diff options
author | caicandong <50507092+CaiCandong@users.noreply.github.com> | 2023-07-11 10:04:28 +0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-07-11 10:04:28 +0800 |
commit | 491cc06ffe3491242ad9ff6227423d99e673d0c2 (patch) | |
tree | 66a9bd28de389fed613c7ff8fe14b4f07935165d /tests | |
parent | 2f31d2d56c22400b2e79b279a5d0e845febba137 (diff) | |
download | gitea-491cc06ffe3491242ad9ff6227423d99e673d0c2.tar.gz gitea-491cc06ffe3491242ad9ff6227423d99e673d0c2.zip |
Fix the error message when the token is incorrect (#25701)
we refactored `userIDFromToken` for the token parsing part into a new
function `parseToken`. `parseToken` returns the string `token` from
request, and a boolean `ok` representing whether the token exists or
not. So we can distinguish between token non-existence and token
inconsistency in the `verfity` function, thus solving the problem of no
proper error message when the token is inconsistent.
close #24439
related #22119
---------
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/integration/api_repo_test.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/tests/integration/api_repo_test.go b/tests/integration/api_repo_test.go index 0f387192eb..fae1415568 100644 --- a/tests/integration/api_repo_test.go +++ b/tests/integration/api_repo_test.go @@ -41,6 +41,17 @@ func TestAPIUserReposNotLogin(t *testing.T) { } } +func TestAPIUserReposWithWrongToken(t *testing.T) { + defer tests.PrepareTestEnv(t)() + user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) + wrongToken := fmt.Sprintf("Bearer %s", "wrong_token") + req := NewRequestf(t, "GET", "/api/v1/users/%s/repos", user.Name) + req = addTokenAuthHeader(req, wrongToken) + resp := MakeRequest(t, req, http.StatusUnauthorized) + + assert.Contains(t, resp.Body.String(), "user does not exist") +} + func TestAPISearchRepo(t *testing.T) { defer tests.PrepareTestEnv(t)() const keyword = "test" |