5a78e89807
* Remove some unlikely to be used fields to help configurability.
* Combined "serverHost" and "serverPort" into "host"
* Remove "timeout" (just default to 30 seconds).
* Remove "maxIdleConn" will add it back if users feel the need
to control the number of cached connections.
* Remove "trustedEmailProvider" (just always trust).
* Remove "skipCertVerification" you can't make this connector
ingore TLS errors.
* Fix configs that don't search before bind (previously broken).
* Add more examples to Documentation
* Refactor LDAPPool Acquire() and Put() into a Do() function which
always does the flow correctly.
* Added more comments and renamed some functions.
* Moved methods on LDAPIdentityProvider to the LDAPConnector
101 lines
2 KiB
Go
101 lines
2 KiB
Go
package connector
|
|
|
|
import (
|
|
"html/template"
|
|
"net/url"
|
|
"testing"
|
|
|
|
"github.com/coreos/go-oidc/oidc"
|
|
)
|
|
|
|
var (
|
|
ns url.URL
|
|
lf oidc.LoginFunc
|
|
templates *template.Template
|
|
)
|
|
|
|
func init() {
|
|
templates = template.New(LDAPLoginPageTemplateName)
|
|
}
|
|
|
|
func TestLDAPConnectorConfigValidTLS(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
UseTLS: true,
|
|
UseSSL: false,
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigInvalidSSLandTLS(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
UseTLS: true,
|
|
UseSSL: true,
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err == nil {
|
|
t.Fatal("Expected LDAPConnector initialization to fail when both TLS and SSL enabled.")
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigValidSearchScope(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
SearchScope: "one",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigInvalidSearchScope(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
SearchScope: "three",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err == nil {
|
|
t.Fatal("Expected LDAPConnector initialization to fail when invalid value provided for SearchScope.")
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigInvalidCertFileNoKeyFile(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
CertFile: "/tmp/ldap.crt",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err == nil {
|
|
t.Fatal("Expected LDAPConnector initialization to fail when CertFile specified without KeyFile.")
|
|
}
|
|
}
|
|
|
|
func TestLDAPConnectorConfigValidCertFileAndKeyFile(t *testing.T) {
|
|
cc := LDAPConnectorConfig{
|
|
ID: "ldap",
|
|
Host: "example.com:636",
|
|
CertFile: "/tmp/ldap.crt",
|
|
KeyFile: "/tmp/ldap.key",
|
|
}
|
|
|
|
_, err := cc.Connector(ns, lf, templates)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
}
|