meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Check all information is encoded when cookie-secret set

Browse Source
This commit is contained in:
Joel Speed 2019-05-07 13:55:49 +01:00
parent 553cf89579
commit 02e80b7aab
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB
1 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
pkg/sessions/session_store_test.go
View File

@ -1,6 +1,8 @@
package sessions_test package sessions_test
import ( import (
"crypto/rand"
"encoding/base64"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"testing" "testing"
@ -133,7 +135,16 @@ var _ = Describe("NewSessionStore", func() {
Expect(loadedSession.User).To(Equal(session.User)) Expect(loadedSession.User).To(Equal(session.User))
} else { } else {
// All fields stored in session if encrypted // All fields stored in session if encrypted
Expect(loadedSession).To(Equal(session))
// Can't compare time.Time using Equal() so remove ExpiresOn from sessions
l := *loadedSession
l.ExpiresOn = time.Time{}
s := *session
s.ExpiresOn = time.Time{}
Expect(l).To(Equal(s))
// Compare time.Time separately
Expect(loadedSession.ExpiresOn.Equal(session.ExpiresOn)).To(BeTrue())
} }
}) })
}) })
@ -169,6 +180,20 @@ var _ = Describe("NewSessionStore", func() {
SessionStoreInterfaceTests() SessionStoreInterfaceTests()
}) })
Context("with a cookie-secret set", func() {
BeforeEach(func() {
secret := make([]byte, 32)
_, err := rand.Read(secret)
Expect(err).ToNot(HaveOccurred())
cookieOpts.CookieSecret = base64.URLEncoding.EncodeToString(secret)
ss, err = sessions.NewSessionStore(opts, cookieOpts)
Expect(err).ToNot(HaveOccurred())
})
SessionStoreInterfaceTests()
})
} }
BeforeEach(func() { BeforeEach(func() {