Commit 998aa7f1 authored by ale's avatar ale

Use github url for ldap pkg

parent 4014dc50
Pipeline #10406 passed with stages
in 1 minute and 58 seconds
......@@ -38,8 +38,9 @@ functionality and user backends.
The authentication server data model is based on the concept of a
*user account*. The server knows how to retrieve user accounts stored
in LDAP, but it has to be told the specific details of how to find
them and how to map the information there to what it needs.
in LDAP or SQL databases, but it has to be told the specific details
of how to find them and how to map the information there to what it
needs.
## Other Dependencies
......
......@@ -10,7 +10,7 @@ import (
ldaputil "git.autistici.org/ai3/go-common/ldap"
ct "git.autistici.org/ai3/go-common/ldap/compositetypes"
"github.com/tstranex/u2f"
"gopkg.in/ldap.v3"
"github.com/go-ldap/ldap/v3"
"gopkg.in/yaml.v2"
"git.autistici.org/id/auth/backend"
......
language: go
go_import_path: contrib.go.opencensus.io
go:
- 1.11.x
env:
global:
GO111MODULE=on
before_script:
- make install-tools
script:
- make travis-ci
package clientutil
import (
"context"
"io"
"log"
"math/rand"
"net"
"net/http"
"net/http/httptest"
"net/url"
"testing"
"time"
)
type tcpHandler interface {
Handle(net.Conn)
}
type tcpHandlerFunc func(net.Conn)
func (f tcpHandlerFunc) Handle(c net.Conn) { f(c) }
// Base TCP server type (to build fake LDAP servers).
type tcpServer struct {
l net.Listener
handler tcpHandler
}
func newTCPServer(t testing.TB, handler tcpHandler) *tcpServer {
l, err := net.Listen("tcp", "localhost:0")
if err != nil {
t.Fatal("Listen():", err)
}
log.Printf("started new tcp server on %s", l.Addr().String())
s := &tcpServer{l: l, handler: handler}
go s.serve()
return s
}
func (s *tcpServer) serve() {
for {
conn, err := s.l.Accept()
if err != nil {
return
}
go func(c net.Conn) {
s.handler.Handle(c)
c.Close()
}(conn)
}
}
func (s *tcpServer) Addr() string {
return s.l.Addr().String()
}
func (s *tcpServer) Close() {
s.l.Close()
}
// A test server that will close all incoming connections right away.
func newConnFailServer(t testing.TB) *tcpServer {
return newTCPServer(t, tcpHandlerFunc(func(c net.Conn) {}))
}
// A test server that will close all connections after a 1s delay.
func newConnFailDelayServer(t testing.TB) *tcpServer {
return newTCPServer(t, tcpHandlerFunc(func(c net.Conn) { time.Sleep(1 * time.Second) }))
}
type httpServer struct {
*httptest.Server
}
func (s *httpServer) Addr() string {
u, _ := url.Parse(s.Server.URL)
return u.Host
}
// An HTTP server that will always return a specific HTTP status using
// http.Error().
func newErrorHTTPServer(statusCode int) *httpServer {
return &httpServer{httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Connection", "close")
http.Error(w, "oh no", statusCode)
}))}
}
func newJSONHTTPServer() *httpServer {
return &httpServer{httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/json")
io.WriteString(w, "{\"value\": 42}") // nolint
}))}
}
func newHostCountingJSONHTTPServer() (*httpServer, map[string]int) {
counters := make(map[string]int)
return &httpServer{httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
counters[r.Host]++
w.Header().Set("Content-Type", "application/json")
io.WriteString(w, "{\"value\": 42}") // nolint
}))}, counters
}
type testServer interface {
Addr() string
Close()
}
type testBackends struct {
servers []testServer
addrs []string
}
func newTestBackends(servers ...testServer) *testBackends {
b := new(testBackends)
for _, s := range servers {
b.servers = append(b.servers, s)
b.addrs = append(b.addrs, s.Addr())
}
return b
}
func (b *testBackends) ResolveIP(_ string) []string {
return b.addrs
}
func (b *testBackends) stop(i int) {
b.servers[i].Close()
}
func (b *testBackends) close() {
for _, s := range b.servers {
s.Close()
}
}
// Do a number of fake requests to a test JSONHTTPServer. If shards is
// not nil, set up a fake sharded service and pick one of the given
// shards randomly on every request.
