From 976035115e76da341e87c2baa8ccca87def7705e Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Tue, 13 Dec 2022 17:04:30 -0800 Subject: [PATCH] Stop using pointer pkg functions that were deprecated by dependency bump --- internal/config/concierge/config.go | 14 +- internal/config/concierge/config_test.go | 62 ++-- internal/config/supervisor/config.go | 4 +- internal/config/supervisor/config_test.go | 24 +- .../controller/kubecertagent/kubecertagent.go | 10 +- .../kubecertagent/kubecertagent_test.go | 12 +- internal/oidc/auth/auth_handler_test.go | 324 +++++++++--------- .../registry/credentialrequest/rest_test.go | 2 +- .../concierge_credentialrequest_test.go | 2 +- .../concierge_kubecertagent_test.go | 4 +- 10 files changed, 229 insertions(+), 229 deletions(-) diff --git a/internal/config/concierge/config.go b/internal/config/concierge/config.go index a82f2540..9a4e6aea 100644 --- a/internal/config/concierge/config.go +++ b/internal/config/concierge/config.go @@ -93,39 +93,39 @@ func FromPath(ctx context.Context, path string) (*Config, error) { func maybeSetAPIDefaults(apiConfig *APIConfigSpec) { if apiConfig.ServingCertificateConfig.DurationSeconds == nil { - apiConfig.ServingCertificateConfig.DurationSeconds = pointer.Int64Ptr(aboutAYear) + apiConfig.ServingCertificateConfig.DurationSeconds = pointer.Int64(aboutAYear) } if apiConfig.ServingCertificateConfig.RenewBeforeSeconds == nil { - apiConfig.ServingCertificateConfig.RenewBeforeSeconds = pointer.Int64Ptr(about9Months) + apiConfig.ServingCertificateConfig.RenewBeforeSeconds = pointer.Int64(about9Months) } } func maybeSetAPIGroupSuffixDefault(apiGroupSuffix **string) { if *apiGroupSuffix == nil { - *apiGroupSuffix = pointer.StringPtr(groupsuffix.PinnipedDefaultSuffix) + *apiGroupSuffix = pointer.String(groupsuffix.PinnipedDefaultSuffix) } } func maybeSetAggregatedAPIServerPortDefaults(port **int64) { if *port == nil { - *port = pointer.Int64Ptr(aggregatedAPIServerPortDefault) + *port = pointer.Int64(aggregatedAPIServerPortDefault) } } func maybeSetImpersonationProxyServerPortDefaults(port **int64) { if *port == nil { - *port = pointer.Int64Ptr(impersonationProxyPortDefault) + *port = pointer.Int64(impersonationProxyPortDefault) } } func maybeSetKubeCertAgentDefaults(cfg *KubeCertAgentSpec) { if cfg.NamePrefix == nil { - cfg.NamePrefix = pointer.StringPtr("pinniped-kube-cert-agent-") + cfg.NamePrefix = pointer.String("pinniped-kube-cert-agent-") } if cfg.Image == nil { - cfg.Image = pointer.StringPtr("debian:latest") + cfg.Image = pointer.String("debian:latest") } } diff --git a/internal/config/concierge/config_test.go b/internal/config/concierge/config_test.go index 3422032f..4e627321 100644 --- a/internal/config/concierge/config_test.go +++ b/internal/config/concierge/config_test.go @@ -59,17 +59,17 @@ func TestFromPath(t *testing.T) { `), wantConfig: &Config{ DiscoveryInfo: DiscoveryInfoSpec{ - URL: pointer.StringPtr("https://some.discovery/url"), + URL: pointer.String("https://some.discovery/url"), }, APIConfig: APIConfigSpec{ ServingCertificateConfig: ServingCertificateConfigSpec{ - DurationSeconds: pointer.Int64Ptr(3600), - RenewBeforeSeconds: pointer.Int64Ptr(2400), + DurationSeconds: pointer.Int64(3600), + RenewBeforeSeconds: pointer.Int64(2400), }, }, - APIGroupSuffix: pointer.StringPtr("some.suffix.com"), - AggregatedAPIServerPort: pointer.Int64Ptr(12345), - ImpersonationProxyServerPort: pointer.Int64Ptr(4242), + APIGroupSuffix: pointer.String("some.suffix.com"), + AggregatedAPIServerPort: pointer.Int64(12345), + ImpersonationProxyServerPort: pointer.Int64(4242), NamesConfig: NamesConfigSpec{ ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate", CredentialIssuer: "pinniped-config", @@ -86,8 +86,8 @@ func TestFromPath(t *testing.T) { "myLabelKey2": "myLabelValue2", }, KubeCertAgentConfig: KubeCertAgentSpec{ - NamePrefix: pointer.StringPtr("kube-cert-agent-name-prefix-"), - Image: pointer.StringPtr("kube-cert-agent-image"), + NamePrefix: pointer.String("kube-cert-agent-name-prefix-"), + Image: pointer.String("kube-cert-agent-image"), ImagePullSecrets: []string{"kube-cert-agent-image-pull-secret"}, }, LogLevel: func(level plog.LogLevel) *plog.LogLevel { return &level }(plog.LevelDebug), @@ -135,17 +135,17 @@ func TestFromPath(t *testing.T) { `), wantConfig: &Config{ DiscoveryInfo: DiscoveryInfoSpec{ - URL: pointer.StringPtr("https://some.discovery/url"), + URL: pointer.String("https://some.discovery/url"), }, APIConfig: