1 {-# LANGUAGE OverloadedStrings #-}
3 Copyright : (c) 2015 Julien Tanguy
6 Maintainer : julien.tanguy@jhome.fr
9 This test suite is based on the pymacaroons test suite:
10 <https://github.com/ecordell/pymacaroons>
12 module Crypto.Macaroon.Verifier.Tests where
16 import qualified Data.ByteString.Char8 as B8
18 import Test.Tasty.HUnit
19 import Test.Tasty.QuickCheck
21 import Crypto.Macaroon
22 import Crypto.Macaroon.Verifier
24 import Crypto.Macaroon.Instances
27 tests = testGroup "Crypto.Macaroon.Verifier" [ sigs
34 sec = B8.pack "this is our super secret key; only we should know it"
37 m = create sec key loc
39 key = B8.pack "we used our sec key"
40 loc = B8.pack "http://mybank/"
43 m2 = addFirstPartyCaveat "test = caveat" m
46 m3 = addFirstPartyCaveat "value = 42" m2
48 exVerifiers = [ verifyExact "test" "caveat" (many' letter_ascii)
49 , verifyExact "value" 42 decimal
51 exVerifiers' = [ verifyExact "test" "caveat" (many' letter_ascii)
52 , verifyExact "value" 43 decimal
54 funVerifiers = [ verifyFun "test" ("cav" `isPrefixOf`) (many' letter_ascii)
55 , verifyFun "value" (<= 43) decimal
61 sigs = testGroup "Signatures" [ basic
66 basic = testGroup "Basic Macaroon" [ none , sigQC ]
68 none = testCase "No caveat" $
69 Ok @=? verifySig sec m
71 sigQC = testProperty "Random" $
72 \sm -> verifySig (secret sm) (macaroon sm) == Ok
74 one = testCase "Macaroon with one caveat" $
75 Ok @=? verifySig sec m2
77 two = testCase "Macaroon with two caveats" $
78 Ok @=? verifySig sec m3
80 exactCavs = testGroup "Exact Caveats" [
81 testGroup "Ignoring non-relevant" [
82 testCase "Zero caveat" $ Ok @=? verifyCavs exVerifiers m
83 , testCase "One caveat" $ Ok @=? verifyCavs exVerifiers' m2
85 , testCase "One caveat win" $ Ok @=? verifyCavs exVerifiers m2
86 , testCase "Two caveat win" $ Ok @=? verifyCavs exVerifiers m3
87 , testCase "Two caveat fail" $ Failed @=? verifyCavs exVerifiers' m3
90 funCavs = testGroup "Function Caveats" [
91 testCase "One caveat win" $ Ok @=? verifyCavs funVerifiers m2
92 , testCase "Two caveat win" $ Ok @=? verifyCavs funVerifiers m3