fix callback_handler_test.go

Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
2023-06-26 13:05:21 -07:00 · 2023-06-26 13:05:21 -07:00 · 048f05d39c
commit 048f05d39c
parent b71e5964aa
1 changed files with 30 additions and 22 deletions
--- a/internal/federationdomain/endpoints/callback/callback_handler_test.go
+++ b/internal/federationdomain/endpoints/callback/callback_handler_test.go
@ -91,6 +91,8 @@ var (
 	happyDownstreamCustomSessionData = &psession.CustomSessionData{
 		Username:         oidcUpstreamUsername,
 		UpstreamUsername: oidcUpstreamUsername,
 		UpstreamGroups:   oidcUpstreamGroupMembership,
 		ProviderUID:      happyUpstreamIDPResourceUID,
 		ProviderName:     happyUpstreamIDPName,
 		ProviderType:     psession.ProviderTypeOIDC,
@ -100,15 +102,19 @@ var (
 			UpstreamSubject:      oidcUpstreamSubject,
 		},
 	}
-	happyDownstreamCustomSessionDataWithUsername = func(wantUsername string) *psession.CustomSessionData {
+	happyDownstreamCustomSessionDataWithUsernameAndGroups = func(wantUsername string, wantGroups []string) *psession.CustomSessionData {
 		copyOfCustomSession := *happyDownstreamCustomSessionData
 		copyOfOIDC := *(happyDownstreamCustomSessionData.OIDC)
 		copyOfCustomSession.OIDC = &copyOfOIDC
 		copyOfCustomSession.Username = wantUsername
 		copyOfCustomSession.UpstreamUsername = wantUsername
 		copyOfCustomSession.UpstreamGroups = wantGroups
 		return &copyOfCustomSession
 	}
 	happyDownstreamAccessTokenCustomSessionData = &psession.CustomSessionData{
 		Username:         oidcUpstreamUsername,
 		UpstreamUsername: oidcUpstreamUsername,
 		UpstreamGroups:   oidcUpstreamGroupMembership,
 		ProviderUID:      happyUpstreamIDPResourceUID,
 		ProviderName:     happyUpstreamIDPName,
 		ProviderType:     psession.ProviderTypeOIDC,
@ -396,6 +402,8 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
 			wantDownstreamCustomSessionData: &psession.CustomSessionData{
 				Username:         oidcUpstreamUsername,
 				UpstreamUsername: oidcUpstreamUsername,
 				UpstreamGroups:   oidcUpstreamGroupMembership,
 				ProviderUID:      happyUpstreamIDPResourceUID,
 				ProviderName:     happyUpstreamIDPName,
 				ProviderType:     psession.ProviderTypeOIDC,
@ -431,7 +439,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsername(oidcUpstreamIssuer + "?sub=" + oidcUpstreamSubjectQueryEscaped),
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups(oidcUpstreamIssuer+"?sub="+oidcUpstreamSubjectQueryEscaped, nil),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -457,7 +465,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsername("joe@whitehouse.gov"),
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups("joe@whitehouse.gov", oidcUpstreamGroupMembership),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -485,7 +493,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsername("joe@whitehouse.gov"),
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups("joe@whitehouse.gov", oidcUpstreamGroupMembership),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -514,7 +522,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsername("joe"),
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups("joe", oidcUpstreamGroupMembership),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -645,7 +653,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsername(oidcUpstreamSubject),
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups(oidcUpstreamSubject, oidcUpstreamGroupMembership),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -671,7 +679,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionData,
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups(oidcUpstreamUsername, []string{"notAnArrayGroup1 notAnArrayGroup2"}),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -697,7 +705,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionData,
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups(oidcUpstreamUsername, []string{"group1", "group2"}),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,
@ -1252,7 +1260,7 @@ func TestCallbackEndpoint(t *testing.T) {
 			wantDownstreamClientID:            downstreamPinnipedClientID,
 			wantDownstreamPKCEChallenge:       downstreamPKCEChallenge,
 			wantDownstreamPKCEChallengeMethod: downstreamPKCEChallengeMethod,
-			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionData,
+			wantDownstreamCustomSessionData:   happyDownstreamCustomSessionDataWithUsernameAndGroups(oidcUpstreamUsername, nil),
 			wantAuthcodeExchangeCall: &expectedAuthcodeExchange{
 				performedByUpstreamName: happyUpstreamIDPName,
 				args:                    happyExchangeAndValidateTokensArgs,