验证Golang请求中的承载授权头

xcvxvxc
196 阅读1分钟

你可以使用下面的例子来验证 Golang 请求中的承载授权头。

package validator

import (
	"strings"
)

// BearerAuthHeader validates incoming `r.Header.Get("Authorization")` header
// and returns token otherwise an empty string.
func BearerAuthHeader(authHeader string) string {
	if authHeader == "" {
		return ""
	}

	parts := strings.Split(authHeader, "Bearer")
	if len(parts) != 2 {
		return ""
	}

	token := strings.TrimSpace(parts[1])
	if len(token) < 1 {
		return ""
	}

	return token
}

package validator

import "testing"

func TestBearerAuthHeader(t *testing.T) {
	tests := []struct{
		name  string
		auth  string
		token string
	}{
		{
			"EmptyInput",
			"",
			"",
		},
		{
			"EmptyStringInput",
			"   ",
			"",
		},
		{
			"BearerWithoutToken",
			"Bearer",
			"",
		},
		{
			"BearerPrefixWithEmptyStringToken",
			"Bearer   ",
			"",
		},
		{
			"WrongPrefixWithToken",
			"Basic token",
			"",
		},
		{
			"WrongBearerPrefixCaseWithToken",
			"BEARER token",
			"",
		},
		{
			"BearerPrefixWithNextLineToken",
			"Bearer \n",
			"",
		},
		{
			"BearerPrefixWithTabToken",
			"Bearer \t",
			"",
		},
		{
			"IncorrectlySpacedValidRequest",
			"   Bearer    token   ",
			"token",
		},
		{
			"CorrectlySpacedValidRequest",
			"Bearer token",
			"token",
		},
	}

	for _, c := range tests {
		t.Run(c.name, func(t *testing.T) {
			token := BearerAuthHeader(c.auth)

			if c.token != token {
				t.Fatal("expected", c.token, "but got", token)
			}
		})
	}
}

=== RUN   TestBearerAuthHeader
=== RUN   TestBearerAuthHeader/EmptyInput
=== RUN   TestBearerAuthHeader/EmptyStringInput
=== RUN   TestBearerAuthHeader/BearerWithoutToken
=== RUN   TestBearerAuthHeader/BearerPrefixWithEmptyStringToken
=== RUN   TestBearerAuthHeader/WrongPrefixWithToken
=== RUN   TestBearerAuthHeader/WrongBearerPrefixCaseWithToken
=== RUN   TestBearerAuthHeader/BearerPrefixWithNextLineToken
=== RUN   TestBearerAuthHeader/BearerPrefixWithTabToken
=== RUN   TestBearerAuthHeader/IncorrectlySpacedValidRequest
=== RUN   TestBearerAuthHeader/CorrectlySpacedValidRequest
--- PASS: TestBearerAuthHeader (0.00s)
    --- PASS: TestBearerAuthHeader/EmptyInput (0.00s)
    --- PASS: TestBearerAuthHeader/EmptyStringInput (0.00s)
    --- PASS: TestBearerAuthHeader/BearerWithoutToken (0.00s)
    --- PASS: TestBearerAuthHeader/BearerPrefixWithEmptyStringToken (0.00s)
    --- PASS: TestBearerAuthHeader/WrongPrefixWithToken (0.00s)
    --- PASS: TestBearerAuthHeader/WrongBearerPrefixCaseWithToken (0.00s)
    --- PASS: TestBearerAuthHeader/BearerPrefixWithNextLineToken (0.00s)
    --- PASS: TestBearerAuthHeader/BearerPrefixWithTabToken (0.00s)
    --- PASS: TestBearerAuthHeader/IncorrectlySpacedValidRequest (0.00s)
    --- PASS: TestBearerAuthHeader/CorrectlySpacedValidRequest (0.00s)
PASS
ok  	internal/pkg/validator	0.008s
avatar
文章
阅读
粉丝