Fix some tests.
This commit is contained in:
Mariano Cano
parent
bcaba4f72a
commit
1671ab2590
3 changed files with 17 additions and 15 deletions
|
|
@ -7,6 +7,7 @@ import (
|
||||||
|
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/smallstep/assert"
|
"github.com/smallstep/assert"
|
||||||
|
"github.com/smallstep/certificates/authority/provisioner"
|
||||||
stepJOSE "github.com/smallstep/cli/jose"
|
stepJOSE "github.com/smallstep/cli/jose"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -16,25 +17,25 @@ func testAuthority(t *testing.T) *Authority {
|
||||||
clijwk, err := stepJOSE.ParseKey("testdata/secrets/step_cli_key_pub.jwk")
|
clijwk, err := stepJOSE.ParseKey("testdata/secrets/step_cli_key_pub.jwk")
|
||||||
assert.FatalError(t, err)
|
assert.FatalError(t, err)
|
||||||
disableRenewal := true
|
disableRenewal := true
|
||||||
p := []*Provisioner{
|
p := []*provisioner.Provisioner{
|
||||||
{
|
provisioner.New(&provisioner.JWK{
|
||||||
Name: "Max",
|
Name: "Max",
|
||||||
Type: "JWK",
|
Type: "JWK",
|
||||||
Key: maxjwk,
|
Key: maxjwk,
|
||||||
},
|
}),
|
||||||
{
|
provisioner.New(&provisioner.JWK{
|
||||||
Name: "step-cli",
|
Name: "step-cli",
|
||||||
Type: "JWK",
|
Type: "JWK",
|
||||||
Key: clijwk,
|
Key: clijwk,
|
||||||
},
|
}),
|
||||||
{
|
provisioner.New(&provisioner.JWK{
|
||||||
Name: "dev",
|
Name: "dev",
|
||||||
Type: "JWK",
|
Type: "JWK",
|
||||||
Key: maxjwk,
|
Key: maxjwk,
|
||||||
Claims: &ProvisionerClaims{
|
Claims: &provisioner.Claims{
|
||||||
DisableRenewal: &disableRenewal,
|
DisableRenewal: &disableRenewal,
|
||||||
},
|
},
|
||||||
},
|
}),
|
||||||
}
|
}
|
||||||
c := &Config{
|
c := &Config{
|
||||||
Address: "127.0.0.1:443",
|
Address: "127.0.0.1:443",
|
||||||
|
|
@ -113,11 +114,11 @@ func TestAuthorityNew(t *testing.T) {
|
||||||
assert.True(t, auth.initOnce)
|
assert.True(t, auth.initOnce)
|
||||||
assert.NotNil(t, auth.intermediateIdentity)
|
assert.NotNil(t, auth.intermediateIdentity)
|
||||||
for _, p := range tc.config.AuthorityConfig.Provisioners {
|
for _, p := range tc.config.AuthorityConfig.Provisioners {
|
||||||
_p, ok := auth.provisionerIDIndex.Load(p.ID())
|
_p, ok := auth.provisioners.Load(p.ID())
|
||||||
assert.True(t, ok)
|
assert.True(t, ok)
|
||||||
assert.Equals(t, p, _p)
|
assert.Equals(t, p, _p)
|
||||||
if len(p.EncryptedKey) > 0 {
|
if len(p.EncryptedKey) > 0 {
|
||||||
key, ok := auth.encryptedKeyIndex.Load(p.Key.KeyID)
|
key, ok := auth.provisioners.LoadEncryptedKey(p.Key.KeyID)
|
||||||
assert.True(t, ok)
|
assert.True(t, ok)
|
||||||
assert.Equals(t, p.EncryptedKey, key)
|
assert.Equals(t, p.EncryptedKey, key)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -10,31 +10,31 @@ import (
|
||||||
|
|
||||||
func TestProvisionerInit(t *testing.T) {
|
func TestProvisionerInit(t *testing.T) {
|
||||||
type ProvisionerValidateTest struct {
|
type ProvisionerValidateTest struct {
|
||||||
p *Provisioner
|
p *JWK
|
||||||
err error
|
err error
|
||||||
}
|
}
|
||||||
tests := map[string]func(*testing.T) ProvisionerValidateTest{
|
tests := map[string]func(*testing.T) ProvisionerValidateTest{
|
||||||
"fail-empty-name": func(t *testing.T) ProvisionerValidateTest {
|
"fail-empty-name": func(t *testing.T) ProvisionerValidateTest {
|
||||||
return ProvisionerValidateTest{
|
return ProvisionerValidateTest{
|
||||||
p: &Provisioner{},
|
p: &JWK{},
|
||||||
err: errors.New("provisioner name cannot be empty"),
|
err: errors.New("provisioner name cannot be empty"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fail-empty-type": func(t *testing.T) ProvisionerValidateTest {
|
"fail-empty-type": func(t *testing.T) ProvisionerValidateTest {
|
||||||
return ProvisionerValidateTest{
|
return ProvisionerValidateTest{
|
||||||
p: &Provisioner{Name: "foo"},
|
p: &JWK{Name: "foo"},
|
||||||
err: errors.New("provisioner type cannot be empty"),
|
err: errors.New("provisioner type cannot be empty"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"fail-empty-key": func(t *testing.T) ProvisionerValidateTest {
|
"fail-empty-key": func(t *testing.T) ProvisionerValidateTest {
|
||||||
return ProvisionerValidateTest{
|
return ProvisionerValidateTest{
|
||||||
p: &Provisioner{Name: "foo", Type: "bar"},
|
p: &JWK{Name: "foo", Type: "bar"},
|
||||||
err: errors.New("provisioner key cannot be empty"),
|
err: errors.New("provisioner key cannot be empty"),
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"ok": func(t *testing.T) ProvisionerValidateTest {
|
"ok": func(t *testing.T) ProvisionerValidateTest {
|
||||||
return ProvisionerValidateTest{
|
return ProvisionerValidateTest{
|
||||||
p: &Provisioner{Name: "foo", Type: "bar", Key: &jose.JSONWebKey{}},
|
p: &JWK{Name: "foo", Type: "bar", Key: &jose.JSONWebKey{}},
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -144,6 +144,7 @@ func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts SignOptions, ext
|
||||||
http.StatusInternalServerError, errContext}
|
http.StatusInternalServerError, errContext}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// FIXME: This should be before creating the certificate.
|
||||||
for _, v := range certValidators {
|
for _, v := range certValidators {
|
||||||
if err := v.Valid(serverCert); err != nil {
|
if err := v.Valid(serverCert); err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue