dex/client/client_test.go

package client

import (
	"encoding/base64"
	"net/url"
	"strings"
	"testing"

	"github.com/coreos/go-oidc/oidc"
	"github.com/kylelemons/godebug/pretty"
)

var (
	goodSecret1 = base64.URLEncoding.EncodeToString([]byte("my_secret"))
	goodSecret2 = base64.URLEncoding.EncodeToString([]byte("my_other_secret"))
	goodSecret3 = base64.URLEncoding.EncodeToString([]byte("yet_another_secret"))

	goodClient1 = `{ 
  "id": "my_id",
  "secret": "` + goodSecret1 + `",
  "redirectURLs": ["https://client.example.com"],
  "admin": true
}`

	goodClient2 = `{ 
  "id": "my_other_id",
  "secret": "` + goodSecret2 + `",
  "redirectURLs": ["https://client2.example.com","https://client2_a.example.com"]
}`

	goodClient3 = `{ 
  "id": "yet_another_id",
  "secret": "` + goodSecret3 + `",
  "redirectURLs": ["https://client3.example.com","https://client3_a.example.com"],
  "trustedPeers":["goodClient1", "goodClient2"]
}`

	badURLClient = `{ 
  "id": "my_id",
  "secret": "` + goodSecret1 + `",
  "redirectURLs": ["hdtp:/\(bad)(u)(r)(l)"]
}`

	badSecretClient = `{ 
  "id": "my_id",
  "secret": "` + "" + `",
  "redirectURLs": ["https://client.example.com"]
}`

	noSecretClient = `{ 
  "id": "my_id",
  "redirectURLs": ["https://client.example.com"]
}`
	noIDClient = `{ 
  "secret": "` + goodSecret1 + `",
  "redirectURLs": ["https://client.example.com"]
}`
)

func TestClientsFromReader(t *testing.T) {
	tests := []struct {
		json    string
		want    []LoadableClient
		wantErr bool
	}{
		{
			json: "[]",
			want: []LoadableClient{},
		},
		{
			json: "[" + goodClient1 + "]",
			want: []LoadableClient{
				{
					Client: Client{
						Credentials: oidc.ClientCredentials{
							ID:     "my_id",
							Secret: goodSecret1,
						},
						Metadata: oidc.ClientMetadata{
							RedirectURIs: []url.URL{
								mustParseURL(t, "https://client.example.com"),
							},
						},
						Admin: true,
					},
				},
			},
		},
		{
			json: "[" + strings.Join([]string{goodClient1, goodClient2}, ",") + "]",
			want: []LoadableClient{
				{
					Client: Client{
						Credentials: oidc.ClientCredentials{
							ID:     "my_id",
							Secret: goodSecret1,
						},
						Metadata: oidc.ClientMetadata{
							RedirectURIs: []url.URL{
								mustParseURL(t, "https://client.example.com"),
							},
						},
						Admin: true,
					},
				},
				{
					Client: Client{
						Credentials: oidc.ClientCredentials{
							ID:     "my_other_id",
							Secret: goodSecret2,
						},
						Metadata: oidc.ClientMetadata{
							RedirectURIs: []url.URL{
								mustParseURL(t, "https://client2.example.com"),
								mustParseURL(t, "https://client2_a.example.com"),
							},
						},
					},
				},
			},
		},
		{
			json: "[" + goodClient3 + "]",
			want: []LoadableClient{
				{
					Client: Client{
						Credentials: oidc.ClientCredentials{
							ID:     "yet_another_id",
							Secret: goodSecret3,
						},
						Metadata: oidc.ClientMetadata{
							RedirectURIs: []url.URL{
								mustParseURL(t, "https://client3.example.com"),
								mustParseURL(t, "https://client3_a.example.com"),
							},
						},
					},
					TrustedPeers: []string{"goodClient1", "goodClient2"},
				},
			},
		},
		{
			json:    "[" + badURLClient + "]",
			wantErr: true,
		},
		{
			json:    "[" + badSecretClient + "]",
			wantErr: true,
		},
		{
			json:    "[" + noSecretClient + "]",
			wantErr: true,
		},
		{
			json:    "[" + noIDClient + "]",
			wantErr: true,
		},
	}

	for i, tt := range tests {
		r := strings.NewReader(tt.json)
		cs, err := ClientsFromReader(r)
		if tt.wantErr {
			if err == nil {
				t.Errorf("case %d: want non-nil err", i)
				t.Logf(pretty.Sprint(cs))
			}
			continue
		}
		if err != nil {
			t.Errorf("case %d: got unexpected error parsing clients: %v", i, err)
			t.Logf(tt.json)
		}

		if diff := pretty.Compare(tt.want, cs); diff != "" {
			t.Errorf("case %d: Compare(want, got): %v", i, diff)
		}
	}
}

func mustParseURL(t *testing.T, s string) url.URL {
	u, err := url.Parse(s)
	if err != nil {
		t.Fatalf("Cannot parse %v as url: %v", s, err)
	}
	return *u
}
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`package client`

			`import (`
			`"encoding/base64"`
			`"net/url"`
			`"strings"`
			`"testing"`

			`"github.com/coreos/go-oidc/oidc"`
			`"github.com/kylelemons/godebug/pretty"`
			`)`