APIConfigSpec{ ServingCertificateConfig: ServingCertificateConfigSpec{ - DurationSeconds: pointer.Int64Ptr(3600), - RenewBeforeSeconds: pointer.Int64Ptr(2400), + DurationSeconds: pointer.Int64(3600), + RenewBeforeSeconds: pointer.Int64(2400), }, }, - APIGroupSuffix: pointer.StringPtr("some.suffix.com"), - AggregatedAPIServerPort: pointer.Int64Ptr(12345), - ImpersonationProxyServerPort: pointer.Int64Ptr(4242), + APIGroupSuffix: pointer.String("some.suffix.com"), + AggregatedAPIServerPort: pointer.Int64(12345), + ImpersonationProxyServerPort: pointer.Int64(4242), NamesConfig: NamesConfigSpec{ ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate", CredentialIssuer: "pinniped-config", @@ -162,8 +162,8 @@ func TestFromPath(t *testing.T) { "myLabelKey2": "myLabelValue2", }, KubeCertAgentConfig: KubeCertAgentSpec{ - NamePrefix: pointer.StringPtr("kube-cert-agent-name-prefix-"), - Image: pointer.StringPtr("kube-cert-agent-image"), + NamePrefix: pointer.String("kube-cert-agent-name-prefix-"), + Image: pointer.String("kube-cert-agent-image"), ImagePullSecrets: []string{"kube-cert-agent-image-pull-secret"}, }, Log: plog.LogSpec{ @@ -212,17 +212,17 @@ func TestFromPath(t *testing.T) { `), wantConfig: &Config{ DiscoveryInfo: DiscoveryInfoSpec{ - URL: pointer.StringPtr("https://some.discovery/url"), + URL: pointer.String("https://some.discovery/url"), }, APIConfig: APIConfigSpec{ ServingCertificateConfig: ServingCertificateConfigSpec{ - DurationSeconds: pointer.Int64Ptr(3600), - RenewBeforeSeconds: pointer.Int64Ptr(2400), + DurationSeconds: pointer.Int64(3600), + RenewBeforeSeconds: pointer.Int64(2400), }, }, - APIGroupSuffix: pointer.StringPtr("some.suffix.com"), - AggregatedAPIServerPort: pointer.Int64Ptr(12345), - ImpersonationProxyServerPort: pointer.Int64Ptr(4242), + APIGroupSuffix: pointer.String("some.suffix.com"), + AggregatedAPIServerPort: pointer.Int64(12345), + ImpersonationProxyServerPort: pointer.Int64(4242), NamesConfig: NamesConfigSpec{ ServingCertificateSecret: "pinniped-concierge-api-tls-serving-certificate", CredentialIssuer: "pinniped-config", @@ -239,8 +239,8 @@ func TestFromPath(t *testing.T) { "myLabelKey2": "myLabelValue2", }, KubeCertAgentConfig: KubeCertAgentSpec{ - NamePrefix: pointer.StringPtr("kube-cert-agent-name-prefix-"), - Image: pointer.StringPtr("kube-cert-agent-image"), + NamePrefix: pointer.String("kube-cert-agent-name-prefix-"), + Image: pointer.String("kube-cert-agent-image"), ImagePullSecrets: []string{"kube-cert-agent-image-pull-secret"}, }, LogLevel: func(level plog.LogLevel) *plog.LogLevel { return &level }(plog.LevelDebug), @@ -289,13 +289,13 @@ func TestFromPath(t *testing.T) { DiscoveryInfo: DiscoveryInfoSpec{ URL: nil, }, - APIGroupSuffix: pointer.StringPtr("pinniped.dev"), - AggregatedAPIServerPort: pointer.Int64Ptr(10250), - ImpersonationProxyServerPort: pointer.Int64Ptr(8444), + APIGroupSuffix: pointer.String("pinniped.dev"), + AggregatedAPIServerPort: pointer.Int64(10250), + ImpersonationProxyServerPort: pointer.Int64(8444), APIConfig: APIConfigSpec{ ServingCertificateConfig: ServingCertificateConfigSpec{ - DurationSeconds: pointer.Int64Ptr(60 * 60 * 24 * 365), // about a year - RenewBeforeSeconds: pointer.Int64Ptr(60 * 60 * 24 * 30 * 9), // about 9 months + DurationSeconds: pointer.Int64(60 * 60 * 24 * 365), // about a year + RenewBeforeSeconds: pointer.Int64(60 * 60 * 24 * 30 * 9), // about 9 months }, }, NamesConfig: NamesConfigSpec{ @@ -311,8 +311,8 @@ func TestFromPath(t *testing.T) { }, Labels: map[string]string{}, KubeCertAgentConfig: KubeCertAgentSpec{ - NamePrefix: pointer.StringPtr("pinniped-kube-cert-agent-"), - Image: pointer.StringPtr("debian:latest"), + NamePrefix: pointer.String("pinniped-kube-cert-agent-"), + Image: pointer.String("debian:latest"), }, }, }, diff --git a/internal/config/supervisor/config.go b/internal/config/supervisor/config.go index 1e3168f0..de7af9c1 100644 --- a/internal/config/supervisor/config.go +++ b/internal/config/supervisor/config.go @@ -109,7 +109,7 @@ func maybeSetEndpointDefault(endpoint **Endpoint, defaultEndpoint Endpoint) { func maybeSetAPIGroupSuffixDefault(apiGroupSuffix **string) { if *apiGroupSuffix == nil { - *apiGroupSuffix = pointer.StringPtr(groupsuffix.PinnipedDefaultSuffix) + *apiGroupSuffix = pointer.String(groupsuffix.PinnipedDefaultSuffix) } } @@ -119,7 +119,7 @@ func validateAPIGroupSuffix(apiGroupSuffix string) error { func