Add revoke ssh unit test

This commit is contained in:
Mariano Cano 2022-05-25 17:10:07 -07:00
parent ce9a23a0f7
commit 9c049eec5a

View file

@ -1301,8 +1301,11 @@ func TestAuthority_Revoke(t *testing.T) {
a := testAuthority(t)
tlsRevokeCtx := provisioner.NewContextWithMethod(context.Background(), provisioner.RevokeMethod)
type test struct {
auth *Authority
ctx context.Context
opts *RevokeOptions
err error
code int
@ -1312,6 +1315,7 @@ func TestAuthority_Revoke(t *testing.T) {
"fail/token/authorizeRevoke error": func() test {
return test{
auth: a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
OTT: "foo",
Serial: "sn",
@ -1336,6 +1340,7 @@ func TestAuthority_Revoke(t *testing.T) {
return test{
auth: a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Serial: "sn",
ReasonCode: reasonCode,
@ -1375,6 +1380,7 @@ func TestAuthority_Revoke(t *testing.T) {
return test{
auth: _a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Serial: "sn",
ReasonCode: reasonCode,
@ -1414,6 +1420,7 @@ func TestAuthority_Revoke(t *testing.T) {
return test{
auth: _a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Serial: "sn",
ReasonCode: reasonCode,
@ -1451,6 +1458,7 @@ func TestAuthority_Revoke(t *testing.T) {
assert.FatalError(t, err)
return test{
auth: _a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Serial: "sn",
ReasonCode: reasonCode,
@ -1467,6 +1475,7 @@ func TestAuthority_Revoke(t *testing.T) {
return test{
auth: _a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Crt: crt,
Serial: "102012593071130646873265215610956555026",
@ -1491,6 +1500,7 @@ func TestAuthority_Revoke(t *testing.T) {
return test{
auth: _a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Crt: crt,
Serial: "102012593071130646873265215610956555026",
@ -1508,6 +1518,7 @@ func TestAuthority_Revoke(t *testing.T) {
return test{
auth: _a,
ctx: tlsRevokeCtx,
opts: &RevokeOptions{
Crt: crt,
Serial: "102012593071130646873265215610956555026",
@ -1517,12 +1528,42 @@ func TestAuthority_Revoke(t *testing.T) {
},
}
},
"ok/ssh": func() test {
a := testAuthority(t, WithDatabase(&db.MockAuthDB{
MRevoke: func(rci *db.RevokedCertificateInfo) error {
return errors.New("Revoke was called")
},
MRevokeSSH: func(rci *db.RevokedCertificateInfo) error {
return nil
},
}))
cl := jwt.Claims{
Subject: "sn",
Issuer: validIssuer,
NotBefore: jwt.NewNumericDate(now),
Expiry: jwt.NewNumericDate(now.Add(time.Minute)),
Audience: validAudience,
ID: "44",
}
raw, err := jwt.Signed(sig).Claims(cl).CompactSerialize()
assert.FatalError(t, err)
return test{
auth: a,
ctx: provisioner.NewContextWithMethod(context.Background(), provisioner.SSHRevokeMethod),
opts: &RevokeOptions{
Serial: "sn",
ReasonCode: reasonCode,
Reason: reason,
OTT: raw,
},
}
},
}
for name, f := range tests {
tc := f()
t.Run(name, func(t *testing.T) {
ctx := provisioner.NewContextWithMethod(context.Background(), provisioner.RevokeMethod)
if err := tc.auth.Revoke(ctx, tc.opts); err != nil {
if err := tc.auth.Revoke(tc.ctx, tc.opts); err != nil {
if assert.NotNil(t, tc.err, fmt.Sprintf("unexpected error: %s", err)) {
sc, ok := err.(render.StatusCodedError)
assert.Fatal(t, ok, "error does not implement StatusCodedError interface")