add tests for the public share auth middleware

services/proxy/pkg/middleware/public_share_auth.go

@@ -9,7 +9,7 @@ import (
 )
 
 const (
-	headerRevaAccessToken   = "x-access-token"
+	_headerRevaAccessToken  = "x-access-token"
 	headerShareToken        = "public-token"
 	basicAuthPasswordPrefix = "password|"
 	authenticationType      = "publicshares"
@@ -74,11 +74,11 @@ func (a PublicShareAuthenticator) Authenticate(r *http.Request) (*http.Request,
 		return nil, false
 	}
 
-	r.Header.Add(headerRevaAccessToken, authResp.Token)
+	r.Header.Add(_headerRevaAccessToken, authResp.Token)
 
 	a.Logger.Debug().
 		Str("authenticator", "public_share").
 		Str("path", r.URL.Path).
 		Msg("successfully authenticated request")
-	return r, false
+	return r, true
 }

services/proxy/pkg/middleware/public_share_auth_test.go

@@ -0,0 +1,78 @@
+package middleware
+
+import (
+	"context"
+	"net/http"
+	"net/http/httptest"
+
+	gatewayv1beta1 "github.com/cs3org/go-cs3apis/cs3/gateway/v1beta1"
+	rpcv1beta1 "github.com/cs3org/go-cs3apis/cs3/rpc/v1beta1"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	"github.com/owncloud/ocis/v2/ocis-pkg/log"
+	"google.golang.org/grpc"
+)
+
+var _ = Describe("Authenticating requests", Label("PublicShareAuthenticator"), func() {
+	var authenticator Authenticator
+	BeforeEach(func() {
+		authenticator = PublicShareAuthenticator{
+			Logger: log.NewLogger(),
+			RevaGatewayClient: mockGatewayClient{
+				AuthenticateFunc: func(authType, clientID, clientSecret string) (string, rpcv1beta1.Code) {
+					if authType != "publicshares" {
+						return "", rpcv1beta1.Code_CODE_NOT_FOUND
+					}
+
+					if clientID == "sharetoken" && (clientSecret == "password|examples3cr3t" || clientSecret == "signature|examplesignature|exampleexpiration") {
+						return "exampletoken", rpcv1beta1.Code_CODE_OK
+					}
+
+					return "", rpcv1beta1.Code_CODE_NOT_FOUND
+				},
+			},
+		}
+	})
+	When("the request contains correct data", func() {
+		Context("using password authentication", func() {
+			It("should successfully authenticate", func() {
+				req := httptest.NewRequest(http.MethodGet, "http://example.com/dav/public-files/?public-token=sharetoken", http.NoBody)
+				req.SetBasicAuth("public", "examples3cr3t")
+
+				req2, valid := authenticator.Authenticate(req)
+
+				Expect(valid).To(Equal(true))
+				Expect(req2).ToNot(BeNil())
+
+				h := req2.Header
+				Expect(h.Get(_headerRevaAccessToken)).To(Equal("exampletoken"))
+			})
+		})
+		Context("using signature authentication", func() {
+			It("should successfully authenticate", func() {
+				req := httptest.NewRequest(http.MethodGet, "http://example.com/dav/public-files/?public-token=sharetoken&signature=examplesignature&expiration=exampleexpiration", http.NoBody)
+
+				req2, valid := authenticator.Authenticate(req)
+
+				Expect(valid).To(Equal(true))
+				Expect(req2).ToNot(BeNil())
+
+				h := req2.Header
+				Expect(h.Get(_headerRevaAccessToken)).To(Equal("exampletoken"))
+			})
+		})
+	})
+})
+
+type mockGatewayClient struct {
+	gatewayv1beta1.GatewayAPIClient
+	AuthenticateFunc func(authType, clientID, clientSecret string) (string, rpcv1beta1.Code)
+}
+
+func (c mockGatewayClient) Authenticate(ctx context.Context, in *gatewayv1beta1.AuthenticateRequest, opts ...grpc.CallOption) (*gatewayv1beta1.AuthenticateResponse, error) {
+	token, code := c.AuthenticateFunc(in.GetType(), in.GetClientId(), in.GetClientSecret())
+	return &gatewayv1beta1.AuthenticateResponse{
+		Status: &rpcv1beta1.Status{Code: code},
+		Token:  token,
+	}, nil
+}