Fix broken ValidateChallenge test

This commit is contained in:
max furman 2020-12-18 11:17:12 -05:00
parent bae209741f
commit 20f8d950c4
3 changed files with 56 additions and 7 deletions

View file

@ -2,9 +2,14 @@ package acme
import (
"context"
"crypto"
"encoding/base64"
"encoding/json"
"fmt"
"net/http"
"net/http/httptest"
"net/url"
"strings"
"testing"
"time"
@ -1331,11 +1336,14 @@ func TestAuthorityValidateChallenge(t *testing.T) {
prov := newProv()
ctx := context.WithValue(context.Background(), ProvisionerContextKey, prov)
ctx = context.WithValue(ctx, BaseURLContextKey, "https://test.ca.smallstep.com:8080")
type test struct {
auth *Authority
id, accID string
err *Error
ch challenge
jwk *jose.JSONWebKey
server *httptest.Server
}
tests := map[string]func(t *testing.T) test{
"fail/getChallenge-error": func(t *testing.T) test {
@ -1375,8 +1383,24 @@ func TestAuthorityValidateChallenge(t *testing.T) {
}
},
"fail/validate-error": func(t *testing.T) test {
ch, err := newHTTPCh()
keyauth := "temp"
keyauthp := &keyauth
// Create test server that returns challenge auth
ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "%s\r\n", *keyauthp)
}))
ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://"))
assert.FatalError(t, err)
jwk, _, err := jose.GenerateDefaultKeyPair([]byte("pass"))
assert.FatalError(t, err)
thumbprint, err := jwk.Thumbprint(crypto.SHA256)
assert.FatalError(t, err)
encPrint := base64.RawURLEncoding.EncodeToString(thumbprint)
*keyauthp = fmt.Sprintf("%s.%s", ch.getToken(), encPrint)
b, err := json.Marshal(ch)
assert.FatalError(t, err)
auth, err := NewAuthority(&db.MockNoSQLDB{
@ -1393,10 +1417,12 @@ func TestAuthorityValidateChallenge(t *testing.T) {
}, "ca.smallstep.com", "acme", nil)
assert.FatalError(t, err)
return test{
auth: auth,
id: ch.getID(),
accID: ch.getAccountID(),
err: ServerInternalErr(errors.New("error attempting challenge validation: error saving acme challenge: force")),
auth: auth,
id: ch.getID(),
accID: ch.getAccountID(),
jwk: jwk,
server: ts,
err: ServerInternalErr(errors.New("error attempting challenge validation: error saving acme challenge: force")),
}
},
"ok": func(t *testing.T) test {
@ -1427,7 +1453,11 @@ func TestAuthorityValidateChallenge(t *testing.T) {
for name, run := range tests {
t.Run(name, func(t *testing.T) {
tc := run(t)
if acmeCh, err := tc.auth.ValidateChallenge(ctx, tc.accID, tc.id, nil); err != nil {
if tc.server != nil {
defer tc.server.Close()
}
if acmeCh, err := tc.auth.ValidateChallenge(ctx, tc.accID, tc.id, tc.jwk); err != nil {
if assert.NotNil(t, tc.err) {
ae, ok := err.(*Error)
assert.True(t, ok)

View file

@ -238,7 +238,10 @@ func (bc *baseChallenge) validate(db nosql.DB, jwk *jose.JSONWebKey, vo validate
func (bc *baseChallenge) storeError(db nosql.DB, err *Error) error {
clone := bc.clone()
clone.Error = err.ToACME()
return clone.save(db, bc)
if err := clone.save(db, bc); err != nil {
return ServerInternalErr(errors.Wrap(err, "failure saving error to acme challenge"))
}
return nil
}
// unmarshalChallenge unmarshals a challenge type into the correct sub-type.

View file

@ -69,6 +69,22 @@ func newHTTPCh() (challenge, error) {
return newHTTP01Challenge(mockdb, testOps)
}
func newHTTPChWithServer(host string) (challenge, error) {
mockdb := &db.MockNoSQLDB{
MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) {
return []byte("foo"), true, nil
},
}
return newHTTP01Challenge(mockdb, ChallengeOptions{
AccountID: "accID",
AuthzID: "authzID",
Identifier: Identifier{
Type: "", // will get set correctly depending on the "new.." method.
Value: host,
},
})
}
func TestNewHTTP01Challenge(t *testing.T) {
ops := ChallengeOptions{
AccountID: "accID",