Add AuthorizeChallenge unit tests

2022-08-24 12:31:09 -07:00 · 2022-08-24 12:31:09 -07:00 · df96b126dc
commit df96b126dc
parent bca311b05e
2 changed files with 125 additions and 4 deletions
--- a/acme/api/order_test.go
+++ b/acme/api/order_test.go
@ -500,8 +500,10 @@ func TestHandler_GetOrder(t *testing.T) {
 }
 func TestHandler_newAuthorization(t *testing.T) {
 	defaultProvisioner := newProv()
 	type test struct {
 		az   *acme.Authorization
 		prov acme.Provisioner
 		db   acme.DB
 		err  *acme.Error
 	}
@ -515,6 +517,7 @@ func TestHandler_newAuthorization(t *testing.T) {
 				},
 			}
 			return test{
 				prov: defaultProvisioner,
 				db: &acme.MockDB{
 					MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
 						assert.Equals(t, ch.AccountID, az.AccountID)
@ -542,6 +545,7 @@ func TestHandler_newAuthorization(t *testing.T) {
 			count := 0
 			var ch1, ch2, ch3 **acme.Challenge
 			return test{
 				prov: defaultProvisioner,
 				db: &acme.MockDB{
 					MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
 						switch count {
@ -596,6 +600,7 @@ func TestHandler_newAuthorization(t *testing.T) {
 			count := 0
 			var ch1, ch2, ch3 **acme.Challenge
 			return test{
 				prov: defaultProvisioner,
 				db: &acme.MockDB{
 					MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
 						switch count {
@ -648,6 +653,7 @@ func TestHandler_newAuthorization(t *testing.T) {
 			}
 			var ch1 **acme.Challenge
 			return test{
 				prov: defaultProvisioner,
 				db: &acme.MockDB{
 					MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
 						ch.ID = "dns"
@ -676,12 +682,86 @@ func TestHandler_newAuthorization(t *testing.T) {
 				az: az,
 			}
 		},
 		"ok/permanent-identifier-disabled": func(t *testing.T) test {
 			az := &acme.Authorization{
 				AccountID: "accID",
 				Identifier: acme.Identifier{
 					Type:  "permanent-identifier",
 					Value: "7b53aa19-26f7-4fac-824f-7a781de0dab0",
 				},
 				Status:    acme.StatusPending,
 				ExpiresAt: clock.Now(),
 			}
 			return test{
 				prov: defaultProvisioner,
 				db: &acme.MockDB{
 					MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
 						t.Errorf("createChallenge should not be called")
 						return nil
 					},
 					MockCreateAuthorization: func(ctx context.Context, _az *acme.Authorization) error {
 						assert.Equals(t, _az.AccountID, az.AccountID)
 						assert.Equals(t, _az.Token, az.Token)
 						assert.Equals(t, _az.Status, acme.StatusPending)
 						assert.Equals(t, _az.Identifier, az.Identifier)
 						assert.Equals(t, _az.ExpiresAt, az.ExpiresAt)
 						assert.Equals(t, _az.Challenges, []*acme.Challenge{})
 						assert.Equals(t, _az.Wildcard, false)
 						return nil
 					},
 				},
 				az: az,
 			}
 		},
 		"ok/permanent-identifier-enabled": func(t *testing.T) test {
 			var ch1 *acme.Challenge
 			az := &acme.Authorization{
 				AccountID: "accID",
 				Identifier: acme.Identifier{
 					Type:  "permanent-identifier",
 					Value: "7b53aa19-26f7-4fac-824f-7a781de0dab0",
 				},
 				Status:    acme.StatusPending,
 				ExpiresAt: clock.Now(),
 			}
 			deviceAttestProv := newProv()
 			deviceAttestProv.(*provisioner.ACME).Challenges = []string{string(acme.DEVICEATTEST01)}
 			return test{
 				prov: deviceAttestProv,
 				db: &acme.MockDB{
 					MockCreateChallenge: func(ctx context.Context, ch *acme.Challenge) error {
