Patrick
/
wechat_hitxy
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
Преглед на файлове

test unauthorized case.

master
Patrick Peng Sun преди 8 години
родител
746b8422ac
ревизия
e13a0dc03c
променени са 2 файла, в които са добавени 33 реда и са изтрити 2 реда
Разделен изглед
Diff Options
Show Stats Download Patch File Download Diff File
  1. +10
    -2
      main.go
  2. +23
    -0
      server_test.go

+ 10
- 2
main.go Целия файл

@@ -60,6 +60,7 @@ func setupHTTPHandler() {
http.HandleFunc("/MP_verify_6JqVkftKr39GMakA.txt", mpDomainAuthSecret)
http.HandleFunc("/profile_newly_register", initialRegistrationHandler)
http.HandleFunc("/iapi/getAccessToken", supplyAccessToken)
http.HandleFunc("/iapi/createQr", iapiCreateQrCode)
http.ListenAndServe(":65500", nil)
}

@@ -103,12 +104,19 @@ func dumpReuestHandler(w http.ResponseWriter, r *http.Request) {
}

func supplyAccessToken(w http.ResponseWriter, r *http.Request) {
logRequestDebug(httputil.DumpRequest(r, true))
//logRequestDebug(httputil.DumpRequest(r, true))
if checkSignatureByToken(r, IntraAPIConfig.CRMSecrete) {
atk, _ := GetAccessToken()
fmt.Fprint(w, atk)
} else {
fmt.Fprint(w, "errortoken")
w.WriteHeader(401)
fmt.Fprint(w, "unauthorized")
}
}

func iapiCreateQrCode(w http.ResponseWriter, r *http.Request) {
if !checkSignatureByToken(r, IntraAPIConfig.CRMSecrete) {
fmt.Fprint(w, "unauthorized")
}

}

+ 23
- 0
server_test.go Целия файл

@@ -76,6 +76,19 @@ func TestGetAccesstoken(t *testing.T) {
log.Printf("TestGetAccesstoken got: [%s] ", m)
AssertEqual(t, m != errorResponse, true, "Signature check failed, error response")
AssertEqual(t, m, expected, "token incorrect")

}

func TestGetAccesstokenUnAuthorized(t *testing.T) {
req := buildReqGetAccessTokenUnAuthorized()
rr, _ := getHTTPResponse(req, supplyAccessToken)
errorResponse := "unauthorized"
m := rr.Body.String()
expected, _ := GetAccessToken()
log.Printf("TestGetAccesstoken got: [%s] ", m)
AssertEqual(t, m, errorResponse, "should be unauthorized")
AssertEqual(t, m != expected, true, "token should not be returned")

}

func getHTTPResponse(req *http.Request, handler http.HandlerFunc) (rr *httptest.ResponseRecorder, err error) {
@@ -168,6 +181,16 @@ func buildReqGetAccessToken() *http.Request {
return req
}

func buildReqGetAccessTokenUnAuthorized() *http.Request {
req, err := http.NewRequest("GET", "/iapi/getAccessToken", nil)
if err != nil {
log.Fatal(err)
}
//buildReqCommonSignature(req, IntraAPIConfig.CRMSecrete)
buildReqCommonHeader(req)
return req
}

func buildSignature(token string) (signature, timestamp, nonce string) {
timestamp = fmt.Sprintf("%d", int32(time.Now().Unix()))
nonce = "1461107899" //a randome string cut from previous wechat request

Write Preview
Loading…
Отказ
Запис