filters/auth: add tokeninfo test cases (#2789)

Add test cases and update messages for consistency. Signed-off-by: Alexander Yastrebov <[email protected]>
zalando · Dec 12, 2023 · 5f706e5 · 5f706e5
1 parent 3dc744e
commit 5f706e5
Showing 1 changed file with 45 additions and 17 deletions.
diff --git a/filters/auth/tokeninfo_test.go b/filters/auth/tokeninfo_test.go
@@ -45,21 +45,28 @@ func TestOAuth2Tokeninfo(t *testing.T) {
 		expected       int
 		expectRequests int32
 	}{{
-		msg:            "invalid token",
+		msg:            "oauthTokeninfoAnyScope: invalid token",
 		authType:       filters.OAuthTokeninfoAnyScopeName,
 		args:           []interface{}{"not-matching-scope"},
 		auth:           "invalid-token",
 		expected:       http.StatusUnauthorized,
 		expectRequests: N,
 	}, {
-		msg:            "invalid scope",
+		msg:            "oauthTokeninfoAnyScope: one invalid scope",
 		authType:       filters.OAuthTokeninfoAnyScopeName,
 		args:           []interface{}{"not-matching-scope"},
 		auth:           testToken,
 		expected:       http.StatusForbidden,
 		expectRequests: N,
 	}, {
-		msg:            "missing token",
+		msg:            "oauthTokeninfoAnyScope: two invalid scopes",
+		authType:       filters.OAuthTokeninfoAnyScopeName,
+		args:           []interface{}{"not-matching-scope1", "not-matching-scope2"},
+		auth:           testToken,
+		expected:       http.StatusForbidden,
+		expectRequests: N,
+	}, {
+		msg:            "oauthTokeninfoAnyScope: missing token",
 		authType:       filters.OAuthTokeninfoAnyScopeName,
 		args:           []interface{}{testScope},
 		auth:           "",
@@ -73,98 +80,119 @@ func TestOAuth2Tokeninfo(t *testing.T) {
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "OAuthTokeninfoAnyScopeName: valid token, one valid scope, one invalid scope",
+		msg:            "oauthTokeninfoAnyScope: valid token, one valid scope, one invalid scope",
 		authType:       filters.OAuthTokeninfoAnyScopeName,
 		args:           []interface{}{testScope, "other-scope"},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "oauthTokeninfoAllScope(): valid token, valid scopes",
+		msg:            "oauthTokeninfoAnyScope: valid token, one invalid scope, one valid scope",
+		authType:       filters.OAuthTokeninfoAnyScopeName,
+		args:           []interface{}{"other-scope", testScope},
+		auth:           testToken,
+		expected:       http.StatusOK,
+		expectRequests: N,
+	}, {
+		msg:            "oauthTokeninfoAllScope: valid token, all valid scopes",
 		authType:       filters.OAuthTokeninfoAllScopeName,
 		args:           []interface{}{testScope, testScope2, testScope3},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "oauthTokeninfoAllScope(): valid token, one valid scope, one invalid scope",
+		msg:            "oauthTokeninfoAllScope: valid token, two valid scopes",
+		authType:       filters.OAuthTokeninfoAllScopeName,
+		args:           []interface{}{testScope, testScope2},
+		auth:           testToken,
+		expected:       http.StatusOK,
+		expectRequests: N,
+	}, {
+		msg:            "oauthTokeninfoAllScope: valid token, one valid scope",
+		authType:       filters.OAuthTokeninfoAllScopeName,
+		args:           []interface{}{testScope},
+		auth:           testToken,
+		expected:       http.StatusOK,
+		expectRequests: N,
+	}, {
+		msg:            "oauthTokeninfoAllScope: valid token, one valid scope, one invalid scope",
 		authType:       filters.OAuthTokeninfoAllScopeName,
 		args:           []interface{}{testScope, "other-scope"},
 		auth:           testToken,
 		expected:       http.StatusForbidden,
 		expectRequests: N,
 	}, {
-		msg:            "anyKV(): valid token, one valid key, wrong value",
