forked from TrueCloudLab/certificates
more unit tests
This commit is contained in:
max furman
parent
df05340521
commit
b6ebc0fd25
11 changed files with 539 additions and 311 deletions
|
|
@ -28,7 +28,7 @@ var (
|
|||
}
|
||||
)
|
||||
|
||||
func newProv() provisioner.Interface {
|
||||
func newProv() acme.Provisioner {
|
||||
// Initialize provisioners
|
||||
p := &provisioner.ACME{
|
||||
Type: "ACME",
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package api
|
||||
|
||||
import (
|
||||
"context"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"encoding/json"
|
||||
|
|
@ -70,14 +71,28 @@ func NewHandler(ops HandlerOptions) api.RouterHandler {
|
|||
dialer := &net.Dialer{
|
||||
Timeout: 30 * time.Second,
|
||||
}
|
||||
resolver := &net.Resolver{
|
||||
// The DNS resolver can be configured for testing purposes with something
|
||||
// like this:
|
||||
//
|
||||
// PreferGo: true,
|
||||
// Dial: func(ctx context.Context, network, address string) (net.Conn, error) {
|
||||
// var d net.Dialer
|
||||
// return d.DialContext(ctx, "udp", "127.0.0.1:5333")
|
||||
// },
|
||||
}
|
||||
return &Handler{
|
||||
ca: ops.CA,
|
||||
db: ops.DB,
|
||||
backdate: ops.Backdate,
|
||||
linker: NewLinker(ops.DNS, ops.Prefix),
|
||||
validateChallengeOptions: &acme.ValidateChallengeOptions{
|
||||
HTTPGet: client.Get,
|
||||
LookupTxt: net.LookupTXT,
|
||||
HTTPGet: client.Get,
|
||||
LookupTxt: func(name string) ([]string, error) {
|
||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
||||
defer cancel()
|
||||
return resolver.LookupTXT(ctx, name)
|
||||
},
|
||||
TLSDial: func(network, addr string, config *tls.Config) (*tls.Conn, error) {
|
||||
return tls.DialWithDialer(dialer, network, addr, config)
|
||||
},
|
||||
|
|
@ -216,7 +231,8 @@ func (h *Handler) GetChallenge(w http.ResponseWriter, r *http.Request) {
|
|||
// strict enforcement would render these clients broken. For the time being
|
||||
// we'll just ignore the body.
|
||||
|
||||
ch, err := h.db.GetChallenge(ctx, chi.URLParam(r, "chID"), chi.URLParam(r, "authzID"))
|
||||
azID := chi.URLParam(r, "authzID")
|
||||
ch, err := h.db.GetChallenge(ctx, chi.URLParam(r, "chID"), azID)
|
||||
if err != nil {
|
||||
api.WriteError(w, acme.WrapErrorISE(err, "error retrieving challenge"))
|
||||
return
|
||||
|
|
@ -236,10 +252,10 @@ func (h *Handler) GetChallenge(w http.ResponseWriter, r *http.Request) {
|
|||
return
|
||||
}
|
||||
|
||||
h.linker.LinkChallenge(ctx, ch)
|
||||
h.linker.LinkChallenge(ctx, ch, azID)
|
||||
|
||||
w.Header().Add("Link", link(h.linker.GetLink(ctx, AuthzLinkType, true, ch.AuthzID), "up"))
|
||||
w.Header().Set("Location", h.linker.GetLink(ctx, ChallengeLinkType, true, ch.AuthzID, ch.ID))
|
||||
w.Header().Add("Link", link(h.linker.GetLink(ctx, AuthzLinkType, true, azID), "up"))
|
||||
w.Header().Set("Location", h.linker.GetLink(ctx, ChallengeLinkType, true, azID, ch.ID))
|
||||
api.JSON(w, ch)
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -126,20 +126,18 @@ func TestHandler_GetAuthorization(t *testing.T) {
|
|||
Wildcard: false,
|
||||
Challenges: []*acme.Challenge{
|
||||
{
|
||||
Type: "http-01",
|
||||
Status: "pending",
|
||||
Token: "tok2",
|
||||
URL: "https://ca.smallstep.com/acme/challenge/chHTTPID",
|
||||
ID: "chHTTP01ID",
|
||||
AuthzID: "authzID",
|
||||
Type: "http-01",
|
||||
Status: "pending",
|
||||
Token: "tok2",
|
||||
URL: "https://ca.smallstep.com/acme/challenge/chHTTPID",
|
||||
ID: "chHTTP01ID",
|
||||
},
|
||||
{
|
||||
Type: "dns-01",
|
||||
Status: "pending",
|
||||
Token: "tok2",
|
||||
URL: "https://ca.smallstep.com/acme/challenge/chDNSID",
|
||||
ID: "chDNSID",
|
||||
AuthzID: "authzID",
|
||||
Type: "dns-01",
|
||||
Status: "pending",
|
||||
Token: "tok2",
|
||||
URL: "https://ca.smallstep.com/acme/challenge/chDNSID",
|
||||
ID: "chDNSID",
|
||||
},
|
||||
},
|
||||
}
|
||||
|
|
@ -429,12 +427,11 @@ func TestHandler_GetCertificate(t *testing.T) {
|
|||
|
||||
func ch() acme.Challenge {
|
||||
return acme.Challenge{
|
||||
Type: "http-01",
|
||||
Status: "pending",
|
||||
Token: "tok2",
|
||||
URL: "https://ca.smallstep.com/acme/challenge/chID",
|
||||
ID: "chID",
|
||||
AuthzID: "authzID",
|
||||
Type: "http-01",
|
||||
Status: "pending",
|
||||
Token: "tok2",
|
||||
URL: "https://ca.smallstep.com/acme/challenge/chID",
|
||||
ID: "chID",
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -627,7 +624,6 @@ func TestHandler_GetChallenge(t *testing.T) {
|
|||
assert.Equals(t, azID, "authzID")
|
||||
return &acme.Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "authzID",
|
||||
Status: acme.StatusPending,
|
||||
Type: "http-01",
|
||||
AccountID: "accID",
|
||||
|
|
@ -643,7 +639,6 @@ func TestHandler_GetChallenge(t *testing.T) {
|
|||
},
|
||||
ch: &acme.Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "authzID",
|
||||
Status: acme.StatusPending,
|
||||
Type: "http-01",
|
||||
AccountID: "accID",
|
||||
|
|
@ -689,7 +684,7 @@ func TestHandler_GetChallenge(t *testing.T) {
|
|||
expB, err := json.Marshal(tc.ch)
|
||||
assert.FatalError(t, err)
|
||||
assert.Equals(t, bytes.TrimSpace(body), expB)
|
||||
assert.Equals(t, res.Header["Link"], []string{fmt.Sprintf("<%s/acme/%s/authz/%s>;rel=\"up\"", baseURL, provName, tc.ch.AuthzID)})
|
||||
assert.Equals(t, res.Header["Link"], []string{fmt.Sprintf("<%s/acme/%s/authz/%s>;rel=\"up\"", baseURL, provName, "authzID")})
|
||||
assert.Equals(t, res.Header["Location"], []string{url})
|
||||
assert.Equals(t, res.Header["Content-Type"], []string{"application/json"})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ type Linker interface {
|
|||
|
||||
LinkOrder(ctx context.Context, o *acme.Order)
|
||||
LinkAccount(ctx context.Context, o *acme.Account)
|
||||
LinkChallenge(ctx context.Context, o *acme.Challenge)
|
||||
LinkChallenge(ctx context.Context, o *acme.Challenge, azID string)
|
||||
LinkAuthorization(ctx context.Context, o *acme.Authorization)
|
||||
LinkOrdersByAccountID(ctx context.Context, orders []string)
|
||||
}
|
||||
|
|
@ -164,14 +164,14 @@ func (l *linker) LinkAccount(ctx context.Context, acc *acme.Account) {
|
|||
}
|
||||
|
||||
// LinkChallenge sets the ACME links required by an ACME challenge.
