From 1f9aa65d666433b3a30428c652a82c6db51b131d Mon Sep 17 00:00:00 2001
From: max furman <mx.furman@gmail.com>
Date: Fri, 18 Dec 2020 17:05:25 -0500
Subject: [PATCH] Add test case

---
 acme/authority_test.go | 63 +++++++++++++++++++++++++++++++++++-------
 1 file changed, 53 insertions(+), 10 deletions(-)

diff --git a/acme/authority_test.go b/acme/authority_test.go
index 961805fa..04cf90b0 100644
--- a/acme/authority_test.go
+++ b/acme/authority_test.go
@@ -1389,6 +1389,7 @@ func TestAuthorityValidateChallenge(t *testing.T) {
 			ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 				fmt.Fprintf(w, "%s\r\n", *keyauthp)
 			}))
+			t.Cleanup(func() { ts.Close() })
 
 			ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://"))
 			assert.FatalError(t, err)
@@ -1425,7 +1426,7 @@ func TestAuthorityValidateChallenge(t *testing.T) {
 				err:    ServerInternalErr(errors.New("error attempting challenge validation: error saving acme challenge: force")),
 			}
 		},
-		"ok": func(t *testing.T) test {
+		"ok/already-valid": func(t *testing.T) test {
 			ch, err := newHTTPCh()
 			assert.FatalError(t, err)
 			_ch, ok := ch.(*http01Challenge)
@@ -1449,14 +1450,53 @@ func TestAuthorityValidateChallenge(t *testing.T) {
 				ch:    ch,
 			}
 		},
+		"ok": func(t *testing.T) test {
+			keyauth := "temp"
+			keyauthp := &keyauth
+			// Create test server that returns challenge auth
+			ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+				fmt.Fprintf(w, "%s\r\n", *keyauthp)
+			}))
+			t.Cleanup(func() { ts.Close() })
+
+			ch, err := newHTTPChWithServer(strings.TrimPrefix(ts.URL, "http://"))
+			assert.FatalError(t, err)
+
+			jwk, _, err := jose.GenerateDefaultKeyPair([]byte("pass"))
+			assert.FatalError(t, err)
+
+			thumbprint, err := jwk.Thumbprint(crypto.SHA256)
+			assert.FatalError(t, err)
+			encPrint := base64.RawURLEncoding.EncodeToString(thumbprint)
+			*keyauthp = fmt.Sprintf("%s.%s", ch.getToken(), encPrint)
+
+			b, err := json.Marshal(ch)
+			assert.FatalError(t, err)
+			auth, err := NewAuthority(&db.MockNoSQLDB{
+				MGet: func(bucket, key []byte) ([]byte, error) {
+					assert.Equals(t, bucket, challengeTable)
+					assert.Equals(t, key, []byte(ch.getID()))
+					return b, nil
+				},
+				MCmpAndSwap: func(bucket, key, old, newval []byte) ([]byte, bool, error) {
+					assert.Equals(t, bucket, challengeTable)
+					assert.Equals(t, key, []byte(ch.getID()))
+					return nil, true, nil
+				},
+			}, "ca.smallstep.com", "acme", nil)
+			assert.FatalError(t, err)
+			return test{
+				auth:   auth,
+				id:     ch.getID(),
+				accID:  ch.getAccountID(),
+				jwk:    jwk,
+				server: ts,
+			}
+		},
 	}
 	for name, run := range tests {
 		t.Run(name, func(t *testing.T) {
 			tc := run(t)
-
-			if tc.server != nil {
-				defer tc.server.Close()
-			}
 			if acmeCh, err := tc.auth.ValidateChallenge(ctx, tc.accID, tc.id, tc.jwk); err != nil {
 				if assert.NotNil(t, tc.err) {
 					ae, ok := err.(*Error)
@@ -1467,15 +1507,18 @@ func TestAuthorityValidateChallenge(t *testing.T) {
 				}
 			} else {
 				if assert.Nil(t, tc.err) {
+					fmt.Printf("acmeCh = %+v\n", acmeCh)
 					gotb, err := json.Marshal(acmeCh)
 					assert.FatalError(t, err)
 
-					acmeExp, err := tc.ch.toACME(ctx, nil, tc.auth.dir)
-					assert.FatalError(t, err)
-					expb, err := json.Marshal(acmeExp)
-					assert.FatalError(t, err)
+					if tc.ch != nil {
+						acmeExp, err := tc.ch.toACME(ctx, nil, tc.auth.dir)
+						assert.FatalError(t, err)
+						expb, err := json.Marshal(acmeExp)
+						assert.FatalError(t, err)
 
-					assert.Equals(t, expb, gotb)
+						assert.Equals(t, expb, gotb)
+					}
 				}
 			}
 		})