fix: close p0 auth and release gate gaps

This commit is contained in:
Your Name
2026-04-11 09:25:31 +08:00
parent b7b46dc827
commit 4adeee2e06
28 changed files with 3791 additions and 276 deletions

View File

@@ -2,6 +2,7 @@ package middleware
import (
"context"
"errors"
"net/http"
"net/http/httptest"
"strings"
@@ -13,6 +14,15 @@ import (
"lijiaoqiao/supply-api/internal/iam/model"
)
type stubTokenStatusBackend struct {
status string
err error
}
func (b *stubTokenStatusBackend) CheckTokenStatus(ctx context.Context, tokenID string) (string, error) {
return b.status, b.err
}
func TestTokenVerify(t *testing.T) {
secretKey := "test-secret-key-12345678901234567890"
issuer := "test-issuer"
@@ -431,6 +441,38 @@ func TestMED02_TokenCacheMiss_ShouldNotAssumeActive(t *testing.T) {
}
}
func TestTokenVerifyMiddleware_BackendErrorShouldReject(t *testing.T) {
secretKey := "test-secret-key-12345678901234567890"
issuer := "test-issuer"
authMiddleware := NewAuthMiddleware(AuthConfig{
SecretKey: secretKey,
Issuer: issuer,
Enabled: true,
}, NewTokenCache(), &stubTokenStatusBackend{err: errors.New("database unavailable")}, nil)
nextCalled := false
handler := authMiddleware.TokenVerifyMiddleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
nextCalled = true
}))
req := httptest.NewRequest("GET", "/api/v1/supply/accounts", nil)
req = req.WithContext(context.WithValue(req.Context(), bearerTokenKey, createTestToken(secretKey, issuer, "subject:1", "org_admin", time.Now().Add(time.Hour))))
w := httptest.NewRecorder()
handler.ServeHTTP(w, req)
if nextCalled {
t.Fatal("expected request to be rejected when token backend is unavailable")
}
if w.Code != http.StatusUnauthorized {
t.Fatalf("expected status 401, got %d", w.Code)
}
if !strings.Contains(w.Body.String(), "AUTH_TOKEN_STATUS_UNAVAILABLE") {
t.Fatalf("expected response to contain AUTH_TOKEN_STATUS_UNAVAILABLE, got %s", w.Body.String())
}
}
// Helper functions
func createTestToken(secretKey, issuer, subject, role string, expiresAt time.Time) string {