move middleware to new package

2023-06-20 21:41:15 +01:00
parent 3215fe5f4c
commit d31ea4b23c
3 changed files with 11 additions and 10 deletions
--- a/server/middleware.go
+++ b/server/middleware.go
@ -0,0 +1,31 @@
+package server
+
+import (
+	"net/http"
+)
+
+type BasicAuthProvider interface {
+	Enabled() bool
+	DoesBasicAuthMatch(username, password string) bool
+}
+
+func BasicAuthMiddleware(handlerFunc http.HandlerFunc, basicAuthProvider BasicAuthProvider) http.HandlerFunc {
+	if basicAuthProvider.Enabled() {
+		return func(w http.ResponseWriter, r *http.Request) {
+			if doesBasicAuthMatch(r, basicAuthProvider) {
+				handlerFunc.ServeHTTP(w, r)
+			} else {
+				w.WriteHeader(http.StatusUnauthorized)
+			}
+		}
+	}
+	return handlerFunc
+}
+
+func doesBasicAuthMatch(r *http.Request, basicAuthProvider BasicAuthProvider) bool {
+	rawUsername, rawPassword, ok := r.BasicAuth()
+	if ok {
+		return basicAuthProvider.DoesBasicAuthMatch(rawUsername, rawPassword)
+	}
+	return false
+}
--- a/server/middleware_test.go
+++ b/server/middleware_test.go
@ -0,0 +1,58 @@
+package server
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+type testAuthProvider struct {
+	enabled bool
+	match   bool
+}
+
+func (p testAuthProvider) Enabled() bool {
+	return p.enabled
+}
+
+func (p testAuthProvider) DoesBasicAuthMatch(username, password string) bool {
+	return p.match
+}
+
+func newTestRequest() *http.Request {
+	return httptest.NewRequest(http.MethodGet, "http://example.com", nil)
+}
+
+func executeBasicAuthMiddlewareTest(t *testing.T, authEnabled bool, authMatches bool, expectedCode int, expectedCallCount int) {
+	callCount := 0
+	testHandler := func(w http.ResponseWriter, r *http.Request) {
+		callCount++
+	}
+
+	handler := BasicAuthMiddleware(testHandler, testAuthProvider{enabled: authEnabled, match: authMatches})
+	recorder := httptest.NewRecorder()
+	request := newTestRequest()
+	if authEnabled {
+		request.SetBasicAuth("test", "test")
+	}
+	handler.ServeHTTP(recorder, request)
+
+	if recorder.Code != expectedCode {
+		t.Errorf("statusCode = %v, want %v", recorder.Code, expectedCode)
+	}
+	if callCount != expectedCallCount {
+		t.Errorf("callCount = %v, want %v", callCount, expectedCallCount)
+	}
+}
+
+func Test_GIVEN_DisabledBasicAuth_WHEN_MethodCalled_THEN_RequestProcessed(t *testing.T) {
+	executeBasicAuthMiddlewareTest(t, false, false, http.StatusOK, 1)
+}
+
+func Test_GIVEN_EnabledBasicAuth_WHEN_MethodCalledWithCorrectCredentials_THEN_RequestProcessed(t *testing.T) {
+	executeBasicAuthMiddlewareTest(t, true, true, http.StatusOK, 1)
+}
+
+func Test_GIVEN_EnabledBasicAuth_WHEN_MethodCalledWithIncorrectCredentials_THEN_RequestRejected(t *testing.T) {
+	executeBasicAuthMiddlewareTest(t, true, false, http.StatusUnauthorized, 0)
+}