Archives
/
smallstep-certificates
mirror of https://github.com/smallstep/certificates
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update GCP tests.

Browse Source
pull/65/head
Mariano Cano 6 years ago
parent 1ea4b0ad64
commit 7727fa5665
2 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File

10
authority/provisioner/gcp.go
Unescape Escape View File

@ -16,8 +16,8 @@ import (
"github.com/smallstep/cli/jose" "github.com/smallstep/cli/jose"
) )
// googleOauth2Certs is the url that servers Google OAuth2 public keys. // gcpCertsURL is the url that servers Google OAuth2 public keys.
var googleOauth2Certs = "https://www.googleapis.com/oauth2/v3/certs" var gcpCertsURL = "https://www.googleapis.com/oauth2/v3/certs"
// gcpIdentityURL is the base url for the identity document in GCP. // gcpIdentityURL is the base url for the identity document in GCP.
var gcpIdentityURL = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity" var gcpIdentityURL = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity"
@ -122,10 +122,10 @@ func (p *GCP) GetIdentityToken() (string, error) {
defer resp.Body.Close() defer resp.Body.Close()
b, err := ioutil.ReadAll(resp.Body) b, err := ioutil.ReadAll(resp.Body)
if err != nil { if err != nil {
return "", errors.Wrap(err, "error reading identity request response") return "", errors.Wrap(err, "error on identity request")
} }
if resp.StatusCode >= 400 { if resp.StatusCode >= 400 {
return "", errors.Errorf("error on identity response: status=%d, response=%s", resp.StatusCode, b) return "", errors.Errorf("error on identity request: status=%d, response=%s", resp.StatusCode, b)
} }
return string(bytes.TrimSpace(b)), nil return string(bytes.TrimSpace(b)), nil
} }
@ -144,7 +144,7 @@ func (p *GCP) Init(config Config) error {
return err return err
} }
// Initialize key store // Initialize key store
p.keyStore, err = newKeyStore(googleOauth2Certs) p.keyStore, err = newKeyStore(gcpCertsURL)
if err != nil { if err != nil {
return err return err
} }

13
authority/provisioner/gcp_test.go
Unescape Escape View File

@ -16,7 +16,7 @@ import (
) )
func resetGoogleVars() { func resetGoogleVars() {
googleOauth2Certs = "https://www.googleapis.com/oauth2/v3/certs" gcpCertsURL = "https://www.googleapis.com/oauth2/v3/certs"
gcpIdentityURL = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity" gcpIdentityURL = "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity"
} }
@ -100,7 +100,6 @@ func TestGCP_GetIdentityToken(t *testing.T) {
assert.FatalError(t, err) assert.FatalError(t, err)
srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
fmt.Println(r.RequestURI)
switch r.URL.Path { switch r.URL.Path {
case "/bad-request": case "/bad-request":
http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
@ -118,13 +117,15 @@ func TestGCP_GetIdentityToken(t *testing.T) {
wantErr bool wantErr bool
}{ }{
{"ok", p1, srv.URL, t1, false}, {"ok", p1, srv.URL, t1, false},
{"bad request", p1, srv.URL + "/bad-request", "", true}, {"fail request", p1, srv.URL + "/bad-request", "", true},
{"bad url", p1, "badurl", "", true}, {"fail url", p1, "://ca.smallstep.com", "", true},
{"fail connect", p1, "foobarzar", "", true},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
gcpIdentityURL = tt.identityURL gcpIdentityURL = tt.identityURL
got, err := tt.gcp.GetIdentityToken() got, err := tt.gcp.GetIdentityToken()
t.Log(err)
if (err != nil) != tt.wantErr { if (err != nil) != tt.wantErr {
t.Errorf("GCP.GetIdentityToken() error = %v, wantErr %v", err, tt.wantErr) t.Errorf("GCP.GetIdentityToken() error = %v, wantErr %v", err, tt.wantErr)
return return
@ -169,11 +170,11 @@ func TestGCP_Init(t *testing.T) {
{"bad type", fields{"", "name", nil, nil}, args{config, srv.URL}, true}, {"bad type", fields{"", "name", nil, nil}, args{config, srv.URL}, true},
{"bad name", fields{"GCP", "", nil, nil}, args{config, srv.URL}, true}, {"bad name", fields{"GCP", "", nil, nil}, args{config, srv.URL}, true},
{"bad claims", fields{"GCP", "name", nil, badClaims}, args{config, srv.URL}, true}, {"bad claims", fields{"GCP", "name", nil, badClaims}, args{config, srv.URL}, true},
{"bad certs", fields{"GCP", "name", nil, badClaims}, args{config, srv.URL + "/error"}, true}, {"bad certs", fields{"GCP", "name", nil, nil}, args{config, srv.URL + "/error"}, true},
} }
for _, tt := range tests { for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) { t.Run(tt.name, func(t *testing.T) {
googleOauth2Certs = tt.args.certsURL gcpCertsURL = tt.args.certsURL
p := &GCP{ p := &GCP{
Type: tt.fields.Type, Type: tt.fields.Type,
Name: tt.fields.Name, Name: tt.fields.Name,

Write Preview
Loading…
Cancel
Save