|
||||
func (l *linker) LinkChallenge(ctx context.Context, ch *acme.Challenge) {
|
||||
ch.URL = l.GetLink(ctx, ChallengeLinkType, true, ch.AuthzID, ch.ID)
|
||||
func (l *linker) LinkChallenge(ctx context.Context, ch *acme.Challenge, azID string) {
|
||||
ch.URL = l.GetLink(ctx, ChallengeLinkType, true, azID, ch.ID)
|
||||
}
|
||||
|
||||
// LinkAuthorization sets the ACME links required by an ACME authorization.
|
||||
func (l *linker) LinkAuthorization(ctx context.Context, az *acme.Authorization) {
|
||||
for _, ch := range az.Challenges {
|
||||
l.LinkChallenge(ctx, ch)
|
||||
l.LinkChallenge(ctx, ch, az.ID)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -214,17 +214,16 @@ func TestLinker_LinkChallenge(t *testing.T) {
|
|||
var tests = map[string]test{
|
||||
"ok": {
|
||||
ch: &acme.Challenge{
|
||||
ID: chID,
|
||||
AuthzID: azID,
|
||||
ID: chID,
|
||||
},
|
||||
validate: func(ch *acme.Challenge) {
|
||||
assert.Equals(t, ch.URL, fmt.Sprintf("%s/%s/%s/challenge/%s/%s", baseURL, linkerPrefix, provName, ch.AuthzID, ch.ID))
|
||||
assert.Equals(t, ch.URL, fmt.Sprintf("%s/%s/%s/challenge/%s/%s", baseURL, linkerPrefix, provName, azID, ch.ID))
|
||||
},
|
||||
},
|
||||
}
|
||||
for name, tc := range tests {
|
||||
t.Run(name, func(t *testing.T) {
|
||||
l.LinkChallenge(ctx, tc.ch)
|
||||
l.LinkChallenge(ctx, tc.ch, azID)
|
||||
tc.validate(tc.ch)
|
||||
})
|
||||
}
|
||||
|
|
@ -252,9 +251,9 @@ func TestLinker_LinkAuthorization(t *testing.T) {
|
|||
az: &acme.Authorization{
|
||||
ID: azID,
|
||||
Challenges: []*acme.Challenge{
|
||||
{ID: chID0, AuthzID: azID},
|
||||
{ID: chID1, AuthzID: azID},
|
||||
{ID: chID2, AuthzID: azID},
|
||||
{ID: chID0},
|
||||
{ID: chID1},
|
||||
{ID: chID2},
|
||||
},
|
||||
},
|
||||
validate: func(az *acme.Authorization) {
|
||||
|
|
|
|||
|
|
@ -59,6 +59,7 @@ func (f *FinalizeRequest) Validate() error {
|
|||
}
|
||||
|
||||
var defaultOrderExpiry = time.Hour * 24
|
||||
var defaultOrderBackdate = time.Minute
|
||||
|
||||
// NewOrder ACME api for creating a new order.
|
||||
func (h *Handler) NewOrder(w http.ResponseWriter, r *http.Request) {
|
||||
|
|
@ -90,22 +91,23 @@ func (h *Handler) NewOrder(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
now := clock.Now()
|
||||
expiry := now.Add(defaultOrderExpiry)
|
||||
// New order.
|
||||
o := &acme.Order{
|
||||
AccountID: acc.ID,
|
||||
ProvisionerID: prov.GetID(),
|
||||
Status: acme.StatusPending,
|
||||
ExpiresAt: expiry,
|
||||
Identifiers: nor.Identifiers,
|
||||
AccountID: acc.ID,
|
||||
ProvisionerID: prov.GetID(),
|
||||
Status: acme.StatusPending,
|
||||
Identifiers: nor.Identifiers,
|
||||
ExpiresAt: now.Add(defaultOrderExpiry),
|
||||
AuthorizationIDs: make([]string, len(nor.Identifiers)),
|
||||
NotBefore: nor.NotBefore,
|
||||
NotAfter: nor.NotAfter,
|
||||
}
|
||||
|
||||
o.AuthorizationIDs = make([]string, len(o.Identifiers))
|
||||
for i, identifier := range o.Identifiers {
|
||||
az := &acme.Authorization{
|
||||
AccountID: acc.ID,
|
||||
Identifier: identifier,
|
||||
ExpiresAt: expiry,
|
||||
ExpiresAt: o.ExpiresAt,
|
||||
Status: acme.StatusPending,
|
||||
}
|
||||
if err := h.newAuthorization(ctx, az); err != nil {
|
||||
|
|
@ -121,6 +123,9 @@ func (h *Handler) NewOrder(w http.ResponseWriter, r *http.Request) {
|
|||
if o.NotAfter.IsZero() {
|
||||
o.NotAfter = o.NotBefore.Add(prov.DefaultTLSCertDuration())
|
||||
}
|
||||
if nor.NotBefore.IsZero() {
|
||||
o.NotBefore.Add(-defaultOrderBackdate)
|
||||
}
|
||||
|
||||
if err := h.db.CreateOrder(ctx, o); err != nil {
|
||||
api.WriteError(w, acme.WrapErrorISE(err, "error creating order"))
|
||||
|
|
@ -155,19 +160,17 @@ func (h *Handler) newAuthorization(ctx context.Context, az *acme.Authorization)
|
|||
if err != nil {
|
||||
return acme.WrapErrorISE(err, "error generating random alphanumeric ID")
|
||||
}
|
||||
|
||||
az.Challenges = make([]*acme.Challenge, len(chTypes))
|
||||
for i, typ := range chTypes {
|
||||
ch := &acme.Challenge{
|
||||
AccountID: az.AccountID,
|
||||
AuthzID: az.ID,
|
||||
Value: az.Identifier.Value,
|
||||
Type: typ,
|
||||
Token: az.Token,
|
||||
Status: acme.StatusPending,
|
||||
}
|
||||
if err := h.db.CreateChallenge(ctx, ch); err != nil {
|
||||
return err
|
||||
return acme.WrapErrorISE(err, "error creating challenge")
|
||||
}
|
||||
az.Challenges[i] = ch
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ import (
|
|||
"time"
|
||||
|
||||
"github.com/go-chi/chi"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/smallstep/assert"
|
||||
"github.com/smallstep/certificates/acme"
|
||||
"go.step.sm/crypto/pemutil"
|
||||
|
|
@ -374,33 +375,221 @@ func TestHandler_GetOrder(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
/*
|
||||
func TestHandler_NewOrder(t *testing.T) {
|
||||
expiry := time.Now().UTC().Add(6 * time.Hour)
|
||||
nbf := time.Now().UTC().Add(5 * time.Hour)
|
||||
naf := nbf.Add(17 * time.Hour)
|
||||
o := acme.Order{
|
||||
ID: "orderID",
|
||||
ExpiresAt: expiry,
|
||||
NotBefore: nbf,
|
||||
NotAfter: naf,
|
||||
Identifiers: []acme.Identifier{
|
||||
{Type: "dns", Value: "example.com"},
|
||||
{Type: "dns", Value: "bar.com"},
|
||||
},
|
||||
Status: "pending",
|
||||
AuthorizationURLs: []string{"foo", "bar"},
|
||||
func TestHandler_newAuthorization(t *testing.T) {
|
||||
type test struct {
|
||||
az *acme.Authorization
|
||||
db acme.DB
|
||||
err *acme.Error
|
||||
}
|
||||
var tests = map[string]func(t *testing.T) test{
|
||||
"fail/error-db.CreateChallenge": func(t *testing.T) test {
|
||||
az := &acme.Authorization{
|
||||
AccountID: "accID",
|
||||
Identifier: acme.Identifier{
|
||||
Type: "dns",
|
||||
Value: "zap.internal",
|
||||
},
|
||||
}
|
||||