maybeSetAggregatedAPIServerPortDefaults(port **int64) { if *port == nil { - *port = pointer.Int64Ptr(aggregatedAPIServerPortDefault) + *port = pointer.Int64(aggregatedAPIServerPortDefault) } } diff --git a/internal/config/supervisor/config_test.go b/internal/config/supervisor/config_test.go index 5806ce78..08a78990 100644 --- a/internal/config/supervisor/config_test.go +++ b/internal/config/supervisor/config_test.go @@ -45,7 +45,7 @@ func TestFromPath(t *testing.T) { aggregatedAPIServerPort: 12345 `), wantConfig: &Config{ - APIGroupSuffix: pointer.StringPtr("some.suffix.com"), + APIGroupSuffix: pointer.String("some.suffix.com"), Labels: map[string]string{ "myLabelKey1": "myLabelValue1", "myLabelKey2": "myLabelValue2", @@ -68,7 +68,7 @@ func TestFromPath(t *testing.T) { Log: plog.LogSpec{ Level: plog.LevelTrace, }, - AggregatedAPIServerPort: pointer.Int64Ptr(12345), + AggregatedAPIServerPort: pointer.Int64(12345), }, }, { @@ -95,7 +95,7 @@ func TestFromPath(t *testing.T) { aggregatedAPIServerPort: 12345 `), wantConfig: &Config{ - APIGroupSuffix: pointer.StringPtr("some.suffix.com"), + APIGroupSuffix: pointer.String("some.suffix.com"), Labels: map[string]string{ "myLabelKey1": "myLabelValue1", "myLabelKey2": "myLabelValue2", @@ -118,7 +118,7 @@ func TestFromPath(t *testing.T) { Level: plog.LevelInfo, Format: plog.FormatText, }, - AggregatedAPIServerPort: pointer.Int64Ptr(12345), + AggregatedAPIServerPort: pointer.Int64(12345), }, }, { @@ -145,7 +145,7 @@ func TestFromPath(t *testing.T) { format: text `), wantConfig: &Config{ - APIGroupSuffix: pointer.StringPtr("some.suffix.com"), + APIGroupSuffix: pointer.String("some.suffix.com"), Labels: map[string]string{ "myLabelKey1": "myLabelValue1", "myLabelKey2": "myLabelValue2", @@ -169,7 +169,7 @@ func TestFromPath(t *testing.T) { Level: plog.LevelTrace, Format: plog.FormatText, }, - AggregatedAPIServerPort: pointer.Int64Ptr(10250), + AggregatedAPIServerPort: pointer.Int64(10250), }, }, { @@ -192,7 +192,7 @@ func TestFromPath(t *testing.T) { defaultTLSCertificateSecret: my-secret-name `), wantConfig: &Config{ - APIGroupSuffix: pointer.StringPtr("pinniped.dev"), + APIGroupSuffix: pointer.String("pinniped.dev"), Labels: map[string]string{}, NamesConfig: NamesConfigSpec{ DefaultTLSCertificateSecret: "my-secret-name", @@ -207,7 +207,7 @@ func TestFromPath(t *testing.T) { }, }, AllowExternalHTTP: false, - AggregatedAPIServerPort: pointer.Int64Ptr(10250), + AggregatedAPIServerPort: pointer.Int64(10250), }, }, { @@ -322,7 +322,7 @@ func TestFromPath(t *testing.T) { insecureAcceptExternalUnencryptedHttpRequests: true `), wantConfig: &Config{ - APIGroupSuffix: pointer.StringPtr("pinniped.dev"), + APIGroupSuffix: pointer.String("pinniped.dev"), Labels: map[string]string{}, NamesConfig: NamesConfigSpec{ DefaultTLSCertificateSecret: "my-secret-name", @@ -338,7 +338,7 @@ func TestFromPath(t *testing.T) { }, }, AllowExternalHTTP: true, - AggregatedAPIServerPort: pointer.Int64Ptr(10250), + AggregatedAPIServerPort: pointer.Int64(10250), }, }, { @@ -354,7 +354,7 @@ func TestFromPath(t *testing.T) { insecureAcceptExternalUnencryptedHttpRequests: "true" `), wantConfig: &Config{ - APIGroupSuffix: pointer.StringPtr("pinniped.dev"), + APIGroupSuffix: pointer.String("pinniped.dev"), Labels: map[string]string{}, NamesConfig: NamesConfigSpec{ DefaultTLSCertificateSecret: "my-secret-name", @@ -370,7 +370,7 @@ func TestFromPath(t *testing.T) { }, }, AllowExternalHTTP: true, - AggregatedAPIServerPort: pointer.Int64Ptr(10250), + AggregatedAPIServerPort: pointer.Int64(10250), }, }, { diff --git a/internal/controller/kubecertagent/kubecertagent.go b/internal/controller/kubecertagent/kubecertagent.go index 3dca335b..e6b6441b 100644 --- a/internal/controller/kubecertagent/kubecertagent.go +++ b/internal/controller/kubecertagent/kubecertagent.go @@ -521,14 +521,14 @@ func (c *agentController) newAgentDeployment(controllerManagerPod *corev1.Pod) * Labels: c.cfg.Labels, }, Spec: appsv1.DeploymentSpec{ - Replicas: pointer.Int32Ptr(1), + Replicas: pointer.Int32(1), Selector: metav1.SetAsLabelSelector(c.cfg.agentPodSelectorLabels()), Template: corev1.PodTemplateSpec{ ObjectMeta: metav1.ObjectMeta{ Labels: c.cfg.agentPodLabels(), }, Spec: corev1.PodSpec{ - TerminationGracePeriodSeconds: pointer.Int64Ptr(0), + TerminationGracePeriodSeconds: pointer.Int64(0), ImagePullSecrets: imagePullSecrets, Containers: []corev1.Container{ { @@ -556,15 +556,15 @@ func (c *agentController) newAgentDeployment(controllerManagerPod *corev1.Pod) * Volumes: controllerManagerPod.Spec.Volumes, RestartPolicy: corev1.RestartPolicyAlways, NodeSelector: controllerManagerPod.Spec.NodeSelector, - AutomountServiceAccountToken: pointer.BoolPtr(false), + AutomountServiceAccountToken: pointer.Bool(false), ServiceAccountName: c.cfg.ServiceAccountName, NodeName: controllerManagerPod.Spec.NodeName, Tolerations: controllerManagerPod.Spec.Tolerations, // We need to run the agent pod as root since the file permissions // on the cluster keypair usually restricts access to only root. SecurityContext: &corev1.PodSecurityContext{ - RunAsUser: pointer.Int64Ptr(0), - RunAsGroup: pointer.Int64Ptr(0), + RunAsUser: pointer.Int64(0), + RunAsGroup: pointer.Int64(0), }, HostNetwork: controllerManagerPod.Spec.HostNetwork, }, diff --git a/internal/controller/kubecertagent/kubecertagent_test.go b/internal/controller/kubecertagent/kubecertagent_test.go index df98de47..48634539 100644 --- a/internal/controller/kubecertagent/kubecertagent_test.go +++ b/internal/controller/kubecertagent/kubecertagent_test.go @@ -95,7 +95,7 @@ func TestAgentController(t *testing.T) { Labels: map[string]string{"extralabel": "labelvalue", "app": "anything"}, }, Spec: appsv1.DeploymentSpec{ - Replicas: pointer.Int32Ptr(1), + Replicas: pointer.Int32(1), Selector: metav1.SetAsLabelSelector(map[string]string{ "kube-cert-agent.pinniped.dev": "v3", }), @@ -133,12 +133,12 @@ func TestAgentController(t *testing.T) { ImagePullPolicy: corev1.PullIfNotPresent, }}, RestartPolicy: corev1.RestartPolicyAlways, - TerminationGracePeriodSeconds: pointer.Int64Ptr(0), + TerminationGracePeriodSeconds: pointer.Int64(0), ServiceAccountName: "test-service-account-name", - AutomountServiceAccountToken: pointer.BoolPtr(false), + AutomountServiceAccountToken: pointer.Bool(false), SecurityContext: &corev1.PodSecurityContext{ - RunAsUser: pointer.Int64Ptr(0), - RunAsGroup: pointer.Int64Ptr(0), + RunAsUser: pointer.Int64(0), + RunAsGroup: pointer.Int64(0), }, ImagePullSecrets: []corev1.LocalObjectReference{{ Name: "pinniped-image-pull-secret", @@ -992,7 +992,7 @@ func TestAgentController(t *testing.T) { healthyAgentPod, validClusterInfoConfigMap, }, - discoveryURLOverride: pointer.StringPtr("https://overridden-server.example.com/some/path"), + discoveryURLOverride: pointer.String("https://overridden-server.example.com/some/path"), mocks: mockExecSucceeds, wantDistinctErrors: []string{""}, wantAgentDeployment: healthyAgentDeployment, diff --git a/internal/oidc/auth/auth_handler_test.go b/internal/oidc/auth/auth_handler_test.go index c35a47f9..0e1af24f 100644 --- a/internal/oidc/auth/auth_handler_test.go +++ b/internal/oidc/auth/auth_handler_test.go @@ -694,8 +694,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -716,8 +716,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: htmlContentType, wantRedirectLocationRegexp: happyAuthcodeDownstreamRedirectLocationRegexp, @@ -737,8 +737,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: htmlContentType, wantRedirectLocationRegexp: happyAuthcodeDownstreamRedirectLocationRegexp, @@ -928,8 +928,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: "/some/path", contentType: formContentType, body: encodeQuery(happyGetRequestQueryMap), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -952,8 +952,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: "/some/path", contentType: formContentType, body: encodeQuery(happyGetRequestQueryMap), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: htmlContentType, wantRedirectLocationRegexp: happyAuthcodeDownstreamRedirectLocationRegexp, @@ -975,8 +975,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: "/some/path", contentType: formContentType, body: encodeQuery(happyGetRequestQueryMap), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: htmlContentType, wantRedirectLocationRegexp: happyAuthcodeDownstreamRedirectLocationRegexp, @@ -1131,8 +1131,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: modifiedHappyGetRequestPath(map[string]string{ "redirect_uri": downstreamRedirectURIWithDifferentPort, // not the same port number that is registered for the client }), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -1155,8 +1155,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: modifiedHappyGetRequestPath(map[string]string{ "redirect_uri": downstreamRedirectURIWithDifferentPort, // not the same port number that is registered for the client }), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: htmlContentType, wantRedirectLocationRegexp: downstreamRedirectURIWithDifferentPort + `\?code=([^&]+)&scope=openid\+username\+groups&state=` + happyState, @@ -1195,8 +1195,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithEmptyRefreshToken().WithAccessToken(oidcUpstreamAccessToken, metav1.NewTime(time.Now().Add(9*time.Hour))).WithUserInfoURL().