Add basic outline of login get handler

Signed-off-by: Margo Crawford <margaretc@vmware.com>
This commit is contained in:
Margo Crawford 2022-04-28 09:11:51 -07:00
parent 77f016fb64
commit 07b2306254
5 changed files with 138 additions and 2 deletions

View File

@ -4,14 +4,33 @@
package login
import (
_ "embed"
"html/template"
"net/http"
"go.pinniped.dev/internal/oidc"
)
var (
//go:embed login_form.gohtml
rawHTMLTemplate string
)
var parsedHTMLTemplate = template.Must(template.New("login_post.gohtml").Parse(rawHTMLTemplate))
type PageData struct {
State string
IDPName string
}
func NewGetHandler(upstreamIDPs oidc.UpstreamIdentityProvidersLister) HandlerFunc {
return func(w http.ResponseWriter, r *http.Request, encodedState string, decodedState *oidc.UpstreamStateParamData) error {
// TODO
err := parsedHTMLTemplate.Execute(w, &PageData{State: encodedState, IDPName: decodedState.UpstreamName})
if err != nil {
return err
}
return nil
}
}

View File

@ -0,0 +1,81 @@
package login
import (
"net/http"
"net/http/httptest"
"testing"
"go.pinniped.dev/internal/testutil"
"github.com/stretchr/testify/require"
"go.pinniped.dev/internal/oidc"
)
func TestGetLogin(t *testing.T) {
const (
happyLdapIDPName = "some-ldap-idp"
happyGetResult = `<!DOCTYPE html>
<html>
<body>
<h1>Pinniped</h1>
<p>some-ldap-idp</p>
<form action="/login?state=foo" method="post">
<div>
<label for="uname"><b>Username</b></label>
<input type="text" placeholder="Username" name="uname" required>
</div>
<div>
<label for="psw"><b>Password</b></label>
<input type="password" placeholder="Password" name="psw" required>
</div>
<button type="submit">Login</button>
</form>
</body>
</html>`
)
tests := []struct {
name string
decodedState *oidc.UpstreamStateParamData
encodedState string
idps oidc.UpstreamIdentityProvidersLister
wantStatus int
wantContentType string
wantBody string
}{
{
name: "Happy path ldap",
decodedState: &oidc.UpstreamStateParamData{
UpstreamName: happyLdapIDPName,
UpstreamType: "ldap",
},
encodedState: "foo", // the encoded and decoded state don't match, but that verification is handled one level up.
wantStatus: http.StatusOK,
wantContentType: htmlContentType,
wantBody: happyGetResult,
},
}
for _, test := range tests {
tt := test
t.Run(tt.name, func(t *testing.T) {
handler := NewGetHandler(tt.idps)
req := httptest.NewRequest(http.MethodGet, "/login", nil)
rsp := httptest.NewRecorder()
err := handler(rsp, req, tt.encodedState, tt.decodedState)
require.NoError(t, err)
require.Equal(t, test.wantStatus, rsp.Code)
testutil.RequireEqualContentType(t, rsp.Header().Get("Content-Type"), tt.wantContentType)
body := rsp.Body.String()
require.Equal(t, tt.wantBody, body)
})
}
}

View File

@ -0,0 +1,32 @@
<!--
Copyright 2022 the Pinniped contributors. All Rights Reserved.
SPDX-License-Identifier: Apache-2.0
--><!DOCTYPE html>
<html>
<body>
<h1>Pinniped</h1>
<p>{{ .IDPName }}</p>
<form action="/login?state={{.State}}" method="post">
<div>
<label for="uname"><b>Username</b></label>
<input type="text" placeholder="Username" name="username" id="username" required>
</div>
<div>
<label for="psw"><b>Password</b></label>
<input type="password" placeholder="Password" name="password" id="password" required>
</div>
<div>
<input type="hidden" name="state" id="state" value="{{.State}}">
</div>
<button name="submit" id="submit" type="submit">Login</button>
</form>
</body>
</html>

View File

@ -19,9 +19,12 @@ import (
"go.pinniped.dev/internal/testutil/oidctestutil"
)
const (
htmlContentType = "text/html; charset=utf-8"
)
func TestLoginEndpoint(t *testing.T) {
const (
htmlContentType = "text/html; charset=utf-8"
happyGetResult = "<p>get handler result</p>"
happyPostResult = "<p>post handler result</p>"

View File

@ -1078,6 +1078,7 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // nolint:gocyclo
regex := regexp.MustCompile(`\A` + downstream.Spec.Issuer + `/login.+`)
browsertest.WaitForURL(t, page, regex)
browsertest.WaitForVisibleElements(t, page, "input#username", "input#password", "button#submit")
// TODO actually log in :P
})
}