return test{
|
||||
db: &acme.MockDB{
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
assert.Equals(t, ch.AccountID, az.AccountID)
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
assert.Equals(t, ch.Token, az.Token)
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, az.Identifier.Value)
|
||||
return errors.New("force")
|
||||
},
|
||||
},
|
||||
az: az,
|
||||
err: acme.NewErrorISE("error creating challenge: force"),
|
||||
}
|
||||
},
|
||||
"fail/error-db.CreateAuthorization": func(t *testing.T) test {
|
||||
az := &acme.Authorization{
|
||||
AccountID: "accID",
|
||||
Identifier: acme.Identifier{
|
||||
Type: "dns",
|
||||
Value: "zap.internal",
|
||||
},
|
||||
Status: acme.StatusPending,
|
||||
ExpiresAt: clock.Now(),
|
||||
}
|
||||
count := 0
|
||||
var ch1, ch2, ch3 **acme.Challenge
|
||||
return test{
|
||||
db: &acme.MockDB{
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
switch count {
|
||||
case 0:
|
||||
ch.ID = "dns"
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
ch1 = &ch
|
||||
case 1:
|
||||
ch.ID = "http"
|
||||
assert.Equals(t, ch.Type, "http-01")
|
||||
ch2 = &ch
|
||||
case 2:
|
||||
ch.ID = "tls"
|
||||
assert.Equals(t, ch.Type, "tls-alpn-01")
|
||||
ch3 = &ch
|
||||
default:
|
||||
assert.FatalError(t, errors.New("test logic error"))
|
||||
return errors.New("force")
|
||||
}
|
||||
count++
|
||||
assert.Equals(t, ch.AccountID, az.AccountID)
|
||||
assert.Equals(t, ch.Token, az.Token)
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, az.Identifier.Value)
|
||||
return nil
|
||||
},
|
||||
MockCreateAuthorization: func(ctx context.Context, _az *acme.Authorization) error {
|
||||
assert.Equals(t, _az.AccountID, az.AccountID)
|
||||
assert.Equals(t, _az.Token, az.Token)
|
||||
assert.Equals(t, _az.Status, acme.StatusPending)
|
||||
assert.Equals(t, _az.Identifier, az.Identifier)
|
||||
assert.Equals(t, _az.ExpiresAt, az.ExpiresAt)
|
||||
assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3})
|
||||
assert.Equals(t, _az.Wildcard, false)
|
||||
return errors.New("force")
|
||||
},
|
||||
},
|
||||
az: az,
|
||||
err: acme.NewErrorISE("error creating authorization: force"),
|
||||
}
|
||||
},
|
||||
"ok/no-wildcard": func(t *testing.T) test {
|
||||
az := &acme.Authorization{
|
||||
AccountID: "accID",
|
||||
Identifier: acme.Identifier{
|
||||
Type: "dns",
|
||||
Value: "zap.internal",
|
||||
},
|
||||
Status: acme.StatusPending,
|
||||
ExpiresAt: clock.Now(),
|
||||
}
|
||||
count := 0
|
||||
var ch1, ch2, ch3 **acme.Challenge
|
||||
return test{
|
||||
db: &acme.MockDB{
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
switch count {
|
||||
case 0:
|
||||
ch.ID = "dns"
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
ch1 = &ch
|
||||
case 1:
|
||||
ch.ID = "http"
|
||||
assert.Equals(t, ch.Type, "http-01")
|
||||
ch2 = &ch
|
||||
case 2:
|
||||
ch.ID = "tls"
|
||||
assert.Equals(t, ch.Type, "tls-alpn-01")
|
||||
ch3 = &ch
|
||||
default:
|
||||
assert.FatalError(t, errors.New("test logic error"))
|
||||
return errors.New("force")
|
||||
}
|
||||
count++
|
||||
assert.Equals(t, ch.AccountID, az.AccountID)
|
||||
assert.Equals(t, ch.Token, az.Token)
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, az.Identifier.Value)
|
||||
return nil
|
||||
},
|
||||
MockCreateAuthorization: func(ctx context.Context, _az *acme.Authorization) error {
|
||||
assert.Equals(t, _az.AccountID, az.AccountID)
|
||||
assert.Equals(t, _az.Token, az.Token)
|
||||
assert.Equals(t, _az.Status, acme.StatusPending)
|
||||
assert.Equals(t, _az.Identifier, az.Identifier)
|
||||
assert.Equals(t, _az.ExpiresAt, az.ExpiresAt)
|
||||
assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3})
|
||||
assert.Equals(t, _az.Wildcard, false)
|
||||
return nil
|
||||
},
|
||||
},
|
||||
az: az,
|
||||
}
|
||||
},
|
||||
"ok/wildcard": func(t *testing.T) test {
|
||||
az := &acme.Authorization{
|
||||
AccountID: "accID",
|
||||
Identifier: acme.Identifier{
|
||||
Type: "dns",
|
||||
Value: "*.zap.internal",
|
||||
},
|
||||
Status: acme.StatusPending,
|
||||
ExpiresAt: clock.Now(),
|
||||
}
|
||||
var ch1 **acme.Challenge
|
||||
return test{
|
||||
db: &acme.MockDB{
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
ch.ID = "dns"
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
assert.Equals(t, ch.AccountID, az.AccountID)
|
||||
assert.Equals(t, ch.Token, az.Token)
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, "zap.internal")
|
||||
ch1 = &ch
|
||||
return nil
|
||||
},
|
||||
MockCreateAuthorization: func(ctx context.Context, _az *acme.Authorization) error {
|
||||
assert.Equals(t, _az.AccountID, az.AccountID)
|
||||
assert.Equals(t, _az.Token, az.Token)
|
||||
assert.Equals(t, _az.Status, acme.StatusPending)
|
||||
assert.Equals(t, _az.Identifier, acme.Identifier{
|
||||
Type: "dns",
|
||||
Value: "zap.internal",
|
||||
})
|
||||
assert.Equals(t, _az.ExpiresAt, az.ExpiresAt)
|
||||
assert.Equals(t, _az.Challenges, []*acme.Challenge{*ch1})
|
||||
assert.Equals(t, _az.Wildcard, true)
|
||||
return nil
|
||||
},
|
||||
},
|
||||
az: az,
|
||||
}
|
||||
},
|
||||
}
|
||||
for name, run := range tests {
|
||||
t.Run(name, func(t *testing.T) {
|
||||
tc := run(t)
|
||||
h := &Handler{db: tc.db}
|
||||
if err := h.newAuthorization(context.Background(), tc.az); err != nil {
|
||||
if assert.NotNil(t, tc.err) {
|
||||
switch k := err.(type) {
|
||||
case *acme.Error:
|
||||
assert.Equals(t, k.Type, tc.err.Type)
|
||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||
assert.Equals(t, k.Status, tc.err.Status)
|
||||
assert.Equals(t, k.Err.Error(), tc.err.Err.Error())
|
||||
assert.Equals(t, k.Detail, tc.err.Detail)
|
||||
default:
|
||||