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -1217,8 +1217,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithEmptyRefreshToken().WithAccessToken(oidcUpstreamAccessToken, metav1.NewTime(time.Now().Add(1*time.Hour))).WithUserInfoURL().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -1250,8 +1250,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithoutRefreshToken().WithAccessToken(oidcUpstreamAccessToken, metav1.NewTime(time.Now().Add(9*time.Hour))).WithUserInfoURL().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -1272,8 +1272,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&erroringUpstreamLDAPIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusBadGateway, wantContentType: htmlContentType, wantBodyString: "Bad Gateway: unexpected error during upstream authentication\n", @@ -1283,8 +1283,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&erroringUpstreamLDAPIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusBadGateway, wantContentType: htmlContentType, wantBodyString: "Bad Gateway: unexpected error during upstream authentication\n", @@ -1299,8 +1299,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr("wrong-password"), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String("wrong-password"), wantPasswordGrantCall: &expectedPasswordGrant{ performedByUpstreamName: oidcPasswordGrantUpstreamName, args: &oidctestutil.PasswordCredentialsGrantAndValidateTokensArgs{ @@ -1317,8 +1317,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr("wrong-password"), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String("wrong-password"), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithBadUsernamePasswordHintErrorQuery), @@ -1329,8 +1329,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr("wrong-password"), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String("wrong-password"), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithBadUsernamePasswordHintErrorQuery), @@ -1341,8 +1341,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr("wrong-username"), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String("wrong-username"), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithBadUsernamePasswordHintErrorQuery), @@ -1353,8 +1353,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr("wrong-username"), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String("wrong-username"), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithBadUsernamePasswordHintErrorQuery), @@ -1366,7 +1366,7 @@ func TestAuthorizationEndpoint(t *testing.T) { method: http.MethodGet, path: happyGetRequestPath, customUsernameHeader: nil, // do not send header - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithMissingUsernamePasswordHintErrorQuery), @@ -1378,7 +1378,7 @@ func TestAuthorizationEndpoint(t *testing.T) { method: http.MethodGet, path: happyGetRequestPath, customUsernameHeader: nil, // do not send header - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithMissingUsernamePasswordHintErrorQuery), @@ -1390,7 +1390,7 @@ func TestAuthorizationEndpoint(t *testing.T) { method: http.MethodGet, path: happyGetRequestPath, customUsernameHeader: nil, // do not send header - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithMissingUsernamePasswordHintErrorQuery), @@ -1401,7 +1401,7 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), + customUsernameHeader: pointer.String(happyLDAPUsername), customPasswordHeader: nil, // do not send header wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1413,7 +1413,7 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), + customUsernameHeader: pointer.String(happyLDAPUsername), customPasswordHeader: nil, // do not send header wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1425,8 +1425,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithoutRefreshToken().WithAccessToken(oidcUpstreamAccessToken, metav1.NewTime(time.Now().Add(9*time.Hour))).WithoutUserInfoURL().