oauth2_proxy/providers/adfs_test.go

package providers

import (
	"encoding/base64"
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"net/url"
	"testing"

	"github.com/stretchr/testify/assert"
)

type redeemResponseADFS struct {
	AccessToken  string `json:"access_token"`
	RefreshToken string `json:"refresh_token"`
	ExpiresIn    int64  `json:"expires_in"`
	IDToken      string `json:"id_token"`
}

func newADFSRedeemServer(body []byte) (*url.URL, *httptest.Server) {
	s := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
		rw.Write(body)
	}))
	u, _ := url.Parse(s.URL)
	return u, s
}

func newADFSProvider() *ADFSProvider {
	return NewADFSProvider(
		&ProviderData{
			ProviderName:      "",
			LoginURL:          &url.URL{},
			RedeemURL:         &url.URL{},
			ProtectedResource: &url.URL{},
			Scope:             ""})
}

func TestADFSProviderDefaults(t *testing.T) {
	p := newADFSProvider()
	assert.NotEqual(t, nil, p)
	assert.Equal(t, "ADFS", p.Data().ProviderName)
	assert.Equal(t, "", p.Data().LoginURL.String())
	assert.Equal(t, "", p.Data().RedeemURL.String())
	assert.Equal(t, "", p.Data().ProtectedResource.String())
	assert.Equal(t, "openid", p.Data().Scope)
}

func TestADFSProviderGetEmailAddressAndUpn(t *testing.T) {
	p := newADFSProvider()
	body, err := json.Marshal(redeemResponseADFS{
		AccessToken:  "test12345",
		ExpiresIn:    10,
		RefreshToken: "refreshtest12345",
		IDToken:      "jwt header." + base64.URLEncoding.EncodeToString([]byte(`{"upn": "m_fedotov@gmail.com", "email": "m_fedotov@gmail.com"}`)),
	})
	assert.Equal(t, nil, err)
	var server *httptest.Server
	p.RedeemURL, server = newADFSRedeemServer(body)
	defer server.Close()

	session, err := p.Redeem("http://redirect/", "code1234")
	assert.Equal(t, nil, err)
	assert.NotEqual(t, session, nil)
	assert.Equal(t, "m_fedotov@gmail.com", session.Email)
	assert.Equal(t, "test12345", session.AccessToken)
	assert.Equal(t, "refreshtest12345", session.RefreshToken)
	assert.Equal(t, "m_fedotov@gmail.com", session.User)
}

func TestADFSProviderGetUpnOnly(t *testing.T) {
	p := newADFSProvider()
	body, err := json.Marshal(redeemResponseADFS{
		AccessToken:  "test12345",
		ExpiresIn:    10,
		RefreshToken: "refreshtest12345",
		IDToken:      "jwt header." + base64.URLEncoding.EncodeToString([]byte(`{"upn": "m_fedotov@gmail.com"}`)),
	})
	assert.Equal(t, nil, err)
	var server *httptest.Server
	p.RedeemURL, server = newADFSRedeemServer(body)
	defer server.Close()

	session, err := p.Redeem("http://redirect/", "code1234")
	assert.Equal(t, nil, err)
	assert.NotEqual(t, session, nil)
	assert.Equal(t, "m_fedotov@gmail.com", session.Email)
	assert.Equal(t, "test12345", session.AccessToken)
	assert.Equal(t, "refreshtest12345", session.RefreshToken)
	assert.Equal(t, "m_fedotov@gmail.com", session.User)
}
add adfs provider and tests 2019-07-22 21:22:19 +00:00			`package providers`

			`import (`
			`"encoding/base64"`
			`"encoding/json"`
			`"net/http"`
			`"net/http/httptest"`
			`"net/url"`
			`"testing"`

			`"github.com/stretchr/testify/assert"`
			`)`

			`type redeemResponseADFS struct {`
			AccessToken string `json:"access_token"`
			RefreshToken string `json:"refresh_token"`
			ExpiresIn int64 `json:"expires_in"`
			IDToken string `json:"id_token"`
			`}`

			`func newADFSRedeemServer(body []byte) (url.URL, httptest.Server) {`
			`s := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {`
			`rw.Write(body)`
			`}))`
			`u, _ := url.Parse(s.URL)`
			`return u, s`
			`}`

			`func newADFSProvider() *ADFSProvider {`
			`return NewADFSProvider(`
			`&ProviderData{`
			`ProviderName: "",`
			`LoginURL: &url.URL{},`
			`RedeemURL: &url.URL{},`
			`ProtectedResource: &url.URL{},`
			`Scope: ""})`
			`}`

			`func TestADFSProviderDefaults(t *testing.T) {`
			`p := newADFSProvider()`
			`assert.NotEqual(t, nil, p)`
			`assert.Equal(t, "ADFS", p.Data().ProviderName)`
			`assert.Equal(t, "", p.Data().LoginURL.String())`
			`assert.Equal(t, "", p.Data().RedeemURL.String())`
			`assert.Equal(t, "", p.Data().ProtectedResource.String())`
			`assert.Equal(t, "openid", p.Data().Scope)`
			`}`

			`func TestADFSProviderGetEmailAddressAndUpn(t *testing.T) {`
			`p := newADFSProvider()`
			`body, err := json.Marshal(redeemResponseADFS{`
			`AccessToken: "test12345",`
			`ExpiresIn: 10,`
			`RefreshToken: "refreshtest12345",`
			IDToken: "jwt header." + base64.URLEncoding.EncodeToString([]byte(`{"upn": "m_fedotov@gmail.com", "email": "m_fedotov@gmail.com"}`)),
			`})`
			`assert.Equal(t, nil, err)`
			`var server *httptest.Server`
			`p.RedeemURL, server = newADFSRedeemServer(body)`
			`defer server.Close()`

			`session, err := p.Redeem("http://redirect/", "code1234")`
			`assert.Equal(t, nil, err)`
			`assert.NotEqual(t, session, nil)`
			`assert.Equal(t, "m_fedotov@gmail.com", session.Email)`
			`assert.Equal(t, "test12345", session.AccessToken)`
			`assert.Equal(t, "refreshtest12345", session.RefreshToken)`
			`assert.Equal(t, "m_fedotov@gmail.com", session.User)`
			`}`

			`func TestADFSProviderGetUpnOnly(t *testing.T) {`
			`p := newADFSProvider()`
			`body, err := json.Marshal(redeemResponseADFS{`
			`AccessToken: "test12345",`
			`ExpiresIn: 10,`
			`RefreshToken: "refreshtest12345",`
			IDToken: "jwt header." + base64.URLEncoding.EncodeToString([]byte(`{"upn": "m_fedotov@gmail.com"}`)),
			`})`
			`assert.Equal(t, nil, err)`
			`var server *httptest.Server`
			`p.RedeemURL, server = newADFSRedeemServer(body)`
			`defer server.Close()`

			`session, err := p.Redeem("http://redirect/", "code1234")`
			`assert.Equal(t, nil, err)`
			`assert.NotEqual(t, session, nil)`
			`assert.Equal(t, "m_fedotov@gmail.com", session.Email)`
			`assert.Equal(t, "test12345", session.AccessToken)`
			`assert.Equal(t, "refreshtest12345", session.RefreshToken)`
			`assert.Equal(t, "m_fedotov@gmail.com", session.User)`
			`}`