smallstep-certificates/authority/provisioners_test.go

package authority

import (
	"net/http"
	"testing"

	"github.com/pkg/errors"
	"github.com/smallstep/assert"
	"github.com/smallstep/cli/jose"
)

func TestGetEncryptedKey(t *testing.T) {
	type ek struct {
		a   *Authority
		kid string
		err *apiError
	}
	tests := map[string]func(t *testing.T) *ek{
		"ok": func(t *testing.T) *ek {
			c, err := LoadConfiguration("../ca/testdata/ca.json")
			assert.FatalError(t, err)
			a, err := New(c)
			assert.FatalError(t, err)
			return &ek{
				a:   a,
				kid: c.AuthorityConfig.Provisioners[1].Key.KeyID,
			}
		},
		"fail-not-found": func(t *testing.T) *ek {
			c, err := LoadConfiguration("../ca/testdata/ca.json")
			assert.FatalError(t, err)
			a, err := New(c)
			assert.FatalError(t, err)
			return &ek{
				a:   a,
				kid: "foo",
				err: &apiError{errors.Errorf("encrypted key with kid foo was not found"),
					http.StatusNotFound, context{}},
			}
		},
		"fail-invalid-type-found": func(t *testing.T) *ek {
			c, err := LoadConfiguration("../ca/testdata/ca.json")
			assert.FatalError(t, err)
			a, err := New(c)
			assert.FatalError(t, err)
			a.encryptedKeyIndex.Store("foo", 5)
			return &ek{
				a:   a,
				kid: "foo",
				err: &apiError{errors.Errorf("stored value is not a string"),
					http.StatusInternalServerError, context{}},
			}
		},
	}

	for name, genTestCase := range tests {
		t.Run(name, func(t *testing.T) {
			tc := genTestCase(t)

			ek, err := tc.a.GetEncryptedKey(tc.kid)
			if err != nil {
				if assert.NotNil(t, tc.err) {
					switch v := err.(type) {
					case *apiError:
						assert.HasPrefix(t, v.err.Error(), tc.err.Error())
						assert.Equals(t, v.code, tc.err.code)
						assert.Equals(t, v.context, tc.err.context)
					default:
						t.Errorf("unexpected error type: %T", v)
					}
				}
			} else {
				if assert.Nil(t, tc.err) {
					val, ok := tc.a.provisionerIDIndex.Load(tc.kid)
					assert.Fatal(t, ok)
					p, ok := val.(*Provisioner)
					assert.Fatal(t, ok)
					assert.Equals(t, p.EncryptedKey, ek)
				}
			}
		})
	}
}

func TestGetProvisioners(t *testing.T) {
	type gp struct {
		a   *Authority
		err *apiError
	}
	tests := map[string]func(t *testing.T) *gp{
		"ok": func(t *testing.T) *gp {
			c, err := LoadConfiguration("../ca/testdata/ca.json")
			assert.FatalError(t, err)
			a, err := New(c)
			assert.FatalError(t, err)
			return &gp{a: a}
		},
	}

	for name, genTestCase := range tests {
		t.Run(name, func(t *testing.T) {
			tc := genTestCase(t)

			ps, err := tc.a.GetProvisioners()
			if err != nil {
				if assert.NotNil(t, tc.err) {
					switch v := err.(type) {
					case *apiError:
						assert.HasPrefix(t, v.err.Error(), tc.err.Error())
						assert.Equals(t, v.code, tc.err.code)
						assert.Equals(t, v.context, tc.err.context)
					default:
						t.Errorf("unexpected error type: %T", v)
					}
				}
			} else {
				if assert.Nil(t, tc.err) {
					var cps = tc.a.config.AuthorityConfig.Provisioners

					maxks, found := ps["max"]
					assert.Fatal(t, found)
					assert.Equals(t, maxks.Keys, []jose.JSONWebKey{*cps[0].Key, *cps[1].Key})

					marianoks, found := ps["mariano"]
					assert.Fatal(t, found)
					assert.Equals(t, marianoks.Keys, []jose.JSONWebKey{*cps[3].Key, *cps[4].Key})

					stepcliks, found := ps["step-cli"]
					assert.Fatal(t, found)
					assert.Equals(t, stepcliks.Keys, []jose.JSONWebKey{*cps[2].Key})
				}
			}
		})
	}
}
add unit tests for authority.Provisioners api 6 years ago			`package authority`

			`import (`
			`"net/http"`
			`"testing"`

			`"github.com/pkg/errors"`
			`"github.com/smallstep/assert"`
			`"github.com/smallstep/cli/jose"`
			`)`

