From 1f9aa65d666433b3a30428c652a82c6db51b131d Mon Sep 17 00:00:00 2001 From: max furman Date: Fri, 18 Dec 2020 17:05:25 -0500 Subject: [PATCH] Add test case --- acme/authority_test.go | 63 +++++++++++++++++++++++++++++++++++------- 1 file changed, 53 insertions(+), 10 deletions(-) diff --git a/acme/authority_test.go b/acme/authority_test.go index 961805fa..04cf90b0 100644 --- a/acme/authority_test.go +++ b/acme/authority_test.go @@ -1389,6 +1389,7 @@ func TestAuthorityValidateChallenge(t *testing.T) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { fmt.Fprintf(w, "%s\r\n", *keyauthp) })) + t.Cleanup(func() { ts.Close() }) ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://")) assert.FatalError(t, err) @@ -1425,7 +1426,7 @@ func TestAuthorityValidateChallenge(t *testing.T) { err: ServerInternalErr(errors.New("error attempting challenge validation: error saving acme challenge: force")), } }, - "ok": func(t *testing.T) test { + "ok/already-valid": func(t *testing.T) test { ch, err := newHTTPCh() assert.FatalError(t, err) _ch, ok := ch.(*http01Challenge) @@ -1449,14 +1450,53 @@ func TestAuthorityValidateChallenge(t *testing.T) { ch: ch, } }, + "ok": func(t *testing.T) test { + keyauth := "temp" + keyauthp := &keyauth + // Create test server that returns challenge auth + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fmt.Fprintf(w, "%s\r\n", *keyauthp) + })) + t.Cleanup(func() { ts.Close() }) + + ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://")) + assert.FatalError(t, err) + + jwk, _, err := jose.GenerateDefaultKeyPair([]byte("pass")) + assert.FatalError(t, err) + + thumbprint, err := jwk.Thumbprint(crypto.SHA256) + assert.FatalError(t, err) + encPrint := base64.RawURLEncoding.EncodeToString(thumbprint) + *keyauthp = fmt.Sprintf("%s.%s", ch.getToken(), encPrint) + + b, err := json.Marshal(ch) + assert.FatalError(t, err) + auth, err := NewAuthority(&db.MockNoSQLDB{ + MGet: func(bucket, key []byte) ([]byte, error) { + assert.Equals(t, bucket, challengeTable) + assert.Equals(t, key, []byte(ch.getID())) + return b, nil + }, + MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) { + assert.Equals(t, bucket, challengeTable) + assert.Equals(t, key, []byte(ch.getID())) + return nil, true, nil + }, + }, "ca.smallstep.com", "acme", nil) + assert.FatalError(t, err) + return test{ + auth: auth, + id: ch.getID(), + accID: ch.getAccountID(), + jwk: jwk, + server: ts, + } + }, } for name, run := range tests { t.Run(name, func(t *testing.T) { tc := run(t) - - if tc.server != nil { - defer tc.server.Close() - } if acmeCh, err := tc.auth.ValidateChallenge(ctx, tc.accID, tc.id, tc.jwk); err != nil { if assert.NotNil(t, tc.err) { ae, ok := err.(*Error) @@ -1467,15 +1507,18 @@ func TestAuthorityValidateChallenge(t *testing.T) { } } else { if assert.Nil(t, tc.err) { + fmt.Printf("acmeCh = %+v\n", acmeCh) gotb, err := json.Marshal(acmeCh) assert.FatalError(t, err) - acmeExp, err := tc.ch.toACME(ctx, nil, tc.auth.dir) - assert.FatalError(t, err) - expb, err := json.Marshal(acmeExp) - assert.FatalError(t, err) + if tc.ch != nil { + acmeExp, err := tc.ch.toACME(ctx, nil, tc.auth.dir) + assert.FatalError(t, err) + expb, err := json.Marshal(acmeExp) + assert.FatalError(t, err) - assert.Equals(t, expb, gotb) + assert.Equals(t, expb, gotb) + } } } })