forked from TrueCloudLab/certificates
Improve identity tests.
This commit is contained in:
parent
0d9a9e083e
commit
3717c7a8d3
6 changed files with 148 additions and 11 deletions
|
@ -76,11 +76,38 @@ func TestLoadClient(t *testing.T) {
|
|||
want *Client
|
||||
wantErr bool
|
||||
}{
|
||||
{"ok", func() { IdentityFile = "testdata/config/identity.json"; DefaultsFile = "testdata/config/defaults.json" }, expected, false},
|
||||
{"fail identity", func() { IdentityFile = "testdata/config/missing.json"; DefaultsFile = "testdata/config/defaults.json" }, nil, true},
|
||||
{"fail identity", func() { IdentityFile = "testdata/config/fail.json"; DefaultsFile = "testdata/config/defaults.json" }, nil, true},
|
||||
{"fail defaults", func() { IdentityFile = "testdata/config/identity.json"; DefaultsFile = "testdata/config/missing.json" }, nil, true},
|
||||
{"fail defaults", func() { IdentityFile = "testdata/config/identity.json"; DefaultsFile = "testdata/config/fail.json" }, nil, true},
|
||||
{"ok", func() {
|
||||
IdentityFile = "testdata/config/identity.json"
|
||||
DefaultsFile = "testdata/config/defaults.json"
|
||||
}, expected, false},
|
||||
{"fail identity", func() {
|
||||
IdentityFile = "testdata/config/missing.json"
|
||||
DefaultsFile = "testdata/config/defaults.json"
|
||||
}, nil, true},
|
||||
{"fail identity", func() {
|
||||
IdentityFile = "testdata/config/fail.json"
|
||||
DefaultsFile = "testdata/config/defaults.json"
|
||||
}, nil, true},
|
||||
{"fail defaults", func() {
|
||||
IdentityFile = "testdata/config/identity.json"
|
||||
DefaultsFile = "testdata/config/missing.json"
|
||||
}, nil, true},
|
||||
{"fail defaults", func() {
|
||||
IdentityFile = "testdata/config/identity.json"
|
||||
DefaultsFile = "testdata/config/fail.json"
|
||||
}, nil, true},
|
||||
{"fail ca", func() {
|
||||
IdentityFile = "testdata/config/identity.json"
|
||||
DefaultsFile = "testdata/config/badca.json"
|
||||
}, nil, true},
|
||||
{"fail root", func() {
|
||||
IdentityFile = "testdata/config/identity.json"
|
||||
DefaultsFile = "testdata/config/badroot.json"
|
||||
}, nil, true},
|
||||
{"fail type", func() {
|
||||
IdentityFile = "testdata/config/badIdentity.json"
|
||||
DefaultsFile = "testdata/config/defaults.json"
|
||||
}, nil, true},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
|
|
|
@ -58,21 +58,26 @@ func LoadDefaultIdentity() (*Identity, error) {
|
|||
return identity, nil
|
||||
}
|
||||
|
||||
// configDir and identityDir are used in WriteDefaultIdentity for testing
|
||||
// purposes.
|
||||
var (
|
||||
configDir = filepath.Join(config.StepPath(), "config")
|
||||
identityDir = filepath.Join(config.StepPath(), "identity")
|
||||
)
|
||||
|
||||
// WriteDefaultIdentity writes the given certificates and key and the
|
||||
// identity.json pointing to the new files.
