Mo Khan
56d316e8d3
upstreamwatcher: do not truncate explicit oidc errors
...
This change makes it easier to understand misconfigurations caused
by issuers with extraneous trailing slashes.
Signed-off-by: Mo Khan <mok@vmware.com>
2021-05-10 01:45:19 -04:00
Mo Khan
7ece196893
upstreamwatcher: preserve oidc discovery error
...
Signed-off-by: Mo Khan <mok@vmware.com>
2021-05-07 16:35:12 -04:00
Matt Moyer
5a43a5d53a
Remove library.AssertNoRestartsDuringTest and make that assertion implicit in library.IntegrationEnv.
...
This means we (hopefully) can't forget to include these assertions in any integration test.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-03-17 11:18:10 -05:00
Matt Moyer
6565265bee
Use new 'go.pinniped.dev/generated/latest' package.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2021-02-16 13:00:08 -06:00
Andrew Keesler
ae498f14b4
test/integration: ensure no pods restart during integration tests
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2021-02-04 10:24:33 -05:00
Margo Crawford
5611212ea9
Changing references from 1.19 to 1.20
2021-01-07 15:25:47 -08:00
Margo Crawford
196e43aa48
Rename off of main
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-12-16 14:27:09 -08:00
Matt Moyer
273ac62ec2
Extend the test client helpers in ./test/library/client.go.
...
This adds a few new "create test object" helpers and extends `CreateTestOIDCProvider()` to optionally wait for the created OIDCProvider to enter some expected status condition.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-02 15:55:34 -06:00
Matt Moyer
bc700d58ae
Split test environment variables so there's a specific supervisor upstream client.
...
Prior to this we re-used the CLI testing client to test the authorize flow of the supervisor, but they really need to be separate upstream clients. For example, the supervisor client should be a non-public client with a client secret and a different callback endpoint.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-20 08:03:06 -06:00
Matt Moyer
7520dadbdd
Use omitempty
on UpstreamOIDCProvider spec.authorizationConfig
field.
...
This allows you to omit the field in creation requests, which was annoying.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-18 17:14:35 -06:00
Matt Moyer
b31deff0fb
Update integration tests to use HTTPS Dex for UpstreamOIDCProvider testing.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-16 20:23:20 -06:00
Matt Moyer
c10393b495
Mask the raw error messages from go-oidc, since they are dangerous.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-13 16:22:34 -06:00
Matt Moyer
d68a4b85f4
Add integration tests for UpstreamOIDCProvider status.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-13 12:30:38 -06:00