Skip to content

GitLab

Commit c31754c5 authored by ale's avatar ale
Browse files
Options

Add a logout test

parent 5e99c3de
Pipeline #1459 passed with stages
          in 1 minute and 42 seconds
          Hide whitespace changes
          Inline Side-by-side
          Showing with 63 additions and 0 deletions
          server/http_test.go
          View file @ c31754c5
          ......@@ -195,6 +195,69 @@ func TestHTTP_Login(t *testing.T) {
          doPostForm(t, httpSrv, c, "/login", v, checkRedirectToTargetService)
          }
          func TestHTTP_LoginOnSecondAttempt(t *testing.T) {
          tmpdir, httpSrv := startTestHTTPServer(t)
          defer os.RemoveAll(tmpdir)
          defer httpSrv.Close()
          c := newTestHTTPClient()
          // Simulate an authorization request from a service, expect to
          // see the login page.
          v := make(url.Values)
          v.Set("s", "service.example.com/")
          v.Set("d", "https://service.example.com/admin/")
          v.Set("n", "averysecretnonce")
          doGet(t, httpSrv, c, "/?"+v.Encode(), checkStatusOk, checkLoginPasswordPage)
          // Attempt to login with wrong credentials.
          v = make(url.Values)
          v.Set("username", "testuser")
          v.Set("password", "badpassword")
          doPostForm(t, httpSrv, c, "/login", v, checkStatusOk, checkLoginPasswordPage)
          // Attempt to login by submitting the form. We expect the
          // result to be a 302 redirect to the target service.
          v = make(url.Values)
          v.Set("username", "testuser")
          v.Set("password", "password")
          doPostForm(t, httpSrv, c, "/login", v, checkRedirectToTargetService)
          }
          func TestHTTP_LoginAndLogout(t *testing.T) {
          tmpdir, httpSrv := startTestHTTPServer(t)
          defer os.RemoveAll(tmpdir)
          defer httpSrv.Close()
          c := newTestHTTPClient()
          // Simulate an authorization request from a service, expect to
          // see the login page.
          v := make(url.Values)
          v.Set("s", "service.example.com/")
          v.Set("d", "https://service.example.com/admin/")
          v.Set("n", "averysecretnonce")
          doGet(t, httpSrv, c, "/?"+v.Encode(), checkStatusOk, checkLoginPasswordPage)
          // Attempt to login by submitting the form. We expect the
          // result to be a 302 redirect to the target service.
          v = make(url.Values)
          v.Set("username", "testuser")
          v.Set("password", "password")
          doPostForm(t, httpSrv, c, "/login", v, checkRedirectToTargetService)
          // Make a logout request.
          doGet(t, httpSrv, c, "/logout", checkStatusOk)
          doPostForm(t, httpSrv, c, "/logout", nil, checkStatusOk)
          // This new authorization request should send us to the login page.
          v = make(url.Values)
          v.Set("s", "service.example.com/")
          v.Set("d", "https://service.example.com/admin/")
          v.Set("n", "averysecretnonce")
          doGet(t, httpSrv, c, "/?"+v.Encode(), checkStatusOk, checkLoginPasswordPage)
          }
          func TestHTTP_LoginOTP(t *testing.T) {
          tmpdir, httpSrv := startTestHTTPServer(t)
          defer os.RemoveAll(tmpdir)
          ......
          Markdown is supported
          0% or .
          You are about to add 0 people to the discussion. Proceed with caution.
          Finish editing this message first!
          Please register or to comment