Patrick
/
wechat_hitxy
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

test unauthorized case.

master
Patrick Peng Sun 8 years ago
parent
746b8422ac
commit
e13a0dc03c
2 changed files with 33 additions and 2 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +10
    -2
      main.go
  2. +23
    -0
      server_test.go

+ 10
- 2
main.go View File

http.HandleFunc("/MP_verify_6JqVkftKr39GMakA.txt", mpDomainAuthSecret) http.HandleFunc("/MP_verify_6JqVkftKr39GMakA.txt", mpDomainAuthSecret)
http.HandleFunc("/profile_newly_register", initialRegistrationHandler) http.HandleFunc("/profile_newly_register", initialRegistrationHandler)
http.HandleFunc("/iapi/getAccessToken", supplyAccessToken) http.HandleFunc("/iapi/getAccessToken", supplyAccessToken)
http.HandleFunc("/iapi/createQr", iapiCreateQrCode)
http.ListenAndServe(":65500", nil) http.ListenAndServe(":65500", nil)
} }


} }


func supplyAccessToken(w http.ResponseWriter, r *http.Request) { func supplyAccessToken(w http.ResponseWriter, r *http.Request) {
logRequestDebug(httputil.DumpRequest(r, true))
//logRequestDebug(httputil.DumpRequest(r, true))
if checkSignatureByToken(r, IntraAPIConfig.CRMSecrete) { if checkSignatureByToken(r, IntraAPIConfig.CRMSecrete) {
atk, _ := GetAccessToken() atk, _ := GetAccessToken()
fmt.Fprint(w, atk) fmt.Fprint(w, atk)
} else { } else {
fmt.Fprint(w, "errortoken")
w.WriteHeader(401)
fmt.Fprint(w, "unauthorized")
}
}

func iapiCreateQrCode(w http.ResponseWriter, r *http.Request) {
if !checkSignatureByToken(r, IntraAPIConfig.CRMSecrete) {
fmt.Fprint(w, "unauthorized")
} }


} }

+ 23
- 0
server_test.go View File

log.Printf("TestGetAccesstoken got: [%s] ", m) log.Printf("TestGetAccesstoken got: [%s] ", m)
AssertEqual(t, m != errorResponse, true, "Signature check failed, error response") AssertEqual(t, m != errorResponse, true, "Signature check failed, error response")
AssertEqual(t, m, expected, "token incorrect") AssertEqual(t, m, expected, "token incorrect")

}

func TestGetAccesstokenUnAuthorized(t *testing.T) {
req := buildReqGetAccessTokenUnAuthorized()
rr, _ := getHTTPResponse(req, supplyAccessToken)
errorResponse := "unauthorized"
m := rr.Body.String()
expected, _ := GetAccessToken()
log.Printf("TestGetAccesstoken got: [%s] ", m)
AssertEqual(t, m, errorResponse, "should be unauthorized")
AssertEqual(t, m != expected, true, "token should not be returned")

} }


func getHTTPResponse(req *http.Request, handler http.HandlerFunc) (rr *httptest.ResponseRecorder, err error) { func getHTTPResponse(req *http.Request, handler http.HandlerFunc) (rr *httptest.ResponseRecorder, err error) {
return req return req
} }


func buildReqGetAccessTokenUnAuthorized() *http.Request {
req, err := http.NewRequest("GET", "/iapi/getAccessToken", nil)
if err != nil {
log.Fatal(err)
}
//buildReqCommonSignature(req, IntraAPIConfig.CRMSecrete)
buildReqCommonHeader(req)
return req
}

func buildSignature(token string) (signature, timestamp, nonce string) { func buildSignature(token string) (signature, timestamp, nonce string) {
timestamp = fmt.Sprintf("%d", int32(time.Now().Unix())) timestamp = fmt.Sprintf("%d", int32(time.Now().Unix()))
nonce = "1461107899" //a randome string cut from previous wechat request nonce = "1461107899" //a randome string cut from previous wechat request

Write Preview
Loading…
Cancel
Save