softplayer/softplayer-backend
5
0
Fork 0
Code Pull Requests 2 Packages Releases Activity

Implement refresh token endpoint
All checks were successful
ci/woodpecker/push/build Pipeline was successful
Details

Browse Source 
Signed-off-by: Nikolai Rodionov <allanger@badhouseplants.net>
This commit is contained in:
Nikolai Rodionov
2026-05-09 21:36:23 +02:00
parent 19e47876f0
commit e58eba1b16
10 changed files with 356 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
internal/authorization/auth_test.go Normal file
View File

@@ -0,0 +1,57 @@
package authorization_test
import (
"testing"
"time"
"gitea.badhouseplants.net/softplayer/softplayer-backend/internal/authorization"
"github.com/google/uuid"
"github.com/stretchr/testify/assert"
)
var (
testAccessTTL = time.Second * 5
testRefreshTTL = time.Second * 20
testUserID = uuid.New().String()
)
func TestGenerateInvalidTokenType(t *testing.T) {
authCtrl := authorization.NewAuthController([]byte("test"), testAccessTTL, testRefreshTTL, nil)
token, _, err := authCtrl.GenerateToken(testUserID, "invalid_type")
assert.Equal(t, "", token)
assert.ErrorIs(t, authorization.ErrUnknownTokenType, err)
}
func TestGenerateValidateAccessToken(t *testing.T) {
authCtrl := authorization.NewAuthController([]byte("test"), testAccessTTL, testRefreshTTL, nil)
now := time.Now()
token, _, err := authCtrl.GenerateToken(testUserID, authorization.TokenTypeAccess)
assert.NoError(t, err)
assert.NotEmpty(t, token)
claims, err := authCtrl.ParseToken(token)
assert.NoError(t, err)
assert.Equal(t, testUserID, claims.UserID)
assert.NotEmpty(t, claims.TokenID)
assert.Equal(t, authorization.TokenTypeAccess, claims.TokenType)
assert.Equal(t, now.Add(testAccessTTL).Unix(), claims.ExpiresAt.Unix())
assert.Equal(t, now.Unix(), claims.IssuedAt.Unix())
assert.Equal(t, now.Unix(), claims.NotBefore.Unix())
}
func TestGenerateValidateRefreshToken(t *testing.T) {
authCtrl := authorization.NewAuthController([]byte("test"), testAccessTTL, testRefreshTTL, nil)
now := time.Now()
token, _, err := authCtrl.GenerateToken(testUserID, authorization.TokenTypeRefresh)
assert.NoError(t, err)
assert.NotEmpty(t, token)
claims, err := authCtrl.ParseToken(token)
assert.NoError(t, err)
assert.Equal(t, testUserID, claims.UserID)
assert.NotEmpty(t, claims.TokenID)
assert.Equal(t, authorization.TokenTypeRefresh, claims.TokenType)
assert.Equal(t, now.Add(testRefreshTTL).Unix(), claims.ExpiresAt.Unix())
assert.Equal(t, now.Unix(), claims.IssuedAt.Unix())
assert.Equal(t, now.Unix(), claims.NotBefore.Unix())
}