|
||||
func WriteDefaultIdentity(certChain []api.Certificate, key crypto.PrivateKey) error {
|
||||
base := filepath.Join(config.StepPath(), "config")
|
||||
if err := os.MkdirAll(base, 0700); err != nil {
|
||||
if err := os.MkdirAll(configDir, 0700); err != nil {
|
||||
return errors.Wrap(err, "error creating config directory")
|
||||
}
|
||||
|
||||
base = filepath.Join(config.StepPath(), "identity")
|
||||
if err := os.MkdirAll(base, 0700); err != nil {
|
||||
if err := os.MkdirAll(identityDir, 0700); err != nil {
|
||||
return errors.Wrap(err, "error creating identity directory")
|
||||
}
|
||||
|
||||
certFilename := filepath.Join(base, "identity.crt")
|
||||
keyFilename := filepath.Join(base, "identity_key")
|
||||
certFilename := filepath.Join(identityDir, "identity.crt")
|
||||
keyFilename := filepath.Join(identityDir, "identity_key")
|
||||
|
||||
// Write certificate
|
||||
buf := new(bytes.Buffer)
|
||||
|
|
|
@ -1,9 +1,17 @@
|
|||
package identity
|
||||
|
||||
import (
|
||||
"crypto"
|
||||
"crypto/tls"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"reflect"
|
||||
"testing"
|
||||
|
||||
"github.com/smallstep/cli/crypto/pemutil"
|
||||
|
||||
"github.com/smallstep/certificates/api"
|
||||
)
|
||||
|
||||
func TestLoadDefaultIdentity(t *testing.T) {
|
||||
|
@ -164,3 +172,83 @@ func Test_fileExists(t *testing.T) {
|
|||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestWriteDefaultIdentity(t *testing.T) {
|
||||
tmpDir, err := ioutil.TempDir(os.TempDir(), "go-tests")
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
oldConfigDir := configDir
|
||||
oldIdentityDir := identityDir
|
||||
oldIdentityFile := IdentityFile
|
||||
defer func() {
|
||||
configDir = oldConfigDir
|
||||
identityDir = oldIdentityDir
|
||||
IdentityFile = oldIdentityFile
|
||||
os.RemoveAll(tmpDir)
|
||||
}()
|
||||
|
||||
certs, err := pemutil.ReadCertificateBundle("testdata/identity/identity.crt")
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
key, err := pemutil.Read("testdata/identity/identity_key")
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
var certChain []api.Certificate
|
||||
for _, c := range certs {
|
||||
certChain = append(certChain, api.Certificate{Certificate: c})
|
||||
}
|
||||
|
||||
configDir = filepath.Join(tmpDir, "config")
|
||||
identityDir = filepath.Join(tmpDir, "identity")
|
||||
IdentityFile = filepath.Join(tmpDir, "config", "identity.json")
|
||||
|
||||
type args struct {
|
||||
certChain []api.Certificate
|
||||
key crypto.PrivateKey
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
prepare func()
|
||||
args args
|
||||
wantErr bool
|
||||
}{
|
||||
{"ok", func() {}, args{certChain, key}, false},
|
||||
{"fail mkdir config", func() {
|
||||
configDir = filepath.Join(tmpDir, "identity", "identity.crt")
|
||||
identityDir = filepath.Join(tmpDir, "identity")
|
||||
}, args{certChain, key}, true},
|
||||
{"fail mkdir identity", func() {
|
||||
configDir = filepath.Join(tmpDir, "config")
|
||||
identityDir = filepath.Join(tmpDir, "identity", "identity.crt")
|
||||
}, args{certChain, key}, true},
|
||||
{"fail certificate", func() {
|
||||
configDir = filepath.Join(tmpDir, "config")
|
||||
identityDir = filepath.Join(tmpDir, "bad-dir")
|
||||
os.MkdirAll(identityDir, 0600)
|
||||
}, args{certChain, key}, true},
|
||||
{"fail key", func() {
|
||||
configDir = filepath.Join(tmpDir, "config")
|
||||
identityDir = filepath.Join(tmpDir, "identity")
|
||||
}, args{certChain, "badKey"}, true},
|
||||
{"fail write identity", func() {
|
||||
configDir = filepath.Join(tmpDir, "bad-dir")
|
||||
identityDir = filepath.Join(tmpDir, "identity")
|
||||
IdentityFile = filepath.Join(configDir, "identity.json")
|
||||
os.MkdirAll(configDir, 0600)
|
||||
}, args{certChain, key}, true},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
tt.prepare()
|
||||
if err := WriteDefaultIdentity(tt.args.certChain, tt.args.key); (err != nil) != tt.wantErr {
|
||||
t.Errorf("WriteDefaultIdentity() error = %v, wantErr %v", err, tt.wantErr)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
5
ca/identity/testdata/config/badIdentity.json
vendored
Normal file
5
ca/identity/testdata/config/badIdentity.json
vendored
Normal file
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
"type": "",
|
||||
"crt": "testdata/identity/identity.crt",
|
||||
"key": "testdata/identity/identity_key"
|
||||
}
|
6
ca/identity/testdata/config/badca.json
vendored
Normal file
6
ca/identity/testdata/config/badca.json
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"ca-url": ":",
|
||||
"ca-config": "testdata/config/ca.json",
|
||||
"fingerprint": "9dc35eef23a234b2520516a3169090d7ec2fc61323bdd6e4fde08bcfec5d0931",
|
||||
"root": "testdata/certs/root_ca.crt"
|
||||
}
|
6
ca/identity/testdata/config/badroot.json
vendored
Normal file
6
ca/identity/testdata/config/badroot.json
vendored
Normal file
|
@ -0,0 +1,6 @@
|
|||
{
|
||||
"ca-url": "https://127.0.0.1",
|
||||
"ca-config": "testdata/config/ca.json",
|
||||
"fingerprint": "9dc35eef23a234b2520516a3169090d7ec2fc61323bdd6e4fde08bcfec5d0931",
|
||||
"root": "testdata/certs/missing.crt"
|
||||
}
|
Loading…
Reference in a new issue