 						ch.ID = "997bacc2-c175-4214-a3b4-a229ada5f671"
 						assert.Equals(t, ch.Type, acme.DEVICEATTEST01)
 						assert.Equals(t, ch.AccountID, az.AccountID)
 						assert.Equals(t, ch.Token, az.Token)
 						assert.Equals(t, ch.Status, acme.StatusPending)
 						assert.Equals(t, ch.Value, "7b53aa19-26f7-4fac-824f-7a781de0dab0")
 						ch1 = ch
 						return nil
 					},
 					MockCreateAuthorization: func(ctx context.Context, _az *acme.Authorization) error {
 						assert.Equals(t, _az.AccountID, az.AccountID)
 						assert.Equals(t, _az.Token, az.Token)
 						assert.Equals(t, _az.Status, acme.StatusPending)
 						assert.Equals(t, _az.Identifier, az.Identifier)
 						assert.Equals(t, _az.ExpiresAt, az.ExpiresAt)
 						assert.Equals(t, _az.Challenges, []*acme.Challenge{ch1})
 						assert.Equals(t, _az.Wildcard, false)
 						return nil
 					},
 				},
 				az: az,
 			}
 		},
 	}
 	for name, run := range tests {
 		t.Run(name, func(t *testing.T) {
 			if name == "ok/permanent-identifier-enabled" {
 				println(1)
 			}
 			tc := run(t)
 			ctx := newBaseContext(context.Background(), tc.db)
-			ctx = acme.NewProvisionerContext(ctx, newProv())
+			ctx = acme.NewProvisionerContext(ctx, tc.prov)
 			if err := newAuthorization(ctx, tc.az); err != nil {
 				if assert.NotNil(t, tc.err) {
 					switch k := err.(type) {
--- a/authority/provisioner/acme_test.go
+++ b/authority/provisioner/acme_test.go
@ -204,3 +204,44 @@ func TestACME_AuthorizeSign(t *testing.T) {
 		})
 	}
 }
 func TestACME_AuthorizeChallenge(t *testing.T) {
 	ctx := context.Background()
 	type fields struct {
 		Challenges []string
 	}
 	type args struct {
 		ctx       context.Context
 		challenge string
 	}
 	tests := []struct {
 		name    string
 		fields  fields
 		args    args
 		wantErr bool
 	}{
 		{"ok http-01", fields{nil}, args{ctx, "http-01"}, false},
 		{"ok dns-01", fields{nil}, args{ctx, "dns-01"}, false},
 		{"ok tls-alpn-01", fields{[]string{}}, args{ctx, "tls-alpn-01"}, false},
 		{"fail device-attest-01", fields{[]string{}}, args{ctx, "device-attest-01"}, true},
 		{"ok http-01 enabled", fields{[]string{"http-01"}}, args{ctx, "http-01"}, false},
 		{"ok dns-01 enabled", fields{[]string{"http-01", "dns-01"}}, args{ctx, "dns-01"}, false},
 		{"ok tls-alpn-01 enabled", fields{[]string{"http-01", "dns-01", "tls-alpn-01"}}, args{ctx, "tls-alpn-01"}, false},
 		{"ok device-attest-01 enabled", fields{[]string{"device-attest-01", "dns-01"}}, args{ctx, "device-attest-01"}, false},
 		{"fail http-01", fields{[]string{"dns-01"}}, args{ctx, "http-01"}, true},
 		{"fail dns-01", fields{[]string{"http-01", "tls-alpn-01"}}, args{ctx, "dns-01"}, true},
 		{"fail tls-alpn-01", fields{[]string{"http-01", "dns-01", "device-attest-01"}}, args{ctx, "tls-alpn-01"}, true},
 		{"fail device-attest-01", fields{[]string{"http-01", "dns-01"}}, args{ctx, "device-attest-01"}, true},
 		{"fail unknown", fields{[]string{"http-01", "dns-01", "tls-alpn-01", "device-attest-01"}}, args{ctx, "unknown"}, true},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			p := &ACME{
 				Challenges: tt.fields.Challenges,
 			}
 			if err := p.AuthorizeChallenge(tt.args.ctx, tt.args.challenge); (err != nil) != tt.wantErr {
 				t.Errorf("ACME.AuthorizeChallenge() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
 	}
 }