From 49f2cc8b4202e6558b0194511bad25205965b73b Mon Sep 17 00:00:00 2001 From: multi prise Date: Tue, 15 Sep 2020 09:56:30 +0200 Subject: added test --- lib/matrix_app_service/auth_plug.ex | 36 ----------------- lib/matrix_app_service/phoenix/router.ex | 2 +- lib/matrix_app_service_web/auth_plug.ex | 45 ++++++++++++++++++++++ test/matrix_app_service/client.ex | 4 ++ test/matrix_app_service_web/auth_plug_test.exs | 53 ++++++++++++++++++++++++++ 5 files changed, 103 insertions(+), 37 deletions(-) delete mode 100644 lib/matrix_app_service/auth_plug.ex create mode 100644 lib/matrix_app_service_web/auth_plug.ex create mode 100644 test/matrix_app_service/client.ex create mode 100644 test/matrix_app_service_web/auth_plug_test.exs diff --git a/lib/matrix_app_service/auth_plug.ex b/lib/matrix_app_service/auth_plug.ex deleted file mode 100644 index 8adbc91..0000000 --- a/lib/matrix_app_service/auth_plug.ex +++ /dev/null @@ -1,36 +0,0 @@ -defmodule MatrixAppService.AuthPlug do - @behaviour Plug - import Plug.Conn - require Logger - - @impl Plug - def init(opts) do - opts - end - - @impl Plug - def call(%Plug.Conn{params: %{"access_token" => hs_token}} = conn, _) do - config_hs_token = Application.fetch_env!(:matrix_app_service, :homeserver_token) - - with ^config_hs_token <- hs_token do - conn - else - _ -> - Logger.warn("Received invalid homeserver token") - respond_error(conn, 403) - end - end - - def call(conn, _config_hs_token) do - Logger.warn("No homeserver token provided") - respond_error(conn, 401) - end - - defp respond_error(conn, error_code) do - conn - |> put_status(error_code) - |> Phoenix.Controller.put_view(MatrixAppServiceWeb.ErrorView) - |> Phoenix.Controller.render("#{error_code}.json") - |> halt - end -end diff --git a/lib/matrix_app_service/phoenix/router.ex b/lib/matrix_app_service/phoenix/router.ex index 2a4aba6..b3e6c8f 100644 --- a/lib/matrix_app_service/phoenix/router.ex +++ b/lib/matrix_app_service/phoenix/router.ex @@ -3,7 +3,7 @@ defmodule MatrixAppService.Phoenix.Router do quote do pipeline :matrix_api do plug :accepts, ["json"] - plug MatrixAppService.AuthPlug + plug MatrixAppServiceWeb.AuthPlug end path = Application.compile_env(:matrix_app_service, :path, "/") diff --git a/lib/matrix_app_service_web/auth_plug.ex b/lib/matrix_app_service_web/auth_plug.ex new file mode 100644 index 0000000..2d2ae23 --- /dev/null +++ b/lib/matrix_app_service_web/auth_plug.ex @@ -0,0 +1,45 @@ +defmodule MatrixAppServiceWeb.AuthPlug do + @moduledoc """ + This Plug implements the Application Service authorization, + as described here: + + https://matrix.org/docs/spec/application_service/r0.1.2#authorization + """ + + @behaviour Plug + import Plug.Conn + require Logger + + @doc false + @impl Plug + def init(opts) do + opts + end + + @doc false + @impl Plug + def call(%Plug.Conn{params: %{"access_token" => hs_token}} = conn, _opts) do + config_hs_token = Application.fetch_env!(:matrix_app_service, :homeserver_token) + + with ^config_hs_token <- hs_token do + conn + else + _ -> + Logger.warn("Received invalid homeserver token") + respond_error(conn, 403) + end + end + + def call(conn, _opts) do + Logger.warn("No homeserver token provided") + respond_error(conn, 401) + end + + defp respond_error(conn, error_code) do + conn + |> put_status(error_code) + |> Phoenix.Controller.put_view(MatrixAppServiceWeb.ErrorView) + |> Phoenix.Controller.render("#{error_code}.json") + |> halt + end +end diff --git a/test/matrix_app_service/client.ex b/test/matrix_app_service/client.ex new file mode 100644 index 0000000..37d2225 --- /dev/null +++ b/test/matrix_app_service/client.ex @@ -0,0 +1,4 @@ +defmodule MatrixAppService.ClientTest do + use ExUnit.Case + use Plug.Test +end diff --git a/test/matrix_app_service_web/auth_plug_test.exs b/test/matrix_app_service_web/auth_plug_test.exs new file mode 100644 index 0000000..1293cec --- /dev/null +++ b/test/matrix_app_service_web/auth_plug_test.exs @@ -0,0 +1,53 @@ +defmodule MatrixAppServiceWeb.AuthPlugTest do + use ExUnit.Case + use Plug.Test + + import ExUnit.CaptureLog + + test "call with correct acces token returns conn unchanged" do + Application.put_env(:matrix_app_service, :homeserver_token, "test_token") + + conn = conn(:get, "/users/2", %{"access_token" => "test_token"}) + + assert MatrixAppServiceWeb.AuthPlug.call(conn, nil) == conn + end + + test "call with incorrect access token halts with error 403" do + Application.put_env(:matrix_app_service, :homeserver_token, "test_token") + + conn = + conn(:get, "/users/2", %{"access_token" => "incorrect_token"}) + |> MatrixAppServiceWeb.AuthPlug.call(nil) + + assert conn.status == 403 + assert conn.private[:phoenix_template] == "403.json" + assert conn.private[:phoenix_view] == MatrixAppServiceWeb.ErrorView + assert conn.halted == true + end + + test "call with incorrect access token gets logged" do + Application.put_env(:matrix_app_service, :homeserver_token, "test_token") + conn = conn(:get, "/users/2", %{"access_token" => "incorrect_token"}) + + assert capture_log(fn -> MatrixAppServiceWeb.AuthPlug.call(conn, nil) end) =~ + "Received invalid homeserver token" + end + + test "call without access token halts with error 401" do + conn = + conn(:get, "/users/2") + |> MatrixAppServiceWeb.AuthPlug.call(nil) + + assert conn.status == 401 + assert conn.private[:phoenix_template] == "401.json" + assert conn.private[:phoenix_view] == MatrixAppServiceWeb.ErrorView + assert conn.halted == true + end + + test "call without access token gets logged" do + conn = conn(:get, "user/3") + + assert capture_log(fn -> MatrixAppServiceWeb.AuthPlug.call(conn, nil) end) =~ + "No homeserver token provided" + end +end -- cgit v1.2.3