Minor refactoring of test code (#20)

hiranya911 · web-flow · commit 323fe025ac59 · 2017-09-12T14:57:34.000-07:00
* Release 1.0.1 (#16) * Using the ClientOptions provided at App initialization to create the … (#12) * Using the ClientOptions provided at App initialization to create the HTTPClient in auth package. * Fixed context import * Updated test case * Fixing a test failure; Calling transport.NewHTTPClient() only when ctx and opts are available to avoid an unnecessary default credentials lookup. * Passing a non-nil context to AuthConfig during testing; Replacing Print+Exit calls with log.Fatal() (#13) * Bumped version to 1.0.1 (#15) * Moved integration/auth_test.go to its own package. Moved fileKeySource to auth_test.go * Testing for iss and sub headers of custom tokens
diff --git a/auth/auth_test.go b/auth/auth_test.go
@@ -16,6 +16,7 @@ package auth
 
 import (
 	"errors"
+	"io/ioutil"
 	"log"
 	"os"
 	"strings"
@@ -36,68 +37,6 @@ import (
 var client *Client
 var testIDToken string
 
-func verifyCustomToken(t *testing.T, token string, expected map[string]interface{}) {
-	h := &jwtHeader{}
-	p := &customToken{}
-	if err := decodeToken(token, client.ks, h, p); err != nil {
-		t.Fatal(err)
-	}
-
-	if h.Algorithm != "RS256" {
-		t.Errorf("Algorithm: %q; want: 'RS256'", h.Algorithm)
-	} else if h.Type != "JWT" {
-		t.Errorf("Type: %q; want: 'JWT'", h.Type)
-	} else if p.Aud != firebaseAudience {
-		t.Errorf("Audience: %q; want: %q", p.Aud, firebaseAudience)
-	}
-
-	for k, v := range expected {
-		if p.Claims[k] != v {
-			t.Errorf("Claim[%q]: %v; want: %v", k, p.Claims[k], v)
-		}
-	}
-}
-
-func getIDToken(p mockIDTokenPayload) string {
-	return getIDTokenWithKid("mock-key-id-1", p)
-}
-
-func getIDTokenWithKid(kid string, p mockIDTokenPayload) string {
-	pCopy := mockIDTokenPayload{
-		"aud":   client.projectID,
-		"iss":   "https://securetoken.google.com/" + client.projectID,
-		"iat":   time.Now().Unix() - 100,
-		"exp":   time.Now().Unix() + 3600,
-		"sub":   "1234567890",
-		"admin": true,
-	}
-	for k, v := range p {
-		pCopy[k] = v
-	}
-	h := defaultHeader()
-	h.KeyID = kid
-	token, err := encodeToken(client.snr, h, pCopy)
-	if err != nil {
-		log.Fatalln(err)
-	}
-	return token
-}
-
-type mockIDTokenPayload map[string]interface{}
-
-func (p mockIDTokenPayload) decode(s string) error {
-	return decode(s, &p)
-}
-
-type mockKeySource struct {
-	keys []*publicKey
-	err  error
-}
-
-func (t *mockKeySource) Keys() ([]*publicKey, error) {
-	return t.keys, t.err
-}
-
 func TestMain(m *testing.M) {
 	var (
 		err   error
@@ -286,6 +225,98 @@ func TestCertificateRequestError(t *testing.T) {
 	}
 }
 
