[GitHub] [trafficcontrol] srijeet0406 commented on a diff in pull request #7282: Missing user in logs bug

Tue, 24 Jan 2023 08:48:54 -0800 


srijeet0406 commented on code in PR #7282:
URL: https://github.com/apache/trafficcontrol/pull/7282#discussion_r1085606049


##########
traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go:
##########
@@ -440,4 +440,36 @@ func TestNoOpWhenNoPermissionsRequired(t *testing.T) {
        }
 }
 
-// TODO: TestWrapAccessLog, et. al
+func TestGetCookieToken(t *testing.T) {
+       var cookies []http.Cookie
+       var e bytes.Buffer
+
+       mojoCookie := http.Cookie{Name: "mojolicious", Value: 
"eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE2NzQyNTY4MjEsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--f7f40f516bfedc888d0ac6bc3c373b21773d1765"}
+       accessToken := http.Cookie{Name: "access_token", Value: 
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQyNTY4MjEsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UXlOVFk0TWpFc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLWY3ZjQwZjUxNmJmZWRjODg4ZDBhYzZiYzNjMzczYjIxNzczZDE3NjUifQ.41te1VWlSzHCiH77nZjdqtGQNgc-ad6HwRi5cyffTGc"}
+       bearerToken := "Bearer 
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ1MjU0OTcsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UTFNalUwT1Rjc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLTlmODI1Yzk5MDJhYTU5NDI1ZTQwYzJhYzcyNjhiZTI4NDMyMTg4ZjEifQ.szYraBtmKQ0UB13G6C3WUDcix1kZQyn4uqv27qy0_vY"
+       cookies = append(cookies, mojoCookie, accessToken, http.Cookie{})
+
+       r, err := http.NewRequest("GET", "https://localhost:8888";, nil)
+       if err == nil && r != nil {
+               for i := range cookies {
+                       if cookies[i].Name != "" {
+                               r.AddCookie(&cookies[i])
+                               cookie := getCookieToken(r)
+                               if cookie != mojoCookie.Value && 
cookies[i].Name == "mojolicious" {
+                                       e.WriteString("Error: Unable to get 
mojolicious cookie. ")
+                               } else if cookie != mojoCookie.Value && 
cookies[i].Name == "access_token" {
+                                       e.WriteString("Error: Unable to get 
mojolicious cookie from Access Token. ")
+                               }
+                       } else {
+                               r.Header.Add("Authorization", bearerToken)
+                               cookie := getCookieToken(r)
+                               if cookie != mojoCookie.Value {
+                                       e.WriteString("Error: Unable to get 
cookie from Bearer Token.")
+                               }
+                       }
+               }
+       }
+       if e.String() != "" {

Review Comment:
   Instead of writing to an error string and then checking it at the end of the 
tests, you can just use `t.Errorf(...)` like the other tests do.



##########
traffic_ops/traffic_ops_golang/routing/middleware/wrappers_test.go:
##########
@@ -440,4 +440,36 @@ func TestNoOpWhenNoPermissionsRequired(t *testing.T) {
        }
 }
 
-// TODO: TestWrapAccessLog, et. al
+func TestGetCookieToken(t *testing.T) {
+       var cookies []http.Cookie
+       var e bytes.Buffer
+
+       mojoCookie := http.Cookie{Name: "mojolicious", Value: 
"eyJhdXRoX2RhdGEiOiJhZG1pbiIsImV4cGlyZXMiOjE2NzQyNTY4MjEsImJ5IjoidHJhZmZpY2NvbnRyb2wtZ28tdG9jb29raWUifQ--f7f40f516bfedc888d0ac6bc3c373b21773d1765"}
+       accessToken := http.Cookie{Name: "access_token", Value: 
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQyNTY4MjEsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UXlOVFk0TWpFc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLWY3ZjQwZjUxNmJmZWRjODg4ZDBhYzZiYzNjMzczYjIxNzczZDE3NjUifQ.41te1VWlSzHCiH77nZjdqtGQNgc-ad6HwRi5cyffTGc"}
+       bearerToken := "Bearer 
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2NzQ1MjU0OTcsIm1vam9Db29raWUiOiJleUpoZFhSb1gyUmhkR0VpT2lKaFpHMXBiaUlzSW1WNGNHbHlaWE1pT2pFMk56UTFNalUwT1Rjc0ltSjVJam9pZEhKaFptWnBZMk52Ym5SeWIyd3RaMjh0ZEc5amIyOXJhV1VpZlEtLTlmODI1Yzk5MDJhYTU5NDI1ZTQwYzJhYzcyNjhiZTI4NDMyMTg4ZjEifQ.szYraBtmKQ0UB13G6C3WUDcix1kZQyn4uqv27qy0_vY"
+       cookies = append(cookies, mojoCookie, accessToken, http.Cookie{})
+
+       r, err := http.NewRequest("GET", "https://localhost:8888";, nil)
+       if err == nil && r != nil {
+               for i := range cookies {
+                       if cookies[i].Name != "" {
+                               r.AddCookie(&cookies[i])
+                               cookie := getCookieToken(r)
+                               if cookie != mojoCookie.Value && 
cookies[i].Name == "mojolicious" {

Review Comment:
   The aim of this PR is to make sure that the user gets properly parsed in all 
three auth scenarios. So, IMO, it would make more sense if you extracted the 
user out of the cookies in each case and made sure that you get back the 
expected user every time.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to