func doJSONRequests(backends *testBackends, u string, n int, shards []string) (int, int) {
b, err := newBalancedBackend(&BackendConfig{
URL: u,
Debug: true,
Sharded: len(shards) > 0,
}, backends)
if err != nil {
panic(err)
}
defer b.Close()
var errs, oks int
for i := 0; i < n; i++ {
ctx, cancel := context.WithTimeout(context.Background(), 500*time.Millisecond)
var resp struct {
Value int `json:"value"`
}
var shard string
if len(shards) > 0 {
shard = shards[rand.Intn(len(shards))]
}
err = b.Call(ctx, shard, "/", struct{}{}, &resp)
cancel()
if err != nil {
errs++
log.Printf("request error: %v", err)
} else if resp.Value != 42 {
errs++
} else {
oks++
}
}
return oks, errs
}
func TestBackend_TargetsDown(t *testing.T) {
b := newTestBackends(newJSONHTTPServer(), newJSONHTTPServer(), newJSONHTTPServer())
defer b.close()
oks, errs := doJSONRequests(b, "http://test/", 10, nil)
if errs > 0 {
t.Fatalf("errs=%d", errs)
}
if oks == 0 {
t.Fatal("oks=0")
}
// Stop the first two backends, request should still succeed.
b.stop(0)
b.stop(1)
oks, errs = doJSONRequests(b, "http://test/", 10, nil)
if errs > 0 {
t.Fatalf("errs=%d", errs)
}
if oks < 10 {
t.Fatalf("oks=%d", oks)
}
}
func TestBackend_OverloadedTargets(t *testing.T) {
b := newTestBackends(newErrorHTTPServer(http.StatusTooManyRequests), newJSONHTTPServer())
defer b.close()
oks, errs := doJSONRequests(b, "http://test/", 10, nil)
if errs > 0 {
t.Fatalf("errs=%d", errs)
}
if oks < 10 {
t.Fatalf("oks=%d", oks)
}
}
func TestBackend_BrokenTarget(t *testing.T) {
b := newTestBackends(newConnFailServer(t), newJSONHTTPServer())
defer b.close()
oks, errs := doJSONRequests(b, "http://test/", 10, nil)
if errs > 0 {
t.Fatalf("errs=%d", errs)
}
if oks == 0 {
t.Fatal("oks=0")
}
}
func TestBackend_HighLatencyTarget(t *testing.T) {
b := newTestBackends(newConnFailDelayServer(t), newJSONHTTPServer())
defer b.close()
oks, errs := doJSONRequests(b, "http://test/", 10, nil)
// At most one request should fail (timing out).
if errs > 1 {
t.Fatalf("errs=%d", errs)
}
if oks == 0 {
t.Fatal("oks=0")
}
}
func TestBackend_Sharded(t *testing.T) {
srv, counters := newHostCountingJSONHTTPServer()
b := newTestBackends(srv)
defer b.close()
// Make some requests to two different shards (simulated by a
// single http server), and count the Host headers seen.
shards := []string{"s1", "s2"}
oks, errs := doJSONRequests(b, "http://test/", 10, shards)
if errs > 0 {
t.Fatalf("errs=%d", errs)
}
if oks == 0 {
t.Fatal("oks=0")
}
for _, s := range shards {
n := counters[s+".test"]
if n == 0 {
t.Errorf("no requests for shard %s", s)
}
}
}
package clientutil
import "testing"
type fakeResolver struct {
addrs []string
requests int
}
func (r *fakeResolver) ResolveIP(host string) []string {
r.requests++
return r.addrs
}
func TestDNSCache(t *testing.T) {
r := &fakeResolver{addrs: []string{"1.2.3.4"}}
c := newDNSCache(r)
for i := 0; i < 5; i++ {
addrs := c.ResolveIP("a.b.c.d")
if len(addrs) != 1 {
t.Errorf("ResolveIP returned bad response: %v", addrs)
}
}
if r.requests != 1 {
t.Errorf("cached resolver has wrong number of requests: %d, expecting 1", r.requests)
}
}
module git.autistici.org/ai3/go-common
go 1.14
go 1.11
require (
contrib.go.opencensus.io/exporter/zipkin v0.1.1
contrib.go.opencensus.io/exporter/zipkin v0.1.2
github.com/amoghe/go-crypt v0.0.0-20191109212615-b2ff80594b7f
github.com/bbrks/wrap v2.3.0+incompatible
github.com/bbrks/wrap/v2 v2.5.0
