TrueCloudLab/certificates
17
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions

add unit tests for authority.Provisioners api

Browse source
This commit is contained in:
max furman 2018-10-08 22:40:07 -07:00
parent d773770a44
commit 0e904989d2
2 changed files with 138 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
authority/provisioners.go
View file

@ -1,6 +1,7 @@
package authority
import (
"log"
"net/http"
"github.com/pkg/errors"
@ -30,7 +31,8 @@ func (a *Authority) GetProvisioners() (map[string]*jose.JSONWebKeySet, error) {
a.provisionerIDIndex.Range(func(key, val interface{}) bool {
p, ok := val.(*Provisioner)
if !ok {
return false
log.Printf("authority.GetProvisioners: expected type *Provisioner, but got %T\n", val)
return true
}
ks, found := pks[p.Issuer]
if found {

135
authority/provisioners_test.go Normal file
View file

@ -0,0 +1,135 @@
package authority
import (
"net/http"
"testing"
"github.com/pkg/errors"
"github.com/smallstep/assert"
"github.com/smallstep/cli/jose"
)
func TestGetEncryptedKey(t *testing.T) {
type ek struct {
a *Authority
kid string
err *apiError
}
tests := map[string]func(t *testing.T) *ek{
"ok": func(t *testing.T) *ek {
c, err := LoadConfiguration("../ca/testdata/ca.json")
assert.FatalError(t, err)
a, err := New(c)
assert.FatalError(t, err)
return &ek{
a: a,
kid: c.AuthorityConfig.Provisioners[1].Key.KeyID,
}
},
"fail-not-found": func(t *testing.T) *ek {
c, err := LoadConfiguration("../ca/testdata/ca.json")
assert.FatalError(t, err)
a, err := New(c)
assert.FatalError(t, err)
return &ek{
a: a,
kid: "foo",
err: &apiError{errors.Errorf("encrypted key with kid foo was not found"),
http.StatusNotFound, context{}},
}
},
"fail-invalid-type-found": func(t *testing.T) *ek {
c, err := LoadConfiguration("../ca/testdata/ca.json")
assert.FatalError(t, err)
a, err := New(c)
assert.FatalError(t, err)
a.encryptedKeyIndex.Store("foo", 5)
return &ek{
a: a,
kid: "foo",
err: &apiError{errors.Errorf("stored value is not a string"),
http.StatusInternalServerError, context{}},
}
},
}
for name, genTestCase := range tests {
t.Run(name, func(t *testing.T) {
tc := genTestCase(t)
ek, err := tc.a.GetEncryptedKey(tc.kid)
if err != nil {
if assert.NotNil(t, tc.err) {
switch v := err.(type) {
case *apiError:
assert.HasPrefix(t, v.err.Error(), tc.err.Error())
assert.Equals(t, v.code, tc.err.code)
assert.Equals(t, v.context, tc.err.context)
default:
t.Errorf("unexpected error type: %T", v)
}
}
} else {
if assert.Nil(t, tc.err) {
val, ok := tc.a.provisionerIDIndex.Load(tc.kid)
assert.Fatal(t, ok)
p, ok := val.(*Provisioner)
assert.Fatal(t, ok)
assert.Equals(t, p.EncryptedKey, ek)
}
}
})
}
}
func TestGetProvisioners(t *testing.T) {
type gp struct {
a *Authority
err *apiError
}
tests := map[string]func(t *testing.T) *gp{
"ok": func(t *testing.T) *gp {
c, err := LoadConfiguration("../ca/testdata/ca.json")
assert.FatalError(t, err)
a, err := New(c)
assert.FatalError(t, err)
return &gp{a: a}
},
}
for name, genTestCase := range tests {
t.Run(name, func(t *testing.T) {
tc := genTestCase(t)
ps, err := tc.a.GetProvisioners()
if err != nil {
if assert.NotNil(t, tc.err) {
switch v := err.(type) {
case *apiError:
assert.HasPrefix(t, v.err.Error(), tc.err.Error())
assert.Equals(t, v.code, tc.err.code)
assert.Equals(t, v.context, tc.err.context)
default:
t.Errorf("unexpected error type: %T", v)
}
}
} else {
if assert.Nil(t, tc.err) {
var cps = tc.a.config.AuthorityConfig.Provisioners
maxks, found := ps["max"]
assert.Fatal(t, found)
assert.Equals(t, maxks.Keys, []jose.JSONWebKey{*cps[0].Key, *cps[1].Key})
marianoks, found := ps["mariano"]
assert.Fatal(t, found)
assert.Equals(t, marianoks.Keys, []jose.JSONWebKey{*cps[3].Key, *cps[4].Key})
stepcliks, found := ps["step-cli"]
assert.Fatal(t, found)
assert.Equals(t, stepcliks.Keys, []jose.JSONWebKey{*cps[2].Key})
}
}
})
}
}