Fix some tests.

This commit is contained in:
Mariano Cano 2019-03-07 12:15:18 -08:00
parent bcaba4f72a
commit 1671ab2590
3 changed files with 17 additions and 15 deletions

View file

@ -7,6 +7,7 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/smallstep/assert" "github.com/smallstep/assert"
"github.com/smallstep/certificates/authority/provisioner"
stepJOSE "github.com/smallstep/cli/jose" stepJOSE "github.com/smallstep/cli/jose"
) )
@ -16,25 +17,25 @@ func testAuthority(t *testing.T) *Authority {
clijwk, err := stepJOSE.ParseKey("testdata/secrets/step_cli_key_pub.jwk") clijwk, err := stepJOSE.ParseKey("testdata/secrets/step_cli_key_pub.jwk")
assert.FatalError(t, err) assert.FatalError(t, err)
disableRenewal := true disableRenewal := true
p := []*Provisioner{ p := []*provisioner.Provisioner{
{ provisioner.New(&provisioner.JWK{
Name: "Max", Name: "Max",
Type: "JWK", Type: "JWK",
Key: maxjwk, Key: maxjwk,
}, }),
{ provisioner.New(&provisioner.JWK{
Name: "step-cli", Name: "step-cli",
Type: "JWK", Type: "JWK",
Key: clijwk, Key: clijwk,
}, }),
{ provisioner.New(&provisioner.JWK{
Name: "dev", Name: "dev",
Type: "JWK", Type: "JWK",
Key: maxjwk, Key: maxjwk,
Claims: &ProvisionerClaims{ Claims: &provisioner.Claims{
DisableRenewal: &disableRenewal, DisableRenewal: &disableRenewal,
}, },
}, }),
} }
c := &Config{ c := &Config{
Address: "127.0.0.1:443", Address: "127.0.0.1:443",
@ -113,11 +114,11 @@ func TestAuthorityNew(t *testing.T) {
assert.True(t, auth.initOnce) assert.True(t, auth.initOnce)
assert.NotNil(t, auth.intermediateIdentity) assert.NotNil(t, auth.intermediateIdentity)
for _, p := range tc.config.AuthorityConfig.Provisioners { for _, p := range tc.config.AuthorityConfig.Provisioners {
_p, ok := auth.provisionerIDIndex.Load(p.ID()) _p, ok := auth.provisioners.Load(p.ID())
assert.True(t, ok) assert.True(t, ok)
assert.Equals(t, p, _p) assert.Equals(t, p, _p)
if len(p.EncryptedKey) > 0 { if len(p.EncryptedKey) > 0 {
key, ok := auth.encryptedKeyIndex.Load(p.Key.KeyID) key, ok := auth.provisioners.LoadEncryptedKey(p.Key.KeyID)
assert.True(t, ok) assert.True(t, ok)
assert.Equals(t, p.EncryptedKey, key) assert.Equals(t, p.EncryptedKey, key)
} }

View file

@ -10,31 +10,31 @@ import (
func TestProvisionerInit(t *testing.T) { func TestProvisionerInit(t *testing.T) {
type ProvisionerValidateTest struct { type ProvisionerValidateTest struct {
p *Provisioner p *JWK
err error err error
} }
tests := map[string]func(*testing.T) ProvisionerValidateTest{ tests := map[string]func(*testing.T) ProvisionerValidateTest{
"fail-empty-name": func(t *testing.T) ProvisionerValidateTest { "fail-empty-name": func(t *testing.T) ProvisionerValidateTest {
return ProvisionerValidateTest{ return ProvisionerValidateTest{
p: &Provisioner{}, p: &JWK{},
err: errors.New("provisioner name cannot be empty"), err: errors.New("provisioner name cannot be empty"),
} }
}, },
"fail-empty-type": func(t *testing.T) ProvisionerValidateTest { "fail-empty-type": func(t *testing.T) ProvisionerValidateTest {
return ProvisionerValidateTest{ return ProvisionerValidateTest{
p: &Provisioner{Name: "foo"}, p: &JWK{Name: "foo"},
err: errors.New("provisioner type cannot be empty"), err: errors.New("provisioner type cannot be empty"),
} }
}, },
"fail-empty-key": func(t *testing.T) ProvisionerValidateTest { "fail-empty-key": func(t *testing.T) ProvisionerValidateTest {
return ProvisionerValidateTest{ return ProvisionerValidateTest{
p: &Provisioner{Name: "foo", Type: "bar"}, p: &JWK{Name: "foo", Type: "bar"},
err: errors.New("provisioner key cannot be empty"), err: errors.New("provisioner key cannot be empty"),
} }
}, },
"ok": func(t *testing.T) ProvisionerValidateTest { "ok": func(t *testing.T) ProvisionerValidateTest {
return ProvisionerValidateTest{ return ProvisionerValidateTest{
p: &Provisioner{Name: "foo", Type: "bar", Key: &jose.JSONWebKey{}}, p: &JWK{Name: "foo", Type: "bar", Key: &jose.JSONWebKey{}},
} }
}, },
} }

View file

@ -144,6 +144,7 @@ func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts SignOptions, ext
http.StatusInternalServerError, errContext} http.StatusInternalServerError, errContext}
} }
// FIXME: This should be before creating the certificate.
for _, v := range certValidators { for _, v := range certValidators {
if err := v.Valid(serverCert); err != nil { if err := v.Valid(serverCert); err != nil {
return nil, nil, err return nil, nil, err