Add util/oauth

free5gc · Jan 19, 2024 · 9b92113 · 9b92113
1 parent 293235b
commit 9b92113
Show file tree

Hide file tree

Showing 2 changed files with 124 additions and 0 deletions.
diff --git a/internal/util/oauth/router_auth_check.go b/internal/util/oauth/router_auth_check.go
@@ -0,0 +1,33 @@
+package util_oauth
+
+import (
+	"net/http"
+
+	"github.com/gin-gonic/gin"
+
+	smf_context "github.com/free5gc/smf/internal/context"
+	"github.com/free5gc/smf/internal/logger"
+)
+
+type RouterAuthorizationCheck struct {
+	serviceName string
+}
+
+func NewRouterAuthorizationCheck(serviceName string) *RouterAuthorizationCheck {
+	return &RouterAuthorizationCheck{
+		serviceName: serviceName,
+	}
+}
+
+func (rac *RouterAuthorizationCheck) Check(c *gin.Context, smfContext smf_context.NFContext) {
+	token := c.Request.Header.Get("Authorization")
+	err := smfContext.AuthorizationCheck(token, rac.serviceName)
+	if err != nil {
+		logger.UtilLog.Debugf("RouterAuthorizationCheck: Check Unauthorized: %s", err.Error())
+		c.JSON(http.StatusUnauthorized, gin.H{"error": err.Error()})
+		c.Abort()
+		return
+	}
+
+	logger.UtilLog.Debugf("RouterAuthorizationCheck: Check Authorized")
+}
diff --git a/internal/util/oauth/router_auth_check_test.go b/internal/util/oauth/router_auth_check_test.go
@@ -0,0 +1,91 @@
+package util_oauth
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+
+	"github.com/gin-gonic/gin"
+	"github.com/pkg/errors"
+)
+
+const (
+	Valid   = "valid"
+	Invalid = "invalid"
+)
+
+type mockSMFContext struct{}
+
+func newMockSMFContext() *mockSMFContext {
+	return &mockSMFContext{}
+}
+
+func (m *mockSMFContext) AuthorizationCheck(token string, serviceName string) error {
+	if token == Valid {
+		return nil
+	}
+
+	return errors.New("invalid token")
+}
+
+func TestRouterAuthorizationCheck_Check(t *testing.T) {
+	// Mock gin.Context
+	w := httptest.NewRecorder()
+	c, _ := gin.CreateTestContext(w)
+
+	var err error
+	c.Request, err = http.NewRequest("GET", "/", nil)
+	if err != nil {
+		t.Errorf("error on http request: %+v", err)
+	}
+
+	type Args struct {
+		token string
+	}
+	type Want struct {
+		statusCode int
+	}
+
+	tests := []struct {
+		name string
+		args Args
+		want Want
+	}{
+		{
+			name: "Valid Token",
+			args: Args{
+				token: Valid,
+			},
+			want: Want{
+				statusCode: http.StatusOK,
+			},
+		},
+		{
+			name: "Invalid Token",
+			args: Args{
+				token: Invalid,
+			},
+			want: Want{
+				statusCode: http.StatusUnauthorized,
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			w = httptest.NewRecorder()
+			c, _ = gin.CreateTestContext(w)
+			c.Request, err = http.NewRequest("GET", "/", nil)
+			if err != nil {
+				t.Errorf("error on http request: %+v", err)
+			}
+			c.Request.Header.Set("Authorization", tt.args.token)
+
+			rac := NewRouterAuthorizationCheck("testService")
+			rac.Check(c, newMockSMFContext())
+			if w.Code != tt.want.statusCode {
+				t.Errorf("StatusCode should be %d, but got %d", tt.want.statusCode, w.Code)
+			}
+		})
+	}
+}