1. origin
  2. Commit b79cc576511c788e386cdee6c5e2808709aded26
Browse code

Ensure an invalid bearer token returns an error

Jordan Liggitt authored on 2017/01/04 16:18:49
Showing 2 changed files
pkg/auth/authenticator/request/bearertoken/bearertoken.go
History View file @ b79cc57
... ... 
@@ -1,6 +1,7 @@
1 1 
 package bearertoken
2 2
3 3 
 import (
4 
+	"errors"
4 5 
 	"net/http"
5 6 
 	"strings"
6 7
... ... 
@@ -19,6 +20,8 @@ func New(auth authenticator.Token, removeHeader bool) *Authenticator {
19 19 
 	return &Authenticator{auth, removeHeader}
20 20 
 }
21 21
22 
+var invalidToken = errors.New("invalid bearer token")
23 
+
22 24 
 func (a *Authenticator) AuthenticateRequest(req *http.Request) (user.Info, bool, error) {
23 25 
 	auth := strings.TrimSpace(req.Header.Get("Authorization"))
24 26 
 	if auth == "" {
... ... 
@@ -40,5 +43,8 @@ func (a *Authenticator) AuthenticateRequest(req *http.Request) (user.Info, bool,
40 40 
 	if ok && a.removeHeader {
41 41 
 		req.Header.Del("Authorization")
42 42 
 	}
43 
+	if !ok && err == nil {
44 
+		err = invalidToken
45 
+	}
43 46 
 	return user, ok, err
44 47 
 }
pkg/auth/authenticator/request/bearertoken/bearertoken_test.go
History View file @ b79cc57
... ... 
@@ -77,7 +77,7 @@ func TestBearerToken(t *testing.T) {
77 77 
 			RemoveHeader:                 true,
78 78 
 			ExpectedUserName:             "",
79 79 
 			ExpectedOK:                   false,
80 
-			ExpectedErr:                  false,
80 
+			ExpectedErr:                  true,
81 81 
 			ExpectedAuthorizationHeaders: []string{"Bearer 123"},
82 82 
 		},
83 83 
 		"error bearer token": {