This repository has been archived on 2023-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
dex/connector/oidc/oidc_test.go

124 lines
2.8 KiB
Go
Raw Normal View History

package oidc
2017-06-22 05:56:02 +00:00
import (
"net/url"
"os"
"reflect"
"testing"
"github.com/coreos/dex/connector"
"github.com/sirupsen/logrus"
2017-06-22 05:56:02 +00:00
)
func TestKnownBrokenAuthHeaderProvider(t *testing.T) {
tests := []struct {
issuerURL string
expect bool
}{
{"https://dev.oktapreview.com", true},
{"https://dev.okta.com", true},
{"https://okta.com", true},
{"https://dev.oktaaccounts.com", false},
{"https://accounts.google.com", false},
}
for _, tc := range tests {
got := knownBrokenAuthHeaderProvider(tc.issuerURL)
if got != tc.expect {
t.Errorf("knownBrokenAuthHeaderProvider(%q), want=%t, got=%t", tc.issuerURL, tc.expect, got)
}
}
}
2017-06-22 05:56:02 +00:00
func TestOidcConnector_LoginURL(t *testing.T) {
logger := &logrus.Logger{
Out: os.Stderr,
Formatter: &logrus.TextFormatter{DisableColors: true},
Level: logrus.DebugLevel,
}
tests := []struct {
scopes connector.Scopes
hostedDomains []string
wantScopes string
wantHdParam string
}{
{
connector.Scopes{}, []string{"example.com"},
"openid profile email", "example.com",
},
{
connector.Scopes{}, []string{"mydomain.org", "example.com"},
"openid profile email", "*",
},
{
connector.Scopes{}, []string{},
"openid profile email", "",
},
{
connector.Scopes{OfflineAccess: true}, []string{},
"openid profile email", "",
},
}
callback := "https://dex.example.com/callback"
state := "secret"
for _, test := range tests {
config := &Config{
Issuer: "https://accounts.google.com",
ClientID: "client-id",
ClientSecret: "client-secret",
RedirectURI: "https://dex.example.com/callback",
HostedDomains: test.hostedDomains,
}
conn, err := config.Open("oidc", logger)
2017-06-22 05:56:02 +00:00
if err != nil {
t.Errorf("failed to open connector: %v", err)
continue
}
loginURL, err := conn.(connector.CallbackConnector).LoginURL(test.scopes, callback, state)
if err != nil {
t.Errorf("failed to get login URL: %v", err)
continue
}
actual, err := url.Parse(loginURL)
if err != nil {
t.Errorf("failed to parse login URL: %v", err)
continue
}
wanted, _ := url.Parse("https://accounts.google.com/o/oauth2/v2/auth")
wantedQuery := &url.Values{}
wantedQuery.Set("client_id", config.ClientID)
wantedQuery.Set("redirect_uri", config.RedirectURI)
wantedQuery.Set("response_type", "code")
wantedQuery.Set("state", "secret")
wantedQuery.Set("scope", test.wantScopes)
if test.wantHdParam != "" {
wantedQuery.Set("hd", test.wantHdParam)
}
wanted.RawQuery = wantedQuery.Encode()
if !reflect.DeepEqual(actual, wanted) {
t.Errorf("Wanted %v, got %v", wanted, actual)
}
}
}
//func TestOidcConnector_HandleCallback(t *testing.T) {
// logger := &logrus.Logger{
// Out: os.Stderr,
// Formatter: &logrus.TextFormatter{DisableColors: true},
// Level: logrus.DebugLevel,
// }
//
// tests := []struct {
//
// }
//}