2016-04-15 23:53:48 +05:30
|
|
|
package client
|
|
|
|
|
|
|
|
import (
|
|
|
|
"encoding/base64"
|
|
|
|
"net/url"
|
|
|
|
"strings"
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/coreos/go-oidc/oidc"
|
|
|
|
"github.com/kylelemons/godebug/pretty"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
goodSecret1 = base64.URLEncoding.EncodeToString([]byte("my_secret"))
|
|
|
|
goodSecret2 = base64.URLEncoding.EncodeToString([]byte("my_other_secret"))
|
2016-06-09 00:01:50 +05:30
|
|
|
goodSecret3 = base64.URLEncoding.EncodeToString([]byte("yet_another_secret"))
|
2016-04-15 23:53:48 +05:30
|
|
|
|
|
|
|
goodClient1 = `{
|
|
|
|
"id": "my_id",
|
|
|
|
"secret": "` + goodSecret1 + `",
|
2016-06-09 00:01:50 +05:30
|
|
|
"redirectURLs": ["https://client.example.com"],
|
|
|
|
"admin": true
|
2016-04-15 23:53:48 +05:30
|
|
|
}`
|
|
|
|
|
|
|
|
goodClient2 = `{
|
|
|
|
"id": "my_other_id",
|
|
|
|
"secret": "` + goodSecret2 + `",
|
|
|
|
"redirectURLs": ["https://client2.example.com","https://client2_a.example.com"]
|
|
|
|
}`
|
|
|
|
|
2016-06-09 00:01:50 +05:30
|
|
|
goodClient3 = `{
|
|
|
|
"id": "yet_another_id",
|
|
|
|
"secret": "` + goodSecret3 + `",
|
|
|
|
"redirectURLs": ["https://client3.example.com","https://client3_a.example.com"],
|
|
|
|
"trustedPeers":["goodClient1", "goodClient2"]
|
|
|
|
}`
|
|
|
|
|
2016-06-16 04:09:04 +05:30
|
|
|
publicClient = `{
|
|
|
|
"id": "public_client",
|
|
|
|
"secret": "` + goodSecret3 + `",
|
|
|
|
"redirectURLs": ["http://localhost:8080","urn:ietf:wg:oauth:2.0:oob"],
|
|
|
|
"public": true
|
|
|
|
}`
|
|
|
|
|
2016-04-15 23:53:48 +05:30
|
|
|
badURLClient = `{
|
|
|
|
"id": "my_id",
|
|
|
|
"secret": "` + goodSecret1 + `",
|
|
|
|
"redirectURLs": ["hdtp:/\(bad)(u)(r)(l)"]
|
|
|
|
}`
|
|
|
|
|
|
|
|
badSecretClient = `{
|
|
|
|
"id": "my_id",
|
2016-05-12 22:23:01 +05:30
|
|
|
"secret": "` + "" + `",
|
2016-04-15 23:53:48 +05:30
|
|
|
"redirectURLs": ["https://client.example.com"]
|
|
|
|
}`
|
|
|
|
|
|
|
|
noSecretClient = `{
|
|
|
|
"id": "my_id",
|
|
|
|
"redirectURLs": ["https://client.example.com"]
|
|
|
|
}`
|
|
|
|
noIDClient = `{
|
|
|
|
"secret": "` + goodSecret1 + `",
|
|
|
|
"redirectURLs": ["https://client.example.com"]
|
|
|
|
}`
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestClientsFromReader(t *testing.T) {
|
|
|
|
tests := []struct {
|
|
|
|
json string
|
2016-06-09 00:01:50 +05:30
|
|
|
want []LoadableClient
|
2016-04-15 23:53:48 +05:30
|
|
|
wantErr bool
|
|
|
|
}{
|
|
|
|
{
|
|
|
|
json: "[]",
|
2016-06-09 00:01:50 +05:30
|
|
|
want: []LoadableClient{},
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
|
|
|
{
|
|
|
|
json: "[" + goodClient1 + "]",
|
2016-06-09 00:01:50 +05:30
|
|
|
want: []LoadableClient{
|
2016-04-15 23:53:48 +05:30
|
|
|
{
|
2016-06-09 00:01:50 +05:30
|
|
|
Client: Client{
|
|
|
|
Credentials: oidc.ClientCredentials{
|
|
|
|
ID: "my_id",
|
|
|
|
Secret: goodSecret1,
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
2016-06-09 00:01:50 +05:30
|
|
|
Metadata: oidc.ClientMetadata{
|
|
|
|
RedirectURIs: []url.URL{
|
|
|
|
mustParseURL(t, "https://client.example.com"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Admin: true,
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
json: "[" + strings.Join([]string{goodClient1, goodClient2}, ",") + "]",
|
2016-06-09 00:01:50 +05:30
|
|
|
want: []LoadableClient{
|
2016-04-15 23:53:48 +05:30
|
|
|
{
|
2016-06-09 00:01:50 +05:30
|
|
|
Client: Client{
|
|
|
|
Credentials: oidc.ClientCredentials{
|
|
|
|
ID: "my_id",
|
|
|
|
Secret: goodSecret1,
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
2016-06-09 00:01:50 +05:30
|
|
|
Metadata: oidc.ClientMetadata{
|
|
|
|
RedirectURIs: []url.URL{
|
|
|
|
mustParseURL(t, "https://client.example.com"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Admin: true,
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
2016-06-09 00:01:50 +05:30
|
|
|
Client: Client{
|
|
|
|
Credentials: oidc.ClientCredentials{
|
|
|
|
ID: "my_other_id",
|
|
|
|
Secret: goodSecret2,
|
|
|
|
},
|
|
|
|
Metadata: oidc.ClientMetadata{
|
|
|
|
RedirectURIs: []url.URL{
|
|
|
|
mustParseURL(t, "https://client2.example.com"),
|
|
|
|
mustParseURL(t, "https://client2_a.example.com"),
|
|
|
|
},
|
|
|
|
},
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
2016-06-09 00:01:50 +05:30
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
json: "[" + goodClient3 + "]",
|
|
|
|
want: []LoadableClient{
|
|
|
|
{
|
|
|
|
Client: Client{
|
|
|
|
Credentials: oidc.ClientCredentials{
|
|
|
|
ID: "yet_another_id",
|
|
|
|
Secret: goodSecret3,
|
|
|
|
},
|
|
|
|
Metadata: oidc.ClientMetadata{
|
|
|
|
RedirectURIs: []url.URL{
|
|
|
|
mustParseURL(t, "https://client3.example.com"),
|
|
|
|
mustParseURL(t, "https://client3_a.example.com"),
|
|
|
|
},
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
|
|
|
},
|
2016-06-09 00:01:50 +05:30
|
|
|
TrustedPeers: []string{"goodClient1", "goodClient2"},
|
2016-04-15 23:53:48 +05:30
|
|
|
},
|
|
|
|
},
|
2016-05-12 22:23:01 +05:30
|
|
|
},
|
2016-06-16 04:09:04 +05:30
|
|
|
{
|
|
|
|
json: "[" + publicClient + "]",
|
|
|
|
want: []LoadableClient{
|
|
|
|
{
|
|
|
|
Client: Client{
|
|
|
|
Credentials: oidc.ClientCredentials{
|
|
|
|
ID: "public_client",
|
|
|
|
Secret: goodSecret3,
|
|
|
|
},
|
|
|
|
Metadata: oidc.ClientMetadata{
|
|
|
|
RedirectURIs: []url.URL{
|
|
|
|
mustParseURL(t, "http://localhost:8080"),
|
|
|
|
mustParseURL(t, "urn:ietf:wg:oauth:2.0:oob"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Public: true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2016-05-12 22:23:01 +05:30
|
|
|
{
|
2016-04-15 23:53:48 +05:30
|
|
|
json: "[" + badURLClient + "]",
|
|
|
|
wantErr: true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
json: "[" + badSecretClient + "]",
|
|
|
|
wantErr: true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
json: "[" + noSecretClient + "]",
|
|
|
|
wantErr: true,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
json: "[" + noIDClient + "]",
|
|
|
|
wantErr: true,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
for i, tt := range tests {
|
|
|
|
r := strings.NewReader(tt.json)
|
|
|
|
cs, err := ClientsFromReader(r)
|
|
|
|
if tt.wantErr {
|
|
|
|
if err == nil {
|
|
|
|
t.Errorf("case %d: want non-nil err", i)
|
|
|
|
t.Logf(pretty.Sprint(cs))
|
|
|
|
}
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
t.Errorf("case %d: got unexpected error parsing clients: %v", i, err)
|
|
|
|
t.Logf(tt.json)
|
|
|
|
}
|
|
|
|
|
|
|
|
if diff := pretty.Compare(tt.want, cs); diff != "" {
|
|
|
|
t.Errorf("case %d: Compare(want, got): %v", i, diff)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func mustParseURL(t *testing.T, s string) url.URL {
|
|
|
|
u, err := url.Parse(s)
|
|
|
|
if err != nil {
|
|
|
|
t.Fatalf("Cannot parse %v as url: %v", s, err)
|
|
|
|
}
|
|
|
|
return *u
|
|
|
|
}
|