit 2fa4222871c8 · 2025-10-18T18:28:16.000+02:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -11,9 +11,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Set up Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
+        with:
+          go-version: "1.25"
       - name: Checkout repo
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Lint code
         uses: golangci/golangci-lint-action@v8
       - name: Run tests
diff --git a/basicauth/basicauth_test.go b/basicauth/basicauth_test.go
@@ -0,0 +1,74 @@
+package basicauth_test
+
+import (
+	"fmt"
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/cloudlena/adapters/basicauth"
+)
+
+func TestHandler(t *testing.T) {
+	users := []basicauth.User{
+		{Username: "user", Password: "password"},
+	}
+	realm := "My Realm"
+
+	tests := []struct {
+		name           string
+		username       string
+		password       string
+		expectedStatus int
+		expectedBody   string
+	}{
+		{
+			name:           "No credentials",
+			username:       "",
+			password:       "",
+			expectedStatus: http.StatusUnauthorized,
+			expectedBody:   "Unauthorized\n",
+		},
+		{
+			name:           "Invalid credentials",
+			username:       "wronguser",
+			password:       "wrongpass",
+			expectedStatus: http.StatusUnauthorized,
+			expectedBody:   "Unauthorized\n",
+		},
+		{
+			name:           "Valid credentials",
+			username:       "user",
+			password:       "password",
+			expectedStatus: http.StatusOK,
+			expectedBody:   "OK",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			req := httptest.NewRequest(http.MethodGet, "/", nil)
+			if tt.username != "" || tt.password != "" {
+				req.SetBasicAuth(tt.username, tt.password)
+			}
+			rr := httptest.NewRecorder()
+
+			nextHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				_, err := fmt.Fprint(w, "OK")
+				if err != nil {
+					t.FailNow()
+				}
+			})
+
+			handler := basicauth.Handler(realm, users)(nextHandler)
+			handler.ServeHTTP(rr, req)
+
+			if rr.Code != tt.expectedStatus {
+				t.Errorf("Expected status %d, got %d", tt.expectedStatus, rr.Code)
+			}
+			if rr.Body.String() != tt.expectedBody {
+				t.Errorf("Expected body %q, got %q", tt.expectedBody, rr.Body.String())
+			}
+		})
+	}
+}
diff --git a/go.mod b/go.mod
@@ -1,8 +1,8 @@
 module github.com/cloudlena/adapters
 
-go 1.24.5
+go 1.25.1
 
 require (
-	github.com/golang-jwt/jwt/v5 v5.2.3
-	golang.org/x/oauth2 v0.30.0
+	github.com/golang-jwt/jwt/v5 v5.3.0
+	golang.org/x/oauth2 v0.32.0
 )
diff --git a/go.sum b/go.sum
@@ -1,4 +1,4 @@
-github.com/golang-jwt/jwt/v5 v5.2.3 h1:kkGXqQOBSDDWRhWNXTFpqGSCMyh/PLnqUvMGJPDJDs0=
-github.com/golang-jwt/jwt/v5 v5.2.3/go.mod h1:pqrtFR0X4osieyHYxtmOUWsAWrfe1Q5UVIyoH402zdk=
-golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
-golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
+github.com/golang-jwt/jwt/v5 v5.3.0 h1:pv4AsKCKKZuqlgs5sUmn4x8UlGa0kEVt/puTpKx9vvo=
+github.com/golang-jwt/jwt/v5 v5.3.0/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
+golang.org/x/oauth2 v0.32.0 h1:jsCblLleRMDrxMN29H3z/k1KliIvpLgCkE6R8FXXNgY=
+golang.org/x/oauth2 v0.32.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
diff --git a/oauth2/README.md b/oauth2/README.md
@@ -10,6 +10,7 @@ This allows you to use multiple IDPs at the same time and federate your sessions
 package main
 
 import (
+	"encoding/json"
 	"errors"
 	"fmt"
 	"log"
@@ -18,6 +19,7 @@ import (
 	"time"
 
 	"github.com/cloudlena/adapters/oauth2"
+	jwt "github.com/golang-jwt/jwt/v5"
 	oa2 "golang.org/x/oauth2"
 	"golang.org/x/oauth2/facebook"
 )
@@ -31,19 +33,32 @@ func IndexHandler() http.Handler {
 
 // parseFacebookToken creates the private claims for an internal JWT from a Facebook OAuth2 token.
 func parseFacebookToken(tok *oauth2.Token) (jwt.MapClaims, error) {
+	var claims struct {
+		ID    string `json:"id"`
+		Email string `json:"email"`
+	}
+
 	meURL := "https://graph.facebook.com/me?fields=id,email,first_name,last_name&access_token=" + url.QueryEscape(tok.AccessToken)
 	res, err := http.Get(meURL)
 	if err != nil {
-		return jwt.MapClaims{}, err
+		return nil, err
 	}
 	defer res.Body.Close()
 
 	// Check if request was successful
 	if res.StatusCode != http.StatusOK {
-		return jwt.MapClaims{}, errors.New("invalid token")
+		return nil, errors.New("invalid token response")
+	}
+
+	err = json.NewDecoder(res.Body).Decode(&claims)
+	if err != nil {
+		return nil, err
 	}
 
-	return jwt.MapClaims{}, nil
+	return jwt.MapClaims{
+		"id":    claims.ID,
+		"email": claims.Email,
+	}, nil
 }
 
 func main() {
