diff options
Diffstat (limited to 'test/matrix_app_service_web/auth_plug_test.exs')
| -rw-r--r-- | test/matrix_app_service_web/auth_plug_test.exs | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/test/matrix_app_service_web/auth_plug_test.exs b/test/matrix_app_service_web/auth_plug_test.exs new file mode 100644 index 0000000..1293cec --- /dev/null +++ b/test/matrix_app_service_web/auth_plug_test.exs @@ -0,0 +1,53 @@ +defmodule MatrixAppServiceWeb.AuthPlugTest do + use ExUnit.Case + use Plug.Test + + import ExUnit.CaptureLog + + test "call with correct acces token returns conn unchanged" do + Application.put_env(:matrix_app_service, :homeserver_token, "test_token") + + conn = conn(:get, "/users/2", %{"access_token" => "test_token"}) + + assert MatrixAppServiceWeb.AuthPlug.call(conn, nil) == conn + end + + test "call with incorrect access token halts with error 403" do + Application.put_env(:matrix_app_service, :homeserver_token, "test_token") + + conn = + conn(:get, "/users/2", %{"access_token" => "incorrect_token"}) + |> MatrixAppServiceWeb.AuthPlug.call(nil) + + assert conn.status == 403 + assert conn.private[:phoenix_template] == "403.json" + assert conn.private[:phoenix_view] == MatrixAppServiceWeb.ErrorView + assert conn.halted == true + end + + test "call with incorrect access token gets logged" do + Application.put_env(:matrix_app_service, :homeserver_token, "test_token") + conn = conn(:get, "/users/2", %{"access_token" => "incorrect_token"}) + + assert capture_log(fn -> MatrixAppServiceWeb.AuthPlug.call(conn, nil) end) =~ + "Received invalid homeserver token" + end + + test "call without access token halts with error 401" do + conn = + conn(:get, "/users/2") + |> MatrixAppServiceWeb.AuthPlug.call(nil) + + assert conn.status == 401 + assert conn.private[:phoenix_template] == "401.json" + assert conn.private[:phoenix_view] == MatrixAppServiceWeb.ErrorView + assert conn.halted == true + end + + test "call without access token gets logged" do + conn = conn(:get, "user/3") + + assert capture_log(fn -> MatrixAppServiceWeb.AuthPlug.call(conn, nil) end) =~ + "No homeserver token provided" + end +end |