certificates/sshutil/options_test.go

177 lines
4.8 KiB
Go
Raw Normal View History

package sshutil
import (
"bytes"
"encoding/base64"
"reflect"
"testing"
"github.com/pkg/errors"
"golang.org/x/crypto/ssh"
)
func Test_getFuncMap_fail(t *testing.T) {
var failMesage string
fns := getFuncMap(&failMesage)
fail := fns["fail"].(func(s string) (string, error))
s, err := fail("the fail message")
if err == nil {
t.Errorf("fail() error = %v, wantErr %v", err, errors.New("the fail message"))
}
if s != "" {
t.Errorf("fail() = \"%s\", want \"the fail message\"", s)
}
if failMesage != "the fail message" {
t.Errorf("fail() message = \"%s\", want \"the fail message\"", failMesage)
}
}
func TestWithTemplate(t *testing.T) {
key := mustGeneratePublicKey(t)
type args struct {
text string
data TemplateData
key ssh.PublicKey
}
tests := []struct {
name string
args args
want Options
wantErr bool
}{
{"user", args{DefaultCertificate, TemplateData{
TypeKey: "user",
KeyIDKey: "jane@doe.com",
PrincipalsKey: []string{"jane", "jane@doe.com"},
ExtensionsKey: DefaultExtensions(UserCert),
}, key}, Options{
CertBuffer: bytes.NewBufferString(`{
"type": "user",
"keyId": "jane@doe.com",
"principals": ["jane","jane@doe.com"],
"extensions": {"permit-X11-forwarding":"","permit-agent-forwarding":"","permit-port-forwarding":"","permit-pty":"","permit-user-rc":""}
}`)}, false},
{"host", args{DefaultCertificate, TemplateData{
TypeKey: "host",
KeyIDKey: "foo",
PrincipalsKey: []string{"foo.internal"},
}, key}, Options{
CertBuffer: bytes.NewBufferString(`{
"type": "host",
"keyId": "foo",
"principals": ["foo.internal"],
"extensions": null
}`)}, false},
{"fail", args{`{{ fail "a message" }}`, TemplateData{}, key}, Options{}, true},
{"failTemplate", args{`{{ fail "fatal error }}`, TemplateData{}, key}, Options{}, true},
{"error", args{`{{ mustHas 3 .Data }}`, TemplateData{
"Data": 3,
}, key}, Options{}, true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
var got Options
fn := WithTemplate(tt.args.text, tt.args.data)
if err := fn(tt.args.key, &got); (err != nil) != tt.wantErr {
t.Errorf("WithTemplate() error = %v, wantErr %v", err, tt.wantErr)
}
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("WithTemplate() = %v, want %v", got, tt.want)
}
})
}
}
func TestWithTemplateBase64(t *testing.T) {
key := mustGeneratePublicKey(t)
type args struct {
s string
data TemplateData
key ssh.PublicKey
}
tests := []struct {
name string
args args
want Options
wantErr bool
}{
{"host", args{base64.StdEncoding.EncodeToString([]byte(DefaultCertificate)), TemplateData{
TypeKey: "host",
KeyIDKey: "foo.internal",
PrincipalsKey: []string{"foo.internal", "bar.internal"},
ExtensionsKey: map[string]interface{}{"foo": "bar"},
}, key}, Options{
CertBuffer: bytes.NewBufferString(`{
"type": "host",
"keyId": "foo.internal",
"principals": ["foo.internal","bar.internal"],
"extensions": {"foo":"bar"}
}`)}, false},
{"badBase64", args{"foobar", TemplateData{}, key}, Options{}, true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
var got Options
fn := WithTemplateBase64(tt.args.s, tt.args.data)
if err := fn(tt.args.key, &got); (err != nil) != tt.wantErr {
t.Errorf("WithTemplateBase64() error = %v, wantErr %v", err, tt.wantErr)
}
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("WithTemplateBase64() = %v, want %v", got, tt.want)
}
})
}
}
func TestWithTemplateFile(t *testing.T) {
key := mustGeneratePublicKey(t)
data := TemplateData{
TypeKey: "user",
KeyIDKey: "jane@doe.com",
PrincipalsKey: []string{"jane", "jane@doe.com"},
ExtensionsKey: DefaultExtensions(UserCert),
InsecureKey: map[string]interface{}{
UserKey: map[string]interface{}{
"username": "jane",
},
},
}
type args struct {
path string
data TemplateData
key ssh.PublicKey
}
tests := []struct {
name string
args args
want Options
wantErr bool
}{
{"github.com", args{"./testdata/github.tpl", data, key}, Options{
CertBuffer: bytes.NewBufferString(`{
"type": "user",
"keyId": "jane@doe.com",
"principals": ["jane","jane@doe.com"],
"extensions": {"login@github.com":"jane","permit-X11-forwarding":"","permit-agent-forwarding":"","permit-port-forwarding":"","permit-pty":"","permit-user-rc":""}
}`),
}, false},
{"missing", args{"./testdata/missing.tpl", data, key}, Options{}, true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
var got Options
fn := WithTemplateFile(tt.args.path, tt.args.data)
if err := fn(tt.args.key, &got); (err != nil) != tt.wantErr {
t.Errorf("WithTemplateFile() error = %v, wantErr %v", err, tt.wantErr)
}
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("WithTemplateFile() = %v, want %v", got, tt.want)
}
})
}
}