2016-08-05 16:50:22 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2019-08-06 17:14:53 +00:00
|
|
|
"github.com/dexidp/dex/server"
|
2016-08-05 16:50:22 +00:00
|
|
|
"testing"
|
|
|
|
|
2016-11-03 22:23:56 +00:00
|
|
|
"github.com/ghodss/yaml"
|
2016-08-05 16:50:22 +00:00
|
|
|
"github.com/kylelemons/godebug/pretty"
|
2018-09-03 06:44:44 +00:00
|
|
|
|
|
|
|
"github.com/dexidp/dex/connector/mock"
|
|
|
|
"github.com/dexidp/dex/connector/oidc"
|
|
|
|
"github.com/dexidp/dex/storage"
|
|
|
|
"github.com/dexidp/dex/storage/sql"
|
2016-08-05 16:50:22 +00:00
|
|
|
)
|
|
|
|
|
2016-11-03 22:23:56 +00:00
|
|
|
var _ = yaml.YAMLToJSON
|
|
|
|
|
2018-07-27 19:51:30 +00:00
|
|
|
func TestValidConfiguration(t *testing.T) {
|
|
|
|
configuration := Config{
|
|
|
|
Issuer: "http://127.0.0.1:5556/dex",
|
|
|
|
Storage: Storage{
|
|
|
|
Type: "sqlite3",
|
|
|
|
Config: &sql.SQLite3{
|
|
|
|
File: "examples/dex.db",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Web: Web{
|
|
|
|
HTTP: "127.0.0.1:5556",
|
|
|
|
},
|
|
|
|
StaticConnectors: []Connector{
|
|
|
|
{
|
|
|
|
Type: "mockCallback",
|
|
|
|
ID: "mock",
|
|
|
|
Name: "Example",
|
|
|
|
Config: &mock.CallbackConfig{},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
if err := configuration.Validate(); err != nil {
|
|
|
|
t.Fatalf("this configuration should have been valid: %v", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestInvalidConfiguration(t *testing.T) {
|
|
|
|
configuration := Config{}
|
|
|
|
err := configuration.Validate()
|
|
|
|
if err == nil {
|
|
|
|
t.Fatal("this configuration should be invalid")
|
|
|
|
}
|
|
|
|
got := err.Error()
|
2019-04-29 14:33:10 +00:00
|
|
|
wanted := `invalid Config:
|
2018-07-27 19:51:30 +00:00
|
|
|
- no issuer specified in config file
|
|
|
|
- no storage supplied in config file
|
|
|
|
- must supply a HTTP/HTTPS address to listen on`
|
|
|
|
if got != wanted {
|
|
|
|
t.Fatalf("Expected error message to be %q, got %q", wanted, got)
|
|
|
|
}
|
|
|
|
}
|
2016-11-03 22:23:56 +00:00
|
|
|
func TestUnmarshalConfig(t *testing.T) {
|
|
|
|
rawConfig := []byte(`
|
|
|
|
issuer: http://127.0.0.1:5556/dex
|
|
|
|
storage:
|
2018-11-21 10:35:25 +00:00
|
|
|
type: postgres
|
2016-11-03 22:23:56 +00:00
|
|
|
config:
|
2018-11-21 10:35:25 +00:00
|
|
|
host: 10.0.0.1
|
|
|
|
port: 65432
|
|
|
|
maxOpenConns: 5
|
|
|
|
maxIdleConns: 3
|
|
|
|
connMaxLifetime: 30
|
|
|
|
connectionTimeout: 3
|
2016-11-03 22:23:56 +00:00
|
|
|
web:
|
|
|
|
http: 127.0.0.1:5556
|
2019-08-06 17:14:53 +00:00
|
|
|
|
|
|
|
frontend:
|
|
|
|
dir: ./web
|
|
|
|
extra:
|
|
|
|
foo: bar
|
|
|
|
|
2016-11-03 22:23:56 +00:00
|
|
|
staticClients:
|
2016-08-05 16:50:22 +00:00
|
|
|
- id: example-app
|
|
|
|
redirectURIs:
|
|
|
|
- 'http://127.0.0.1:5555/callback'
|
|
|
|
name: 'Example App'
|
|
|
|
secret: ZXhhbXBsZS1hcHAtc2VjcmV0
|
|
|
|
|
2019-08-06 17:18:46 +00:00
|
|
|
oauth2:
|
|
|
|
alwaysShowLoginScreen: true
|
|
|
|
|
2016-11-03 22:23:56 +00:00
|
|
|
connectors:
|
|
|
|
- type: mockCallback
|
|
|
|
id: mock
|
|
|
|
name: Example
|
|
|
|
- type: oidc
|
|
|
|
id: google
|
|
|
|
name: Google
|
|
|
|
config:
|
|
|
|
issuer: https://accounts.google.com
|
2016-11-04 04:08:50 +00:00
|
|
|
clientID: foo
|
|
|
|
clientSecret: bar
|
2016-11-03 22:23:56 +00:00
|
|
|
redirectURI: http://127.0.0.1:5556/dex/callback/google
|
|
|
|
|
|
|
|
enablePasswordDB: true
|
|
|
|
staticPasswords:
|
|
|
|
- email: "admin@example.com"
|
|
|
|
# bcrypt hash of the string "password"
|
|
|
|
hash: "$2a$10$33EMT0cVYVlPy6WAMCLsceLYjWhuHpbz5yuZxu/GAFj03J9Lytjuy"
|
|
|
|
username: "admin"
|
|
|
|
userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"
