-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathtesting.go
96 lines (84 loc) · 2.83 KB
/
testing.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package callback
import (
"context"
"encoding/json"
"net/http"
"testing"
"github.com/hashicorp/cap/oidc"
"github.com/stretchr/testify/require"
)
// testSuccessFn is a test SuccessResponseFunc
func testSuccessFn(state string, t oidc.Token, w http.ResponseWriter, req *http.Request) {
w.WriteHeader(http.StatusOK)
_, _ = w.Write([]byte("login successful"))
}
// testFailFn is a test ErrorResponseFunc
func testFailFn(state string, r *AuthenErrorResponse, e error, w http.ResponseWriter, req *http.Request) {
if e != nil {
w.WriteHeader(http.StatusInternalServerError)
j, _ := json.Marshal(&AuthenErrorResponse{
Error: "internal-callback-error",
Description: e.Error(),
})
_, _ = w.Write(j)
return
}
if r != nil {
w.WriteHeader(http.StatusUnauthorized)
j, _ := json.Marshal(r)
_, _ = w.Write(j)
return
}
w.WriteHeader(http.StatusInternalServerError)
j, _ := json.Marshal(&AuthenErrorResponse{
Error: "unknown-callback-error",
})
_, _ = w.Write(j)
}
// testNewProvider creates a new Provider. It uses the TestProvider (tp) to properly
// construct the provider's configuration (see testNewConfig). This is helpful internally, but
// intentionally not exported.
func testNewProvider(t *testing.T, clientID, clientSecret, redirectURL string, tp *oidc.TestProvider) *oidc.Provider {
const op = "testNewProvider"
t.Helper()
require := require.New(t)
require.NotEmptyf(clientID, "%s: client id is empty", op)
require.NotEmptyf(clientSecret, "%s: client secret is empty", op)
require.NotEmptyf(redirectURL, "%s: redirect URL is empty", op)
tc := testNewConfig(t, clientID, clientSecret, redirectURL, tp)
p, err := oidc.NewProvider(tc)
require.NoError(err)
t.Cleanup(p.Done)
return p
}
// testNewConfig creates a new config from the TestProvider. It will set the
// TestProvider's client ID/secret and use the TestProviders signing algorithm
// when building the configuration. This is helpful internally, but
// intentionally not exported.
func testNewConfig(t *testing.T, clientID, clientSecret, allowedRedirectURL string, tp *oidc.TestProvider) *oidc.Config {
const op = "testNewConfig"
t.Helper()
require := require.New(t)
require.NotEmptyf(clientID, "%s: client id is empty", op)
require.NotEmptyf(clientSecret, "%s: client secret is empty", op)
require.NotEmptyf(allowedRedirectURL, "%s: redirect URL is empty", op)
tp.SetClientCreds(clientID, clientSecret)
_, _, alg, _ := tp.SigningKeys()
c, err := oidc.NewConfig(
tp.Addr(),
clientID,
oidc.ClientSecret(clientSecret),
[]oidc.Alg{alg},
[]string{allowedRedirectURL},
nil,
oidc.WithProviderCA(tp.CACert()),
)
require.NoError(err)
return c
}
type testNilRequestReader struct{}
func (s *testNilRequestReader) Read(ctx context.Context, state string) (oidc.Request, error) {
return nil, nil
}