From 7d8c28a9dcf3499880f1b09f26c7c091a148f0c9 Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Mon, 14 Sep 2020 10:34:41 -0500 Subject: [PATCH] Extract testutil.TLSTestServer so it can be reused elsewhere. Signed-off-by: Matt Moyer --- internal/client/client_test.go | 21 ++++----------------- internal/testutil/tlsserver.go | 27 +++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 17 deletions(-) create mode 100644 internal/testutil/tlsserver.go diff --git a/internal/client/client_test.go b/internal/client/client_test.go index 30b1b795..b932d1f7 100644 --- a/internal/client/client_test.go +++ b/internal/client/client_test.go @@ -8,10 +8,8 @@ package client import ( "context" "encoding/json" - "encoding/pem" "io/ioutil" "net/http" - "net/http/httptest" "testing" "time" @@ -20,20 +18,9 @@ import ( clientauthenticationv1beta1 "k8s.io/client-go/pkg/apis/clientauthentication/v1beta1" "github.com/suzerain-io/pinniped/generated/1.19/apis/pinniped/v1alpha1" + "github.com/suzerain-io/pinniped/internal/testutil" ) -func startTestServer(t *testing.T, handler http.HandlerFunc) (string, string) { - t.Helper() - server := httptest.NewTLSServer(handler) - t.Cleanup(server.Close) - - caBundle := string(pem.EncodeToMemory(&pem.Block{ - Type: "CERTIFICATE", - Bytes: server.TLS.Certificates[0].Certificate[0], - })) - return caBundle, server.URL -} - func TestExchangeToken(t *testing.T) { t.Parallel() ctx := context.Background() @@ -48,7 +35,7 @@ func TestExchangeToken(t *testing.T) { t.Run("server error", func(t *testing.T) { t.Parallel() // Start a test server that returns only 500 errors. - caBundle, endpoint := startTestServer(t, func(w http.ResponseWriter, r *http.Request) { + caBundle, endpoint := testutil.TLSTestServer(t, func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusInternalServerError) _, _ = w.Write([]byte("some server error")) }) @@ -62,7 +49,7 @@ func TestExchangeToken(t *testing.T) { t.Parallel() // Start a test server that returns success but with an error message errorMessage := "some login failure" - caBundle, endpoint := startTestServer(t, func(w http.ResponseWriter, r *http.Request) { + caBundle, endpoint := testutil.TLSTestServer(t, func(w http.ResponseWriter, r *http.Request) { w.Header().Set("content-type", "application/json") _ = json.NewEncoder(w).Encode(&v1alpha1.CredentialRequest{ TypeMeta: metav1.TypeMeta{APIVersion: "pinniped.dev/v1alpha1", Kind: "CredentialRequest"}, @@ -80,7 +67,7 @@ func TestExchangeToken(t *testing.T) { expires := metav1.NewTime(time.Now().Truncate(time.Second)) // Start a test server that returns successfully and asserts various properties of the request. - caBundle, endpoint := startTestServer(t, func(w http.ResponseWriter, r *http.Request) { + caBundle, endpoint := testutil.TLSTestServer(t, func(w http.ResponseWriter, r *http.Request) { require.Equal(t, http.MethodPost, r.Method) require.Equal(t, "/apis/pinniped.dev/v1alpha1/credentialrequests", r.URL.Path) require.Equal(t, "application/json", r.Header.Get("content-type")) diff --git a/internal/testutil/tlsserver.go b/internal/testutil/tlsserver.go new file mode 100644 index 00000000..0da0be94 --- /dev/null +++ b/internal/testutil/tlsserver.go @@ -0,0 +1,27 @@ +/* +Copyright 2020 VMware, Inc. +SPDX-License-Identifier: Apache-2.0 +*/ + +package testutil + +import ( + "encoding/pem" + "net/http" + "net/http/httptest" + "testing" +) + +// TLSTestServer starts a test server listening on a local port using a test CA. It returns the PEM CA bundle and the +// URL of the listening server. The lifetime of the server is bound to the provided *testing.T. +func TLSTestServer(t *testing.T, handler http.HandlerFunc) (caBundlePEM string, url string) { + t.Helper() + server := httptest.NewTLSServer(handler) + t.Cleanup(server.Close) + + caBundle := string(pem.EncodeToMemory(&pem.Block{ + Type: "CERTIFICATE", + Bytes: server.TLS.Certificates[0].Certificate[0], + })) + return caBundle, server.URL +}