github/kubelogin
1
0
Fork 0
mirror of https://github.com/int128/kubelogin.git synced 2026-02-14 16:39:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Refactor: credentialplugin/get_token_test.go (#429)

Browse Source 
* Refactor: extract const vars

* Refactor: extract ROPC test case
This commit is contained in:
Hidetake Iwata
2020-11-22 20:01:45 +09:00
committed by GitHub
parent 2f271b5870
commit ebf81debe1
1 changed files with 94 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

209
pkg/usecases/credentialplugin/get_token_test.go
View File

@@ -9,13 +9,13 @@ import (
"github.com/int128/kubelogin/pkg/credentialplugin"
"github.com/int128/kubelogin/pkg/infrastructure/mutex"
"github.com/int128/kubelogin/pkg/infrastructure/mutex/mock_mutex"
"github.com/int128/kubelogin/pkg/usecases/authentication/authcode"
"github.com/golang/mock/gomock"
"github.com/int128/kubelogin/pkg/credentialplugin/writer/mock_writer"
"github.com/int128/kubelogin/pkg/oidc"
testingJWT "github.com/int128/kubelogin/pkg/testing/jwt"
"github.com/int128/kubelogin/pkg/testing/logger"
"github.com/int128/kubelogin/pkg/tlsclientconfig"
"github.com/int128/kubelogin/pkg/tokencache"
"github.com/int128/kubelogin/pkg/tokencache/repository/mock_repository"
"github.com/int128/kubelogin/pkg/usecases/authentication"
@@ -24,28 +24,81 @@ import (
)
func TestGetToken_Do(t *testing.T) {
dummyProvider := oidc.Provider{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
}
issuedIDTokenExpiration := time.Now().Add(1 * time.Hour).Round(time.Second)
issuedIDToken := testingJWT.EncodeF(t, func(claims *testingJWT.Claims) {
claims.Issuer = "https://accounts.google.com"
claims.Subject = "YOUR_SUBJECT"
claims.ExpiresAt = issuedIDTokenExpiration.Unix()
})
dummyProvider := oidc.Provider{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
issuedTokenSet := oidc.TokenSet{
IDToken: issuedIDToken,
RefreshToken: "YOUR_REFRESH_TOKEN",
}
issuedOutput := credentialplugin.Output{
Token: issuedIDToken,
Expiry: issuedIDTokenExpiration,
}
grantOptionSet := authentication.GrantOptionSet{
AuthCodeBrowserOption: &authcode.BrowserOption{
BindAddress: []string{"127.0.0.1:8080"},
},
}
t.Run("LeastOptions", func(t *testing.T) {
var grantOptionSet authentication.GrantOptionSet
tokenSet := oidc.TokenSet{
IDToken: issuedIDToken,
RefreshToken: "YOUR_REFRESH_TOKEN",
t.Run("NoTokenCache", func(t *testing.T) {
tokenCacheKey := tokencache.Key{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
}
ctrl := gomock.NewController(t)
defer ctrl.Finish()
ctx := context.TODO()
in := Input{
Provider: dummyProvider,
TokenCacheDir: "/path/to/token-cache",
GrantOptionSet: grantOptionSet,
}
mockAuthentication := mock_authentication.NewMockInterface(ctrl)
mockAuthentication.EXPECT().
Do(ctx, authentication.Input{
Provider: dummyProvider,
GrantOptionSet: grantOptionSet,
}).
Return(&authentication.Output{TokenSet: issuedTokenSet}, nil)
mockRepository := mock_repository.NewMockInterface(ctrl)
mockRepository.EXPECT().
FindByKey("/path/to/token-cache", tokenCacheKey).
Return(nil, errors.New("file not found"))
mockRepository.EXPECT().