assert.FatalError(t, errors.New("unexpected error type"))
|
||||
}
|
||||
}
|
||||
} else {
|
||||
assert.Nil(t, tc.err)
|
||||
}
|
||||
})
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
func TestHandler_NewOrder(t *testing.T) {
|
||||
// Request with chi context
|
||||
prov := newProv()
|
||||
provName := url.PathEscape(prov.GetName())
|
||||
baseURL := &url.URL{Scheme: "https", Host: "test.ca.smallstep.com"}
|
||||
url := fmt.Sprintf("%s/acme/%s/new-order",
|
||||
url := fmt.Sprintf("%s/acme/%s/order/ordID",
|
||||
baseURL.String(), provName)
|
||||
|
||||
type test struct {
|
||||
db acme.DB
|
||||
ctx context.Context
|
||||
nor *NewOrderRequest
|
||||
statusCode int
|
||||
err *acme.Error
|
||||
}
|
||||
|
|
@ -422,33 +611,43 @@ func TestHandler_NewOrder(t *testing.T) {
|
|||
}
|
||||
},
|
||||
"fail/no-provisioner": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
acc := &acme.Account{ID: "accountID"}
|
||||
ctx := context.WithValue(context.Background(), accContextKey, acc)
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 500,
|
||||
err: acme.NewErrorISE("provisioner expected in request context"),
|
||||
err: acme.NewErrorISE("provisioner does not exist"),
|
||||
}
|
||||
},
|
||||
"fail/nil-provisioner": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
acc := &acme.Account{ID: "accountID"}
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, nil)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 500,
|
||||
err: acme.NewErrorISE("provisioner expected in request context"),
|
||||
err: acme.NewErrorISE("provisioner does not exist"),
|
||||
}
|
||||
},
|
||||
"fail/no-payload": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accountID"}
|
||||
ctx := context.WithValue(context.Background(), accContextKey, acc)
|
||||
ctx = context.WithValue(ctx, provisionerContextKey, prov)
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 500,
|
||||
err: acme.NewErrorISE("payload does not exist"),
|
||||
}
|
||||
},
|
||||
"fail/nil-payload": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
acc := &acme.Account{ID: "accountID"}
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, prov)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
ctx = context.WithValue(ctx, payloadContextKey, nil)
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 500,
|
||||
err: acme.NewErrorISE("payload expected in request context"),
|
||||
err: acme.NewErrorISE("paylod does not exist"),
|
||||
}
|
||||
},
|
||||
"fail/unmarshal-payload-error": func(t *testing.T) test {
|
||||
|
|
@ -464,8 +663,8 @@ func TestHandler_NewOrder(t *testing.T) {
|
|||
},
|
||||
"fail/malformed-payload-error": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
nor := &NewOrderRequest{}
|
||||
b, err := json.Marshal(nor)
|
||||
fr := &NewOrderRequest{}
|
||||
b, err := json.Marshal(fr)
|
||||
assert.FatalError(t, err)
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, prov)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
|
|
@ -476,86 +675,179 @@ func TestHandler_NewOrder(t *testing.T) {
|
|||
err: acme.NewError(acme.ErrorMalformedType, "identifiers list cannot be empty"),
|
||||
}
|
||||
},
|
||||
"fail/NewOrder-error": func(t *testing.T) test {
|
||||
"fail/error-h.newAuthorization": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
nor := &NewOrderRequest{
|
||||
fr := &NewOrderRequest{
|
||||
Identifiers: []acme.Identifier{
|
||||
{Type: "dns", Value: "example.com"},
|
||||
{Type: "dns", Value: "bar.com"},
|
||||
{Type: "dns", Value: "zap.internal"},
|
||||
},
|
||||
}
|
||||
b, err := json.Marshal(nor)
|
||||
b, err := json.Marshal(fr)
|
||||
assert.FatalError(t, err)
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, prov)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b})
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 500,
|
||||
db: &acme.MockDB{
|
||||
MockCreateOrder: func(ctx context.Context, o *acme.Order) error {
|
||||
return acme.NewError(acme.ErrorMalformedType, "force")
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
assert.Equals(t, ch.AccountID, "accID")
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
assert.NotEquals(t, ch.Token, "")
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, "zap.internal")
|
||||
return errors.New("force")
|
||||
},
|
||||
},
|
||||
ctx: ctx,
|
||||
statusCode: 400,
|
||||
err: acme.NewError(acme.ErrorMalformedType, "force"),
|
||||
err: acme.NewErrorISE("error creating challenge: force"),
|
||||
}
|
||||
},
|
||||
"ok": func(t *testing.T) test {
|
||||
"fail/error-db.CreateOrder": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
nor := &NewOrderRequest{
|
||||
fr := &NewOrderRequest{
|
||||
Identifiers: []acme.Identifier{
|
||||
{Type: "dns", Value: "example.com"},
|
||||
{Type: "dns", Value: "bar.com"},
|
||||
{Type: "dns", Value: "zap.internal"},
|
||||
},
|
||||
NotBefore: nbf,
|
||||
NotAfter: naf,
|
||||
}
|
||||
b, err := json.Marshal(nor)
|
||||
b, err := json.Marshal(fr)
|
||||
assert.FatalError(t, err)
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, prov)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b})
|
||||
var (
|
||||
ch1, ch2, ch3 **acme.Challenge
|
||||
az1ID *string
|
||||
count = 0
|
||||
)
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 500,
|
||||
db: &acme.MockDB{
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
switch count {
|
||||
case 0:
|
||||
ch.ID = "dns"
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
ch1 = &ch
|
||||
case 1:
|
||||
ch.ID = "http"
|
||||
assert.Equals(t, ch.Type, "http-01")
|
||||
ch2 = &ch
|
||||
case 2:
|
||||
ch.ID = "tls"
|
||||
assert.Equals(t, ch.Type, "tls-alpn-01")
|
||||
ch3 = &ch
|
||||
default:
|
||||
assert.FatalError(t, errors.New("test logic error"))
