Skip to content

Commit e71f761

Browse files
milos85vasicmilos85vasic
committed
Auto-commit
1 parent 34d8f73 commit e71f761

3 files changed

Lines changed: 91 additions & 21 deletions

File tree

auth-service/src/auth-service

23.7 MB
Binary file not shown.

auth-service/src/auth_service.go

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -189,10 +189,11 @@ func (s *AuthServiceServer) ValidateToken(ctx context.Context, req *auth.Validat
189189
// Validate JTI is UUID v4
190190
if jti, exists := claims["jti"].(string); exists {
191191
parsedUUID, err := uuid.Parse(jti)
192-
if err != nil || uuid.Version(parsedUUID) != 4 {
192+
if err != nil || parsedUUID.Version() != 4 {
193193
return nil, status.Error(codes.InvalidArgument, "invalid JTI format")
194194
}
195-
195+
}
196+
196197
userID := claims["sub"].(string)
197198
username := claims["username"].(string)
198199
expiresAt := int64(claims["exp"].(float64))

auth-service/src/uuid_validation_test.go

Lines changed: 88 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -2,87 +2,155 @@ package main
22

33
import (
44
"testing"
5+
"context"
6+
"crypto/rsa"
7+
"crypto/rand"
8+
"time"
59
"github.com/golang-jwt/jwt/v5"
610
"github.com/google/uuid"
711
"google.golang.org/grpc/codes"
812
"google.golang.org/grpc/status"
13+
"helixflow/auth"
14+
"helixflow/database"
915
)
1016

11-
var testKey = []byte("test-secret")
17+
var testPrivateKey *rsa.PrivateKey
18+
var testPublicKey *rsa.PublicKey
19+
var testServer *AuthServiceServer
20+
21+
// MockDatabaseManager implements DatabaseManager for testing
22+
type MockDatabaseManager struct{}
23+
24+
func (m *MockDatabaseManager) Initialize() error { return nil }
25+
func (m *MockDatabaseManager) Close() error { return nil }
26+
func (m *MockDatabaseManager) CreateUser(username, email, password, firstName, lastName, organization string) (string, error) { return "user123", nil }
27+
func (m *MockDatabaseManager) GetUserByUsername(username string) (*database.User, error) {
28+
return &database.User{ID: "user123", Username: username, Active: true}, nil
29+
}
30+
func (m *MockDatabaseManager) GetUserByEmail(email string) (*database.User, error) {
31+
return &database.User{ID: "user123", Email: email, Active: true}, nil
32+
}
33+
func (m *MockDatabaseManager) GetUserByID(userID string) (*database.User, error) {
34+
return &database.User{ID: userID, Username: "testuser", Active: true}, nil
35+
}
36+
func (m *MockDatabaseManager) ValidatePassword(user *database.User, password string) bool { return true }
37+
func (m *MockDatabaseManager) UpdateLastLogin(userID string) error { return nil }
38+
func (m *MockDatabaseManager) UpdateUserProfile(userID, firstName, lastName, organization string) error { return nil }
39+
func (m *MockDatabaseManager) UpdatePassword(userID, passwordHash string) error { return nil }
40+
func (m *MockDatabaseManager) CreateAPIKey(userID, name, keyHash, keyPrefix string, permissions []string) (string, error) { return "key123", nil }
41+
func (m *MockDatabaseManager) GetUserPermissions(userID string) ([]string, error) { return []string{"read", "write"}, nil }
42+
func (m *MockDatabaseManager) GetAPIKeyByHash(keyHash string) (*database.APIKey, error) { return nil, nil }
43+
func (m *MockDatabaseManager) UpdateAPIKeyUsage(keyID string) error { return nil }
44+
func (m *MockDatabaseManager) ListAPIKeys(userID string) ([]*database.APIKey, error) { return nil, nil }
45+
func (m *MockDatabaseManager) RevokeAPIKey(keyID string) error { return nil }
46+
func (m *MockDatabaseManager) LogInferenceRequest(userID, modelID string, requestData, responseData map[string]interface{}, status string, errorMessage *string, tokensUsed, processingTimeMs int, cost float64) error { return nil }
47+
48+
func init() {
49+
// Generate test RSA key pair
50+
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
51+
if err != nil {
52+
panic("Failed to generate test RSA key pair")
53+
}
54+
testPrivateKey = privateKey
55+
testPublicKey = &privateKey.PublicKey
56+
57+
// Create test database manager
58+
dbManager := &MockDatabaseManager{}
59+
60+
// Create test server
61+
testServer = &AuthServiceServer{
62+
dbManager: dbManager,
63+
privateKey: testPrivateKey,
64+
publicKey: testPublicKey,
65+
blacklist: make(map[string]time.Time),
66+
}
67+
}
1268

1369
func generateTestToken(claims jwt.MapClaims) (string, error) {
14-
token := jwt.NewWithClaims(jwt.SigningMethodHS256, claims)
15-
return token.SignedString(testKey)
70+
token := jwt.NewWithClaims(jwt.SigningMethodRS256, claims)
71+
return token.SignedString(testPrivateKey)
1672
}
1773

1874
func TestValidateTokenWithValidUUIDv4(t *testing.T) {
1975
validUUID := uuid.New().String()
20-
claims := jwt.MapClaims{"jti": validUUID, "sub": "user123"}
76+
claims := jwt.MapClaims{"jti": validUUID, "sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
2177
tokenString, _ := generateTestToken(claims)
2278

