rusty-gasket 0.1.1

A plugin-based Rust framework for backend HTTP services
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

//! Mock authentication backend for testing.
//!
//! Returns a fixed identity (or `None` for anonymous testing) without
//! performing any real token or credential validation. Use this to
//! exercise handler logic behind auth extractors in integration tests.

use rusty_gasket::auth::backend::AuthBackend;
use rusty_gasket::auth::{AuthError, Identity};

/// A mock authentication backend for testing.
///
/// Always returns a fixed identity (or None for anonymous testing).
/// No real token validation is performed — this is purely for
/// exercising handler logic behind auth extractors.
///
/// # Example
///
/// ```ignore
/// let backend = MockAuthBackend::authenticated("test-user");
/// let backend = MockAuthBackend::anonymous();
/// ```
#[derive(Debug, Clone)]
pub struct MockAuthBackend {
    identity: Option<Identity>,
}

impl MockAuthBackend {
    /// Create a backend that always authenticates as the given subject.
    #[must_use]
    pub fn authenticated(subject: &str) -> Self {
        Self {
            identity: Some(Identity::new(subject, "mock")),
        }
    }

    /// Create a backend that always authenticates with a full identity.
    #[must_use]
    pub const fn with_identity(identity: Identity) -> Self {
        Self {
            identity: Some(identity),
        }
    }

    /// Create a backend that never matches (returns `Ok(None)`).
    #[must_use]
    pub const fn anonymous() -> Self {
        Self { identity: None }
    }

    /// Whether this mock is configured for anonymous (no-identity) mode.
    #[must_use]
    pub const fn is_anonymous(&self) -> bool {
        self.identity.is_none()
    }
}

impl AuthBackend for MockAuthBackend {
    fn name(&self) -> &'static str {
        "mock"
    }

    async fn authenticate(
        &self,
        _headers: &http::HeaderMap,
        _uri: &http::Uri,
    ) -> Result<Option<Identity>, AuthError> {
        Ok(self.identity.clone())
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[tokio::test]
    async fn mock_authenticated() {
        let backend = MockAuthBackend::authenticated("user-1");
        let headers = http::HeaderMap::new();
        let uri: http::Uri = "/test".parse().expect("valid uri");

        let result = backend
            .authenticate(&headers, &uri)
            .await
            .expect("should succeed");
        let identity = result.expect("should have identity");
        assert_eq!(identity.subject(), "user-1");
        assert_eq!(identity.auth_method(), "mock");
    }

    #[tokio::test]
    async fn mock_anonymous() {
        let backend = MockAuthBackend::anonymous();
        let headers = http::HeaderMap::new();
        let uri: http::Uri = "/test".parse().expect("valid uri");

        let result = backend
            .authenticate(&headers, &uri)
            .await
            .expect("should succeed");
        assert!(result.is_none());
    }

    #[tokio::test]
    async fn mock_with_custom_identity() {
        let identity = Identity::builder("custom-user", "custom")
            .display_name("Custom User")
            .scope("admin")
            .scope("read")
            .build();

        let backend = MockAuthBackend::with_identity(identity);
        let headers = http::HeaderMap::new();
        let uri: http::Uri = "/test".parse().expect("valid uri");

        let result = backend
            .authenticate(&headers, &uri)
            .await
            .expect("should succeed");
        let id = result.expect("should have identity");
        assert_eq!(id.subject(), "custom-user");
        assert_eq!(id.display_name(), Some("Custom User"));
        assert!(id.has_scope("admin"));
        assert!(id.has_scope("read"));
    }
}