Herkese merhaba!

Uzun yıllardır bol miktarda kişisel zaman ve enerji harcayarak bilgimizi hepinizle paylaşıyoruz. Ancak şu andan itibaren bu blogu çalışır durumda tutabilmek için yardımınıza ihtiyacımız var. Yapmanız gereken tek şey, sitedeki reklamlardan birine tıklamak olacaktır, aksi takdirde hosting vb. masraflar nedeniyle maalesef yayından kaldırılacaktır. Teşekkürler.

Aşağıdaki örneği kullanarak Golang isteklerindeki bearer authorization başlığını doğrulayabilirsiniz.


Doğrulayıcı


package validator

import (
"strings"
)

// BearerAuthHeader validates incoming `r.Header.Get("Authorization")` header
// and returns token otherwise an empty string.
func BearerAuthHeader(authHeader string) string {
if authHeader == "" {
return ""
}

parts := strings.Split(authHeader, "Bearer")
if len(parts) != 2 {
return ""
}

token := strings.TrimSpace(parts[1])
if len(token) < 1 {
return ""
}

return token
}

Test


package validator

import "testing"

func TestBearerAuthHeader(t *testing.T) {
tests := []struct{
name string
auth string
token string
}{
{
"EmptyInput",
"",
"",
},
{
"EmptyStringInput",
" ",
"",
},
{
"BearerWithoutToken",
"Bearer",
"",
},
{
"BearerPrefixWithEmptyStringToken",
"Bearer ",
"",
},
{
"WrongPrefixWithToken",
"Basic token",
"",
},
{
"WrongBearerPrefixCaseWithToken",
"BEARER token",
"",
},
{
"BearerPrefixWithNextLineToken",
"Bearer \n",
"",
},
{
"BearerPrefixWithTabToken",
"Bearer \t",
"",
},
{
"IncorrectlySpacedValidRequest",
" Bearer token ",
"token",
},
{
"CorrectlySpacedValidRequest",
"Bearer token",
"token",
},
}

for _, c := range tests {
t.Run(c.name, func(t *testing.T) {
token := BearerAuthHeader(c.auth)

if c.token != token {
t.Fatal("expected", c.token, "but got", token)
}
})
}
}

=== RUN   TestBearerAuthHeader
=== RUN TestBearerAuthHeader/EmptyInput
=== RUN TestBearerAuthHeader/EmptyStringInput
=== RUN TestBearerAuthHeader/BearerWithoutToken
=== RUN TestBearerAuthHeader/BearerPrefixWithEmptyStringToken
=== RUN TestBearerAuthHeader/WrongPrefixWithToken
=== RUN TestBearerAuthHeader/WrongBearerPrefixCaseWithToken
=== RUN TestBearerAuthHeader/BearerPrefixWithNextLineToken
=== RUN TestBearerAuthHeader/BearerPrefixWithTabToken
=== RUN TestBearerAuthHeader/IncorrectlySpacedValidRequest
=== RUN TestBearerAuthHeader/CorrectlySpacedValidRequest
--- PASS: TestBearerAuthHeader (0.00s)
--- PASS: TestBearerAuthHeader/EmptyInput (0.00s)
--- PASS: TestBearerAuthHeader/EmptyStringInput (0.00s)
--- PASS: TestBearerAuthHeader/BearerWithoutToken (0.00s)
--- PASS: TestBearerAuthHeader/BearerPrefixWithEmptyStringToken (0.00s)
--- PASS: TestBearerAuthHeader/WrongPrefixWithToken (0.00s)
--- PASS: TestBearerAuthHeader/WrongBearerPrefixCaseWithToken (0.00s)
--- PASS: TestBearerAuthHeader/BearerPrefixWithNextLineToken (0.00s)
--- PASS: TestBearerAuthHeader/BearerPrefixWithTabToken (0.00s)
--- PASS: TestBearerAuthHeader/IncorrectlySpacedValidRequest (0.00s)
--- PASS: TestBearerAuthHeader/CorrectlySpacedValidRequest (0.00s)
PASS
ok internal/pkg/validator 0.008s