Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
influxdb/chronograf/oauth2/github_test.go

116 lines
2.7 KiB
Go
Raw Normal View History

Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
package oauth2_test
import (
"encoding/json"
"net/http"
"net/http/httptest"
"testing"
chore: rename imports from platform to influxdb I did this with a dumb editor macro, so some comments changed too. Also rename root package from platform to influxdb. In interest of minimizing risk, anyone importing the root package has now aliased it to "platform" so that no changes beyond imports were necessary in those files. Lastly, replace the old platform module to local path /dev/null so that nobody can accidentally reintroduce a platform dependency while migrating platform code to influxdb.
2019-01-08 00:37:16 +00:00
"github.com/influxdata/influxdb/chronograf"
"github.com/influxdata/influxdb/chronograf/oauth2"
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
)
func TestGithubPrincipalID(t *testing.T) {
t.Parallel()
expected := []struct {
Email string `json:"email"`
Primary bool `json:"primary"`
Verified bool `json:"verified"`
}{
Fix the github oauth2 implementation with multiple emails If an account had multiple emails, the current implementation would always select the first one regardless of any other settings. This fixes it so it only chooses the primary email address that is verified. This also fixes the generic oauth2 to require verified and primary to be true if they are present. If they are not present, they are not required.
2018-04-11 18:27:15 +00:00
{"mcfly@example.com", false, true},
{"martymcspelledwrong@example.com", false, false},
{"martymcfly@example.com", true, true},
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
}
mockAPI := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
if r.URL.Path != "/user/emails" {
rw.WriteHeader(http.StatusNotFound)
return
}
enc := json.NewEncoder(rw)
rw.WriteHeader(http.StatusOK)
_ = enc.Encode(expected)
}))
defer mockAPI.Close()
feat(vault): add vault implementation of secret service test(platform): run testcontainer integration tests for nightly release Integration tests for the vault secret service using testcontiners should not run along with unit tests, however, they should run on some regular schedule. This commit introduces `make test-integration` which runs integration tests for vault using testcontainers. The command introduced relies on docker being available on the host it is executed on. chore(platform): make go modules tidy chore: try to fix go mod chore(platform): remove explicit logrus dependency chore(platform): run go mod tidy chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus chore(platform): update docker dependency feat(vault): add vault implementation of secret service test(platform): run testcontainer integration tests for nightly release Integration tests for the vault secret service using testcontiners should not run along with unit tests, however, they should run on some regular schedule. This commit introduces `make test-integration` which runs integration tests for vault using testcontainers. The command introduced relies on docker being available on the host it is executed on. chore(platform): make go modules tidy chore: try to fix go mod chore(platform): run go mod tidy feat(vault): add vault implementation of secret service chore(platform): make go modules tidy feat(platform): add Put/Patch/Delete methods on secret service feat(vault): add Put/Patch/Delete methods on vault secret service feat(http): add http handler methods for secret service feat(bolt): add Put/Delete/Patch methods to bolt secret service feat(testing): add tests for Put/Patch/Delete methods in secret service feat(mock): add mock secret service feat(http): add tests for secrets endpoints feat(http): update swagger for secrets endpoints chore: run go mod tidy
2018-11-16 16:45:00 +00:00
logger := &chronograf.NoopLogger{}
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
prov := oauth2.Github{
Logger: logger,
}
Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
tt, err := oauth2.NewTestTripper(logger, mockAPI, http.DefaultTransport)
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
if err != nil {
t.Fatal("Error initializing TestTripper: err:", err)
}
tc := &http.Client{
Transport: tt,
}
email, err := prov.PrincipalID(tc)
if err != nil {
t.Fatal("Unexpected error while retrieiving PrincipalID: err:", err)
}
Fix the github oauth2 implementation with multiple emails If an account had multiple emails, the current implementation would always select the first one regardless of any other settings. This fixes it so it only chooses the primary email address that is verified. This also fixes the generic oauth2 to require verified and primary to be true if they are present. If they are not present, they are not required.
2018-04-11 18:27:15 +00:00
if got, want := email, "martymcfly@example.com"; got != want {
t.Fatal("Retrieved email was not as expected. Want:", want, "Got:", got)
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
}
}
func TestGithubPrincipalIDOrganization(t *testing.T) {
t.Parallel()
expectedUser := []struct {
Email string `json:"email"`
Primary bool `json:"primary"`
Verified bool `json:"verified"`
}{
Fix the github oauth2 implementation with multiple emails If an account had multiple emails, the current implementation would always select the first one regardless of any other settings. This fixes it so it only chooses the primary email address that is verified. This also fixes the generic oauth2 to require verified and primary to be true if they are present. If they are not present, they are not required.
