Skip to content
Snippets Groups Projects
Commit e0273d5e authored by ale's avatar ale
Browse files

Factor out common strings in tests

parent 89814397
No related branches found
No related tags found
1 merge request!8Allow full modular UI customization at runtime
Pipeline #5879 passed
Stage: build_pkgsrc
Stage: build_pkg
Show whitespace changes
Inline Side-by-side
server/http_test.go
+ 85
73
View file @ e0273d5e
...@@ -25,6 +25,18 @@ import ( ...@@ -25,6 +25,18 @@ import (
"git.autistici.org/id/keystore" "git.autistici.org/id/keystore"
) )
// Common strings used throughout the various tests.
const (
testService = "service.example.com/"
testDestination = "https://service.example.com/admin/"
testNonce = "averysecretnonce"
testUser = "testuser"
testPassword = "abcdefgh"
testUser2FA = "test2fa"
testOTP = "123456"
)
type fakeAuthClient struct{} type fakeAuthClient struct{}
func (c *fakeAuthClient) Authenticate(_ context.Context, req *auth.Request) (*auth.Response, error) { func (c *fakeAuthClient) Authenticate(_ context.Context, req *auth.Request) (*auth.Response, error) {
...@@ -34,11 +46,11 @@ func (c *fakeAuthClient) Authenticate(_ context.Context, req *auth.Request) (*au ...@@ -34,11 +46,11 @@ func (c *fakeAuthClient) Authenticate(_ context.Context, req *auth.Request) (*au
Groups: []string{"users"}, Groups: []string{"users"},
} }
switch { switch {
case req.Username == "testuser" && p == "password": case req.Username == testUser && p == testPassword:
return &auth.Response{Status: auth.StatusOK, UserInfo: info}, nil return &auth.Response{Status: auth.StatusOK, UserInfo: info}, nil
case req.Username == "test2fa" && p == "password" && req.OTP == "123456": case req.Username == testUser2FA && p == testPassword && req.OTP == testOTP:
return &auth.Response{Status: auth.StatusOK, UserInfo: info}, nil return &auth.Response{Status: auth.StatusOK, UserInfo: info}, nil
case req.Username == "test2fa" && p == "password": case req.Username == testUser2FA && p == testPassword:
return &auth.Response{ return &auth.Response{
Status: auth.StatusInsufficientCredentials, Status: auth.StatusInsufficientCredentials,
TFAMethods: []auth.TFAMethod{auth.TFAMethodOTP}, TFAMethods: []auth.TFAMethod{auth.TFAMethodOTP},
...@@ -74,7 +86,7 @@ func startTestHTTPServer(t testing.TB) (string, *httptest.Server) { ...@@ -74,7 +86,7 @@ func startTestHTTPServer(t testing.TB) (string, *httptest.Server) {
} }
func startTestHTTPServerWithKeyStore(t testing.TB) (string, *httptest.Server, *fakeKeyStore) { func startTestHTTPServerWithKeyStore(t testing.TB) (string, *httptest.Server, *fakeKeyStore) {
ks := createFakeKeyStore(t, "testuser", "password") ks := createFakeKeyStore(t, testUser, testPassword)
tmpdir, _ := ioutil.TempDir("", "") tmpdir, _ := ioutil.TempDir("", "")
config := testConfig(t, tmpdir, ks.URL) config := testConfig(t, tmpdir, ks.URL)
...@@ -195,7 +207,7 @@ func checkRedirectToTargetService(t testing.TB, resp *http.Response) { ...@@ -195,7 +207,7 @@ func checkRedirectToTargetService(t testing.TB, resp *http.Response) {
if resp.StatusCode != 302 { if resp.StatusCode != 302 {
t.Fatalf("expected status 302, got %s", resp.Status) t.Fatalf("expected status 302, got %s", resp.Status)
} }
if !strings.HasPrefix(resp.Header.Get("Location"), "https://service.example.com/sso_login?") { if !strings.HasPrefix(resp.Header.Get("Location"), "https://"+testService+"sso_login?") {
t.Fatalf("redirect is not to target service: %v", resp.Header.Get("Location")) t.Fatalf("redirect is not to target service: %v", resp.Header.Get("Location"))
} }
} }
...@@ -214,7 +226,7 @@ func checkTargetSSOTicket(config *Config) func(testing.TB, *http.Response) { ...@@ -214,7 +226,7 @@ func checkTargetSSOTicket(config *Config) func(testing.TB, *http.Response) {
if err != nil { if err != nil {
t.Fatalf("newValidatorFromConfig: %v", err) t.Fatalf("newValidatorFromConfig: %v", err)
} }
ticket, err := v.Validate(tstr, nonce, "service.example.com/", nil) ticket, err := v.Validate(tstr, nonce, testService, nil)
if err != nil { if err != nil {
t.Fatalf("sso.Validate(%s): %v", tstr, err) t.Fatalf("sso.Validate(%s): %v", tstr, err)
} }
...@@ -290,7 +302,7 @@ func checkLogoutPage(t testing.TB, resp *http.Response) { ...@@ -290,7 +302,7 @@ func checkLogoutPage(t testing.TB, resp *http.Response) {
t.Fatalf("not the logout page:\n%s", s) t.Fatalf("not the logout page:\n%s", s)
} }
// Check presence of fallback service logout URL. // Check presence of fallback service logout URL.
