| OLD | NEW |
|---|
| 1 // Copyright 2016 The LUCI Authors. All rights reserved. | 1 // Copyright 2016 The LUCI Authors. All rights reserved. |
| 2 // Use of this source code is governed under the Apache License, Version 2.0 | 2 // Use of this source code is governed under the Apache License, Version 2.0 |
| 3 // that can be found in the LICENSE file. | 3 // that can be found in the LICENSE file. |
| 4 | 4 |
| 5 package machinetoken | 5 package machinetoken |
| 6 | 6 |
| 7 import ( | 7 import ( |
| 8 "crypto/x509" | 8 "crypto/x509" |
| 9 "math/big" | 9 "math/big" |
| 10 "testing" | 10 "testing" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 MachineTokenLifetime: 3600, | 36 MachineTokenLifetime: 3600, |
| 37 }, | 37 }, |
| 38 }, | 38 }, |
| 39 }, | 39 }, |
| 40 } | 40 } |
| 41 | 41 |
| 42 Convey("good params", func() { | 42 Convey("good params", func() { |
| 43 So(params.Validate(), ShouldBeNil) | 43 So(params.Validate(), ShouldBeNil) |
| 44 }) | 44 }) |
| 45 | 45 |
| 46 Convey("good params with subdomain", func() { |
| 47 params.FQDN = "host.subdomain.domain" |
| 48 So(params.Validate(), ShouldBeNil) |
| 49 }) |
| 50 |
| 46 Convey("bad FQDN case", func() { | 51 Convey("bad FQDN case", func() { |
| 47 params.FQDN = "HOST.domain" | 52 params.FQDN = "HOST.domain" |
| 48 So(params.Validate(), ShouldErrLike, "expecting FQDN in
lowercase") | 53 So(params.Validate(), ShouldErrLike, "expecting FQDN in
lowercase") |
| 49 }) | 54 }) |
| 50 | 55 |
| 51 Convey("bad FQDN", func() { | 56 Convey("bad FQDN", func() { |
| 52 params.FQDN = "host" | 57 params.FQDN = "host" |
| 53 So(params.Validate(), ShouldErrLike, "not a valid FQDN") | 58 So(params.Validate(), ShouldErrLike, "not a valid FQDN") |
| 54 }) | 59 }) |
| 55 | 60 |
| 56 Convey("bad char in FQDN", func() { | |
| 57 params.FQDN = "host@.domain" | |
| 58 So(params.Validate(), ShouldErrLike, "forbidden characte
r") | |
| 59 }) | |
| 60 | |
| 61 Convey("not whitelisted", func() { | 61 Convey("not whitelisted", func() { |
| 62 params.FQDN = "host.blah" | 62 params.FQDN = "host.blah" |
| 63 So(params.Validate(), ShouldErrLike, "not whitelisted in
the config") | 63 So(params.Validate(), ShouldErrLike, "not whitelisted in
the config") |
| 64 }) | 64 }) |
| 65 | 65 |
| 66 Convey("tokens are not allowed", func() { | 66 Convey("tokens are not allowed", func() { |
| 67 params.Config.KnownDomains[0].MachineTokenLifetime = 0 | 67 params.Config.KnownDomains[0].MachineTokenLifetime = 0 |
| 68 So(params.Validate(), ShouldErrLike, "are not allowed") | 68 So(params.Validate(), ShouldErrLike, "are not allowed") |
| 69 }) | 69 }) |
| 70 | 70 |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 120 | 120 |
| 121 func (fakeSigner) Certificates(c context.Context) (*signing.PublicCertificates,
error) { | 121 func (fakeSigner) Certificates(c context.Context) (*signing.PublicCertificates,
error) { |
| 122 panic("not implemented yet") | 122 panic("not implemented yet") |
| 123 } | 123 } |
| 124 | 124 |
| 125 func (fakeSigner) ServiceInfo(c context.Context) (*signing.ServiceInfo, error) { | 125 func (fakeSigner) ServiceInfo(c context.Context) (*signing.ServiceInfo, error) { |
| 126 return &signing.ServiceInfo{ | 126 return &signing.ServiceInfo{ |
| 127 ServiceAccountName: "token-server@example.com", | 127 ServiceAccountName: "token-server@example.com", |
| 128 }, nil | 128 }, nil |
| 129 } | 129 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2952723003:
token-server: Make machine token minter config apply to subdomains. (Closed)
