package oidc import ( "net/url" "os" "reflect" "testing" "github.com/coreos/dex/connector" "github.com/sirupsen/logrus" ) func TestKnownBrokenAuthHeaderProvider(t *testing.T) { tests := []struct { issuerURL string expect bool }{ {"https://dev.oktapreview.com", true}, {"https://dev.okta.com", true}, {"https://okta.com", true}, {"https://dev.oktaaccounts.com", false}, {"https://accounts.google.com", false}, } for _, tc := range tests { got := knownBrokenAuthHeaderProvider(tc.issuerURL) if got != tc.expect { t.Errorf("knownBrokenAuthHeaderProvider(%q), want=%t, got=%t", tc.issuerURL, tc.expect, got) } } } func TestOidcConnector_LoginURL(t *testing.T) { logger := &logrus.Logger{ Out: os.Stderr, Formatter: &logrus.TextFormatter{DisableColors: true}, Level: logrus.DebugLevel, } tests := []struct { scopes connector.Scopes hostedDomains []string wantScopes string wantHdParam string }{ { connector.Scopes{}, []string{"example.com"}, "openid profile email", "example.com", }, { connector.Scopes{}, []string{"mydomain.org", "example.com"}, "openid profile email", "*", }, { connector.Scopes{}, []string{}, "openid profile email", "", }, { connector.Scopes{OfflineAccess: true}, []string{}, "openid profile email", "", }, } callback := "https://dex.example.com/callback" state := "secret" for _, test := range tests { config := &Config{ Issuer: "https://accounts.google.com", ClientID: "client-id", ClientSecret: "client-secret", RedirectURI: "https://dex.example.com/callback", HostedDomains: test.hostedDomains, } conn, err := config.Open("oidc", logger) if err != nil { t.Errorf("failed to open connector: %v", err) continue } loginURL, err := conn.(connector.CallbackConnector).LoginURL(test.scopes, callback, state) if err != nil { t.Errorf("failed to get login URL: %v", err) continue } actual, err := url.Parse(loginURL) if err != nil { t.Errorf("failed to parse login URL: %v", err) continue } wanted, _ := url.Parse("https://accounts.google.com/o/oauth2/v2/auth") wantedQuery := &url.Values{} wantedQuery.Set("client_id", config.ClientID) wantedQuery.Set("redirect_uri", config.RedirectURI) wantedQuery.Set("response_type", "code") wantedQuery.Set("state", "secret") wantedQuery.Set("scope", test.wantScopes) if test.wantHdParam != "" { wantedQuery.Set("hd", test.wantHdParam) } wanted.RawQuery = wantedQuery.Encode() if !reflect.DeepEqual(actual, wanted) { t.Errorf("Wanted %v, got %v", wanted, actual) } } } //func TestOidcConnector_HandleCallback(t *testing.T) { // logger := &logrus.Logger{ // Out: os.Stderr, // Formatter: &logrus.TextFormatter{DisableColors: true}, // Level: logrus.DebugLevel, // } // // tests := []struct { // // } //}