chore: import upstream snapshot with attribution
Backend Tests / Tests (other) (push) Failing after 1s
Backend Tests / Static Checks (push) Failing after 2s
Backend Tests / Tests (internal) (push) Failing after 2s
Backend Tests / Tests (server) (push) Failing after 1s
Backend Tests / Tests (store) (push) Failing after 1s
Build Canary Image / build-frontend (push) Failing after 1s
Frontend Tests / Lint (push) Failing after 1s
Build Canary Image / build-push (linux/amd64) (push) Has been skipped
Build Canary Image / build-push (linux/arm64) (push) Has been skipped
Build Canary Image / merge (push) Has been skipped
Frontend Tests / Build (push) Failing after 1s
Release Please / release-please (push) Failing after 0s
Proto Linter / Lint Protos (push) Failing after 2s
Backend Tests / Tests (other) (push) Failing after 1s
Backend Tests / Static Checks (push) Failing after 2s
Backend Tests / Tests (internal) (push) Failing after 2s
Backend Tests / Tests (server) (push) Failing after 1s
Backend Tests / Tests (store) (push) Failing after 1s
Build Canary Image / build-frontend (push) Failing after 1s
Frontend Tests / Lint (push) Failing after 1s
Build Canary Image / build-push (linux/amd64) (push) Has been skipped
Build Canary Image / build-push (linux/arm64) (push) Has been skipped
Build Canary Image / merge (push) Has been skipped
Frontend Tests / Build (push) Failing after 1s
Release Please / release-please (push) Failing after 0s
Proto Linter / Lint Protos (push) Failing after 2s
This commit is contained in:
@@ -0,0 +1,34 @@
|
||||
package auth
|
||||
|
||||
import (
|
||||
"context"
|
||||
"testing"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
// TestAuthenticateNoCredentials covers the store-free paths: absent or malformed
|
||||
// credentials must resolve to "unauthenticated" without touching the store.
|
||||
// Token-valid paths are exercised by the API/fileserver integration tests.
|
||||
func TestAuthenticateNoCredentials(t *testing.T) {
|
||||
ctx := context.Background()
|
||||
a := &Authenticator{secret: "test-secret"} // nil store: these paths never reach it.
|
||||
|
||||
t.Run("Authenticate returns nil without an Authorization header", func(t *testing.T) {
|
||||
assert.Nil(t, a.Authenticate(ctx, ""))
|
||||
})
|
||||
t.Run("Authenticate returns nil for a malformed bearer token", func(t *testing.T) {
|
||||
assert.Nil(t, a.Authenticate(ctx, "Bearer not-a-valid-jwt"))
|
||||
})
|
||||
|
||||
t.Run("AuthenticateToUser returns nil without any credentials", func(t *testing.T) {
|
||||
user, err := a.AuthenticateToUser(ctx, "", "")
|
||||
assert.NoError(t, err)
|
||||
assert.Nil(t, user)
|
||||
})
|
||||
t.Run("AuthenticateToUser returns nil for a malformed bearer and no cookie", func(t *testing.T) {
|
||||
user, err := a.AuthenticateToUser(ctx, "Bearer not-a-valid-jwt", "")
|
||||
assert.NoError(t, err)
|
||||
assert.Nil(t, user)
|
||||
})
|
||||
}
|
||||
Reference in New Issue
Block a user