feat: connector for Atlassian Crowd
This commit is contained in:
Ivan Mikheykin
committed by
m.nabokikh
m.nabokikh
parent
0f1927a1ba
commit
7ef1179e75
150
connector/atlassiancrowd/atlassiancrowd_test.go
Normal file
150
connector/atlassiancrowd/atlassiancrowd_test.go
Normal file
@@ -0,0 +1,150 @@
|
||||
// Package atlassiancrowd provides authentication strategies using Atlassian Crowd.
|
||||
package atlassiancrowd
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
func TestUserGroups(t *testing.T) {
|
||||
s := newTestServer(map[string]TestServerResponse{
|
||||
"/rest/usermanagement/1/user/group/nested?username=testuser": {
|
||||
Body: crowdGroups{Groups: []struct{ Name string }{{Name: "group1"}, {Name: "group2"}}},
|
||||
Code: 200,
|
||||
},
|
||||
})
|
||||
defer s.Close()
|
||||
|
||||
c := newTestCrowdConnector(s.URL)
|
||||
groups, err := c.getGroups(context.Background(), newClient(), true, "testuser")
|
||||
|
||||
expectNil(t, err)
|
||||
expectEquals(t, groups, []string{"group1", "group2"})
|
||||
}
|
||||
|
||||
func TestUserGroupsWithFiltering(t *testing.T) {
|
||||
s := newTestServer(map[string]TestServerResponse{
|
||||
"/rest/usermanagement/1/user/group/nested?username=testuser": {
|
||||
Body: crowdGroups{Groups: []struct{ Name string }{{Name: "group1"}, {Name: "group2"}}},
|
||||
Code: 200,
|
||||
},
|
||||
})
|
||||
defer s.Close()
|
||||
|
||||
c := newTestCrowdConnector(s.URL)
|
||||
c.Groups = []string{"group1"}
|
||||
groups, err := c.getGroups(context.Background(), newClient(), true, "testuser")
|
||||
|
||||
expectNil(t, err)
|
||||
expectEquals(t, groups, []string{"group1"})
|
||||
}
|
||||
|
||||
func TestUserLoginFlow(t *testing.T) {
|
||||
s := newTestServer(map[string]TestServerResponse{
|
||||
"/rest/usermanagement/1/session?validate-password=false": {
|
||||
Body: crowdAuthentication{},
|
||||
Code: 201,
|
||||
},
|
||||
"/rest/usermanagement/1/user?username=testuser": {
|
||||
Body: crowdUser{Active: true, Name: "testuser", Email: "testuser@example.com"},
|
||||
Code: 200,
|
||||
},
|
||||
"/rest/usermanagement/1/user?username=testuser2": {
|
||||
Body: `<html>The server understood the request but refuses to authorize it.</html>`,
|
||||
Code: 403,
|
||||
},
|
||||
})
|
||||
defer s.Close()
|
||||
|
||||
c := newTestCrowdConnector(s.URL)
|
||||
user, err := c.user(context.Background(), newClient(), "testuser")
|
||||
expectNil(t, err)
|
||||
expectEquals(t, user.Name, "testuser")
|
||||
expectEquals(t, user.Email, "testuser@example.com")
|
||||
|
||||
_, err = c.identityFromCrowdUser(user)
|
||||
expectNil(t, err)
|
||||
|
||||
err = c.authenticateUser(context.Background(), newClient(), "testuser")
|
||||
expectNil(t, err)
|
||||
|
||||
_, err = c.user(context.Background(), newClient(), "testuser2")
|
||||
expectEquals(t, err, fmt.Errorf("dex is forbidden from making requests to the Atlassian Crowd application by URL %q", s.URL))
|
||||
}
|
||||
|
||||
func TestUserPassword(t *testing.T) {
|
||||
s := newTestServer(map[string]TestServerResponse{
|
||||
"/rest/usermanagement/1/session": {
|
||||
Body: crowdAuthenticationError{Reason: "INVALID_USER_AUTHENTICATION", Message: "test"},
|
||||
Code: 401,
|
||||
},
|
||||
"/rest/usermanagement/1/session?validate-password=false": {
|
||||
Body: crowdAuthentication{},
|
||||
Code: 201,
|
||||
},
|
||||
})
|
||||
defer s.Close()
|
||||
|
||||
c := newTestCrowdConnector(s.URL)
|
||||
invalidPassword, err := c.authenticateWithPassword(context.Background(), newClient(), "testuser", "testpassword")
|
||||
|
||||
expectNil(t, err)
|
||||
expectEquals(t, invalidPassword, true)
|
||||
|
||||
err = c.authenticateUser(context.Background(), newClient(), "testuser")
|
||||
expectNil(t, err)
|
||||
}
|
||||
|
||||
type TestServerResponse struct {
|
||||
Body interface{}
|
||||
Code int
|
||||
}
|
||||
|
||||
func newTestCrowdConnector(baseURL string) crowdConnector {
|
||||
connector := crowdConnector{}
|
||||
connector.BaseURL = baseURL
|
||||
connector.logger = &logrus.Logger{
|
||||
Out: ioutil.Discard,
|
||||
Level: logrus.DebugLevel,
|
||||
Formatter: &logrus.TextFormatter{DisableColors: true},
|
||||
}
|
||||
return connector
|
||||
}
|
||||
|
||||
func newTestServer(responses map[string]TestServerResponse) *httptest.Server {
|
||||
s := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
response := responses[r.RequestURI]
|
||||
w.Header().Add("Content-Type", "application/json")
|
||||
w.WriteHeader(response.Code)
|
||||
json.NewEncoder(w).Encode(response.Body)
|
||||
}))
|
||||
return s
|
||||
}
|
||||
|
||||
func newClient() *http.Client {
|
||||
tr := &http.Transport{
|
||||
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
|
||||
}
|
||||
return &http.Client{Transport: tr}
|
||||
}
|
||||
|
||||
func expectNil(t *testing.T, a interface{}) {
|
||||
if a != nil {
|
||||
t.Errorf("Expected %+v to equal nil", a)
|
||||
}
|
||||
}
|
||||
|
||||
func expectEquals(t *testing.T, a interface{}, b interface{}) {
|
||||
if !reflect.DeepEqual(a, b) {
|
||||
t.Errorf("Expected %+v to equal %+v", a, b)
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user