-
Notifications
You must be signed in to change notification settings - Fork 0
/
session_user_test.go
100 lines (91 loc) · 2.83 KB
/
session_user_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package cassh
import (
"context"
"encoding/json"
"net/http"
"net/url"
"testing"
"time"
"gotest.tools/v3/assert"
"gotest.tools/v3/assert/cmp"
"github.com/krostar/httpclient"
httpclienttest "github.com/krostar/httpclient/test"
)
func Test_SessionUser_Status(t *testing.T) {
srv := httpclienttest.NewServer(func(u url.URL, httpDoer httpclient.Doer, checkCallback any) error {
client, err := NewClient(u.String(), ClientOptionHTTPClient(httpDoer), ClientOptionTolerateInsecureProtocols())
if err != nil {
return err
}
session := client.SessionUser("awesomeuser", SessionUserOptionAuthenticationMechanismForTesting())
status, err := session.Status(context.Background())
(checkCallback.(func(*UserStatus, error)))(status, err)
return nil
})
now := time.Now().UTC().Round(time.Second)
reqMatcher := httpclienttest.
NewRequestMatcherBuilder().
Method(http.MethodPost).
URLPath("/client/status").
BodyForm(url.Values{
"testAuthPropagated": {"true"},
"username": {"awesomeuser"},
}, true)
for name, test := range map[string]struct {
form url.Values
matcher httpclienttest.RequestMatcher
writer func(http.ResponseWriter) error
check func(status *UserStatus, err error)
}{
"ok": {
matcher: reqMatcher,
writer: func(rw http.ResponseWriter) error {
rw.WriteHeader(http.StatusOK)
return json.NewEncoder(rw).Encode(apiUserStatusResponse{
Expiration: now.Add(time.Hour).Format("2006-01-02 15:04:05"),
Expiry: "+6h",
Principals: []string{"foo", "bar", "foobar"},
RealName: "foo.bar@foo.b-ar",
SSHKeyHash: apiUserStatusResponseSSHKeyHash{
AuthType: "RSA",
Bits: 8192,
Hash: "SHA512:3423jhb",
Rate: "HIGH",
},
Status: "ACTIVE",
Username: "foobar",
})
},
check: func(status *UserStatus, err error) {
assert.Check(t, err == nil)
assert.DeepEqual(t, status, &UserStatus{
Name: "foobar",
RealName: "foo.bar@foo.b-ar",
KeyState: KeyStateActive,
KeyExpiration: now.Add(time.Hour),
KeyPrincipals: Principals{"foo", "bar", "foobar"},
})
},
},
"ko - unsuficient privileges": {
matcher: reqMatcher,
writer: func(rw http.ResponseWriter) error {
rw.WriteHeader(http.StatusUnauthorized)
return nil
},
check: func(_ *UserStatus, err error) { assert.Check(t, cmp.ErrorIs(err, ErrInsufficientPrivileges)) },
},
"ko - unhandled status": {
matcher: reqMatcher,
writer: func(rw http.ResponseWriter) error {
rw.WriteHeader(http.StatusInternalServerError)
return nil
},
check: func(_ *UserStatus, err error) {
assert.Check(t, cmp.ErrorContains(err, "failed with status 500: unhandled request status"))
},
},
} {
t.Run(name, func(t *testing.T) { assert.Check(t, srv.AssertRequest(test.matcher, test.writer, test.check)) })
}
}