|
|
|
|
- email: "foo@example.com"
|
|
|
|
# base64'd value of the same bcrypt hash above. We want to be able to parse both of these
|
|
|
|
hash: "JDJhJDEwJDMzRU1UMGNWWVZsUHk2V0FNQ0xzY2VMWWpXaHVIcGJ6NXl1Wnh1L0dBRmowM0o5THl0anV5"
|
|
|
|
username: "foo"
|
|
|
|
userID: "41331323-6f44-45e6-b3b9-2c4b60c02be5"
|
2016-11-03 00:52:49 +00:00
|
|
|
|
|
|
|
expiry:
|
2018-12-13 13:47:51 +00:00
|
|
|
signingKeys: "7h"
|
|
|
|
idTokens: "25h"
|
|
|
|
authRequests: "25h"
|
2016-11-22 23:35:46 +00:00
|
|
|
|
|
|
|
logger:
|
|
|
|
level: "debug"
|
|
|
|
format: "json"
|
2016-11-03 22:23:56 +00:00
|
|
|
`)
|
|
|
|
|
|
|
|
want := Config{
|
|
|
|
Issuer: "http://127.0.0.1:5556/dex",
|
|
|
|
Storage: Storage{
|
2018-11-21 10:35:25 +00:00
|
|
|
Type: "postgres",
|
|
|
|
Config: &sql.Postgres{
|
2019-07-12 14:29:46 +00:00
|
|
|
NetworkDB: sql.NetworkDB{
|
|
|
|
Host: "10.0.0.1",
|
|
|
|
Port: 65432,
|
|
|
|
MaxOpenConns: 5,
|
|
|
|
MaxIdleConns: 3,
|
|
|
|
ConnMaxLifetime: 30,
|
|
|
|
ConnectionTimeout: 3,
|
|
|
|
},
|
2016-11-03 22:23:56 +00:00
|
|
|
},
|
|
|
|
},
|
|
|
|
Web: Web{
|
|
|
|
HTTP: "127.0.0.1:5556",
|
|
|
|
},
|
2019-08-06 17:14:53 +00:00
|
|
|
Frontend: server.WebConfig{
|
|
|
|
Dir: "./web",
|
|
|
|
Extra: map[string]string{
|
|
|
|
"foo": "bar",
|
|
|
|
},
|
|
|
|
},
|
2016-11-03 22:23:56 +00:00
|
|
|
StaticClients: []storage.Client{
|
|
|
|
{
|
|
|
|
ID: "example-app",
|
|
|
|
Secret: "ZXhhbXBsZS1hcHAtc2VjcmV0",
|
|
|
|
Name: "Example App",
|
|
|
|
RedirectURIs: []string{
|
|
|
|
"http://127.0.0.1:5555/callback",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2019-08-06 17:18:46 +00:00
|
|
|
OAuth2: OAuth2{
|
|
|
|
AlwaysShowLoginScreen: true,
|
|
|
|
},
|
2017-04-17 22:41:41 +00:00
|
|
|
StaticConnectors: []Connector{
|
2016-11-03 22:23:56 +00:00
|
|
|
{
|
|
|
|
Type: "mockCallback",
|
|
|
|
ID: "mock",
|
|
|
|
Name: "Example",
|
|
|
|
Config: &mock.CallbackConfig{},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
Type: "oidc",
|
|
|
|
ID: "google",
|
|
|
|
Name: "Google",
|
|
|
|
Config: &oidc.Config{
|
|
|
|
Issuer: "https://accounts.google.com",
|
2016-11-04 04:08:50 +00:00
|
|
|
ClientID: "foo",
|
|
|
|
ClientSecret: "bar",
|
2016-11-03 22:23:56 +00:00
|
|
|
RedirectURI: "http://127.0.0.1:5556/dex/callback/google",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
EnablePasswordDB: true,
|
|
|
|
StaticPasswords: []password{
|
|
|
|
{
|
|
|
|
Email: "admin@example.com",
|
|
|
|
Hash: []byte("$2a$10$33EMT0cVYVlPy6WAMCLsceLYjWhuHpbz5yuZxu/GAFj03J9Lytjuy"),
|
|
|
|
Username: "admin",
|
|
|
|
UserID: "08a8684b-db88-4b73-90a9-3cd1661f5466",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
Email: "foo@example.com",
|
|
|
|
Hash: []byte("$2a$10$33EMT0cVYVlPy6WAMCLsceLYjWhuHpbz5yuZxu/GAFj03J9Lytjuy"),
|
|
|
|
Username: "foo",
|
|
|
|
UserID: "41331323-6f44-45e6-b3b9-2c4b60c02be5",
|
2016-08-05 16:50:22 +00:00
|
|
|
},
|
|
|
|
},
|
2016-11-03 00:52:49 +00:00
|
|
|
Expiry: Expiry{
|
2018-12-13 13:47:51 +00:00
|
|
|
SigningKeys: "7h",
|
|
|
|
IDTokens: "25h",
|
|
|
|
AuthRequests: "25h",
|
2016-11-03 00:52:49 +00:00
|
|
|
},
|
2016-11-22 23:35:46 +00:00
|
|
|
Logger: Logger{
|
|
|
|
Level: "debug",
|
|
|
|
Format: "json",
|
|
|
|
},
|
2016-08-05 16:50:22 +00:00
|
|
|
}
|
|
|
|
|
2016-11-03 22:23:56 +00:00
|
|
|
var c Config
|
|
|
|
if err := yaml.Unmarshal(rawConfig, &c); err != nil {
|
|
|
|
t.Fatalf("failed to decode config: %v", err)
|
2016-08-05 16:50:22 +00:00
|
|
|
}
|
2016-11-03 22:23:56 +00:00
|
|
|
if diff := pretty.Compare(c, want); diff != "" {
|
|
|
|
t.Errorf("got!=want: %s", diff)
|
|
|
|
}
|
|
|
|
|
2016-08-05 16:50:22 +00:00
|
|
|
}
|