fix: add namespace to session token keys
This commit is contained in:
Lakhan Samani
@@ -36,7 +36,13 @@ func logoutTests(t *testing.T, s TestSetup) {
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, claims)
|
||||
|
||||
sessionToken, err := memorystore.Provider.GetUserSession(verifyRes.User.ID, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
|
||||
loginMethod := claims["login_method"]
|
||||
sessionKey := verifyRes.User.ID
|
||||
if loginMethod != nil && loginMethod != "" {
|
||||
sessionKey = loginMethod.(string) + ":" + verifyRes.User.ID
|
||||
}
|
||||
|
||||
sessionToken, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, sessionToken)
|
||||
|
||||
|
||||
@@ -2,6 +2,7 @@ package test
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"testing"
|
||||
|
||||
"github.com/authorizerdev/authorizer/server/constants"
|
||||
@@ -36,10 +37,12 @@ func profileTests(t *testing.T, s TestSetup) {
|
||||
s.GinContext.Request.Header.Set("Authorization", "Bearer "+*verifyRes.AccessToken)
|
||||
ctx = context.WithValue(req.Context(), "GinContextKey", s.GinContext)
|
||||
profileRes, err := resolvers.ProfileResolver(ctx)
|
||||
fmt.Println("=> err:", err)
|
||||
assert.Nil(t, err)
|
||||
assert.NotNil(t, profileRes)
|
||||
s.GinContext.Request.Header.Set("Authorization", "")
|
||||
|
||||
newEmail := *&profileRes.Email
|
||||
fmt.Println("=> res:", profileRes.Email, email)
|
||||
newEmail := profileRes.Email
|
||||
assert.Equal(t, email, newEmail, "emails should be equal")
|
||||
|
||||
cleanData(email)
|
||||
|
||||
@@ -41,7 +41,8 @@ func sessionTests(t *testing.T, s TestSetup) {
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, claims)
|
||||
|
||||
sessionToken, err := memorystore.Provider.GetUserSession(verifyRes.User.ID, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
|
||||
sessionKey := constants.AuthRecipeMethodBasicAuth + ":" + verifyRes.User.ID
|
||||
sessionToken, err := memorystore.Provider.GetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+claims["nonce"].(string))
|
||||
assert.NoError(t, err)
|
||||
assert.NotEmpty(t, sessionToken)
|
||||
|
||||
|
||||
@@ -50,12 +50,13 @@ func validateJwtTokenTest(t *testing.T, s TestSetup) {
|
||||
roles := []string{"user"}
|
||||
gc, err := utils.GinContextFromContext(ctx)
|
||||
assert.NoError(t, err)
|
||||
authToken, err := token.CreateAuthToken(gc, user, roles, scope)
|
||||
memorystore.Provider.SetUserSession(user.ID, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
|
||||
memorystore.Provider.SetUserSession(user.ID, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
|
||||
sessionKey := constants.AuthRecipeMethodBasicAuth + ":" + user.ID
|
||||
authToken, err := token.CreateAuthToken(gc, user, roles, scope, constants.AuthRecipeMethodBasicAuth)
|
||||
memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeSessionToken+"_"+authToken.FingerPrint, authToken.FingerPrintHash)
|
||||
memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeAccessToken+"_"+authToken.FingerPrint, authToken.AccessToken.Token)
|
||||
|
||||
if authToken.RefreshToken != nil {
|
||||
memorystore.Provider.SetUserSession(user.ID, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token)
|
||||
memorystore.Provider.SetUserSession(sessionKey, constants.TokenTypeRefreshToken+"_"+authToken.FingerPrint, authToken.RefreshToken.Token)
|
||||
}
|
||||
|
||||
t.Run(`should validate the access token`, func(t *testing.T) {
|
||||
|
||||
Reference in New Issue
Block a user