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1438,8 +1438,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithEmptyRefreshToken().WithAccessToken(oidcUpstreamAccessToken, metav1.NewTime(time.Now().Add(9*time.Hour))).WithoutUserInfoURL().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1451,8 +1451,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithEmptyRefreshToken().WithEmptyAccessToken().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1464,8 +1464,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithoutRefreshToken().WithoutAccessToken().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1477,8 +1477,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithoutRefreshToken().WithEmptyAccessToken().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1490,8 +1490,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().WithEmptyRefreshToken().WithoutAccessToken().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1503,7 +1503,7 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), + customUsernameHeader: pointer.String(oidcUpstreamUsername), customPasswordHeader: nil, // do not send header wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -1515,8 +1515,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(upstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithPasswordGrantDisallowedHintErrorQuery), @@ -1528,8 +1528,8 @@ func TestAuthorizationEndpoint(t *testing.T) { kubeResources: addFullyCapableDynamicClientAndSecretToKubeResources, method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"client_id": dynamicClientID, "scope": testutil.AllDynamicClientScopesSpaceSep}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithUsernamePasswordHeadersDisallowedHintErrorQuery), @@ -1541,8 +1541,8 @@ func TestAuthorizationEndpoint(t *testing.T) { kubeResources: addFullyCapableDynamicClientAndSecretToKubeResources, method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"client_id": dynamicClientID, "scope": testutil.AllDynamicClientScopesSpaceSep}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithUsernamePasswordHeadersDisallowedHintErrorQuery), @@ -1554,8 +1554,8 @@ func TestAuthorizationEndpoint(t *testing.T) { kubeResources: addFullyCapableDynamicClientAndSecretToKubeResources, method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"client_id": dynamicClientID, "scope": testutil.AllDynamicClientScopesSpaceSep}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeAccessDeniedWithUsernamePasswordHeadersDisallowedHintErrorQuery), @@ -1603,8 +1603,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: modifiedHappyGetRequestPath(map[string]string{ "redirect_uri": "http://127.0.0.1/does-not-match-what-is-configured-for-pinniped-cli-client", }), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusBadRequest, wantContentType: jsonContentType, wantBodyJSON: fositeInvalidRedirectURIErrorBody, @@ -1616,8 +1616,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: modifiedHappyGetRequestPath(map[string]string{ "redirect_uri": "http://127.0.0.1/does-not-match-what-is-configured-for-pinniped-cli-client", }), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusBadRequest, wantContentType: jsonContentType, wantBodyJSON: fositeInvalidRedirectURIErrorBody, @@ -1629,8 +1629,8 @@ func TestAuthorizationEndpoint(t *testing.T) { path: modifiedHappyGetRequestPath(map[string]string{ "redirect_uri": "http://127.0.0.1/does-not-match-what-is-configured-for-pinniped-cli-client", }), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusBadRequest, wantContentType: jsonContentType, wantBodyJSON: fositeInvalidRedirectURIErrorBody, @@ -1654,8 +1654,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"client_id": "invalid-client"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusUnauthorized, wantContentType: jsonContentType, wantBodyJSON: fositeInvalidClientErrorBody, @@ -1718,8 +1718,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"response_type": "unsupported"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeUnsupportedResponseTypeErrorQuery), @@ -1730,8 +1730,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"response_type": "unsupported"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeUnsupportedResponseTypeErrorQuery), @@ -1767,8 +1767,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"response_type": "unsupported"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeUnsupportedResponseTypeErrorQuery), @@ -1835,8 +1835,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"scope": "openid profile email