|
||||
return errors.New("force")
|
||||
}
|
||||
count++
|
||||
assert.Equals(t, ch.AccountID, "accID")
|
||||
assert.NotEquals(t, ch.Token, "")
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, "zap.internal")
|
||||
return nil
|
||||
},
|
||||
MockCreateAuthorization: func(ctx context.Context, az *acme.Authorization) error {
|
||||
az.ID = "az1ID"
|
||||
az1ID = &az.ID
|
||||
assert.Equals(t, az.AccountID, "accID")
|
||||
assert.NotEquals(t, az.Token, "")
|
||||
assert.Equals(t, az.Status, acme.StatusPending)
|
||||
assert.Equals(t, az.Identifier, fr.Identifiers[0])
|
||||
assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3})
|
||||
assert.Equals(t, az.Wildcard, false)
|
||||
return nil
|
||||
},
|
||||
MockCreateOrder: func(ctx context.Context, o *acme.Order) error {
|
||||
assert.Equals(t, o.AccountID, "accID")
|
||||
assert.Equals(t, o.ProvisionerID, prov.GetID())
|
||||
assert.Equals(t, o.Status, acme.StatusPending)
|
||||
assert.Equals(t, o.Identifiers, fr.Identifiers)
|
||||
assert.Equals(t, o.AuthorizationIDs, []string{*az1ID})
|
||||
return errors.New("force")
|
||||
},
|
||||
},
|
||||
err: acme.NewErrorISE("error creating order: force"),
|
||||
}
|
||||
},
|
||||
"ok/no-naf-nbf": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
fr := &NewOrderRequest{
|
||||
Identifiers: []acme.Identifier{
|
||||
{Type: "dns", Value: "zap.internal"},
|
||||
},
|
||||
}
|
||||
b, err := json.Marshal(fr)
|
||||
assert.FatalError(t, err)
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, prov)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b})
|
||||
ctx = context.WithValue(ctx, baseURLContextKey, baseURL)
|
||||
var (
|
||||
ch1, ch2, ch3 **acme.Challenge
|
||||
az1ID *string
|
||||
count = 0
|
||||
)
|
||||
return test{
|
||||
ctx: ctx,
|
||||
statusCode: 201,
|
||||
nor: fr,
|
||||
db: &acme.MockDB{
|
||||
MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
|
||||
switch count {
|
||||
case 0:
|
||||
ch.ID = "dns"
|
||||
assert.Equals(t, ch.Type, "dns-01")
|
||||
ch1 = &ch
|
||||
case 1:
|
||||
ch.ID = "http"
|
||||
assert.Equals(t, ch.Type, "http-01")
|
||||
ch2 = &ch
|
||||
case 2:
|
||||
ch.ID = "tls"
|
||||
assert.Equals(t, ch.Type, "tls-alpn-01")
|
||||
ch3 = &ch
|
||||
default:
|
||||
assert.FatalError(t, errors.New("test logic error"))
|
||||
return errors.New("force")
|
||||
}
|
||||
count++
|
||||
assert.Equals(t, ch.AccountID, "accID")
|
||||
assert.NotEquals(t, ch.Token, "")
|
||||
assert.Equals(t, ch.Status, acme.StatusPending)
|
||||
assert.Equals(t, ch.Value, "zap.internal")
|
||||
return nil
|
||||
},
|
||||
MockCreateAuthorization: func(ctx context.Context, az *acme.Authorization) error {
|
||||
az.ID = "az1ID"
|
||||
az1ID = &az.ID
|
||||
assert.Equals(t, az.AccountID, "accID")
|
||||
assert.NotEquals(t, az.Token, "")
|
||||
assert.Equals(t, az.Status, acme.StatusPending)
|
||||
assert.Equals(t, az.Identifier, fr.Identifiers[0])
|
||||
assert.Equals(t, az.Challenges, []*acme.Challenge{*ch1, *ch2, *ch3})
|
||||
assert.Equals(t, az.Wildcard, false)
|
||||
return nil
|
||||
},
|
||||
MockCreateOrder: func(ctx context.Context, o *acme.Order) error {
|
||||
o.ID = "orderID"
|
||||
o.ID = "ordID"
|
||||
assert.Equals(t, o.AccountID, "accID")
|
||||
assert.Equals(t, o.ProvisionerID, prov.GetID())
|
||||
assert.Equals(t, o.Status, acme.StatusPending)
|
||||
assert.Equals(t, o.Identifiers, fr.Identifiers)
|
||||
assert.Equals(t, o.AuthorizationIDs, []string{*az1ID})
|
||||
return nil
|
||||
},
|
||||
},
|
||||
ctx: ctx,
|
||||
statusCode: 201,
|
||||
}
|
||||
},
|
||||
"ok/default-naf-nbf": func(t *testing.T) test {
|
||||
acc := &acme.Account{ID: "accID"}
|
||||
nor := &NewOrderRequest{
|
||||
Identifiers: []acme.Identifier{
|
||||
{Type: "dns", Value: "example.com"},
|
||||
{Type: "dns", Value: "bar.com"},
|
||||
},
|
||||
}
|
||||
b, err := json.Marshal(nor)
|
||||
assert.FatalError(t, err)
|
||||
ctx := context.WithValue(context.Background(), provisionerContextKey, prov)
|
||||
ctx = context.WithValue(ctx, accContextKey, acc)
|
||||
ctx = context.WithValue(ctx, payloadContextKey, &payloadInfo{value: b})
|
||||
ctx = context.WithValue(ctx, baseURLContextKey, baseURL)
|
||||
return test{
|
||||
db: &acme.MockDB{
|
||||
MockCreateOrder: func(ctx context.Context, o *acme.Order) error {
|
||||
return nil
|
||||
},
|
||||
},
|
||||
ctx: ctx,
|
||||
statusCode: 201,
|
||||
}
|
||||
},
|
||||
}
|
||||
for name, run := range tests {
|
||||
tc := run(t)
|
||||
t.Run(name, func(t *testing.T) {
|
||||
h := &Handler{linker: NewLinker("dns", "prefix"), db: tc.db}
|
||||
h := &Handler{linker: NewLinker("dns", "acme"), db: tc.db}
|
||||
req := httptest.NewRequest("GET", url, nil)
|
||||
req = req.WithContext(tc.ctx)
|
||||
w := httptest.NewRecorder()
|
||||
|
|
@ -578,18 +870,30 @@ func TestHandler_NewOrder(t *testing.T) {
|
|||
assert.Equals(t, ae.Subproblems, tc.err.Subproblems)
|
||||
assert.Equals(t, res.Header["Content-Type"], []string{"application/problem+json"})
|
||||
} else {
|
||||
expB, err := json.Marshal(o)
|
||||
assert.FatalError(t, err)
|
||||
assert.Equals(t, bytes.TrimSpace(body), expB)
|
||||
assert.Equals(t, res.Header["Location"],
|
||||
[]string{fmt.Sprintf("%s/acme/%s/order/%s", baseURL.String(),
|
||||
provName, o.ID)})
|
||||
ro := new(acme.Order)
|
||||
err = json.Unmarshal(body, ro)
|
||||
|
||||
now := clock.Now()
|
||||
orderExpiry := now.Add(defaultOrderExpiry)
|
||||
certExpiry := now.Add(prov.DefaultTLSCertDuration())
|
||||
|
||||
assert.Equals(t, ro.ID, "ordID")
|
||||
assert.Equals(t, ro.Status, acme.StatusPending)
|
||||
assert.Equals(t, ro.Identifiers, tc.nor.Identifiers)
|
||||
