diff options
| author | mo khan <mo@mokhan.ca> | 2025-05-08 11:01:44 -0600 |
|---|---|---|
| committer | mo khan <mo@mokhan.ca> | 2025-05-08 11:01:44 -0600 |
| commit | d4758497b63644b2baaef2115984fe7ba14fff2a (patch) | |
| tree | 3b14c93d7fc261ff9eb8067885342011abcf466b /app/controllers/sessions/controller_test.go | |
| parent | b7a520b8ef410d422db653d2680a2aafe3341013 (diff) | |
feat: test out a redirect page in staging
Diffstat (limited to 'app/controllers/sessions/controller_test.go')
| -rw-r--r-- | app/controllers/sessions/controller_test.go | 27 |
1 files changed, 18 insertions, 9 deletions
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go index 82c56d5..6dcb3f3 100644 --- a/app/controllers/sessions/controller_test.go +++ b/app/controllers/sessions/controller_test.go @@ -6,7 +6,6 @@ import ( "net/http" "net/url" "testing" - "time" "github.com/oauth2-proxy/mockoidc" "github.com/stretchr/testify/assert" @@ -65,7 +64,8 @@ func TestSessions(t *testing.T) { cookie, err := http.ParseSetCookie(w.Header().Get("Set-Cookie")) require.NoError(t, err) require.NotZero(t, cookie) - assert.Equal(t, http.SameSiteLaxMode, cookie.SameSite) + + assert.Equal(t, xcfg.CSRFCookie, cookie.Name) }) }) @@ -124,10 +124,16 @@ func TestSessions(t *testing.T) { mux.ServeHTTP(w, r) - setCookieValue := w.Header().Get("Set-Cookie") - cookie, err := http.ParseSetCookie(setCookieValue) - require.NoError(t, err) - require.NotZero(t, cookie) + cookieValues := w.Header().Values("Set-Cookie") + cookies := x.Map(cookieValues, func(line string) *http.Cookie { + ck, err := http.ParseSetCookie(line) + require.NoError(t, err) + return ck + }) + + cookie := x.Find(cookies, func(item *http.Cookie) bool { + return item.Name == xcfg.SessionCookie + }) data, err := base64.URLEncoding.DecodeString(web.CookieValueFrom(cookie)) require.NoError(t, err) tokens := map[string]interface{}{} @@ -177,8 +183,6 @@ func TestSessions(t *testing.T) { t.Run("applies the appropriate cookie settings", func(t *testing.T) { assert.Equal(t, "/", cookie.Path) assert.Equal(t, xcfg.SessionCookie, cookie.Name) - assert.Equal(t, http.SameSiteLaxMode, cookie.SameSite) - assert.Equal(t, x.Must(time.Parse(time.RFC3339, tokens["expiry"].(string))).Unix(), cookie.Expires.Unix()) assert.True(t, cookie.HttpOnly) assert.True(t, cookie.Secure) assert.NotEmpty(t, cookie.Value) @@ -195,7 +199,12 @@ func TestSessions(t *testing.T) { require.Equal(t, http.StatusFound, w.Code) assert.Equal(t, "/", w.Header().Get("Location")) - assert.Equal(t, "session=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure", w.Header().Get("Set-Cookie")) + + expected := []string{ + "__csrf=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure", + "__s=; Path=/; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; HttpOnly; Secure", + } + assert.ElementsMatch(t, expected, w.Header().Values("Set-Cookie")) }) }) } |