1 {-# LANGUAGE OverloadedStrings #-}
3 Copyright : (c) 2015 Julien Tanguy
6 Maintainer : julien.tanguy@jhome.fr
9 This test suite is based on the pymacaroons test suite:
10 <https://github.com/ecordell/pymacaroons>
12 module Crypto.Macaroon.Verifier.Internal.Tests where
15 import qualified Data.ByteString as BS
16 import qualified Data.ByteString.Char8 as B8
18 import Data.Either.Validation
21 import Test.Tasty.HUnit
22 import Test.Tasty.QuickCheck hiding (Failure, Success)
24 import Crypto.Macaroon
25 import Crypto.Macaroon.Verifier.Internal
27 import Crypto.Macaroon.Instances
30 tests = testGroup "Crypto.Macaroon.Verifier.Internal" [ sigs
37 sec = B8.pack "this is our super secret key; only we should know it"
40 m = create sec key loc
42 key = B8.pack "we used our sec key"
43 loc = B8.pack "http://mybank/"
46 m2 = addFirstPartyCaveat "test = caveat" m
48 vtest :: Caveat -> IO VerifierResult
49 vtest c = return $ if "test" `BS.isPrefixOf` cid c then
50 bool (Refused (ValidatorError "Failed")) Verified $ "test = caveat" == cid c
55 m3 = addFirstPartyCaveat "value = 42" m2
57 vval :: Caveat -> IO VerifierResult
58 vval c = return $ if "value" `BS.isPrefixOf` cid c then
59 bool (Refused (ValidatorError "Failed")) Verified $ "value = 42" == cid c
67 sigs = testProperty "Signatures" $ \sm -> verifySig (secret sm) (macaroon sm) == Right (macaroon sm)
70 firstParty = testGroup "First party caveats" [
71 testCase "Zero caveat" $ do
72 res <- verifyCavs [] m :: IO (Either ValidationError Macaroon)
74 , testCase "One caveat empty" $ do
75 res <- verifyCavs [] m2 :: IO (Either ValidationError Macaroon)
76 Left NoVerifier @=? res
77 , testCase "One caveat fail" $ do
78 res <- verifyCavs [vval] m2 :: IO (Either ValidationError Macaroon)
79 Left NoVerifier @=? res
80 , testCase "One caveat win" $ do
81 res <- verifyCavs [vtest] m2 :: IO (Either ValidationError Macaroon)
83 , testCase "Two caveat win" $ do
84 res <- verifyCavs [vtest, vval] m3 :: IO (Either ValidationError Macaroon)