forked from TrueCloudLab/certificates
Add revoke ssh unit test
This commit is contained in:
parent
ce9a23a0f7
commit
9c049eec5a
1 changed files with 43 additions and 2 deletions
|
@ -1301,8 +1301,11 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
a := testAuthority(t)
|
||||
|
||||
tlsRevokeCtx := provisioner.NewContextWithMethod(context.Background(), provisioner.RevokeMethod)
|
||||
|
||||
type test struct {
|
||||
auth *Authority
|
||||
ctx context.Context
|
||||
opts *RevokeOptions
|
||||
err error
|
||||
code int
|
||||
|
@ -1312,6 +1315,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
"fail/token/authorizeRevoke error": func() test {
|
||||
return test{
|
||||
auth: a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
OTT: "foo",
|
||||
Serial: "sn",
|
||||
|
@ -1336,6 +1340,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
return test{
|
||||
auth: a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Serial: "sn",
|
||||
ReasonCode: reasonCode,
|
||||
|
@ -1375,6 +1380,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
return test{
|
||||
auth: _a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Serial: "sn",
|
||||
ReasonCode: reasonCode,
|
||||
|
@ -1414,6 +1420,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
return test{
|
||||
auth: _a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Serial: "sn",
|
||||
ReasonCode: reasonCode,
|
||||
|
@ -1451,6 +1458,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
assert.FatalError(t, err)
|
||||
return test{
|
||||
auth: _a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Serial: "sn",
|
||||
ReasonCode: reasonCode,
|
||||
|
@ -1467,6 +1475,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
return test{
|
||||
auth: _a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Crt: crt,
|
||||
Serial: "102012593071130646873265215610956555026",
|
||||
|
@ -1491,6 +1500,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
return test{
|
||||
auth: _a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Crt: crt,
|
||||
Serial: "102012593071130646873265215610956555026",
|
||||
|
@ -1508,6 +1518,7 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
|
||||
return test{
|
||||
auth: _a,
|
||||
ctx: tlsRevokeCtx,
|
||||
opts: &RevokeOptions{
|
||||
Crt: crt,
|
||||
Serial: "102012593071130646873265215610956555026",
|
||||
|
@ -1517,12 +1528,42 @@ func TestAuthority_Revoke(t *testing.T) {
|
|||
},
|
||||
}
|
||||
},
|
||||
"ok/ssh": func() test {
|
||||
a := testAuthority(t, WithDatabase(&db.MockAuthDB{
|
||||
MRevoke: func(rci *db.RevokedCertificateInfo) error {
|
||||
return errors.New("Revoke was called")
|
||||
},
|
||||
MRevokeSSH: func(rci *db.RevokedCertificateInfo) error {
|
||||
return nil
|
||||
},
|
||||
}))
|
||||
|
||||
cl := jwt.Claims{
|
||||
Subject: "sn",
|
||||
Issuer: validIssuer,
|
||||
NotBefore: jwt.NewNumericDate(now),
|
||||
Expiry: jwt.NewNumericDate(now.Add(time.Minute)),
|
||||
Audience: validAudience,
|
||||
ID: "44",
|
||||
}
|
||||
raw, err := jwt.Signed(sig).Claims(cl).CompactSerialize()
|
||||
assert.FatalError(t, err)
|
||||
return test{
|
||||
auth: a,
|
||||
ctx: provisioner.NewContextWithMethod(context.Background(), provisioner.SSHRevokeMethod),
|
||||
opts: &RevokeOptions{
|
||||
Serial: "sn",
|
||||
ReasonCode: reasonCode,
|
||||
Reason: reason,
|
||||
OTT: raw,
|
||||
},
|
||||
}
|
||||
},
|
||||
}
|
||||
for name, f := range tests {
|
||||
tc := f()
|
||||
t.Run(name, func(t *testing.T) {
|
||||
ctx := provisioner.NewContextWithMethod(context.Background(), provisioner.RevokeMethod)
|
||||
if err := tc.auth.Revoke(ctx, tc.opts); err != nil {
|
||||
if err := tc.auth.Revoke(tc.ctx, tc.opts); err != nil {
|
||||
if assert.NotNil(t, tc.err, fmt.Sprintf("unexpected error: %s", err)) {
|
||||
sc, ok := err.(render.StatusCodedError)
|
||||
assert.Fatal(t, ok, "error does not implement StatusCodedError interface")
|
||||
|
|
Loading…
Reference in a new issue