+		msg:            "oauthTokeninfoAnyKV: valid token, one valid key, wrong value",
 		authType:       filters.OAuthTokeninfoAnyKVName,
 		args:           []interface{}{testKey, "other-value"},
 		auth:           testToken,
 		expected:       http.StatusForbidden,
 		expectRequests: N,
 	}, {
-		msg:            "anyKV(): valid token, one valid key value pair",
+		msg:            "oauthTokeninfoAnyKV: valid token, one valid key value pair",
 		authType:       filters.OAuthTokeninfoAnyKVName,
 		args:           []interface{}{testKey, testValue},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "anyKV(): valid token, one valid kv, multiple key value pairs1",
+		msg:            "oauthTokeninfoAnyKV: valid token, one valid kv, multiple key value pairs1",
 		authType:       filters.OAuthTokeninfoAnyKVName,
 		args:           []interface{}{testKey, testValue, "wrongKey", "wrongValue"},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "anyKV(): valid token, one valid kv, multiple key value pairs2",
+		msg:            "oauthTokeninfoAnyKV: valid token, one valid kv, multiple key value pairs2",
 		authType:       filters.OAuthTokeninfoAnyKVName,
 		args:           []interface{}{"wrongKey", "wrongValue", testKey, testValue},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "anyKV(): valid token, one valid kv, same key multiple times should pass",
+		msg:            "oauthTokeninfoAnyKV: valid token, one valid kv, same key multiple times should pass",
 		authType:       filters.OAuthTokeninfoAnyKVName,
 		args:           []interface{}{testKey, testValue, testKey, "someValue"},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "allKV(): valid token, one valid key, wrong value",
+		msg:            "oauthTokeninfoAllKV: valid token, one valid key, wrong value",
 		authType:       filters.OAuthTokeninfoAllKVName,
 		args:           []interface{}{testKey, "other-value"},
 		auth:           testToken,
 		expected:       http.StatusForbidden,
 		expectRequests: N,
 	}, {
-		msg:            "allKV(): valid token, one valid key value pair",
+		msg:            "oauthTokeninfoAllKV: valid token, one valid key value pair",
 		authType:       filters.OAuthTokeninfoAllKVName,
 		args:           []interface{}{testKey, testValue},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "allKV(): valid token, one valid key value pair, check realm",
+		msg:            "oauthTokeninfoAllKV: valid token, one valid key value pair, check realm",
 		authType:       filters.OAuthTokeninfoAllKVName,
 		args:           []interface{}{testRealmKey, testRealm, testKey, testValue},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "allKV(): valid token, valid key value pairs",
+		msg:            "oauthTokeninfoAllKV: valid token, valid key value pairs",
 		authType:       filters.OAuthTokeninfoAllKVName,
 		args:           []interface{}{testKey, testValue, testKey, testValue},
 		auth:           testToken,
 		expected:       http.StatusOK,
 		expectRequests: N,
 	}, {
-		msg:            "allKV(): valid token, one valid kv, multiple key value pairs1",
+		msg:            "oauthTokeninfoAllKV: valid token, one valid kv, multiple key value pairs1",
 		authType:       filters.OAuthTokeninfoAllKVName,
 		args:           []interface{}{testKey, testValue, "wrongKey", "wrongValue"},
 		auth:           testToken,
 		expected:       http.StatusForbidden,
 		expectRequests: N,
 	}, {
-		msg:            "allKV(): valid token, one valid kv, multiple key value pairs2",
+		msg:            "oauthTokeninfoAllKV: valid token, one valid kv, multiple key value pairs2",
 		authType:       filters.OAuthTokeninfoAllKVName,
 		args:           []interface{}{"wrongKey", "wrongValue", testKey, testValue},
 		auth:           testToken,