+func verifyCustomToken(t *testing.T, token string, expected map[string]interface{}) {
+	h := &jwtHeader{}
+	p := &customToken{}
+	if err := decodeToken(token, client.ks, h, p); err != nil {
+		t.Fatal(err)
+	}
+
+	email, err := client.snr.Email()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if h.Algorithm != "RS256" {
+		t.Errorf("Algorithm: %q; want: 'RS256'", h.Algorithm)
+	} else if h.Type != "JWT" {
+		t.Errorf("Type: %q; want: 'JWT'", h.Type)
+	} else if p.Aud != firebaseAudience {
+		t.Errorf("Audience: %q; want: %q", p.Aud, firebaseAudience)
+	} else if p.Iss != email {
+		t.Errorf("Issuer: %q; want: %q", p.Iss, email)
+	} else if p.Sub != email {
+		t.Errorf("Subject: %q; want: %q", p.Sub, email)
+	}
+
+	for k, v := range expected {
+		if p.Claims[k] != v {
+			t.Errorf("Claim[%q]: %v; want: %v", k, p.Claims[k], v)
+		}
+	}
+}
+
+func getIDToken(p mockIDTokenPayload) string {
+	return getIDTokenWithKid("mock-key-id-1", p)
+}
+
+func getIDTokenWithKid(kid string, p mockIDTokenPayload) string {
+	pCopy := mockIDTokenPayload{
+		"aud":   client.projectID,
+		"iss":   "https://securetoken.google.com/" + client.projectID,
+		"iat":   time.Now().Unix() - 100,
+		"exp":   time.Now().Unix() + 3600,
+		"sub":   "1234567890",
+		"admin": true,
+	}
+	for k, v := range p {
+		pCopy[k] = v
+	}
+	h := defaultHeader()
+	h.KeyID = kid
+	token, err := encodeToken(client.snr, h, pCopy)
+	if err != nil {
+		log.Fatalln(err)
+	}
+	return token
+}
+
+type mockIDTokenPayload map[string]interface{}
+
+func (p mockIDTokenPayload) decode(s string) error {
+	return decode(s, &p)
+}
+
+// mockKeySource provides access to a set of in-memory public keys.
+type mockKeySource struct {
+	keys []*publicKey
+	err  error
+}
+
+func (t *mockKeySource) Keys() ([]*publicKey, error) {
+	return t.keys, t.err
+}
+
+// fileKeySource loads a set of public keys from the local file system.
+type fileKeySource struct {
+	FilePath   string
+	CachedKeys []*publicKey
+}
+
+func (f *fileKeySource) Keys() ([]*publicKey, error) {
+	if f.CachedKeys == nil {
+		certs, err := ioutil.ReadFile(f.FilePath)
+		if err != nil {
+			return nil, err
+		}
+		f.CachedKeys, err = parsePublicKeys(certs)
+		if err != nil {
+			return nil, err
+		}
+	}
+	return f.CachedKeys, nil
+}
+
 // aeKeySource provides access to the public keys associated with App Engine apps. This
 // is used in tests to verify custom tokens and mock ID tokens when they are signed with
 // App Engine private keys.
diff --git a/auth/crypto.go b/auth/crypto.go
@@ -146,25 +146,6 @@ func (k *httpKeySource) refreshKeys() error {
 	return nil
 }
 
-type fileKeySource struct {
-	FilePath   string
-	CachedKeys []*publicKey
-}
-
-func (f *fileKeySource) Keys() ([]*publicKey, error) {
-	if f.CachedKeys == nil {
-		certs, err := ioutil.ReadFile(f.FilePath)
-		if err != nil {
-			return nil, err
-		}
-		f.CachedKeys, err = parsePublicKeys(certs)
-		if err != nil {
-			return nil, err
-		}
-	}
-	return f.CachedKeys, nil
-}
-
 func findMaxAge(resp *http.Response) (*time.Duration, error) {
 	cc := resp.Header.Get("cache-control")
 	for _, value := range strings.Split(cc, ", ") {
diff --git a/integration/auth/auth_test.go b/integration/auth/auth_test.go
@@ -12,7 +12,8 @@
 // See the License for the specific language governing permissions and
 // limitations under the License.
 
-package integration
+// Package auth contains integration tests for the firebase.google.com/go/auth package.
+package auth
 
 import (
 	"bytes"
diff --git a/integration/internal/internal.go b/integration/internal/internal.go
@@ -16,7 +16,9 @@
 package internal
 
 import (
+	"go/build"
 	"io/ioutil"
+	"path/filepath"
 	"strings"
 
 	"golang.org/x/net/context"
@@ -25,24 +27,30 @@ import (
 	"google.golang.org/api/option"
 )
 
-const certPath = "../testdata/integration_cert.json"
-const apiKeyPath = "../testdata/integration_apikey.txt"
+const certPath = "integration_cert.json"
+const apiKeyPath = "integration_apikey.txt"
+
+// Resource returns the absolute path to the specified test resource file.
+func Resource(name string) string {
+	p := []string{build.Default.GOPATH, "src", "firebase.google.com", "go", "testdata", name}
+	return filepath.Join(p...)
+}
 
 // NewTestApp creates a new App instance for integration tests.
 //
 // NewTestApp looks for a service account JSON file named integration_cert.json
 // in the testdata directory. This file is used to initialize the newly created
 // App instance.
 func NewTestApp(ctx context.Context) (*firebase.App, error) {
-	return firebase.NewApp(ctx, nil, option.WithCredentialsFile(certPath))
+	return firebase.NewApp(ctx, nil, option.WithCredentialsFile(Resource(certPath)))
 }
 
 // APIKey fetches a Firebase API key for integration tests.
 //
 // APIKey reads the API key string from a file named integration_apikey.txt
 // in the testdata directory.
 func APIKey() (string, error) {
-	b, err := ioutil.ReadFile(apiKeyPath)
+	b, err := ioutil.ReadFile(Resource(apiKeyPath))
 	if err != nil {
 		return "", err
 	}
