meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add tests to check cookies set by SessionStores

Browse Source
This commit is contained in:
Joel Speed 2019-05-06 22:34:43 +01:00
parent 6d162a1d78
commit 0204054005
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
1 changed files with 150 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
pkg/sessions/session_store_test.go
View File

@ -1,11 +1,14 @@
package sessions_test package sessions_test
import ( import (
"net/http"
"testing" "testing"
"time"
. "github.com/onsi/ginkgo" . "github.com/onsi/ginkgo"
. "github.com/onsi/gomega" . "github.com/onsi/gomega"
"github.com/pusher/oauth2_proxy/pkg/apis/options" "github.com/pusher/oauth2_proxy/pkg/apis/options"
sessionsapi "github.com/pusher/oauth2_proxy/pkg/apis/sessions"
"github.com/pusher/oauth2_proxy/pkg/sessions" "github.com/pusher/oauth2_proxy/pkg/sessions"
"github.com/pusher/oauth2_proxy/pkg/sessions/cookie" "github.com/pusher/oauth2_proxy/pkg/sessions/cookie"
) )
@ -19,9 +22,150 @@ var _ = Describe("NewSessionStore", func() {
var opts *options.SessionOptions var opts *options.SessionOptions
var cookieOpts *options.CookieOptions var cookieOpts *options.CookieOptions
var request *http.Request
var response http.ResponseWriter
var session *sessionsapi.SessionState
CheckCookieOptions := func() {
Context("the cookies returned", func() {
var cookies []*http.Cookie
BeforeEach(func() {
req := http.Request{}
req.Header.Add("Cookie", response.Header().Get("Set-Cookie"))
cookies = req.Cookies()
})
It("have the correct name set", func() {
if len(cookies) == 1 {
Expect(cookies[0].Name).To(Equal(cookieOpts.CookieName))
} else {
for _, cookie := range cookies {
Expect(cookie.Name).To(ContainSubstring(cookieOpts.CookieName))
}
}
})
It("have the correct path set", func() {
for _, cookie := range cookies {
Expect(cookie.Path).To(Equal(cookieOpts.CookiePath))
}
})
It("have the correct domain set", func() {
for _, cookie := range cookies {
Expect(cookie.Domain).To(Equal(cookieOpts.CookieDomain))
}
})
It("have the correct HTTPOnly set", func() {
for _, cookie := range cookies {
Expect(cookie.HttpOnly).To(Equal(cookieOpts.CookieHTTPOnly))
}
})
It("have the correct secure set", func() {
for _, cookie := range cookies {
Expect(cookie.Secure).To(Equal(cookieOpts.CookieSecure))
}
})
})
}
RunCookieTests := func() {
var ss sessionsapi.SessionStore
Context("with default options", func() {
BeforeEach(func() {
var err error
ss, err = sessions.NewSessionStore(opts, cookieOpts)
Expect(err).ToNot(HaveOccurred())
})
Context("when SaveSession is called", func() {
BeforeEach(func() {
err := ss.SaveSession(response, request, session)
Expect(err).ToNot(HaveOccurred())
})
It("sets a `set-cookie` header in the response", func() {
Expect(response.Header().Get("Set-Cookie")).ToNot(BeEmpty())
})
CheckCookieOptions()
})
Context("when ClearSession is called", func() {
BeforeEach(func() {
err := ss.ClearSession(response, request)
Expect(err).ToNot(HaveOccurred())
})
It("sets a `set-cookie` header in the response", func() {
Expect(response.Header().Get("set-cookie")).ToNot(BeEmpty())
})
CheckCookieOptions()
})
})
Context("with non-default options", func() {
BeforeEach(func() {
cookieOpts = &options.CookieOptions{
CookieName: "_cookie_name",
CookiePath: "/path",
CookieExpire: time.Duration(72) * time.Hour,
CookieRefresh: time.Duration(3600),
CookieSecure: false,
CookieHTTPOnly: false,
CookieDomain: "example.com",
}
var err error
ss, err = sessions.NewSessionStore(opts, cookieOpts)
Expect(err).ToNot(HaveOccurred())
})
Context("when SaveSession is called", func() {
BeforeEach(func() {
err := ss.SaveSession(response, request, session)
Expect(err).ToNot(HaveOccurred())
})
It("sets a `set-cookie` header in the response", func() {
Expect(response.Header().Get("Set-Cookie")).ToNot(BeEmpty())
})
CheckCookieOptions()
})
Context("when ClearSession is called", func() {
BeforeEach(func() {
err := ss.ClearSession(response, request)
Expect(err).ToNot(HaveOccurred())
})
It("sets a `set-cookie` header in the response", func() {
Expect(response.Header().Get("set-cookie")).ToNot(BeEmpty())
})
CheckCookieOptions()
})
})
}
BeforeEach(func() { BeforeEach(func() {
opts = &options.SessionOptions{} opts = &options.SessionOptions{}
cookieOpts = &options.CookieOptions{}
// Set default options in CookieOptions
cookieOpts = &options.CookieOptions{
CookieName: "_oauth2_proxy",
CookiePath: "/",
CookieExpire: time.Duration(168) * time.Hour,
CookieRefresh: time.Duration(0),
CookieSecure: true,
CookieHTTPOnly: true,
}
}) })
Context("with type 'cookie'", func() { Context("with type 'cookie'", func() {
@ -29,11 +173,15 @@ var _ = Describe("NewSessionStore", func() {
opts.Type = options.CookieSessionStoreType opts.Type = options.CookieSessionStoreType
}) })
It("creates a CookieSessionStore", func() { It("creates a cookie.SessionStore", func() {
ss, err := sessions.NewSessionStore(opts, cookieOpts) ss, err := sessions.NewSessionStore(opts, cookieOpts)
Expect(err).NotTo(HaveOccurred()) Expect(err).NotTo(HaveOccurred())
Expect(ss).To(BeAssignableToTypeOf(&cookie.SessionStore{})) Expect(ss).To(BeAssignableToTypeOf(&cookie.SessionStore{}))
}) })
Context("the cookie.SessionStore", func() {
RunCookieTests()
})
}) })
Context("with an invalid type", func() { Context("with an invalid type", func() {