23-
_, err := ValidateToken(tokenString)
79+
req := &auth.ValidateTokenRequest{Token: tokenString}
80+
resp, err := testServer.ValidateToken(context.Background(), req)
2481
if err != nil {
2582
t.Fatalf("Expected no error, got %v", err)
2683
}
84+
if !resp.Valid {
85+
t.Fatalf("Expected valid token, got invalid")
86+
}
2787
}
2888

2989
func TestValidateTokenWithInvalidUUIDFormat(t *testing.T) {
3090
invalidUUID := "not-a-uuid"
31-
claims := jwt.MapClaims{"jti": invalidUUID, "sub": "user123"}
91+
claims := jwt.MapClaims{"jti": invalidUUID, "sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
3292
tokenString, _ := generateTestToken(claims)
3393

34-
_, err := ValidateToken(tokenString)
94+
req := &auth.ValidateTokenRequest{Token: tokenString}
95+
_, err := testServer.ValidateToken(context.Background(), req)
3596
if err == nil {
3697
t.Fatal("Expected error, got none")
3798
}
38-
expectedErr := status.Error(codes.Unauthenticated, "invalid JTI format")
99+
expectedErr := status.Error(codes.InvalidArgument, "invalid JTI format")
39100
if err.Error() != expectedErr.Error() {
40101
t.Fatalf("Expected error %v, got %v", expectedErr, err)
41102
}
42103
}
43104

44105
func TestValidateTokenWithMissingJTI(t *testing.T) {
45-
claims := jwt.MapClaims{"sub": "user123"}
106+
claims := jwt.MapClaims{"sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
46107
tokenString, _ := generateTestToken(claims)
47108

48-
_, err := ValidateToken(tokenString)
109+
req := &auth.ValidateTokenRequest{Token: tokenString}
110+
resp, err := testServer.ValidateToken(context.Background(), req)
49111
if err != nil {
50112
t.Fatalf("Expected no error, got %v", err)
51113
}
114+
if !resp.Valid {
115+
t.Fatalf("Expected valid token, got invalid. Message: %s", resp.Message)
116+
}
52117
}
53118

54119
func TestValidateTokenWithNonV4UUID(t *testing.T) {
55120
nonV4UUID := "123e4567-e89b-11d3-a75a-426614174000" // UUID v1
56-
claims := jwt.MapClaims{"jti": nonV4UUID, "sub": "user123"}
121+
claims := jwt.MapClaims{"jti": nonV4UUID, "sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
57122
tokenString, _ := generateTestToken(claims)
58123

59-
_, err := ValidateToken(tokenString)
124+
req := &auth.ValidateTokenRequest{Token: tokenString}
125+
_, err := testServer.ValidateToken(context.Background(), req)
60126
if err == nil {
61127
t.Fatal("Expected error, got none")
62128
}
63-
expectedErr := status.Error(codes.Unauthenticated, "invalid JTI format")
129+
expectedErr := status.Error(codes.InvalidArgument, "invalid JTI format")
64130
if err.Error() != expectedErr.Error() {
65131
t.Fatalf("Expected error %v, got %v", expectedErr, err)
66132
}
67133
}
68134

69135
func TestRefreshTokenWithValidUUIDv4(t *testing.T) {
70136
validUUID := uuid.New().String()
71-
claims := jwt.MapClaims{"jti": validUUID, "sub": "user123"}
137+
claims := jwt.MapClaims{"jti": validUUID, "sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
72138
tokenString, _ := generateTestToken(claims)
73139

74-
_, err := RefreshToken(tokenString)
140+
req := &auth.RefreshTokenRequest{RefreshToken: tokenString}
141+
_, err := testServer.RefreshToken(context.Background(), req)
75142
if err != nil {
76143
t.Fatalf("Expected no error, got %v", err)
77144
}
78145
}
79146

80147
func TestRefreshTokenWithInvalidUUIDFormat(t *testing.T) {
81148
invalidUUID := "not-a-uuid"
82-
claims := jwt.MapClaims{"jti": invalidUUID, "sub": "user123"}
149+
claims := jwt.MapClaims{"jti": invalidUUID, "sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
83150
tokenString, _ := generateTestToken(claims)
84151

85-
_, err := RefreshToken(tokenString)
152+
req := &auth.RefreshTokenRequest{RefreshToken: tokenString}
153+
_, err := testServer.RefreshToken(context.Background(), req)
86154
if err == nil {
87155
t.Fatal("Expected error, got none")
88156
}
@@ -94,10 +162,11 @@ func TestRefreshTokenWithInvalidUUIDFormat(t *testing.T) {
94162

95163
func TestRefreshTokenWithNonV4UUID(t *testing.T) {
96164
nonV4UUID := "123e4567-e89b-11d3-a75a-426614174000" // UUID v1
97-
claims := jwt.MapClaims{"jti": nonV4UUID, "sub": "user123"}
165+
claims := jwt.MapClaims{"jti": nonV4UUID, "sub": "user123", "username": "testuser", "exp": float64(time.Now().Add(time.Hour).Unix())}
98166
tokenString, _ := generateTestToken(claims)
99167

100-
_, err := RefreshToken(tokenString)
168+
req := &auth.RefreshTokenRequest{RefreshToken: tokenString}
169+
_, err := testServer.RefreshToken(context.Background(), req)
101170
if err == nil {
102171
t.Fatal("Expected error, got none")
103172
}

0 commit comments

Comments
 (0)