2023-06-08 02:33:54 +00:00
|
|
|
// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
|
2020-10-07 15:48:21 +00:00
|
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
2020-10-08 02:18:34 +00:00
|
|
|
package provider
|
2020-10-07 14:53:05 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
)
|
|
|
|
|
2020-12-17 19:34:49 +00:00
|
|
|
func TestFederationDomainIssuerValidations(t *testing.T) {
|
2020-10-07 14:53:05 +00:00
|
|
|
tests := []struct {
|
|
|
|
name string
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer string
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError string
|
|
|
|
}{
|
|
|
|
{
|
2020-12-17 19:34:49 +00:00
|
|
|
name: "must have an issuer",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "",
|
2020-12-17 19:34:49 +00:00
|
|
|
wantError: "federation domain must have an issuer",
|
2020-10-07 14:53:05 +00:00
|
|
|
},
|
2023-06-08 02:33:54 +00:00
|
|
|
{
|
|
|
|
name: "returns url.Parse errors",
|
|
|
|
issuer: "https://example.com" + string(byte(0x7f)),
|
|
|
|
wantError: "could not parse issuer as URL: parse \"https://example.com\\x7f\": net/url: invalid control character in URL",
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "no hostname",
|
|
|
|
issuer: "https://",
|
|
|
|
wantError: `issuer must have a hostname`,
|
|
|
|
},
|
2020-10-07 14:53:05 +00:00
|
|
|
{
|
|
|
|
name: "no scheme",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "tuna.com",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must have "https" scheme`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "bad scheme",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "ftp://tuna.com",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must have "https" scheme`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "fragment",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://tuna.com/fish#some-frag",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must not have fragment`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "query",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://tuna.com?some=query",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must not have query`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "username",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://username@tuna.com",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must not have username or password`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "password",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://username:password@tuna.com",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must not have username or password`,
|
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "without path",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://tuna.com",
|
2020-10-07 14:53:05 +00:00
|
|
|
},
|
|
|
|
{
|
|
|
|
name: "with path",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://tuna.com/fish/marlin",
|
2020-10-07 14:53:05 +00:00
|
|
|
},
|
2020-10-28 19:49:41 +00:00
|
|
|
{
|
|
|
|
name: "with http scheme",
|
|
|
|
issuer: "http://tuna.com",
|
|
|
|
wantError: `issuer must have "https" scheme`,
|
|
|
|
},
|
2020-10-07 14:53:05 +00:00
|
|
|
{
|
|
|
|
name: "trailing slash in path",
|
2020-10-08 18:28:21 +00:00
|
|
|
issuer: "https://tuna.com/",
|
2020-10-07 14:53:05 +00:00
|
|
|
wantError: `issuer must not have trailing slash in path`,
|
|
|
|
},
|
|
|
|
}
|
|
|
|
for _, tt := range tests {
|
2020-10-07 15:48:21 +00:00
|
|
|
tt := tt
|
2020-10-07 14:53:05 +00:00
|
|
|
t.Run(tt.name, func(t *testing.T) {
|
2020-12-17 19:34:49 +00:00
|
|
|
_, err := NewFederationDomainIssuer(tt.issuer)
|
2020-10-07 14:53:05 +00:00
|
|
|
if tt.wantError != "" {
|
|
|
|
require.EqualError(t, err, tt.wantError)
|
|
|
|
} else {
|
|
|
|
require.NoError(t, err)
|
|
|
|
}
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|