if !strings.Contains(s, "<img src=\"https://service.example.com/sso_logout\"") { if !strings.Contains(s, "<img src=\"https://"+testService+"sso_logout\"") {
t.Fatalf("logout page does not contain fallback service logout URL:\n%s", s) t.Fatalf("logout page does not contain fallback service logout URL:\n%s", s)
} }
// Parse the JSON in the services div. // Parse the JSON in the services div.
...@@ -305,7 +317,7 @@ func checkLogoutPage(t testing.TB, resp *http.Response) { ...@@ -305,7 +317,7 @@ func checkLogoutPage(t testing.TB, resp *http.Response) {
if len(svcs) != 1 { if len(svcs) != 1 {
t.Fatalf("expected 1 service, got %d: %v", len(svcs), svcs) t.Fatalf("expected 1 service, got %d: %v", len(svcs), svcs)
} }
if svcs[0].URL != "https://service.example.com/sso_logout" { if svcs[0].URL != "https://"+testService+"sso_logout" {
t.Fatalf("bad service logout URL: %s", svcs[0].URL) t.Fatalf("bad service logout URL: %s", svcs[0].URL)
} }
} }
...@@ -330,17 +342,17 @@ func TestHTTP_Login(t *testing.T) { ...@@ -330,17 +342,17 @@ func TestHTTP_Login(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
v.Set("g", "users") v.Set("g", "users")
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We expect the // Attempt to login by submitting the form. We expect the
// result to be a 302 redirect to the target service. // result to be a 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService, checkTargetSSOTicket(config)) doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService, checkTargetSSOTicket(config))
} }
...@@ -354,22 +366,22 @@ func TestHTTP_LoginOnSecondAttempt(t *testing.T) { ...@@ -354,22 +366,22 @@ func TestHTTP_LoginOnSecondAttempt(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login with wrong credentials. // Attempt to login with wrong credentials.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "badpassword") v.Set("password", "badpassword")
doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We expect the // Attempt to login by submitting the form. We expect the
// result to be a 302 redirect to the target service. // result to be a 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService) doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService)
} }
...@@ -383,16 +395,16 @@ func TestHTTP_LoginAndLogout(t *testing.T) { ...@@ -383,16 +395,16 @@ func TestHTTP_LoginAndLogout(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We expect the // Attempt to login by submitting the form. We expect the
// result to be a 302 redirect to the target service. // result to be a 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService) doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService)
// Make a logout request. // Make a logout request.
...@@ -400,9 +412,9 @@ func TestHTTP_LoginAndLogout(t *testing.T) { ...@@ -400,9 +412,9 @@ func TestHTTP_LoginAndLogout(t *testing.T) {
// This new authorization request should send us to the login page. // This new authorization request should send us to the login page.
v = make(url.Values) v = make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
} }
...@@ -416,21 +428,21 @@ func TestHTTP_LoginOTP(t *testing.T) { ...@@ -416,21 +428,21 @@ func TestHTTP_LoginOTP(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We should see the OTP page. // Attempt to login by submitting the form. We should see the OTP page.
v = make(url.Values) v = make(url.Values)
v.Set("username", "test2fa") v.Set("username", testUser2FA)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginOTPPage) doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginOTPPage)
// Submit the correct OTP token. We expect the result to be a // Submit the correct OTP token. We expect the result to be a
// 302 redirect to the target service. // 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("otp", "123456") v.Set("otp", testOTP)
doPostForm(t, c, httpSrv.URL+"/login/otp", v, checkRedirectToTargetService) doPostForm(t, c, httpSrv.URL+"/login/otp", v, checkRedirectToTargetService)
} }
...@@ -444,15 +456,15 @@ func TestHTTP_LoginOTP_Fail(t *testing.T) { ...@@ -444,15 +456,15 @@ func TestHTTP_LoginOTP_Fail(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We should see the OTP page. // Attempt to login by submitting the form. We should see the OTP page.
v = make(url.Values) v = make(url.Values)
v.Set("username", "test2fa") v.Set("username", testUser2FA)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginOTPPage) doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginOTPPage)
// Submit a bad OTP token, test for failure. // Submit a bad OTP token, test for failure.
