ContainerImage.Pinniped/internal/federationdomain/endpoints/discovery/discovery_handler_test.go
Ryan Richard 86c791b8a6 reorganize federation domain packages to be more intuitive
Co-authored-by: Benjamin A. Petersen <ben@benjaminapetersen.me>
2023-09-11 11:11:52 -07:00

89 lines
2.6 KiB
Go

// Copyright 2020-2023 the Pinniped contributors. All Rights Reserved.
// SPDX-License-Identifier: Apache-2.0
package discovery
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/require"
"go.pinniped.dev/internal/federationdomain/oidc"
"go.pinniped.dev/internal/here"
)
func TestDiscovery(t *testing.T) {
tests := []struct {
name string
issuer string
method string
path string
wantStatus int
wantContentType string
wantBodyJSON string
wantBodyString string
}{
{
name: "happy path",
issuer: "https://some-issuer.com/some/path",
method: http.MethodGet,
path: "/some/path" + oidc.WellKnownEndpointPath,
wantStatus: http.StatusOK,
wantContentType: "application/json",
wantBodyJSON: here.Doc(`
{
"issuer": "https://some-issuer.com/some/path",
"authorization_endpoint": "https://some-issuer.com/some/path/oauth2/authorize",
"token_endpoint": "https://some-issuer.com/some/path/oauth2/token",
"jwks_uri": "https://some-issuer.com/some/path/jwks.json",
"response_types_supported": ["code"],
"response_modes_supported": ["query", "form_post"],
"subject_types_supported": ["public"],
"id_token_signing_alg_values_supported": ["ES256"],
"token_endpoint_auth_methods_supported": ["client_secret_basic"],
"scopes_supported": ["openid", "offline_access", "pinniped:request-audience", "username", "groups"],
"code_challenge_methods_supported": ["S256"],
"claims_supported": ["username", "groups", "additionalClaims"],
"discovery.supervisor.pinniped.dev/v1alpha1": {
"pinniped_identity_providers_endpoint": "https://some-issuer.com/some/path/v1alpha1/pinniped_identity_providers"
}
}
`),
},
{
name: "bad method",
issuer: "https://some-issuer.com",
method: http.MethodPost,
path: oidc.WellKnownEndpointPath,
wantStatus: http.StatusMethodNotAllowed,
wantContentType: "text/plain; charset=utf-8",
wantBodyString: "Method not allowed (try GET)\n",
},
}
for _, test := range tests {
test := test
t.Run(test.name, func(t *testing.T) {
handler := NewHandler(test.issuer)
req := httptest.NewRequest(test.method, test.path, nil)
rsp := httptest.NewRecorder()
handler.ServeHTTP(rsp, req)
require.Equal(t, test.wantStatus, rsp.Code)
require.Equal(t, test.wantContentType, rsp.Header().Get("Content-Type"))
if test.wantBodyJSON != "" {
require.JSONEq(t, test.wantBodyJSON, rsp.Body.String())
}
if test.wantBodyString != "" {
require.Equal(t, test.wantBodyString, rsp.Body.String())
}
})
}
}