tuna"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeInvalidScopeErrorQuery), @@ -1876,8 +1876,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"scope": "openid tuna"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeInvalidScopeErrorQuery), @@ -1888,8 +1888,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"scope": "openid tuna"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeInvalidScopeErrorQuery), @@ -1931,8 +1931,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"response_type": ""}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeMissingResponseTypeErrorQuery), @@ -1943,8 +1943,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"response_type": ""}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeMissingResponseTypeErrorQuery), @@ -1976,8 +1976,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithActiveDirectory(&upstreamActiveDirectoryIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"response_type": ""}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeMissingResponseTypeErrorQuery), @@ -2023,8 +2023,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"client_id": ""}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusUnauthorized, wantContentType: jsonContentType, wantBodyJSON: fositeInvalidClientErrorBody, @@ -2074,8 +2074,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge": ""}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2088,8 +2088,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge": ""}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeMissingCodeChallengeErrorQuery), @@ -2132,8 +2132,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge_method": "this-is-not-a-valid-pkce-alg"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2146,8 +2146,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge_method": "this-is-not-a-valid-pkce-alg"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeInvalidCodeChallengeErrorQuery), @@ -2190,8 +2190,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge_method": "plain"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2204,8 +2204,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge_method": "plain"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeMissingCodeChallengeMethodErrorQuery), @@ -2248,8 +2248,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge_method": ""}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2262,8 +2262,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"code_challenge_method": ""}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeMissingCodeChallengeMethodErrorQuery), @@ -2312,8 +2312,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"prompt": "none login"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2328,8 +2328,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"prompt": "none login"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositePromptHasNoneAndOtherValueErrorQuery), @@ -2383,8 +2383,8 @@ func TestAuthorizationEndpoint(t *testing.T) { method: http.MethodGet, // The following prompt value is illegal when openid is requested, but note that openid is not requested. path: modifiedHappyGetRequestPath(map[string]string{"prompt": "none login", "scope": "email"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2406,8 +2406,8 @@ func TestAuthorizationEndpoint(t *testing.T) { method: http.MethodGet, // The following prompt value is illegal when openid is requested, but note that openid is not requested. path: modifiedHappyGetRequestPath(map[string]string{"prompt": "none login", "scope": "email"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: htmlContentType, wantRedirectLocationRegexp: downstreamRedirectURI + `\?code=([^&]+)&scope=username\+groups&state=` + happyState, // username and groups scopes were not requested, but are granted anyway for backwards compatibility @@ -2429,8 +2429,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2455,8 +2455,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2482,8 +2482,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2510,8 +2510,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2537,8 +2537,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2555,8 +2555,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2570,8 +2570,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2595,8 +2595,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2620,8 +2620,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2644,8 +2644,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2659,8 +2659,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: htmlContentType, @@ -2683,8 +2683,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2698,8 +2698,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2713,8 +2713,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2728,8 +2728,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2743,8 +2743,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2758,8 +2758,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2773,8 +2773,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2788,8 +2788,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2803,8 +2803,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2818,8 +2818,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2833,8 +2833,8 @@ func TestAuthorizationEndpoint(t *testing.T) { ), method: http.MethodGet, path: happyGetRequestPath, - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantPasswordGrantCall: happyUpstreamPasswordGrantMockExpectation, wantStatus: http.StatusFound, wantContentType: jsonContentType, @@ -2877,8 +2877,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithOIDC(passwordGrantUpstreamOIDCIdentityProviderBuilder().Build()), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"state": "short"}), - customUsernameHeader: pointer.StringPtr(oidcUpstreamUsername), - customPasswordHeader: pointer.StringPtr(oidcUpstreamPassword), + customUsernameHeader: pointer.String(oidcUpstreamUsername), + customPasswordHeader: pointer.String(oidcUpstreamPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeInvalidStateErrorQuery), @@ -2889,8 +2889,8 @@ func TestAuthorizationEndpoint(t *testing.T) { idps: oidctestutil.NewUpstreamIDPListerBuilder().WithLDAP(&upstreamLDAPIdentityProvider), method: http.MethodGet, path: modifiedHappyGetRequestPath(map[string]string{"state": "short"}), - customUsernameHeader: pointer.StringPtr(happyLDAPUsername), - customPasswordHeader: pointer.StringPtr(happyLDAPPassword), + customUsernameHeader: pointer.String(happyLDAPUsername), + customPasswordHeader: pointer.String(happyLDAPPassword), wantStatus: http.StatusFound, wantContentType: jsonContentType, wantLocationHeader: urlWithQuery(downstreamRedirectURI, fositeInvalidStateErrorQuery), diff --git a/internal/registry/credentialrequest/rest_test.go b/internal/registry/credentialrequest/rest_test.go index cd7a426b..29ada189 100644 --- a/internal/registry/credentialrequest/rest_test.go +++ b/internal/registry/credentialrequest/rest_test.go @@ -386,7 +386,7 @@ func requireSuccessfulResponseWithAuthenticationFailureMessage(t *testing.T, err require.Equal(t, response, &loginapi.TokenCredentialRequest{ Status: loginapi.TokenCredentialRequestStatus{ Credential: nil, - Message: pointer.StringPtr("authentication failed"), + Message: pointer.String("authentication failed"), }, }) } diff --git a/test/integration/concierge_credentialrequest_test.go b/test/integration/concierge_credentialrequest_test.go index 1d9bd6ee..20a118dc 100644 --- a/test/integration/concierge_credentialrequest_test.go +++ b/test/integration/concierge_credentialrequest_test.go @@ -151,7 +151,7 @@ func TestFailedCredentialRequestWhenTheRequestIsValidButTheTokenDoesNotAuthentic require.Empty(t, response.Spec) require.Nil(t, response.Status.Credential) - require.Equal(t, pointer.StringPtr("authentication failed"), response.Status.Message) + require.Equal(t, pointer.String("authentication failed"), response.Status.Message) } // TCRs are non-mutating and safe to run in parallel with serial tests, see main_test.go. diff --git a/test/integration/concierge_kubecertagent_test.go b/test/integration/concierge_kubecertagent_test.go index d41b12bc..d97c5d3d 100644 --- a/test/integration/concierge_kubecertagent_test.go +++ b/test/integration/concierge_kubecertagent_test.go @@ -1,4 +1,4 @@ -// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package integration @@ -132,7 +132,7 @@ func TestLegacyPodCleaner_Parallel(t *testing.T) { t.Cleanup(func() { ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute) defer cancel() - err := kubeClient.CoreV1().Pods(pod.Namespace).Delete(ctx, pod.Name, metav1.DeleteOptions{GracePeriodSeconds: pointer.Int64Ptr(0)}) + err := kubeClient.CoreV1().Pods(pod.Namespace).Delete(ctx, pod.Name, metav1.DeleteOptions{GracePeriodSeconds: pointer.Int64(0)}) if !k8serrors.IsNotFound(err) { require.NoError(t, err, "failed to clean up fake legacy agent pod") }