assert.Equals(t, ro.AuthorizationURLs, []string{"https://test.ca.smallstep.com/acme/test@acme-provisioner.com/authz/az1ID"})
|
||||
assert.True(t, ro.NotBefore.Add(-time.Minute).Before(now))
|
||||
assert.True(t, ro.NotBefore.Add(time.Minute).After(now))
|
||||
assert.True(t, ro.NotAfter.Add(-time.Minute).Before(certExpiry))
|
||||
assert.True(t, ro.NotAfter.Add(time.Minute).After(certExpiry))
|
||||
assert.True(t, ro.ExpiresAt.Add(-time.Minute).Before(orderExpiry))
|
||||
assert.True(t, ro.ExpiresAt.Add(time.Minute).After(orderExpiry))
|
||||
|
||||
assert.Equals(t, res.Header["Location"], []string{url})
|
||||
assert.Equals(t, res.Header["Content-Type"], []string{"application/json"})
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
func TestHandler_FinalizeOrder(t *testing.T) {
|
||||
now := clock.Now()
|
||||
|
|
|
|||
|
|
@ -29,7 +29,6 @@ type Challenge struct {
|
|||
URL string `json:"url"`
|
||||
Error *Error `json:"error,omitempty"`
|
||||
ID string `json:"-"`
|
||||
AuthzID string `json:"-"`
|
||||
AccountID string `json:"-"`
|
||||
Value string `json:"-"`
|
||||
}
|
||||
|
|
|
|||
|
|
@ -39,17 +39,15 @@ func Test_storeError(t *testing.T) {
|
|||
tests := map[string]func(t *testing.T) test{
|
||||
"fail/db.UpdateChallenge-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
return test{
|
||||
ch: ch,
|
||||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -66,17 +64,15 @@ func Test_storeError(t *testing.T) {
|
|||
},
|
||||
"fail/db.UpdateChallenge-acme-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
return test{
|
||||
ch: ch,
|
||||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -93,17 +89,15 @@ func Test_storeError(t *testing.T) {
|
|||
},
|
||||
"ok": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
return test{
|
||||
ch: ch,
|
||||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -236,12 +230,11 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
},
|
||||
"fail/http-01": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
Status: StatusPending,
|
||||
AuthzID: "azID",
|
||||
Type: "http-01",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Status: StatusPending,
|
||||
Type: "http-01",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -254,7 +247,6 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
|
|
@ -274,12 +266,11 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
},
|
||||
"ok/http-01": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
Status: StatusPending,
|
||||
AuthzID: "azID",
|
||||
Type: "http-01",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Status: StatusPending,
|
||||
Type: "http-01",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -292,7 +283,6 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
|
|
@ -311,12 +301,11 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
},
|
||||
"fail/dns-01": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
Type: "dns-01",
|
||||
Status: StatusPending,
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Type: "dns-01",
|
||||
Status: StatusPending,
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -329,7 +318,6 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
|
|
@ -350,12 +338,11 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
},
|
||||
"ok/dns-01": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
Type: "dns-01",
|
||||
Status: StatusPending,
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Type: "dns-01",
|
||||
Status: StatusPending,
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -368,7 +355,6 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
|
|
@ -388,12 +374,11 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
},
|
||||
"fail/tls-alpn-01": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Type: "tls-alpn-01",
|
||||
Status: StatusPending,
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Type: "tls-alpn-01",
|
||||
Status: StatusPending,
|
||||
Value: "zap.internal",
|
||||
}
|
||||
return test{
|
||||
ch: ch,
|
||||
|
|
@ -405,7 +390,6 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -426,12 +410,11 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
},
|
||||
"ok/tls-alpn-01": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Type: "tls-alpn-01",
|
||||
Status: StatusPending,
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Type: "tls-alpn-01",
|
||||
Status: StatusPending,
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -455,7 +438,6 @@ func TestChallenge_Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -517,10 +499,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
tests := map[string]func(t *testing.T) test{
|
||||
"fail/http-get-error-store-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -533,7 +514,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorConnectionType, "error doing http GET for url http://zap.internal/.well-known/acme-challenge/%s: force", ch.Token)
|
||||
|
|
@ -550,10 +530,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"ok/http-get-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -566,7 +545,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorConnectionType, "error doing http GET for url http://zap.internal/.well-known/acme-challenge/%s: force", ch.Token)
|
||||
|
|
@ -582,10 +560,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/http-get->=400-store-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -600,7 +577,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorConnectionType, "error doing http GET for url http://zap.internal/.well-known/acme-challenge/%s with status code 400", ch.Token)
|
||||
|
|
@ -617,10 +593,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"ok/http-get->=400": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -635,7 +610,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorConnectionType, "error doing http GET for url http://zap.internal/.well-known/acme-challenge/%s with status code 400", ch.Token)