			`var (`
			`goodSecret1 = base64.URLEncoding.EncodeToString([]byte("my_secret"))`
			`goodSecret2 = base64.URLEncoding.EncodeToString([]byte("my_other_secret"))`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`goodSecret3 = base64.URLEncoding.EncodeToString([]byte("yet_another_secret"))`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30
			goodClient1 = `{
			`"id": "my_id",`
			"secret": "` + goodSecret1 + `",
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`"redirectURLs": ["https://client.example.com"],`
			`"admin": true`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			}`

			goodClient2 = `{
			`"id": "my_other_id",`
			"secret": "` + goodSecret2 + `",
			`"redirectURLs": ["https://client2.example.com","https://client2_a.example.com"]`
			}`

client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			goodClient3 = `{
			`"id": "yet_another_id",`
			"secret": "` + goodSecret3 + `",
			`"redirectURLs": ["https://client3.example.com","https://client3_a.example.com"],`
			`"trustedPeers":["goodClient1", "goodClient2"]`
			}`

client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			badURLClient = `{
			`"id": "my_id",`
			"secret": "` + goodSecret1 + `",
			`"redirectURLs": ["hdtp:/\(bad)(u)(r)(l)"]`
			}`

			badSecretClient = `{
			`"id": "my_id",`
client: add client manager adds a client manager to handle business logic, leaving the repo for basic crud operations. Also adds client to the test script 2016-05-12 22:23:01 +05:30			"secret": "` + "" + `",
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`"redirectURLs": ["https://client.example.com"]`
			}`

			noSecretClient = `{
			`"id": "my_id",`
			`"redirectURLs": ["https://client.example.com"]`
			}`
			noIDClient = `{
			"secret": "` + goodSecret1 + `",
			`"redirectURLs": ["https://client.example.com"]`
			}`
			`)`

			`func TestClientsFromReader(t *testing.T) {`
			`tests := []struct {`
			`json string`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`want []LoadableClient`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`wantErr bool`
			`}{`
			`{`
			`json: "[]",`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`want: []LoadableClient{},`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
			`{`
			`json: "[" + goodClient1 + "]",`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`want: []LoadableClient{`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`{`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`Client: Client{`
			`Credentials: oidc.ClientCredentials{`
			`ID: "my_id",`
			`Secret: goodSecret1,`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`Metadata: oidc.ClientMetadata{`
			`RedirectURIs: []url.URL{`
			`mustParseURL(t, "https://client.example.com"),`
			`},`
			`},`
			`Admin: true,`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
			`},`
			`},`
			`},`
			`{`
			`json: "[" + strings.Join([]string{goodClient1, goodClient2}, ",") + "]",`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`want: []LoadableClient{`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`{`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`Client: Client{`
			`Credentials: oidc.ClientCredentials{`
			`ID: "my_id",`
			`Secret: goodSecret1,`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`Metadata: oidc.ClientMetadata{`
			`RedirectURIs: []url.URL{`
			`mustParseURL(t, "https://client.example.com"),`
			`},`
			`},`
			`Admin: true,`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
			`},`
			`{`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`Client: Client{`
			`Credentials: oidc.ClientCredentials{`
			`ID: "my_other_id",`
			`Secret: goodSecret2,`
			`},`
			`Metadata: oidc.ClientMetadata{`
			`RedirectURIs: []url.URL{`
			`mustParseURL(t, "https://client2.example.com"),`
			`mustParseURL(t, "https://client2_a.example.com"),`
			`},`
			`},`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`},`
			`},`
			`},`
			`{`
			`json: "[" + goodClient3 + "]",`
			`want: []LoadableClient{`
			`{`
			`Client: Client{`
			`Credentials: oidc.ClientCredentials{`
			`ID: "yet_another_id",`
			`Secret: goodSecret3,`
			`},`
			`Metadata: oidc.ClientMetadata{`
			`RedirectURIs: []url.URL{`
			`mustParseURL(t, "https://client3.example.com"),`
			`mustParseURL(t, "https://client3_a.example.com"),`
			`},`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
			`},`
client: load full clients w/ LoadableClient The Client object on its own doesn't fully express everything about a single client, and so when loading clients from a static configuration it's not enough to just (de)serialize clients. To that end, LoadableClient contains the full representation of a client and associated entities. 2016-06-09 00:01:50 +05:30			`TrustedPeers: []string{"goodClient1", "goodClient2"},`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`},`
			`},`
client: add client manager adds a client manager to handle business logic, leaving the repo for basic crud operations. Also adds client to the test script 2016-05-12 22:23:01 +05:30			`},`
			`{`
client: Add tests for ClientsFromReader Also require client ID and secret. 2016-04-15 23:53:48 +05:30			`json: "[" + badURLClient + "]",`
			`wantErr: true,`
			`},`
			`{`
			`json: "[" + badSecretClient + "]",`
			`wantErr: true,`
			`},`
			`{`
			`json: "[" + noSecretClient + "]",`
			`wantErr: true,`
			`},`
			`{`
			`json: "[" + noIDClient + "]",`
			`wantErr: true,`
			`},`
			`}`

			`for i, tt := range tests {`
			`r := strings.NewReader(tt.json)`
			`cs, err := ClientsFromReader(r)`
			`if tt.wantErr {`
			`if err == nil {`
			`t.Errorf("case %d: want non-nil err", i)`
			`t.Logf(pretty.Sprint(cs))`
			`}`
			`continue`
			`}`
			`if err != nil {`
			`t.Errorf("case %d: got unexpected error parsing clients: %v", i, err)`
			`t.Logf(tt.json)`
			`}`

			`if diff := pretty.Compare(tt.want, cs); diff != "" {`
			`t.Errorf("case %d: Compare(want, got): %v", i, diff)`
			`}`
			`}`
			`}`

			`func mustParseURL(t *testing.T, s string) url.URL {`
			`u, err := url.Parse(s)`
			`if err != nil {`
			`t.Fatalf("Cannot parse %v as url: %v", s, err)`
			`}`
			`return *u`
			`}`