...@@ -475,15 +487,15 @@ func TestHTTP_LoginOTP_Intermediate404(t *testing.T) { ...@@ -475,15 +487,15 @@ func TestHTTP_LoginOTP_Intermediate404(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkTemplateError, checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We should see the OTP page. // Attempt to login by submitting the form. We should see the OTP page.
v = make(url.Values) v = make(url.Values)
v.Set("username", "test2fa") v.Set("username", testUser2FA)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginOTPPage) doPostForm(t, c, httpSrv.URL+"/login", v, checkTemplateError, checkStatusOk, checkLoginOTPPage)
// Make a request for a URL that does not exist, browsers might do this // Make a request for a URL that does not exist, browsers might do this
...@@ -493,7 +505,7 @@ func TestHTTP_LoginOTP_Intermediate404(t *testing.T) { ...@@ -493,7 +505,7 @@ func TestHTTP_LoginOTP_Intermediate404(t *testing.T) {
// Submit the correct OTP token. We expect the result to be a // Submit the correct OTP token. We expect the result to be a
// 302 redirect to the target service. // 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("otp", "123456") v.Set("otp", testOTP)
doPostForm(t, c, httpSrv.URL+"/login/otp", v, checkRedirectToTargetService) doPostForm(t, c, httpSrv.URL+"/login/otp", v, checkRedirectToTargetService)
} }
...@@ -534,20 +546,20 @@ func TestHTTP_LoginWithKeyStore(t *testing.T) { ...@@ -534,20 +546,20 @@ func TestHTTP_LoginWithKeyStore(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We expect the // Attempt to login by submitting the form. We expect the
// result to be a 302 redirect to the target service. // result to be a 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService) doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService)
// Verify that the keystore has been called. // Verify that the keystore has been called.
if v := ks.values["testuser"]; v != "password" { if v := ks.values[testUser]; v != testPassword {
t.Fatalf("keystore not called as expected: ks_values=%+v", ks.values) t.Fatalf("keystore not called as expected: ks_values=%+v", ks.values)
} }
} }
...@@ -563,23 +575,23 @@ func TestHTTP_CORS(t *testing.T) { ...@@ -563,23 +575,23 @@ func TestHTTP_CORS(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We expect the // Attempt to login by submitting the form. We expect the
// result to be a 302 redirect to the target service. // result to be a 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService) doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService)
// Simulate a CORS preflight request. // Simulate a CORS preflight request.
v = make(url.Values) v = make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
req, err := http.NewRequest("OPTIONS", httpSrv.URL+"/?"+v.Encode(), nil) req, err := http.NewRequest("OPTIONS", httpSrv.URL+"/?"+v.Encode(), nil)
if err != nil { if err != nil {
t.Fatalf("NewRequest(): %v", err) t.Fatalf("NewRequest(): %v", err)
...@@ -607,24 +619,24 @@ func TestHTTP_LoginAndExchange(t *testing.T) { ...@@ -607,24 +619,24 @@ func TestHTTP_LoginAndExchange(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
// Attempt to login by submitting the form. We expect the // Attempt to login by submitting the form. We expect the
// result to be a 302 redirect to the target service. // result to be a 302 redirect to the target service.
v = make(url.Values) v = make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
var ssoTkt string var ssoTkt string
doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService, extractSSOTicket(&ssoTkt)) doPostForm(t, c, httpSrv.URL+"/login", v, checkRedirectToTargetService, extractSSOTicket(&ssoTkt))
// Make an exchange request for a new service. // Make an exchange request for a new service.