			`func TestGetEncryptedKey(t *testing.T) {`
			`type ek struct {`
			`a *Authority`
			`kid string`
			`err *apiError`
			`}`
			`tests := map[string]func(t testing.T) ek{`
			`"ok": func(t testing.T) ek {`
			`c, err := LoadConfiguration("../ca/testdata/ca.json")`
			`assert.FatalError(t, err)`
			`a, err := New(c)`
			`assert.FatalError(t, err)`
			`return &ek{`
			`a: a,`
			`kid: c.AuthorityConfig.Provisioners[1].Key.KeyID,`
			`}`
			`},`
			`"fail-not-found": func(t testing.T) ek {`
			`c, err := LoadConfiguration("../ca/testdata/ca.json")`
			`assert.FatalError(t, err)`
			`a, err := New(c)`
			`assert.FatalError(t, err)`
			`return &ek{`
			`a: a,`
			`kid: "foo",`
			`err: &apiError{errors.Errorf("encrypted key with kid foo was not found"),`
			`http.StatusNotFound, context{}},`
			`}`
			`},`
			`"fail-invalid-type-found": func(t testing.T) ek {`
			`c, err := LoadConfiguration("../ca/testdata/ca.json")`
			`assert.FatalError(t, err)`
			`a, err := New(c)`
			`assert.FatalError(t, err)`
			`a.encryptedKeyIndex.Store("foo", 5)`
			`return &ek{`
			`a: a,`
			`kid: "foo",`
			`err: &apiError{errors.Errorf("stored value is not a string"),`
			`http.StatusInternalServerError, context{}},`
			`}`
			`},`
			`}`

			`for name, genTestCase := range tests {`
			`t.Run(name, func(t *testing.T) {`
			`tc := genTestCase(t)`

			`ek, err := tc.a.GetEncryptedKey(tc.kid)`
			`if err != nil {`
			`if assert.NotNil(t, tc.err) {`
			`switch v := err.(type) {`
			`case *apiError:`
			`assert.HasPrefix(t, v.err.Error(), tc.err.Error())`
			`assert.Equals(t, v.code, tc.err.code)`
			`assert.Equals(t, v.context, tc.err.context)`
			`default:`
			`t.Errorf("unexpected error type: %T", v)`
			`}`
			`}`
			`} else {`
			`if assert.Nil(t, tc.err) {`
			`val, ok := tc.a.provisionerIDIndex.Load(tc.kid)`
			`assert.Fatal(t, ok)`
			`p, ok := val.(*Provisioner)`
			`assert.Fatal(t, ok)`
			`assert.Equals(t, p.EncryptedKey, ek)`
			`}`
			`}`
			`})`
			`}`
			`}`

			`func TestGetProvisioners(t *testing.T) {`
			`type gp struct {`
			`a *Authority`
			`err *apiError`
			`}`
			`tests := map[string]func(t testing.T) gp{`
			`"ok": func(t testing.T) gp {`
			`c, err := LoadConfiguration("../ca/testdata/ca.json")`
			`assert.FatalError(t, err)`
			`a, err := New(c)`
			`assert.FatalError(t, err)`
			`return &gp{a: a}`
			`},`
			`}`

			`for name, genTestCase := range tests {`
			`t.Run(name, func(t *testing.T) {`
			`tc := genTestCase(t)`

			`ps, err := tc.a.GetProvisioners()`
			`if err != nil {`
			`if assert.NotNil(t, tc.err) {`
			`switch v := err.(type) {`
			`case *apiError:`
			`assert.HasPrefix(t, v.err.Error(), tc.err.Error())`
			`assert.Equals(t, v.code, tc.err.code)`
			`assert.Equals(t, v.context, tc.err.context)`
			`default:`
			`t.Errorf("unexpected error type: %T", v)`
			`}`
			`}`
			`} else {`
			`if assert.Nil(t, tc.err) {`
			`var cps = tc.a.config.AuthorityConfig.Provisioners`

			`maxks, found := ps["max"]`
			`assert.Fatal(t, found)`
			`assert.Equals(t, maxks.Keys, []jose.JSONWebKey{cps[0].Key, cps[1].Key})`

			`marianoks, found := ps["mariano"]`
			`assert.Fatal(t, found)`
			`assert.Equals(t, marianoks.Keys, []jose.JSONWebKey{cps[3].Key, cps[4].Key})`

			`stepcliks, found := ps["step-cli"]`
			`assert.Fatal(t, found)`
			`assert.Equals(t, stepcliks.Keys, []jose.JSONWebKey{*cps[2].Key})`
			`}`
			`}`
			`})`
			`}`
			`}`