Hugging Face's logo

Spaces:
MVPilgrim
/
SemanticSearchPOC
Running

App Files Community
SemanticSearchPOC
File size: 2,536 Bytes 
b110593
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
 
//                           _       _
// __      _____  __ ___   ___  __ _| |_ ___
// \ \ /\ / / _ \/ _` \ \ / / |/ _` | __/ _ \
//  \ V  V /  __/ (_| |\ V /| | (_| | ||  __/
//   \_/\_/ \___|\__,_| \_/ |_|\__,_|\__\___|
//
//  Copyright © 2016 - 2024 Weaviate B.V. All rights reserved.
//
//  CONTACT: [email protected]
//

package anonymous

import (
	"net/http"
	"net/http/httptest"
	"testing"

	"github.com/stretchr/testify/assert"
	"github.com/weaviate/weaviate/usecases/config"
)

func Test_AnonymousMiddleware_Enabled(t *testing.T) {
	// when anonymous access is enabled, we don't need to do anything and can
	// safely call the next next handler

	r := httptest.NewRequest("GET", "/foo", nil)
	w := httptest.NewRecorder()

	next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		w.WriteHeader(900)
	})

	cfg := config.Config{
		Authentication: config.Authentication{
			AnonymousAccess: config.AnonymousAccess{
				Enabled: true,
			},
		},
	}

	New(cfg).Middleware(next).ServeHTTP(w, r)
	response := w.Result()
	defer response.Body.Close()

	assert.Equal(t, response.StatusCode, 900)
}

func Test_AnonymousMiddleware_Disabled(t *testing.T) {
	t.Run("when OIDC is enabled, but no token provided", func(t *testing.T) {
		r := httptest.NewRequest("GET", "/foo", nil)
		w := httptest.NewRecorder()

		next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			w.WriteHeader(900)
		})

		cfg := config.Config{
			Authentication: config.Authentication{
				AnonymousAccess: config.AnonymousAccess{
					Enabled: false,
				},
				OIDC: config.OIDC{
					Enabled: true,
				},
			},
		}

		New(cfg).Middleware(next).ServeHTTP(w, r)
		response := w.Result()
		defer response.Body.Close()

		assert.Equal(t, response.StatusCode, 401)
	})

	t.Run("when OIDC is enabled, and a Bearer Header provided", func(t *testing.T) {
		r := httptest.NewRequest("GET", "/foo", nil)
		r.Header.Add("Authorization", "Bearer foo")
		w := httptest.NewRecorder()

		next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
			w.WriteHeader(900)
		})

		cfg := config.Config{
			Authentication: config.Authentication{
				AnonymousAccess: config.AnonymousAccess{
					Enabled: false,
				},
				OIDC: config.OIDC{
					Enabled: true,
				},
			},
		}

		New(cfg).Middleware(next).ServeHTTP(w, r)
		response := w.Result()
		defer response.Body.Close()

		assert.Equal(t, response.StatusCode, 900)
	})
}