2018-04-11 18:27:15 +00:00
{"martymcfly@example.com", true, true},
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
}
expectedOrg := []struct {
Login string `json:"login"`
}{
{"Hill Valley Preservation Society"},
}
mockAPI := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
if r.URL.Path == "/user/emails" {
enc := json.NewEncoder(rw)
rw.WriteHeader(http.StatusOK)
_ = enc.Encode(expectedUser)
return
}
if r.URL.Path == "/user/orgs" {
enc := json.NewEncoder(rw)
rw.WriteHeader(http.StatusOK)
_ = enc.Encode(expectedOrg)
return
}
rw.WriteHeader(http.StatusNotFound)
}))
defer mockAPI.Close()
feat(vault): add vault implementation of secret service test(platform): run testcontainer integration tests for nightly release Integration tests for the vault secret service using testcontiners should not run along with unit tests, however, they should run on some regular schedule. This commit introduces `make test-integration` which runs integration tests for vault using testcontainers. The command introduced relies on docker being available on the host it is executed on. chore(platform): make go modules tidy chore: try to fix go mod chore(platform): remove explicit logrus dependency chore(platform): run go mod tidy chore(platform): replace github.com/Sirupsen/logrus with github.com/sirupsen/logrus chore(platform): update docker dependency feat(vault): add vault implementation of secret service test(platform): run testcontainer integration tests for nightly release Integration tests for the vault secret service using testcontiners should not run along with unit tests, however, they should run on some regular schedule. This commit introduces `make test-integration` which runs integration tests for vault using testcontainers. The command introduced relies on docker being available on the host it is executed on. chore(platform): make go modules tidy chore: try to fix go mod chore(platform): run go mod tidy feat(vault): add vault implementation of secret service chore(platform): make go modules tidy feat(platform): add Put/Patch/Delete methods on secret service feat(vault): add Put/Patch/Delete methods on vault secret service feat(http): add http handler methods for secret service feat(bolt): add Put/Delete/Patch methods to bolt secret service feat(testing): add tests for Put/Patch/Delete methods in secret service feat(mock): add mock secret service feat(http): add tests for secrets endpoints feat(http): update swagger for secrets endpoints chore: run go mod tidy
2018-11-16 16:45:00 +00:00
logger := &chronograf.NoopLogger{}
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
prov := oauth2.Github{
Logger: logger,
Orgs: []string{"Hill Valley Preservation Society"},
}
Add new auth duration CLI option; add client heartbeat; fix logout (#1119) * User can now set oauth cookie session duration via the CLI to any duration or to expire on browser close * Refactor GET 'me' into heartbeat at constant interval * Add ping route to all routes * Add /chronograf/v1/ping endpoint for server status * Refactor cookie generation to use an interface * WIP adding refreshable tokens * Add reminder to review index.js Login error handling * Refactor Authenticator interface to accommodate cookie duration and logout delay * Update make run-dev to be more TICKStack compliant * Remove heartbeat/logout duration from authentication * WIP Refactor tests to accommodate cookie and auth refactor * Update oauth2 tests to newly refactored design * Update oauth provider tests * Remove unused oauth2/consts.go * Move authentication middleware to server package * Fix authentication comment * Update authenication documentation to mention AUTH_DURATION * Update /chronograf/v1/ping to simply return 204 * Fix Makefile run-dev target * Remove spurious ping route * Update auth docs to clarify authentication duration * Revert "Refactor GET 'me' into heartbeat at constant interval" This reverts commit 298a8c47e1431720d9bd97a9cb853744f04501a3. Conflicts: ui/src/index.js * Add auth test for JWT signing method * Add comments for why coverage isn't written for some areas of jwt code * Update auth docs to explicitly mention how to require re-auth for all users on server restart * Add Duration to Validation interface for Tokens * Make auth duration of zero yield a everlasting token * Revert "Revert "Refactor GET 'me' into heartbeat at constant interval"" This reverts commit b4773c15afe4fcd227ad88aa9d5686beb6b0a6cd. * Rename http status constants and add FORBIDDEN * Heartbeat only when logged in, notify user if heartbeat fails * Update changelog * Fix minor word semantics * Update oauth2 tests to be in the oauth2_test package * Add check at compile time that JWT implements Tokenizer * Rename CookieMux to AuthMux for consistency with earlier refactor * Fix logout middleware * Fix logout button not showing due to obsolete data shape expectations * Update changelog * Fix proptypes for logout button data shape in SideNav
2017-04-06 18:40:57 +00:00
tt, err := oauth2.NewTestTripper(logger, mockAPI, http.DefaultTransport)
Add Github OAuth2 principal email/org tests
2017-02-16 19:26:08 +00:00
if err != nil {
t.Fatal("Error initializing TestTripper: err:", err)
}
tc := &http.Client{
Transport: tt,
}
email, err := prov.PrincipalID(tc)
if err != nil {
t.Fatal("Unexpected error while retrieiving PrincipalID: err:", err)
}
if email != expectedUser[0].Email {
t.Fatal("Retrieved email was not as expected. Want:", expectedUser[0].Email, "Got:", email)
}
}