fix some suggestions from the bot - error messages, test coverage, ma…

…rk purely defensive code Signed-off-by: Dave Lee <dave@gray101.com>
gofiber · Jun 17, 2024 · 9588706 · 9588706
1 parent 26bc132
commit 9588706
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 4 deletions.
diff --git a/middleware/keyauth/keyauth.go b/middleware/keyauth/keyauth.go
@@ -94,6 +94,7 @@ func MultipleKeySourceLookup(keyLookups []string, authScheme string) (KeyLookupF
 				return res, nil
 			}
 			if !errors.Is(err, ErrMissingOrMalformedAPIKey) {
+				// Defensive Code - not currently possible to hit
 				return "", fmt.Errorf("[%s] %w", keyLookup, err)
 			}
 		}
@@ -104,7 +105,7 @@ func MultipleKeySourceLookup(keyLookups []string, authScheme string) (KeyLookupF
 func DefaultKeyLookup(keyLookup, authScheme string) (KeyLookupFunc, error) {
 	parts := strings.Split(keyLookup, ":")
 	if len(parts) <= 1 {
-		return nil, fmt.Errorf("invalid keyLookup: %s", keyLookup)
+		return nil, fmt.Errorf("invalid keyLookup: %q, expected format 'source:name'", keyLookup)
 	}
 	extractor := KeyFromHeader(parts[1], authScheme) // in the event of an invalid prefix, it is interpreted as header:
 	switch parts[0] {

diff --git a/middleware/keyauth/keyauth_test.go b/middleware/keyauth/keyauth_test.go
@@ -142,7 +142,23 @@ func TestPanicOnInvalidConfiguration(t *testing.T) {
 			require.NoError(t, err)
 		}()
 		app.Use(authMiddleware)
-	})
+	}, "should panic if Validator is missing")
+
+	require.Panics(t, func() {
+		authMiddleware := New(Config{
+			KeyLookup: "invalid",
+			Validator: func(_ fiber.Ctx, _ string) (bool, error) {
+				return true, nil
+			},
+		})
+		// We shouldn't even make it this far, but these next two lines prevent authMiddleware from being an unused variable.
+		app := fiber.New()
+		defer func() { // testing panics, defer block to ensure cleanup
+			err := app.Shutdown()
+			require.NoError(t, err)
+		}()
+		app.Use(authMiddleware)
+	}, "should panic if CustomKeyLookup is not set AND KeyLookup has an invalid value")
 }
 
 func TestCustomKeyUtilityFunctionErrors(t *testing.T) {
@@ -152,10 +168,10 @@ func TestCustomKeyUtilityFunctionErrors(t *testing.T) {
 
 	// Invalid element while parsing
 	_, err := DefaultKeyLookup("invalid", scheme)
-	require.Error(t, err)
+	require.Error(t, err, "DefaultKeyLookup should fail for 'invalid' keyLookup")
 
 	_, err = MultipleKeySourceLookup([]string{"header:key", "invalid"}, scheme)
-	require.Error(t, err)
+	require.Error(t, err, "MultipleKeySourceLookup should fail for 'invalid' keyLookup")
 }
 
 func TestMultipleKeyLookup(t *testing.T) {