Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: server/auth/auth_test.go

Issue 2386643003: auth: Make luci-go services trust signatures produced by the token server. (Closed)
Patch Set: Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« appengine/gaeauth/server/db.go ('K') | « server/auth/auth.go ('k') | server/auth/authdb/db.go » ('j') | server/auth/authdb/erroring.go » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The LUCI Authors. All rights reserved. 1 // Copyright 2015 The LUCI Authors. All rights reserved.
2 // Use of this source code is governed under the Apache License, Version 2.0 2 // Use of this source code is governed under the Apache License, Version 2.0
3 // that can be found in the LICENSE file. 3 // that can be found in the LICENSE file.
4 4
5 package auth 5 package auth
6 6
7 import ( 7 import (
8 "errors" 8 "errors"
9 "net" 9 "net"
10 "net/http" 10 "net/http"
11 "testing" 11 "testing"
12 12
13 "golang.org/x/net/context" 13 "golang.org/x/net/context"
14 14
15 "github.com/luci/luci-go/server/secrets" 15 "github.com/luci/luci-go/server/secrets"
16 16
17 "github.com/luci/luci-go/server/auth/authdb" 17 "github.com/luci/luci-go/server/auth/authdb"
18 "github.com/luci/luci-go/server/auth/identity" 18 "github.com/luci/luci-go/server/auth/identity"
19 "github.com/luci/luci-go/server/auth/service/protocol" 19 "github.com/luci/luci-go/server/auth/service/protocol"
20 "github.com/luci/luci-go/server/auth/signing"
20 21
21 . "github.com/luci/luci-go/common/testing/assertions" 22 . "github.com/luci/luci-go/common/testing/assertions"
22 . "github.com/smartystreets/goconvey/convey" 23 . "github.com/smartystreets/goconvey/convey"
23 ) 24 )
24 25
25 func TestAuthenticate(t *testing.T) { 26 func TestAuthenticate(t *testing.T) {
26 Convey("IsAllowedOAuthClientID on default DB", t, func() { 27 Convey("IsAllowedOAuthClientID on default DB", t, func() {
27 c := context.Background() 28 c := context.Background()
28 auth := Authenticator{fakeOAuthMethod{clientID: "some_client_id" }} 29 auth := Authenticator{fakeOAuthMethod{clientID: "some_client_id" }}
29 _, err := auth.Authenticate(c, makeRequest()) 30 _, err := auth.Authenticate(c, makeRequest())
(...skipping 110 matching lines...) Expand 10 before | Expand all | Expand 10 after
140 type fakeDB struct { 141 type fakeDB struct {
141 allowedClientID string 142 allowedClientID string
142 authServiceURL string 143 authServiceURL string
143 tokenServiceURL string 144 tokenServiceURL string
144 } 145 }
145 146
146 func (db *fakeDB) IsAllowedOAuthClientID(c context.Context, email, clientID stri ng) (bool, error) { 147 func (db *fakeDB) IsAllowedOAuthClientID(c context.Context, email, clientID stri ng) (bool, error) {
147 return clientID == db.allowedClientID, nil 148 return clientID == db.allowedClientID, nil
148 } 149 }
149 150
150 func (db *fakeDB) IsMember(c context.Context, id identity.Identity, group string ) (bool, error) { 151 func (db *fakeDB) IsMember(c context.Context, id identity.Identity, group string ) (bool, error) {
Vadim Sh. 2016/10/03 20:47:12 this is the main fake used in server/auth/* tests.
151 return true, nil 152 return true, nil
152 } 153 }
153 154
154 func (db *fakeDB) SharedSecrets(c context.Context) (secrets.Store, error) { 155 func (db *fakeDB) SharedSecrets(c context.Context) (secrets.Store, error) {
155 return nil, errors.New("fakeDB: SharedSecrets is not implemented") 156 return nil, errors.New("fakeDB: SharedSecrets is not implemented")
156 } 157 }
157 158
159 func (db *fakeDB) GetCertificates(c context.Context, id identity.Identity) (*sig ning.PublicCertificates, error) {
160 return nil, errors.New("fakeDB: GetCertificates is not implemented")
161 }
162
158 func (db *fakeDB) GetWhitelistForIdentity(c context.Context, ident identity.Iden tity) (string, error) { 163 func (db *fakeDB) GetWhitelistForIdentity(c context.Context, ident identity.Iden tity) (string, error) {
159 return "", nil 164 return "", nil
160 } 165 }
161 166
162 func (db *fakeDB) IsInWhitelist(c context.Context, ip net.IP, whitelist string) (bool, error) { 167 func (db *fakeDB) IsInWhitelist(c context.Context, ip net.IP, whitelist string) (bool, error) {
163 return whitelist == "bots" && ip.String() == "1.2.3.4", nil 168 return whitelist == "bots" && ip.String() == "1.2.3.4", nil
164 } 169 }
165 170
166 func (db *fakeDB) GetAuthServiceURL(c context.Context) (string, error) { 171 func (db *fakeDB) GetAuthServiceURL(c context.Context) (string, error) {
167 if db.authServiceURL == "" { 172 if db.authServiceURL == "" {
168 return "", errors.New("fakeDB: GetAuthServiceURL is not configur ed") 173 return "", errors.New("fakeDB: GetAuthServiceURL is not configur ed")
169 } 174 }
170 return db.authServiceURL, nil 175 return db.authServiceURL, nil
171 } 176 }
172 177
173 func (db *fakeDB) GetTokenServiceURL(c context.Context) (string, error) { 178 func (db *fakeDB) GetTokenServiceURL(c context.Context) (string, error) {
174 if db.authServiceURL == "" { 179 if db.authServiceURL == "" {
175 return "", errors.New("fakeDB: GetTokenServiceURL is not configu red") 180 return "", errors.New("fakeDB: GetTokenServiceURL is not configu red")
176 } 181 }
177 return db.tokenServiceURL, nil 182 return db.tokenServiceURL, nil
178 } 183 }
OLDNEW
« appengine/gaeauth/server/db.go ('K') | « server/auth/auth.go ('k') | server/auth/authdb/db.go » ('j') | server/auth/authdb/erroring.go » ('J')

Powered by Google App Engine
This is Rietveld 408576698