forked from mystiq/dex
5a78e89807
* Remove some unlikely to be used fields to help configurability. * Combined "serverHost" and "serverPort" into "host" * Remove "timeout" (just default to 30 seconds). * Remove "maxIdleConn" will add it back if users feel the need to control the number of cached connections. * Remove "trustedEmailProvider" (just always trust). * Remove "skipCertVerification" you can't make this connector ingore TLS errors. * Fix configs that don't search before bind (previously broken). * Add more examples to Documentation * Refactor LDAPPool Acquire() and Put() into a Do() function which always does the flow correctly. * Added more comments and renamed some functions. * Moved methods on LDAPIdentityProvider to the LDAPConnector
100 lines
2 KiB
Go
100 lines
2 KiB
Go
package connector
|
|
|
|
import (
|
|
"html/template"
|
|
"net/url"
|
|
"testing"
|
|
|
|
"github.com/coreos/go-oidc/oidc"
|
|
)
|
|
|
|
var (
|
|
ns url.URL
|
|
lf oidc.LoginFunc
|
|
templates *template.Template
|
|
)
|
|
|
|
func init() {
|
|
templates = template.New(LDAPLoginPageTemplateName)
|
|
}
|
|
|
|
func TestLDAPConnectorConfigValidTLS(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
UseTLS: true,
|
|
UseSSL: false,
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigInvalidSSLandTLS(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
UseTLS: true,
|
|
UseSSL: true,
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err == nil {
|
|
t.Fatal("Expected LDAPConnector initialization to fail when both TLS and SSL enabled.")
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigValidSearchScope(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
SearchScope: "one",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigInvalidSearchScope(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
SearchScope: "three",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err == nil {
|
|
t.Fatal("Expected LDAPConnector initialization to fail when invalid value provided for SearchScope.")
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigInvalidCertFileNoKeyFile(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
CertFile: "/tmp/ldap.crt",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err == nil {
|
|
t.Fatal("Expected LDAPConnector initialization to fail when CertFile specified without KeyFile.")
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigValidCertFileAndKeyFile(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
CertFile: "/tmp/ldap.crt",
|
|
KeyFile: "/tmp/ldap.key",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|