forked from TrueCloudLab/certificates
Fix some tests.
This commit is contained in:
Mariano Cano
parent
bcaba4f72a
commit
1671ab2590
3 changed files with 17 additions and 15 deletions
|
|
@ -7,6 +7,7 @@ import (
|
|||
|
||||
"github.com/pkg/errors"
|
||||
"github.com/smallstep/assert"
|
||||
"github.com/smallstep/certificates/authority/provisioner"
|
||||
stepJOSE "github.com/smallstep/cli/jose"
|
||||
)
|
||||
|
||||
|
|
@ -16,25 +17,25 @@ func testAuthority(t *testing.T) *Authority {
|
|||
clijwk, err := stepJOSE.ParseKey("testdata/secrets/step_cli_key_pub.jwk")
|
||||
assert.FatalError(t, err)
|
||||
disableRenewal := true
|
||||
p := []*Provisioner{
|
||||
{
|
||||
p := []*provisioner.Provisioner{
|
||||
provisioner.New(&provisioner.JWK{
|
||||
Name: "Max",
|
||||
Type: "JWK",
|
||||
Key: maxjwk,
|
||||
},
|
||||
{
|
||||
}),
|
||||
provisioner.New(&provisioner.JWK{
|
||||
Name: "step-cli",
|
||||
Type: "JWK",
|
||||
Key: clijwk,
|
||||
},
|
||||
{
|
||||
}),
|
||||
provisioner.New(&provisioner.JWK{
|
||||
Name: "dev",
|
||||
Type: "JWK",
|
||||
Key: maxjwk,
|
||||
Claims: &ProvisionerClaims{
|
||||
Claims: &provisioner.Claims{
|
||||
DisableRenewal: &disableRenewal,
|
||||
},
|
||||
},
|
||||
}),
|
||||
}
|
||||
c := &Config{
|
||||
Address: "127.0.0.1:443",
|
||||
|
|
@ -113,11 +114,11 @@ func TestAuthorityNew(t *testing.T) {
|
|||
assert.True(t, auth.initOnce)
|
||||
assert.NotNil(t, auth.intermediateIdentity)
|
||||
for _, p := range tc.config.AuthorityConfig.Provisioners {
|
||||
_p, ok := auth.provisionerIDIndex.Load(p.ID())
|
||||
_p, ok := auth.provisioners.Load(p.ID())
|
||||
assert.True(t, ok)
|
||||
assert.Equals(t, p, _p)
|
||||
if len(p.EncryptedKey) > 0 {
|
||||
key, ok := auth.encryptedKeyIndex.Load(p.Key.KeyID)
|
||||
key, ok := auth.provisioners.LoadEncryptedKey(p.Key.KeyID)
|
||||
assert.True(t, ok)
|
||||
assert.Equals(t, p.EncryptedKey, key)
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,31 +10,31 @@ import (
|
|||
|
||||
func TestProvisionerInit(t *testing.T) {
|
||||
type ProvisionerValidateTest struct {
|
||||
p *Provisioner
|
||||
p *JWK
|
||||
err error
|
||||
}
|
||||
tests := map[string]func(*testing.T) ProvisionerValidateTest{
|
||||
"fail-empty-name": func(t *testing.T) ProvisionerValidateTest {
|
||||
return ProvisionerValidateTest{
|
||||
p: &Provisioner{},
|
||||
p: &JWK{},
|
||||
err: errors.New("provisioner name cannot be empty"),
|
||||
}
|
||||
},
|
||||
"fail-empty-type": func(t *testing.T) ProvisionerValidateTest {
|
||||
return ProvisionerValidateTest{
|
||||
p: &Provisioner{Name: "foo"},
|
||||
p: &JWK{Name: "foo"},
|
||||
err: errors.New("provisioner type cannot be empty"),
|
||||
}
|
||||
},
|
||||
"fail-empty-key": func(t *testing.T) ProvisionerValidateTest {
|
||||
return ProvisionerValidateTest{
|
||||
p: &Provisioner{Name: "foo", Type: "bar"},
|
||||
p: &JWK{Name: "foo", Type: "bar"},
|
||||
err: errors.New("provisioner key cannot be empty"),
|
||||
}
|
||||
},
|
||||
"ok": func(t *testing.T) ProvisionerValidateTest {
|
||||
return ProvisionerValidateTest{
|
||||
p: &Provisioner{Name: "foo", Type: "bar", Key: &jose.JSONWebKey{}},
|
||||
p: &JWK{Name: "foo", Type: "bar", Key: &jose.JSONWebKey{}},
|
||||
}
|
||||
},
|
||||
}
|
||||
|
|
|
|||
|
|
@ -144,6 +144,7 @@ func (a *Authority) Sign(csr *x509.CertificateRequest, signOpts SignOptions, ext
|
|||
http.StatusInternalServerError, errContext}
|
||||
}
|
||||
|
||||
// FIXME: This should be before creating the certificate.
|
||||
for _, v := range certValidators {
|
||||
if err := v.Valid(serverCert); err != nil {
|
||||
return nil, nil, err
|
||||
|
|
|
|||
Loading…
Reference in a new issue