authorizer/server/test/cors_test.go

package test

import (
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/authorizerdev/authorizer/server/constants"
	"github.com/authorizerdev/authorizer/server/db"
	"github.com/authorizerdev/authorizer/server/env"
	"github.com/authorizerdev/authorizer/server/router"
	"github.com/authorizerdev/authorizer/server/session"
	"github.com/stretchr/testify/assert"
)

func TestCors(t *testing.T) {
	constants.ENV_PATH = "../../.env.sample"
	constants.DATABASE_URL = "../../data.db"
	env.InitEnv()
	db.InitDB()
	session.InitSession()
	router := router.InitRouter()

	allowedOrigin := "http://localhost:8080" // The allowed origin that you want to check
	notAllowedOrigin := "http://myapp.com"

	server := httptest.NewServer(router)
	defer server.Close()

	client := &http.Client{}
	req, _ := http.NewRequest(
		"GET",
		"http://"+server.Listener.Addr().String()+"/graphql",
		nil,
	)
	req.Header.Add("Origin", allowedOrigin)

	get, _ := client.Do(req)

	// You should get your origin (or a * depending on your config) if the
	// passed origin is allowed.
	o := get.Header.Get("Access-Control-Allow-Origin")
	assert.NotEqual(t, o, notAllowedOrigin, "Origins should not match")
	assert.Equal(t, o, allowedOrigin, "Origins don't match")
}
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`package test`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00
			`import (`
			`"net/http"`
			`"net/http/httptest"`
			`"testing"`

			`"github.com/authorizerdev/authorizer/server/constants"`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`"github.com/authorizerdev/authorizer/server/db"`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`"github.com/authorizerdev/authorizer/server/env"`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`"github.com/authorizerdev/authorizer/server/router"`
			`"github.com/authorizerdev/authorizer/server/session"`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestCors(t *testing.T) {`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`constants.ENV_PATH = "../../.env.sample"`
			`constants.DATABASE_URL = "../../data.db"`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`env.InitEnv()`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`db.InitDB()`
			`session.InitSession()`
			`router := router.InitRouter()`

fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`allowedOrigin := "http://localhost:8080" // The allowed origin that you want to check`
			`notAllowedOrigin := "http://myapp.com"`

fix: unique constraint data 2021-12-22 10:01:45 +00:00			`server := httptest.NewServer(router)`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`defer server.Close()`

			`client := &http.Client{}`
			`req, _ := http.NewRequest(`
			`"GET",`
fix: unique constraint data 2021-12-22 10:01:45 +00:00			`"http://"+server.Listener.Addr().String()+"/graphql",`
fix: add valid origin check for cors (#83) Resolves #72 2021-12-21 13:16:54 +00:00			`nil,`
			`)`
			`req.Header.Add("Origin", allowedOrigin)`

			`get, _ := client.Do(req)`

			`// You should get your origin (or a * depending on your config) if the`
			`// passed origin is allowed.`
			`o := get.Header.Get("Access-Control-Allow-Origin")`
			`assert.NotEqual(t, o, notAllowedOrigin, "Origins should not match")`
			`assert.Equal(t, o, allowedOrigin, "Origins don't match")`
			`}`