Save("/path/to/token-cache", tokenCacheKey, issuedTokenSet)
mockWriter := mock_writer.NewMockInterface(ctrl)
mockWriter.EXPECT().Write(issuedOutput)
u := GetToken{
Authentication: mockAuthentication,
TokenCacheRepository: mockRepository,
Writer: mockWriter,
Mutex: setupMutexMock(ctrl),
Logger: logger.New(t),
}
if err := u.Do(ctx, in); err != nil {
t.Errorf("Do returned error: %+v", err)
}
})
t.Run("ROPC", func(t *testing.T) {
grantOptionSet := authentication.GrantOptionSet{
ROPCOption: &ropc.Option{Username: "YOUR_USERNAME"},
}
tokenCacheKey := tokencache.Key{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
Username: "YOUR_USERNAME",
}
ctrl := gomock.NewController(t)
@@ -62,87 +115,19 @@ func TestGetToken_Do(t *testing.T) {
Provider: dummyProvider,
GrantOptionSet: grantOptionSet,
}).
Return(&authentication.Output{TokenSet: tokenSet}, nil)
tokenCacheRepository := mock_repository.NewMockInterface(ctrl)
tokenCacheRepository.EXPECT().
Return(&authentication.Output{TokenSet: issuedTokenSet}, nil)
mockRepository := mock_repository.NewMockInterface(ctrl)
mockRepository.EXPECT().
FindByKey("/path/to/token-cache", tokenCacheKey).
Return(nil, errors.New("file not found"))
tokenCacheRepository.EXPECT().
Save("/path/to/token-cache", tokenCacheKey, tokenSet)
credentialPluginWriter := mock_writer.NewMockInterface(ctrl)
credentialPluginWriter.EXPECT().
Write(credentialplugin.Output{
Token: issuedIDToken,
Expiry: issuedIDTokenExpiration,
})
mockRepository.EXPECT().
Save("/path/to/token-cache", tokenCacheKey, issuedTokenSet)
mockWriter := mock_writer.NewMockInterface(ctrl)
mockWriter.EXPECT().Write(issuedOutput)
u := GetToken{
Authentication: mockAuthentication,
TokenCacheRepository: tokenCacheRepository,
Writer: credentialPluginWriter,
Mutex: setupMutexMock(ctrl),
Logger: logger.New(t),
}
if err := u.Do(ctx, in); err != nil {
t.Errorf("Do returned error: %+v", err)
}
})
t.Run("FullOptions", func(t *testing.T) {
grantOptionSet := authentication.GrantOptionSet{
ROPCOption: &ropc.Option{Username: "YOUR_USERNAME"},
}
tokenSet := oidc.TokenSet{
IDToken: issuedIDToken,
RefreshToken: "YOUR_REFRESH_TOKEN",
}
tokenCacheKey := tokencache.Key{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
Username: "YOUR_USERNAME",
CACertFilename: "/path/to/cert",
CACertData: "BASE64ENCODED",
SkipTLSVerify: true,
}
tlsClientConfig := tlsclientconfig.Config{
CACertFilename: []string{"/path/to/cert"},
CACertData: []string{"BASE64ENCODED"},
SkipTLSVerify: true,
}
ctrl := gomock.NewController(t)
defer ctrl.Finish()
ctx := context.TODO()
in := Input{
Provider: dummyProvider,
TokenCacheDir: "/path/to/token-cache",
GrantOptionSet: grantOptionSet,
TLSClientConfig: tlsClientConfig,
}
mockAuthentication := mock_authentication.NewMockInterface(ctrl)
mockAuthentication.EXPECT().
Do(ctx, authentication.Input{
Provider: dummyProvider,
GrantOptionSet: grantOptionSet,
TLSClientConfig: tlsClientConfig,
}).
Return(&authentication.Output{TokenSet: tokenSet}, nil)
tokenCacheRepository := mock_repository.NewMockInterface(ctrl)
tokenCacheRepository.EXPECT().
FindByKey("/path/to/token-cache", tokenCacheKey).
Return(nil, errors.New("file not found"))
tokenCacheRepository.EXPECT().
Save("/path/to/token-cache", tokenCacheKey, tokenSet)
credentialPluginWriter := mock_writer.NewMockInterface(ctrl)
credentialPluginWriter.EXPECT().