|
||||
|
|
@ -651,10 +625,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/read-body": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -671,10 +644,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/key-auth-gen-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -695,10 +667,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"ok/key-auth-mismatch": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -719,7 +690,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -737,10 +707,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/key-auth-mismatch-store-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -761,7 +730,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -780,10 +748,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/update-challenge-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -804,7 +771,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
assert.Equals(t, updch.Status, StatusValid)
|
||||
|
|
@ -823,10 +789,9 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
},
|
||||
"ok": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: "zap.internal",
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -847,7 +812,6 @@ func TestHTTP01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -900,10 +864,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
tests := map[string]func(t *testing.T) test{
|
||||
"fail/lookupTXT-store-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -916,7 +879,6 @@ func TestDNS01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorDNSType, "error looking up TXT records for domain %s: force", domain)
|
||||
|
|
@ -934,10 +896,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
},
|
||||
"ok/lookupTXT-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
return test{
|
||||
|
|
@ -950,7 +911,6 @@ func TestDNS01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorDNSType, "error looking up TXT records for domain %s: force", domain)
|
||||
|
|
@ -967,10 +927,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/key-auth-gen-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -990,10 +949,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/key-auth-mismatch-store-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -1012,7 +970,6 @@ func TestDNS01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorRejectedIdentifierType, "keyAuthorization does not match; expected %s, but got %s", expKeyAuth, []string{"foo", "bar"})
|
||||
|
|
@ -1031,10 +988,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
},
|
||||
"ok/key-auth-mismatch-store-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -1053,7 +1009,6 @@ func TestDNS01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
|
||||
err := NewError(ErrorRejectedIdentifierType, "keyAuthorization does not match; expected %s, but got %s", expKeyAuth, []string{"foo", "bar"})
|
||||
|
|
@ -1071,10 +1026,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
},
|
||||
"fail/update-challenge-error": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -1095,7 +1049,6 @@ func TestDNS01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -1116,10 +1069,9 @@ func TestDNS01Validate(t *testing.T) {
|
|||
},
|
||||
"ok": func(t *testing.T) test {
|
||||
ch := &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Value: fulldomain,
|
||||
}
|
||||
|
||||
jwk, err := jose.GenerateJWK("EC", "P-256", "ES256", "sig", "", 0)
|
||||
|
|
@ -1140,7 +1092,6 @@ func TestDNS01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Value, ch.Value)
|
||||
|
||||
|
|
@ -1277,12 +1228,11 @@ func newTLSALPNValidationCert(keyAuthHash []byte, obsoleteOID, critical bool, na
|
|||
func TestTLSALPN01Validate(t *testing.T) {
|
||||
makeTLSCh := func() *Challenge {
|
||||
return &Challenge{
|
||||
ID: "chID",
|
||||
AuthzID: "azID",
|
||||
Token: "token",
|
||||
Type: "tls-alpn-01",
|
||||
Status: StatusPending,
|
||||
Value: "zap.internal",
|
||||
ID: "chID",
|
||||
Token: "token",
|
||||
Type: "tls-alpn-01",
|
||||
Status: StatusPending,
|
||||
Value: "zap.internal",
|
||||
}
|
||||
}
|
||||
type test struct {
|
||||
|
|
@ -1306,7 +1256,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1337,7 +1286,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1369,7 +1317,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1401,7 +1348,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1432,7 +1378,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1469,7 +1414,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1507,7 +1451,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1552,7 +1495,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1596,7 +1538,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1641,7 +1582,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1685,7 +1625,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1752,7 +1691,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1792,7 +1730,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1837,7 +1774,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1881,7 +1817,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1922,7 +1857,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -1962,7 +1896,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -2008,7 +1941,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -2055,7 +1987,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -2102,7 +2033,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -2147,7 +2077,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
@ -2193,7 +2122,6 @@ func TestTLSALPN01Validate(t *testing.T) {
|
|||
db: &MockDB{
|
||||
