forked from TrueCloudLab/certificates
Fix tests.
This commit is contained in:
Mariano Cano
parent
6d92ba75b9
commit
64f2615864
6 changed files with 25 additions and 20 deletions
|
|
@ -39,6 +39,11 @@ type Authority interface {
|
|||
// TimeDuration is an alias of provisioner.TimeDuration
|
||||
type TimeDuration = provisioner.TimeDuration
|
||||
|
||||
// NewTimeDuration returns a TimeDuration with the defined time.
|
||||
func NewTimeDuration(t time.Time) TimeDuration {
|
||||
return provisioner.NewTimeDuration(t)
|
||||
}
|
||||
|
||||
// ParseTimeDuration returns a new TimeDuration parsing the RFC 3339 time or
|
||||
// time.Duration string.
|
||||
func ParseTimeDuration(s string) (TimeDuration, error) {
|
||||
|
|
|
|||
|
|
@ -397,8 +397,8 @@ func TestSignRequest_Validate(t *testing.T) {
|
|||
s := &SignRequest{
|
||||
CsrPEM: tt.fields.CsrPEM,
|
||||
OTT: tt.fields.OTT,
|
||||
NotAfter: tt.fields.NotAfter,
|
||||
NotBefore: tt.fields.NotBefore,
|
||||
NotAfter: NewTimeDuration(tt.fields.NotAfter),
|
||||
NotBefore: NewTimeDuration(tt.fields.NotBefore),
|
||||
}
|
||||
if err := s.Validate(); (err != nil) != tt.wantErr {
|
||||
t.Errorf("SignRequest.Validate() error = %v, wantErr %v", err, tt.wantErr)
|
||||
|
|
|
|||
|
|
@ -89,8 +89,8 @@ func TestSign(t *testing.T) {
|
|||
|
||||
nb := time.Now()
|
||||
signOpts := provisioner.Options{
|
||||
NotBefore: nb,
|
||||
NotAfter: nb.Add(time.Minute * 5),
|
||||
NotBefore: provisioner.NewTimeDuration(nb),
|
||||
NotAfter: provisioner.NewTimeDuration(nb.Add(time.Minute * 5)),
|
||||
}
|
||||
|
||||
// Create a token to get test extra opts.
|
||||
|
|
@ -171,8 +171,8 @@ func TestSign(t *testing.T) {
|
|||
"fail provisioner duration claim": func(t *testing.T) *signTest {
|
||||
csr := getCSR(t, priv)
|
||||
_signOpts := provisioner.Options{
|
||||
NotBefore: nb,
|
||||
NotAfter: nb.Add(time.Hour * 25),
|
||||
NotBefore: provisioner.NewTimeDuration(nb),
|
||||
NotAfter: provisioner.NewTimeDuration(nb.Add(time.Hour * 25)),
|
||||
}
|
||||
return &signTest{
|
||||
auth: a,
|
||||
|
|
@ -229,8 +229,8 @@ func TestSign(t *testing.T) {
|
|||
}
|
||||
} else {
|
||||
if assert.Nil(t, tc.err) {
|
||||
assert.Equals(t, leaf.NotBefore, signOpts.NotBefore.UTC().Truncate(time.Second))
|
||||
assert.Equals(t, leaf.NotAfter, signOpts.NotAfter.UTC().Truncate(time.Second))
|
||||
assert.Equals(t, leaf.NotBefore, signOpts.NotBefore.Time().Truncate(time.Second))
|
||||
assert.Equals(t, leaf.NotAfter, signOpts.NotAfter.Time().Truncate(time.Second))
|
||||
tmplt := a.config.AuthorityConfig.Template
|
||||
assert.Equals(t, fmt.Sprintf("%v", leaf.Subject),
|
||||
fmt.Sprintf("%v", &pkix.Name{
|
||||
|
|
@ -300,13 +300,13 @@ func TestRenew(t *testing.T) {
|
|||
nb1 := now.Add(-time.Minute * 7)
|
||||
na1 := now
|
||||
so := &provisioner.Options{
|
||||
NotBefore: nb1,
|
||||
NotAfter: na1,
|
||||
NotBefore: provisioner.NewTimeDuration(nb1),
|
||||
NotAfter: provisioner.NewTimeDuration(na1),
|
||||
}
|
||||
|
||||
