package google import ( "encoding/json" "fmt" "net/http" "net/http/httptest" "os" "testing" "github.com/sirupsen/logrus" "github.com/stretchr/testify/assert" ) func testSetup(t *testing.T) *httptest.Server { mux := http.NewServeMux() // TODO: mock calls // mux.HandleFunc("/admin/directory/v1/groups", func(w http.ResponseWriter, r *http.Request) { // w.Header().Add("Content-Type", "application/json") // json.NewEncoder(w).Encode(&admin.Groups{ // Groups: []*admin.Group{}, // }) // }) return httptest.NewServer(mux) } func newConnector(config *Config, serverURL string) (*googleConnector, error) { log := logrus.New() conn, err := config.Open("id", log) if err != nil { return nil, err } googleConn, ok := conn.(*googleConnector) if !ok { return nil, fmt.Errorf("failed to convert to googleConnector") } return googleConn, nil } func tempServiceAccountKey() (string, error) { fd, err := os.CreateTemp("", "google_service_account_key") if err != nil { return "", err } defer fd.Close() err = json.NewEncoder(fd).Encode(map[string]string{ "type": "service_account", "project_id": "sample-project", "private_key_id": "sample-key-id", "private_key": "-----BEGIN PRIVATE KEY-----\nsample-key\n-----END PRIVATE KEY-----\n", "client_id": "sample-client-id", "client_x509_cert_url": "localhost", }) return fd.Name(), err } func TestOpen(t *testing.T) { ts := testSetup(t) defer ts.Close() type testCase struct { config *Config expectedErr string // string to set in GOOGLE_APPLICATION_CREDENTIALS. As local development environments can // already contain ADC, test cases will be built uppon this setting this env variable adc string } serviceAccountFilePath, err := tempServiceAccountKey() assert.Nil(t, err) for name, reference := range map[string]testCase{ "not_requesting_groups": { config: &Config{ ClientID: "testClient", ClientSecret: "testSecret", RedirectURI: ts.URL + "/callback", Scopes: []string{"openid"}, }, expectedErr: "", }, "missing_admin_email": { config: &Config{ ClientID: "testClient", ClientSecret: "testSecret", RedirectURI: ts.URL + "/callback", Scopes: []string{"openid", "groups"}, Groups: []string{"someGroup"}, }, expectedErr: "requires adminEmail", }, "service_account_key_not_found": { config: &Config{ ClientID: "testClient", ClientSecret: "testSecret", RedirectURI: ts.URL + "/callback", Scopes: []string{"openid", "groups"}, AdminEmail: "foo@bar.com", ServiceAccountFilePath: "not_found.json", Groups: []string{"someGroup"}, }, expectedErr: "error reading credentials", }, "service_account_key_valid": { config: &Config{ ClientID: "testClient", ClientSecret: "testSecret", RedirectURI: ts.URL + "/callback", Scopes: []string{"openid", "groups"}, AdminEmail: "foo@bar.com", ServiceAccountFilePath: serviceAccountFilePath, Groups: []string{"someGroup"}, }, expectedErr: "", }, "adc": { config: &Config{ ClientID: "testClient", ClientSecret: "testSecret", RedirectURI: ts.URL + "/callback", Scopes: []string{"openid", "groups"}, AdminEmail: "foo@bar.com", Groups: []string{"someGroup"}, }, adc: serviceAccountFilePath, expectedErr: "", }, "adc_priority": { config: &Config{ ClientID: "testClient", ClientSecret: "testSecret", RedirectURI: ts.URL + "/callback", Scopes: []string{"openid", "groups"}, AdminEmail: "foo@bar.com", ServiceAccountFilePath: serviceAccountFilePath, Groups: []string{"someGroup"}, }, adc: "/dev/null", expectedErr: "", }, } { reference := reference t.Run(name, func(t *testing.T) { assert := assert.New(t) os.Setenv("GOOGLE_APPLICATION_CREDENTIALS", reference.adc) conn, err := newConnector(reference.config, ts.URL) if reference.expectedErr == "" { assert.Nil(err) assert.NotNil(conn) } else { assert.ErrorContains(err, reference.expectedErr) } }) } }