MockUpdateChallenge: func(ctx context.Context, updch *Challenge) error {
|
||||
assert.Equals(t, updch.ID, ch.ID)
|
||||
assert.Equals(t, updch.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, updch.Token, ch.Token)
|
||||
assert.Equals(t, updch.Status, ch.Status)
|
||||
assert.Equals(t, updch.Type, ch.Type)
|
||||
|
|
|
|||
|
|
@ -13,7 +13,6 @@ import (
|
|||
type dbChallenge struct {
|
||||
ID string `json:"id"`
|
||||
AccountID string `json:"accountID"`
|
||||
AuthzID string `json:"authzID"`
|
||||
Type string `json:"type"`
|
||||
Status acme.Status `json:"status"`
|
||||
Token string `json:"token"`
|
||||
|
|
@ -54,7 +53,6 @@ func (db *DB) CreateChallenge(ctx context.Context, ch *acme.Challenge) error {
|
|||
|
||||
dbch := &dbChallenge{
|
||||
ID: ch.ID,
|
||||
AuthzID: ch.AuthzID,
|
||||
AccountID: ch.AccountID,
|
||||
Value: ch.Value,
|
||||
Status: acme.StatusPending,
|
||||
|
|
@ -77,7 +75,6 @@ func (db *DB) GetChallenge(ctx context.Context, id, authzID string) (*acme.Chall
|
|||
ch := &acme.Challenge{
|
||||
ID: dbch.ID,
|
||||
AccountID: dbch.AccountID,
|
||||
AuthzID: dbch.AuthzID,
|
||||
Type: dbch.Type,
|
||||
Value: dbch.Value,
|
||||
Status: dbch.Status,
|
||||
|
|
|
|||
|
|
@ -66,7 +66,6 @@ func TestDB_getDBChallenge(t *testing.T) {
|
|||
dbc := &dbChallenge{
|
||||
ID: chID,
|
||||
AccountID: "accountID",
|
||||
AuthzID: "authzID",
|
||||
Type: "dns-01",
|
||||
Status: acme.StatusPending,
|
||||
Token: "token",
|
||||
|
|
@ -113,7 +112,6 @@ func TestDB_getDBChallenge(t *testing.T) {
|
|||
if assert.Nil(t, tc.err) {
|
||||
assert.Equals(t, ch.ID, tc.dbc.ID)
|
||||
assert.Equals(t, ch.AccountID, tc.dbc.AccountID)
|
||||
assert.Equals(t, ch.AuthzID, tc.dbc.AuthzID)
|
||||
assert.Equals(t, ch.Type, tc.dbc.Type)
|
||||
assert.Equals(t, ch.Status, tc.dbc.Status)
|
||||
assert.Equals(t, ch.Token, tc.dbc.Token)
|
||||
|
|
@ -137,7 +135,6 @@ func TestDB_CreateChallenge(t *testing.T) {
|
|||
"fail/cmpAndSwap-error": func(t *testing.T) test {
|
||||
ch := &acme.Challenge{
|
||||
AccountID: "accountID",
|
||||
AuthzID: "authzID",
|
||||
Type: "dns-01",
|
||||
Status: acme.StatusPending,
|
||||
Token: "token",
|
||||
|
|
@ -154,7 +151,6 @@ func TestDB_CreateChallenge(t *testing.T) {
|
|||
assert.FatalError(t, json.Unmarshal(nu, dbc))
|
||||
assert.Equals(t, dbc.ID, string(key))
|
||||
assert.Equals(t, dbc.AccountID, ch.AccountID)
|
||||
assert.Equals(t, dbc.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, dbc.Type, ch.Type)
|
||||
assert.Equals(t, dbc.Status, ch.Status)
|
||||
assert.Equals(t, dbc.Token, ch.Token)
|
||||
|
|
@ -174,7 +170,6 @@ func TestDB_CreateChallenge(t *testing.T) {
|
|||
idPtr = &id
|
||||
ch = &acme.Challenge{
|
||||
AccountID: "accountID",
|
||||
AuthzID: "authzID",
|
||||
Type: "dns-01",
|
||||
Status: acme.StatusPending,
|
||||
Token: "token",
|
||||
|
|
@ -195,7 +190,6 @@ func TestDB_CreateChallenge(t *testing.T) {
|
|||
assert.FatalError(t, json.Unmarshal(nu, dbc))
|
||||
assert.Equals(t, dbc.ID, string(key))
|
||||
assert.Equals(t, dbc.AccountID, ch.AccountID)
|
||||
assert.Equals(t, dbc.AuthzID, ch.AuthzID)
|
||||
assert.Equals(t, dbc.Type, ch.Type)
|
||||
assert.Equals(t, dbc.Status, ch.Status)
|
||||
assert.Equals(t, dbc.Token, ch.Token)
|
||||
|
|
@ -266,7 +260,6 @@ func TestDB_GetChallenge(t *testing.T) {
|
|||
dbc := &dbChallenge{
|
||||
ID: chID,
|
||||
AccountID: "accountID",
|
||||
AuthzID: azID,
|
||||
Type: "dns-01",
|
||||
Status: acme.StatusPending,
|
||||
Token: "token",
|
||||
|
|
@ -313,7 +306,6 @@ func TestDB_GetChallenge(t *testing.T) {
|
|||
if assert.Nil(t, tc.err) {
|
||||
assert.Equals(t, ch.ID, tc.dbc.ID)
|
||||
assert.Equals(t, ch.AccountID, tc.dbc.AccountID)
|
||||
assert.Equals(t, ch.AuthzID, tc.dbc.AuthzID)
|
||||
assert.Equals(t, ch.Type, tc.dbc.Type)
|
||||
assert.Equals(t, ch.Status, tc.dbc.Status)
|
||||
assert.Equals(t, ch.Token, tc.dbc.Token)
|
||||
|
|
@ -331,7 +323,6 @@ func TestDB_UpdateChallenge(t *testing.T) {
|
|||
dbc := &dbChallenge{
|
||||
ID: chID,
|
||||
AccountID: "accountID",
|
||||
AuthzID: "azID",
|
||||
Type: "dns-01",
|
||||
Status: acme.StatusPending,
|
||||
Token: "token",
|
||||
|
|
@ -390,7 +381,6 @@ func TestDB_UpdateChallenge(t *testing.T) {
|
|||
assert.FatalError(t, json.Unmarshal(nu, dbNew))
|
||||
assert.Equals(t, dbNew.ID, dbc.ID)
|
||||
assert.Equals(t, dbNew.AccountID, dbc.AccountID)
|
||||
assert.Equals(t, dbNew.AuthzID, dbc.AuthzID)
|
||||
assert.Equals(t, dbNew.Type, dbc.Type)
|
||||
assert.Equals(t, dbNew.Status, updCh.Status)
|
||||
assert.Equals(t, dbNew.Token, dbc.Token)
|
||||
|
|
@ -408,7 +398,6 @@ func TestDB_UpdateChallenge(t *testing.T) {
|
|||
updCh := &acme.Challenge{
|
||||
ID: dbc.ID,
|
||||
AccountID: dbc.AccountID,
|
||||
AuthzID: dbc.AuthzID,
|
||||
Type: dbc.Type,
|
||||
Token: dbc.Token,
|
||||
Value: dbc.Value,
|
||||
|
|
@ -437,7 +426,6 @@ func TestDB_UpdateChallenge(t *testing.T) {
|
|||
assert.FatalError(t, json.Unmarshal(nu, dbNew))
|
||||
assert.Equals(t, dbNew.ID, dbc.ID)
|
||||
assert.Equals(t, dbNew.AccountID, dbc.AccountID)
|
||||
assert.Equals(t, dbNew.AuthzID, dbc.AuthzID)
|
||||
assert.Equals(t, dbNew.Type, dbc.Type)
|
||||
assert.Equals(t, dbNew.Token, dbc.Token)
|
||||
assert.Equals(t, dbNew.Value, dbc.Value)
|
||||
|
|
@ -463,7 +451,6 @@ func TestDB_UpdateChallenge(t *testing.T) {
|
|||
if assert.Nil(t, tc.err) {
|
||||
assert.Equals(t, tc.ch.ID, dbc.ID)
|
||||
assert.Equals(t, tc.ch.AccountID, dbc.AccountID)
|
||||
assert.Equals(t, tc.ch.AuthzID, dbc.AuthzID)
|
||||
assert.Equals(t, tc.ch.Type, dbc.Type)
|
||||
assert.Equals(t, tc.ch.Token, dbc.Token)
|
||||
assert.Equals(t, tc.ch.Value, dbc.Value)
|
||||
|
|
|
|||
Loading…
Reference in a new issue