djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
34509e7430
ContainerImage.Pinniped/internal/testutil
History
Ryan Richard 34509e7430 Add more unit tests for dynamic clients and enhance token exchange 
- Enhance the token exchange to check that the same client is used
  compared to the client used during the original authorization and
  token requests, and also check that the client has the token-exchange
  grant type allowed in its configuration.
- Reduce the minimum required bcrypt cost for OIDCClient secrets
  because 15 is too slow for real-life use, especially considering
  that every login and every refresh flow will require two client auths.
- In unit tests, use bcrypt hashes with a cost of 4, because bcrypt
  slows down by 13x when run with the race detector, and we run our
  tests with the race detector enabled, causing the tests to be
  unacceptably slow. The production code uses a higher minimum cost.
- Centralize all pre-computed bcrypt hashes used by unit tests to a
  single place. Also extract some other useful test helpers for
  unit tests related to OIDCClients.
- Add tons of unit tests for the token endpoint related to dynamic
  clients for authcode exchanges, token exchanges, and refreshes.
2022-07-20 13:55:56 -07:00
..
fakekubeapi Update to github.com/golangci/golangci-lint/cmd/golangci-lint@v1.44.2 2022-03-08 12:28:09 -08:00
oidctestutil Don't do ldap group search when group scope not specified 2022-06-22 10:58:08 -07:00
testlogger Switch to go.uber.org/zap for JSON formatted logging 2022-05-24 11:17:42 -04:00
tlsserver Remove duplication in secure TLS tests 2022-04-01 10:56:38 -04:00
assertions.go Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
certs.go certauthority.go: Refactor issuing client versus server certs 2021-03-12 16:09:37 -08:00
crypto.go Cleanup code via TODOs accumulated during token endpoint work 2020-12-04 10:09:42 -05:00
delete.go Merge branch 'main' into upstream_access_revocation_during_gc 2022-01-14 10:49:22 -08:00
doc.go Allow multiple Pinnipeds to work on same cluster 2021-02-02 15:18:41 -08:00
ioutil.go WIP: add supervisor upstream flags to pinniped get kubeconfig 2021-04-30 14:28:03 -07:00
kube_server_compatibility.go Fix TestOIDCClientStaticValidation on old servers 2022-06-17 09:04:03 -04:00
loginhtml.go Add LDAP browser flow login failure tests to supervisor_login_test.go 2022-05-10 16:28:08 -07:00
observable_with_informer_option.go Add Go vanity import paths. 2020-09-18 14:56:24 -05:00
observable_with_initial_event_option.go kubecertagent: use initial event for when key can't be found 2020-09-24 16:54:20 -04:00
oidcclient_test.go Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
oidcclient.go Add more unit tests for dynamic clients and enhance token exchange 2022-07-20 13:55:56 -07:00
oidcclientsecretstorage.go Allow dynamic clients to be used in downstream OIDC flows 2022-07-14 09:51:11 -07:00
psession.go Addressing PR feedback 2022-01-10 11:03:37 -08:00
roundtrip.go internal/groupsuffix: mutate TokenCredentialRequest's Authenticator 2021-02-10 15:53:44 -05:00
tempdir_go1.14.go Update to github.com/golangci/golangci-lint/cmd/golangci-lint@v1.44.2 2022-03-08 12:28:09 -08:00
tempdir.go Tweak some stdlib usage so we compile under Go 1.14. 2020-11-30 10:11:41 -06:00
tlsserver.go Force the use of secure TLS config 2021-11-17 16:55:35 -05:00
transcript_logger.go Switch to go.uber.org/zap for JSON formatted logging 2022-05-24 11:17:42 -04:00
x509_error.go Error format of untrusted certificate errors should depend on OS 2022-04-14 17:37:36 -07:00