Write(credentialplugin.Output{
Token: issuedIDToken,
Expiry: issuedIDTokenExpiration,
})
u := GetToken{
Authentication: mockAuthentication,
TokenCacheRepository: tokenCacheRepository,
Writer: credentialPluginWriter,
TokenCacheRepository: mockRepository,
Writer: mockWriter,
Mutex: setupMutexMock(ctrl),
Logger: logger.New(t),
}
@@ -156,43 +141,35 @@ func TestGetToken_Do(t *testing.T) {
defer ctrl.Finish()
ctx := context.TODO()
in := Input{
Provider: dummyProvider,
TokenCacheDir: "/path/to/token-cache",
Provider: dummyProvider,
TokenCacheDir: "/path/to/token-cache",
GrantOptionSet: grantOptionSet,
}
mockAuthentication := mock_authentication.NewMockInterface(ctrl)
mockAuthentication.EXPECT().
Do(ctx, authentication.Input{
Provider: dummyProvider,
CachedTokenSet: &oidc.TokenSet{
IDToken: issuedIDToken,
},
Provider: dummyProvider,
CachedTokenSet: &issuedTokenSet,
GrantOptionSet: grantOptionSet,
}).
Return(&authentication.Output{
AlreadyHasValidIDToken: true,
TokenSet: oidc.TokenSet{
IDToken: issuedIDToken,
},
TokenSet: issuedTokenSet,
}, nil)
tokenCacheRepository := mock_repository.NewMockInterface(ctrl)
tokenCacheRepository.EXPECT().
mockRepository := mock_repository.NewMockInterface(ctrl)
mockRepository.EXPECT().
FindByKey("/path/to/token-cache", tokencache.Key{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
ClientSecret: "YOUR_CLIENT_SECRET",
}).
Return(&oidc.TokenSet{
IDToken: issuedIDToken,
}, nil)
credentialPluginWriter := mock_writer.NewMockInterface(ctrl)
credentialPluginWriter.EXPECT().
Write(credentialplugin.Output{
Token: issuedIDToken,
Expiry: issuedIDTokenExpiration,
})
Return(&issuedTokenSet, nil)
mockWriter := mock_writer.NewMockInterface(ctrl)
mockWriter.EXPECT().Write(issuedOutput)
u := GetToken{
Authentication: mockAuthentication,
TokenCacheRepository: tokenCacheRepository,
Writer: credentialPluginWriter,
TokenCacheRepository: mockRepository,
Writer: mockWriter,
Mutex: setupMutexMock(ctrl),
Logger: logger.New(t),
}
@@ -206,17 +183,19 @@ func TestGetToken_Do(t *testing.T) {
defer ctrl.Finish()
ctx := context.TODO()
in := Input{
Provider: dummyProvider,
TokenCacheDir: "/path/to/token-cache",
Provider: dummyProvider,
TokenCacheDir: "/path/to/token-cache",
GrantOptionSet: grantOptionSet,
}
mockAuthentication := mock_authentication.NewMockInterface(ctrl)
mockAuthentication.EXPECT().
Do(ctx, authentication.Input{
Provider: dummyProvider,
Provider: dummyProvider,
GrantOptionSet: grantOptionSet,
}).
Return(nil, errors.New("authentication error"))
tokenCacheRepository := mock_repository.NewMockInterface(ctrl)
tokenCacheRepository.EXPECT().
mockRepository := mock_repository.NewMockInterface(ctrl)
mockRepository.EXPECT().
FindByKey("/path/to/token-cache", tokencache.Key{
IssuerURL: "https://accounts.google.com",
ClientID: "YOUR_CLIENT_ID",
@@ -225,7 +204,7 @@ func TestGetToken_Do(t *testing.T) {
Return(nil, errors.New("file not found"))
u := GetToken{
Authentication: mockAuthentication,
TokenCacheRepository: tokenCacheRepository,
TokenCacheRepository: mockRepository,
Writer: mock_writer.NewMockInterface(ctrl),
Mutex: setupMutexMock(ctrl),
Logger: logger.New(t),