TrueCloudLab/certificates
17
0
Fork 2
Code Issues 1 Pull requests 1 Releases Activity Actions

Add test case

Browse source
This commit is contained in:
max furman 2020-12-18 17:05:25 -05:00
parent 20f8d950c4
commit 1f9aa65d66
1 changed files with 53 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

63
acme/authority_test.go
View file

@ -1389,6 +1389,7 @@ func TestAuthorityValidateChallenge(t *testing.T) {
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "%s\r\n", *keyauthp) fmt.Fprintf(w, "%s\r\n", *keyauthp)
})) }))
t.Cleanup(func() { ts.Close() })
ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://")) ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://"))
assert.FatalError(t, err) assert.FatalError(t, err)
@ -1425,7 +1426,7 @@ func TestAuthorityValidateChallenge(t *testing.T) {
err: ServerInternalErr(errors.New("error attempting challenge validation: error saving acme challenge: force")), err: ServerInternalErr(errors.New("error attempting challenge validation: error saving acme challenge: force")),
} }
}, },
"ok": func(t *testing.T) test { "ok/already-valid": func(t *testing.T) test {
ch, err := newHTTPCh() ch, err := newHTTPCh()
assert.FatalError(t, err) assert.FatalError(t, err)
_ch, ok := ch.(*http01Challenge) _ch, ok := ch.(*http01Challenge)
@ -1449,14 +1450,53 @@ func TestAuthorityValidateChallenge(t *testing.T) {
ch: ch, ch: ch,
} }
}, },
"ok": func(t *testing.T) test {
keyauth := "temp"
keyauthp := &keyauth
// Create test server that returns challenge auth
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "%s\r\n", *keyauthp)
}))
t.Cleanup(func() { ts.Close() })
ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://"))
assert.FatalError(t, err)
jwk, _, err := jose.GenerateDefaultKeyPair([]byte("pass"))
assert.FatalError(t, err)
thumbprint, err := jwk.Thumbprint(crypto.SHA256)
assert.FatalError(t, err)
encPrint := base64.RawURLEncoding.EncodeToString(thumbprint)
*keyauthp = fmt.Sprintf("%s.%s", ch.getToken(), encPrint)
b, err := json.Marshal(ch)
assert.FatalError(t, err)
auth, err := NewAuthority(&db.MockNoSQLDB{
MGet: func(bucket, key []byte) ([]byte, error) {
assert.Equals(t, bucket, challengeTable)
assert.Equals(t, key, []byte(ch.getID()))
return b, nil
},
MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) {
assert.Equals(t, bucket, challengeTable)
assert.Equals(t, key, []byte(ch.getID()))
return nil, true, nil
},
}, "ca.smallstep.com", "acme", nil)
assert.FatalError(t, err)
return test{
auth: auth,
id: ch.getID(),
accID: ch.getAccountID(),
jwk: jwk,
server: ts,
}
},
} }
for name, run := range tests { for name, run := range tests {
t.Run(name, func(t *testing.T) { t.Run(name, func(t *testing.T) {
tc := run(t) tc := run(t)
if tc.server != nil {
defer tc.server.Close()
}
if acmeCh, err := tc.auth.ValidateChallenge(ctx, tc.accID, tc.id, tc.jwk); err != nil { if acmeCh, err := tc.auth.ValidateChallenge(ctx, tc.accID, tc.id, tc.jwk); err != nil {
if assert.NotNil(t, tc.err) { if assert.NotNil(t, tc.err) {
ae, ok := err.(*Error) ae, ok := err.(*Error)
@ -1467,15 +1507,18 @@ func TestAuthorityValidateChallenge(t *testing.T) {
} }
} else { } else {
if assert.Nil(t, tc.err) { if assert.Nil(t, tc.err) {
fmt.Printf("acmeCh = %+v\n", acmeCh)
gotb, err := json.Marshal(acmeCh) gotb, err := json.Marshal(acmeCh)
assert.FatalError(t, err) assert.FatalError(t, err)
acmeExp, err := tc.ch.toACME(ctx, nil, tc.auth.dir) if tc.ch != nil {
assert.FatalError(t, err) acmeExp, err := tc.ch.toACME(ctx, nil, tc.auth.dir)
expb, err := json.Marshal(acmeExp) assert.FatalError(t, err)
assert.FatalError(t, err) expb, err := json.Marshal(acmeExp)
assert.FatalError(t, err)
assert.Equals(t, expb, gotb) assert.Equals(t, expb, gotb)
}
} }
} }
}) })