v = make(url.Values) v = make(url.Values)
v.Set("cur_tkt", ssoTkt) v.Set("cur_tkt", ssoTkt)
v.Set("cur_svc", "service.example.com/") v.Set("cur_svc", testService)
v.Set("cur_nonce", "averysecretnonce") v.Set("cur_nonce", testNonce)
v.Set("new_svc", "service2.example.com/") v.Set("new_svc", "service2.example.com/")
v.Set("new_nonce", "anothernonce") v.Set("new_nonce", "anothernonce")
doPostForm(t, c, httpSrv.URL+"/exchange", v, checkStatusOk) doPostForm(t, c, httpSrv.URL+"/exchange", v, checkStatusOk)
...@@ -632,8 +644,8 @@ func TestHTTP_LoginAndExchange(t *testing.T) { ...@@ -632,8 +644,8 @@ func TestHTTP_LoginAndExchange(t *testing.T) {
// Make an exchange request for a forbidden service. // Make an exchange request for a forbidden service.
v = make(url.Values) v = make(url.Values)
v.Set("cur_tkt", ssoTkt) v.Set("cur_tkt", ssoTkt)
v.Set("cur_svc", "service.example.com/") v.Set("cur_svc", testService)
v.Set("cur_nonce", "averysecretnonce") v.Set("cur_nonce", testNonce)
v.Set("new_svc", "service3.example.com/") v.Set("new_svc", "service3.example.com/")
v.Set("new_nonce", "anothernonce") v.Set("new_nonce", "anothernonce")
doPostForm(t, c, httpSrv.URL+"/exchange", v, checkStatusForbidden) doPostForm(t, c, httpSrv.URL+"/exchange", v, checkStatusForbidden)
...@@ -659,9 +671,9 @@ func TestHTTP_SRI(t *testing.T) { ...@@ -659,9 +671,9 @@ func TestHTTP_SRI(t *testing.T) {
// Simulate an authorization request from a service, expect to // Simulate an authorization request from a service, expect to
// see the login page. // see the login page.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
v.Set("g", "users") v.Set("g", "users")
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkSRI) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkSRI)
} }
...@@ -716,9 +728,9 @@ template_dir: "%s/templates" ...@@ -716,9 +728,9 @@ template_dir: "%s/templates"
// see the login page. Verify that the page contains our // see the login page. Verify that the page contains our
// custom logo, from our template override. // custom logo, from our template override.
v := make(url.Values) v := make(url.Values)
v.Set("s", "service.example.com/") v.Set("s", testService)
v.Set("d", "https://service.example.com/admin/") v.Set("d", testDestination)
v.Set("n", "averysecretnonce") v.Set("n", testNonce)
v.Set("g", "users") v.Set("g", "users")
doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkCustomLogo) doGet(t, c, httpSrv.URL+"/?"+v.Encode(), checkStatusOk, checkCustomLogo)
} }
server/integration_test.go
+ 4
4
View file @ e0273d5e
...@@ -109,8 +109,8 @@ func TestIntegration(t *testing.T) { ...@@ -109,8 +109,8 @@ func TestIntegration(t *testing.T) {
doGet(t, c, "https://service.example.com/", checkStatusOk, checkLoginPageURL, checkLoginPasswordPage) doGet(t, c, "https://service.example.com/", checkStatusOk, checkLoginPageURL, checkLoginPasswordPage)
v := make(url.Values) v := make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, "https://login.example.com/login", v, checkStatusOk, checkIsProtectedService) doPostForm(t, c, "https://login.example.com/login", v, checkStatusOk, checkIsProtectedService)
// Now attempt to logout, and verify that we can't access the service anymore. // Now attempt to logout, and verify that we can't access the service anymore.
...@@ -134,8 +134,8 @@ func TestIntegration_WithURLPrefix(t *testing.T) { ...@@ -134,8 +134,8 @@ func TestIntegration_WithURLPrefix(t *testing.T) {
doGet(t, c, "https://service.example.com/", checkStatusOk, checkLoginPageURLWithPrefix, checkLoginPasswordPage) doGet(t, c, "https://service.example.com/", checkStatusOk, checkLoginPageURLWithPrefix, checkLoginPasswordPage)
v := make(url.Values) v := make(url.Values)
v.Set("username", "testuser") v.Set("username", testUser)
v.Set("password", "password") v.Set("password", testPassword)
doPostForm(t, c, "https://login.example.com/sso/login", v, checkStatusOk, checkIsProtectedService) doPostForm(t, c, "https://login.example.com/sso/login", v, checkStatusOk, checkIsProtectedService)
// Now attempt to logout, and verify that we can't access the service anymore. // Now attempt to logout, and verify that we can't access the service anymore.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment