djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Yet another integration test fix for dynamic clients feature with Okta

Browse Source
This commit is contained in:
Ryan Richard 2022-09-26 16:41:52 -07:00
parent 23185d55a5
commit 0d215566d8
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
test/integration/supervisor_login_test.go
View File

@ -1300,7 +1300,7 @@ func TestSupervisorLogin_Browser(t *testing.T) {
spec.AuthorizationConfig = idpv1alpha1.OIDCAuthorizationConfig{ spec.AuthorizationConfig = idpv1alpha1.OIDCAuthorizationConfig{
AdditionalScopes: env.SupervisorUpstreamOIDC.AdditionalScopes, AdditionalScopes: env.SupervisorUpstreamOIDC.AdditionalScopes,
} }
return testlib.CreateTestOIDCIdentityProvider(t, basicOIDCIdentityProviderSpec(), idpv1alpha1.PhaseReady).Name return testlib.CreateTestOIDCIdentityProvider(t, spec, idpv1alpha1.PhaseReady).Name
}, },
createOIDCClient: func(t *testing.T, callbackURL string) (string, string) { createOIDCClient: func(t *testing.T, callbackURL string) (string, string) {
return testlib.CreateOIDCClient(t, configv1alpha1.OIDCClientSpec{ return testlib.CreateOIDCClient(t, configv1alpha1.OIDCClientSpec{
@ -1312,8 +1312,7 @@ func TestSupervisorLogin_Browser(t *testing.T) {
requestAuthorization: requestAuthorizationUsingBrowserAuthcodeFlowOIDC, requestAuthorization: requestAuthorizationUsingBrowserAuthcodeFlowOIDC,
// the ID token Subject should include the upstream user ID after the upstream issuer name // the ID token Subject should include the upstream user ID after the upstream issuer name
wantDownstreamIDTokenSubjectToMatch: "^" + regexp.QuoteMeta(env.SupervisorUpstreamOIDC.Issuer+"?sub=") + ".+", wantDownstreamIDTokenSubjectToMatch: "^" + regexp.QuoteMeta(env.SupervisorUpstreamOIDC.Issuer+"?sub=") + ".+",
// the ID token Username should include the upstream user ID after the upstream issuer name wantDownstreamIDTokenUsernameToMatch: func(_ string) string { return "^" + regexp.QuoteMeta(env.SupervisorUpstreamOIDC.Username) + "$" },
wantDownstreamIDTokenUsernameToMatch: func(_ string) string { return "^" + regexp.QuoteMeta(env.SupervisorUpstreamOIDC.Issuer+"?sub=") + ".+" },
wantDownstreamIDTokenGroups: env.SupervisorUpstreamOIDC.ExpectedGroups, wantDownstreamIDTokenGroups: env.SupervisorUpstreamOIDC.ExpectedGroups,
}, },
{ {
@ -1919,7 +1918,7 @@ func testSupervisorLogin(
}, 30*time.Second, 200*time.Millisecond) }, 30*time.Second, 200*time.Millisecond)
if downstreamScopes == nil { if downstreamScopes == nil {
// By default, tests will request all the relevant groups. // By default, tests will request all the relevant scopes.
downstreamScopes = []string{"openid", "pinniped:request-audience", "offline_access", "username", "groups"} downstreamScopes = []string{"openid", "pinniped:request-audience", "offline_access", "username", "groups"}
} }
if wantDownstreamScopes == nil { if wantDownstreamScopes == nil {