github.com/cenkalti/backoff v2.2.1+incompatible
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf
github.com/emersion/go-textwrapper v0.0.0-20160606182133-d0e65e56babe
github.com/emersion/go-textwrapper v0.0.0-20200911093747-65d896831594
github.com/go-ldap/ldap/v3 v3.2.4
github.com/gofrs/flock v0.8.0 // indirect
github.com/google/go-cmp v0.4.0
github.com/gorilla/handlers v1.4.2
github.com/lunixbochs/struc v0.0.0-20190916212049-a5c72983bc42
github.com/lunixbochs/struc v0.0.0-20200707160740-784aaebc1d40
github.com/miscreant/miscreant.go v0.0.0-20200214223636-26d376326b75
github.com/openzipkin/zipkin-go v0.2.2
github.com/prometheus/client_golang v1.5.1
......@@ -19,9 +21,8 @@ require (
github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
github.com/theckman/go-flock v0.7.1
github.com/tstranex/u2f v1.0.0
go.opencensus.io v0.22.3
golang.org/x/crypto v0.0.0-20200403201458-baeed622b8d8
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a
go.opencensus.io v0.22.5
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
golang.org/x/sync v0.0.0-20201207232520-09787c993a3a
gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d
gopkg.in/ldap.v3 v3.1.0
)
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
contrib.go.opencensus.io/exporter/zipkin v0.1.1 h1:PR+1zWqY8ceXs1qDQQIlgXe+sdiwCf0n32bH4+Epk8g=
contrib.go.opencensus.io/exporter/zipkin v0.1.1/go.mod h1:GMvdSl3eJ2gapOaLKzTKE3qDgUkJ86k9k3yY2eqwkzc=
github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c h1:/IBSNwUN8+eKzUzbJPqhK839ygXJ82sde8x3ogr6R28=
github.com/Azure/go-ntlmssp v0.0.0-20200615164410-66371956d46c/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
......@@ -10,13 +12,12 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/amoghe/go-crypt v0.0.0-20191109212615-b2ff80594b7f h1:JxPBJknH9/9Yp0BPLZII8Cn4vaWPNsFOdkmpIwPhO8A=
github.com/amoghe/go-crypt v0.0.0-20191109212615-b2ff80594b7f/go.mod h1:eFiR01PwTcpbzXtdMces7zxg6utvFM5puiWHpWB8D/k=
github.com/bbrks/wrap v2.3.0+incompatible h1:9ebLuiUC/fBSu6OeOdD6XG8WRjf3G+wSJO1YZPU2O9I=
github.com/bbrks/wrap v2.3.0+incompatible/go.mod h1:rc//8Fguf02+4sm0fBMyG1TrAaEhe6VTYM35MY10oO4=
github.com/bbrks/wrap/v2 v2.5.0 h1:2gn3SiiwgttdyW9CFJz1M/WbDKPsN857x7Era5/oAPI=
github.com/bbrks/wrap/v2 v2.5.0/go.mod h1:FdEamYFrsjX8zlv3UXgnT3JxirrDv67jCDYaE0Q/qww=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/cenkalti/backoff v1.1.0 h1:QnvVp8ikKCDWOsFheytRCoYWYPO/ObCTBGxT19Hc+yE=
github.com/cenkalti/backoff v2.2.1+incompatible h1:tNowT99t7UNflLxfYYSlKYsBpXdEet03Pg2g16Swow4=
github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY=
......@@ -29,15 +30,21 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
github.com/emersion/go-textwrapper v0.0.0-20160606182133-d0e65e56babe h1:40SWqY0zE3qCi6ZrtTf5OUdNm5lDnGnjRSq9GgmeTrg=
github.com/emersion/go-textwrapper v0.0.0-20160606182133-d0e65e56babe/go.mod h1:aqO8z8wPrjkscevZJFVE1wXJrLpC5LtJG7fqLOsPb2U=
github.com/emersion/go-textwrapper v0.0.0-20200911093747-65d896831594 h1:IbFBtwoTQyw0fIM5xv1HF+Y+3ZijDR839WMulgxCcUY=
github.com/emersion/go-textwrapper v0.0.0-20200911093747-65d896831594/go.mod h1:aqO8z8wPrjkscevZJFVE1wXJrLpC5LtJG7fqLOsPb2U=
github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g=
github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
github.com/go-asn1-ber/asn1-ber v1.5.1 h1:pDbRAunXzIUXfx4CB2QJFv5IuPiuoW+sWvr/Us009o8=
github.com/go-asn1-ber/asn1-ber v1.5.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=