leaf, err := x509util.NewLeafProfile("renew", a.intermediateIdentity.Crt,
|
||||
a.intermediateIdentity.Key,
|
||||
x509util.WithNotBeforeAfterDuration(so.NotBefore, so.NotAfter, 0),
|
||||
x509util.WithNotBeforeAfterDuration(so.NotBefore.Time(), so.NotAfter.Time(), 0),
|
||||
withDefaultASN1DN(a.config.AuthorityConfig.Template),
|
||||
x509util.WithPublicKey(pub), x509util.WithHosts("test.smallstep.com,test"),
|
||||
withProvisionerOID("Max", a.config.AuthorityConfig.Provisioners[0].(*provisioner.JWK).Key.KeyID))
|
||||
|
|
@ -318,7 +318,7 @@ func TestRenew(t *testing.T) {
|
|||
|
||||
leafNoRenew, err := x509util.NewLeafProfile("norenew", a.intermediateIdentity.Crt,
|
||||
a.intermediateIdentity.Key,
|
||||
x509util.WithNotBeforeAfterDuration(so.NotBefore, so.NotAfter, 0),
|
||||
x509util.WithNotBeforeAfterDuration(so.NotBefore.Time(), so.NotAfter.Time(), 0),
|
||||
withDefaultASN1DN(a.config.AuthorityConfig.Template),
|
||||
x509util.WithPublicKey(pub), x509util.WithHosts("test.smallstep.com,test"),
|
||||
withProvisionerOID("dev", a.config.AuthorityConfig.Provisioners[2].(*provisioner.JWK).Key.KeyID),
|
||||
|
|
|
|||
|
|
@ -209,8 +209,8 @@ ZEp7knvU2psWRw==
|
|||
body, err := json.Marshal(&api.SignRequest{
|
||||
CsrPEM: api.CertificateRequest{CertificateRequest: csr},
|
||||
OTT: raw,
|
||||
NotBefore: now,
|
||||
NotAfter: leafExpiry,
|
||||
NotBefore: api.NewTimeDuration(now),
|
||||
NotAfter: api.NewTimeDuration(leafExpiry),
|
||||
})
|
||||
assert.FatalError(t, err)
|
||||
return &signTest{
|
||||
|
|
@ -242,8 +242,8 @@ ZEp7knvU2psWRw==
|
|||
body, err := json.Marshal(&api.SignRequest{
|
||||
CsrPEM: api.CertificateRequest{CertificateRequest: csr},
|
||||
OTT: raw,
|
||||
NotBefore: now,
|
||||
NotAfter: leafExpiry,
|
||||
NotBefore: api.NewTimeDuration(now),
|
||||
NotAfter: api.NewTimeDuration(leafExpiry),
|
||||
})
|
||||
assert.FatalError(t, err)
|
||||
return &signTest{
|
||||
|
|
|
|||
|
|
@ -257,8 +257,8 @@ func TestClient_Sign(t *testing.T) {
|
|||
request := &api.SignRequest{
|
||||
CsrPEM: api.CertificateRequest{CertificateRequest: parseCertificateRequest(csrPEM)},
|
||||
OTT: "the-ott",
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().AddDate(0, 1, 0),
|
||||
NotBefore: api.NewTimeDuration(time.Now()),
|
||||
NotAfter: api.NewTimeDuration(time.Now().AddDate(0, 1, 0)),
|
||||
}
|
||||
unauthorized := api.Unauthorized(fmt.Errorf("Unauthorized"))
|
||||
badRequest := api.BadRequest(fmt.Errorf("Bad Request"))
|
||||
|
|
|
|||
|
|
@ -95,8 +95,8 @@ func signDuration(srv *httptest.Server, domain string, duration time.Duration) (
|
|||
}
|
||||
|
||||
if duration > 0 {
|
||||
req.NotBefore = time.Now()
|
||||
req.NotAfter = req.NotBefore.Add(duration)
|
||||
req.NotBefore = api.NewTimeDuration(time.Now())
|
||||
req.NotAfter = api.NewTimeDuration(req.NotBefore.Time().Add(duration))
|
||||
}
|
||||
|
||||
client, err := NewClient(srv.URL, WithRootFile("testdata/secrets/root_ca.crt"))
|
||||
|
|
|
|||
Loading…
Reference in a new issue