From 0e260d180c58cc88aab30d4757bdb1dd6251dd07 Mon Sep 17 00:00:00 2001
From: SDBrett <brett@sdbrett.com>
Date: Thu, 13 Dec 2018 14:35:17 +1100
Subject: [PATCH] Added tests for failure conditions (#6501)

Added unit tests for registryctl auth to cover failure conditions to increase test coverage.
New tests cover no secret specified and incorrect harbor secret prefix

Signed-off-by: Brett Johnson <brett@sdbrett.com>
---
 src/registryctl/auth/secret.go      |  2 +-
 src/registryctl/auth/secret_test.go | 43 +++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 1 deletion(-)

diff --git a/src/registryctl/auth/secret.go b/src/registryctl/auth/secret.go
index f4bf67cf8..b9567a690 100644
--- a/src/registryctl/auth/secret.go
+++ b/src/registryctl/auth/secret.go
@@ -34,7 +34,7 @@ type secretHandler struct {
 	secrets map[string]string
 }
 
-// NewSecretHandler creaters a new authentiation handler which adds
+// NewSecretHandler creates a new authentication handler which adds
 // basic authentication credentials to a request.
 func NewSecretHandler(secrets map[string]string) AuthenticationHandler {
 	return &secretHandler{
diff --git a/src/registryctl/auth/secret_test.go b/src/registryctl/auth/secret_test.go
index edb320c01..44aff4b87 100644
--- a/src/registryctl/auth/secret_test.go
+++ b/src/registryctl/auth/secret_test.go
@@ -15,6 +15,7 @@
 package auth
 
 import (
+	"fmt"
 	"net/http"
 	"testing"
 
@@ -49,3 +50,45 @@ func TestAuthorizeRequestValid(t *testing.T) {
 	assert.Nil(t, err)
 
 }
+
+func TestNilRequest(t *testing.T) {
+	secret := "Correct"
+	req, err := http.NewRequest("", "", nil)
+	req = nil
+	if err != nil {
+		t.Fatalf("failed to create request: %v", err)
+	}
+	_ = commonsecret.AddToRequest(req, secret)
+
+	authenticator := NewSecretHandler(map[string]string{"secret1": "correct"})
+	err = authenticator.AuthorizeRequest(req)
+	assert.Equal(t, err, ErrNoSecret)
+}
+
+func TestNoSecret(t *testing.T) {
+	secret := ""
+	req, err := http.NewRequest("", "", nil)
+	if err != nil {
+		t.Fatalf("failed to create request: %v", err)
+	}
+	_ = commonsecret.AddToRequest(req, secret)
+
+	authenticator := NewSecretHandler(map[string]string{})
+	err = authenticator.AuthorizeRequest(req)
+	assert.Equal(t, err, ErrNoSecret)
+}
+
+func TestIncorrectHarborSecret(t *testing.T) {
+	secret := "correct"
+	req, err := http.NewRequest("", "", nil)
+	if err != nil {
+		t.Fatalf("failed to create request: %v", err)
+	}
+	_ = commonsecret.AddToRequest(req, secret)
+
+	// Set req header to an incorrect value to trigger error return
+	req.Header.Set("Authorization", fmt.Sprintf("%s%s", "WrongPrefix", secret))
+	authenticator := NewSecretHandler(map[string]string{"secret1": "correct"})
+	err = authenticator.AuthorizeRequest(req)
+	assert.Equal(t, err, ErrInvalidCredential)
+}