mystiq/dex
Archived
4
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

admin: add trustedPeers bootstrap api

Browse source
This commit is contained in:
Bobby Rullo 2016-04-26 11:35:34 -07:00
parent 5e9dd9f4b0
commit e1c070d84e
2 changed files with 49 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
admin/api.go
View file

@ -141,7 +141,10 @@ func (a *AdminAPI) CreateClient(req adminschema.ClientCreateRequest) (adminschem
} }
// metadata is guaranteed to have at least one redirect_uri by earlier validation. // metadata is guaranteed to have at least one redirect_uri by earlier validation.
creds, err := a.clientManager.New(cli, nil) creds, err := a.clientManager.New(cli, &clientmanager.ClientOptions{
TrustedPeers: req.Client.TrustedPeers,
})
if err != nil { if err != nil {
return adminschema.ClientCreateResponse{}, mapError(err) return adminschema.ClientCreateResponse{}, mapError(err)
} }

60
integration/admin_api_test.go
View file

@ -86,7 +86,9 @@ func makeAdminAPITestFixtures() *adminAPITestFixtures {
var cliCount int var cliCount int
secGen := func() ([]byte, error) { secGen := func() ([]byte, error) {
return []byte(fmt.Sprintf("client_%v", cliCount)), nil id := []byte(fmt.Sprintf("client_%v", cliCount))
cliCount++
return id, nil
} }
cr := db.NewClientRepo(dbMap) cr := db.NewClientRepo(dbMap)
clientIDGenerator := func(hostport string) (string, error) { clientIDGenerator := func(hostport string) (string, error) {
@ -379,9 +381,11 @@ func TestCreateClient(t *testing.T) {
} }
return u return u
} }
addIDAndSecret := func(cli adminschema.Client) *adminschema.Client {
cli.Id = "client_auth.example.com" addIDAndSecret := func(cliNum int, hostport string, cli adminschema.Client) *adminschema.Client {
cli.Secret = base64.URLEncoding.EncodeToString([]byte("client_0")) cli.Id = fmt.Sprintf("client_%v.example.com", hostport)
cli.Secret = base64.URLEncoding.EncodeToString([]byte(
fmt.Sprintf("client_%d", cliNum)))
return &cli return &cli
} }
@ -404,16 +408,20 @@ func TestCreateClient(t *testing.T) {
adminMultiRedirect := adminClientGood adminMultiRedirect := adminClientGood
adminMultiRedirect.RedirectURIs = []string{"https://auth.example.com/", "https://auth2.example.com/"} adminMultiRedirect.RedirectURIs = []string{"https://auth.example.com/", "https://auth2.example.com/"}
clientMultiRedirect := clientGoodAdmin clientMultiRedirect := clientGood
clientMultiRedirect.Metadata.RedirectURIs = append( clientMultiRedirect.Metadata.RedirectURIs = append(
clientMultiRedirect.Metadata.RedirectURIs, clientMultiRedirect.Metadata.RedirectURIs,
*mustParseURL("https://auth2.example.com/")) *mustParseURL("https://auth2.example.com/"))
adminClientWithPeers := adminClientGood
adminClientWithPeers.TrustedPeers = []string{"test_client_0"}
tests := []struct { tests := []struct {
req adminschema.ClientCreateRequest req adminschema.ClientCreateRequest
want adminschema.ClientCreateResponse want adminschema.ClientCreateResponse
wantClient client.Client wantClient client.Client
wantError int wantError int
wantTrustedPeers []string
}{ }{
{ {
req: adminschema.ClientCreateRequest{}, req: adminschema.ClientCreateRequest{},
@ -440,7 +448,7 @@ func TestCreateClient(t *testing.T) {
Client: &adminClientGood, Client: &adminClientGood,
}, },
want: adminschema.ClientCreateResponse{ want: adminschema.ClientCreateResponse{
Client: addIDAndSecret(adminClientGood), Client: addIDAndSecret(2, "auth", adminClientGood),
}, },
wantClient: clientGood, wantClient: clientGood,
}, },
@ -449,7 +457,7 @@ func TestCreateClient(t *testing.T) {
Client: &adminAdminClient, Client: &adminAdminClient,
}, },
want: adminschema.ClientCreateResponse{ want: adminschema.ClientCreateResponse{
Client: addIDAndSecret(adminAdminClient), Client: addIDAndSecret(2, "auth", adminAdminClient),
}, },
wantClient: clientGoodAdmin, wantClient: clientGoodAdmin,
}, },
@ -458,17 +466,39 @@ func TestCreateClient(t *testing.T) {
Client: &adminMultiRedirect, Client: &adminMultiRedirect,
}, },
want: adminschema.ClientCreateResponse{ want: adminschema.ClientCreateResponse{
Client: addIDAndSecret(adminMultiRedirect), Client: addIDAndSecret(2, "auth", adminMultiRedirect),
}, },
wantClient: clientMultiRedirect, wantClient: clientMultiRedirect,
}, },
{
req: adminschema.ClientCreateRequest{
Client: &adminClientWithPeers,
},
want: adminschema.ClientCreateResponse{
Client: addIDAndSecret(2, "auth", adminClientWithPeers),
},
wantClient: clientGood,
wantTrustedPeers: []string{"test_client_0"},
},
} }
for i, tt := range tests { for i, tt := range tests {
if i != 3 {
continue
}
f := makeAdminAPITestFixtures() f := makeAdminAPITestFixtures()
for j, r := range []string{"https://client0.example.com",
"https://client1.example.com"} {
_, err := f.cr.New(nil, client.Client{
Credentials: oidc.ClientCredentials{
ID: fmt.Sprintf("test_client_%d", j),
},
Metadata: oidc.ClientMetadata{
RedirectURIs: []url.URL{*mustParseURL(r)},
},
})
if err != nil {
t.Errorf("case %d, client %d: unexpected error creating client: %v", i, j, err)
continue
}
}
resp, err := f.adClient.Client.Create(&tt.req).Do() resp, err := f.adClient.Client.Create(&tt.req).Do()
if tt.wantError != 0 { if tt.wantError != 0 {