test: remove the test oidc server

2 files changed, 28 insertions, 11 deletions

diff --git a/app/controllers/sessions/controller.go b/app/controllers/sessions/controller.go
index 1ceb9ec..c14a300 100644
--- a/app/controllers/sessions/controller.go
+++ b/app/controllers/sessions/controller.go
@@ -2,6 +2,7 @@ package sessions
 
 import (
 	"context"
+	"fmt"
 	"net/http"
 
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
@@ -36,6 +37,7 @@ func (c *Controller) Create(w http.ResponseWriter, r *http.Request) {
 	ctx := context.WithValue(r.Context(), oauth2.HTTPClient, c.http)
 	token, err := c.cfg.Config.Exchange(ctx, r.URL.Query().Get("code"))
 	if err != nil {
+		fmt.Printf("%v\n", err)
 		w.WriteHeader(http.StatusBadRequest)
 		return
 	}
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index 1b829bf..a5167cc 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -5,9 +5,11 @@ import (
 	"encoding/json"
 	"net/http"
 	"net/url"
-	"strings"
+	"strconv"
 	"testing"
+	"time"
 
+	"github.com/oauth2-proxy/mockoidc"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"github.com/xlgmokha/x/pkg/x"
@@ -16,10 +18,16 @@ import (
 )
 
 func TestSessions(t *testing.T) {
-	srv := test.OIDCServer()
+	srv := test.NewOIDCServer(t)
 	defer srv.Close()
 
-	cfg, err := oidc.New(t.Context(), srv.URL, "client_id", "client_secret", "callback_url")
+	cfg, err := oidc.New(
+		t.Context(),
+		srv.Issuer(),
+		srv.MockOIDC.Config().ClientID,
+		srv.MockOIDC.Config().ClientSecret,
+		"callback_url",
+	)
 	require.NoError(t, err)
 	controller := New(cfg, http.DefaultClient)
 	mux := http.NewServeMux()
@@ -36,10 +44,9 @@ func TestSessions(t *testing.T) {
 				require.NotEmpty(t, w.Header().Get("Location"))
 				redirectURL, err := url.Parse(w.Header().Get("Location"))
 				require.NoError(t, err)
-				assert.Equal(t, strings.TrimPrefix(srv.URL, "http://"), redirectURL.Host)
-				assert.Equal(t, "/oauth/authorize", redirectURL.Path)
+				assert.Equal(t, srv.AuthorizationEndpoint(), redirectURL.Scheme+"://"+redirectURL.Host+redirectURL.Path)
 				assert.NotEmpty(t, redirectURL.Query().Get("state"))
-				assert.Equal(t, "client_id", redirectURL.Query().Get("client_id"))
+				assert.Equal(t, srv.MockOIDC.Config().ClientID, redirectURL.Query().Get("client_id"))
 				assert.Equal(t, "openid profile email", redirectURL.Query().Get("scope"))
 				assert.Equal(t, "todo", redirectURL.Query().Get("audience"))
 				assert.Equal(t, cfg.Config.RedirectURL, redirectURL.Query().Get("redirect_uri"))
@@ -64,7 +71,15 @@ func TestSessions(t *testing.T) {
 		})
 
 		t.Run("with a valid authorization code grant", func(t *testing.T) {
-			r, w := test.RequestResponse("GET", "/session/callback?code=code")
+			code := strconv.FormatInt(time.Now().Unix(), 10)
+			user := mockoidc.DefaultUser()
+			srv.QueueUser(user)
+			srv.QueueCode(code)
+
+			_, err := http.Get(srv.AuthCodeURL("state"))
+			require.NoError(srv, err)
+
+			r, w := test.RequestResponse("GET", "/session/callback?code="+code)
 
 			mux.ServeHTTP(w, r)
 
@@ -80,16 +95,16 @@ func TestSessions(t *testing.T) {
 			require.NoError(t, json.Unmarshal(data, &tokens))
 
 			t.Run("stores the id token in a session cookie", func(t *testing.T) {
-				assert.Equal(t, "eyJ0eXAiOiJKV1QiLCJraWQiOiJ0ZDBTbWRKUTRxUGg1cU5Lek0yNjBDWHgyVWgtd2hHLU1Eam9PS1dmdDhFIiwiYWxnIjoiUlMyNTYifQ.eyJpc3MiOiJodHRwOi8vZ2RrLnRlc3Q6MzAwMCIsInN1YiI6IjEiLCJhdWQiOiJlMzFlMWRhMGI4ZjZiNmUzNWNhNzBjNzkwYjEzYzA0MDZlNDRhY2E2YjJiZjY3ZjU1ZGU3MzU1YTk3OWEyMjRmIiwiZXhwIjoxNzQ0NzM3NDI3LCJpYXQiOjE3NDQ3MzczMDcsImF1dGhfdGltZSI6MTc0NDczNDY0OSwic3ViX2xlZ2FjeSI6IjI0NzRjZjBiMjIxMTY4OGE1NzI5N2FjZTBlMjYwYTE1OTQ0NzU0ZDE2YjFiZDQyYzlkNjc3OWM5MDAzNjc4MDciLCJuYW1lIjoiQWRtaW5pc3RyYXRvciIsIm5pY2tuYW1lIjoicm9vdCIsInByZWZlcnJlZF91c2VybmFtZSI6InJvb3QiLCJlbWFpbCI6ImFkbWluQGV4YW1wbGUuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsInByb2ZpbGUiOiJodHRwOi8vZ2RrLnRlc3Q6MzAwMC9yb290IiwicGljdHVyZSI6Imh0dHBzOi8vd3d3LmdyYXZhdGFyLmNvbS9hdmF0YXIvMjU4ZDhkYzkxNmRiOGNlYTJjYWZiNmMzY2QwY2IwMjQ2ZWZlMDYxNDIxZGJkODNlYzNhMzUwNDI4Y2FiZGE0Zj9zPTgwJmQ9aWRlbnRpY29uIiwiZ3JvdXBzX2RpcmVjdCI6WyJ0b29sYm94IiwiZ2l0bGFiLW9yZyIsImdudXdnZXQiLCJDb21taXQ0NTEiLCJqYXNoa2VuYXMiLCJmbGlnaHRqcyIsInR3aXR0ZXIiLCJnaXRsYWItZXhhbXBsZXMiLCJnaXRsYWItZXhhbXBsZXMvc2VjdXJpdHkiLCI0MTI3MDgiLCJnaXRsYWItZXhhbXBsZXMvZGVtby1ncm91cCIsImN1c3RvbS1yb2xlcy1yb290LWdyb3VwIiwiNDM0MDQ0LWdyb3VwLTEiLCI0MzQwNDQtZ3JvdXAtMiIsImdpdGxhYi1vcmcxIiwiZ2l0bGFiLW9yZy9zZWN1cmUiLCJnaXRsYWItb3JnL3NlY3VyZS9tYW5hZ2VycyIsImdpdGxhYi1vcmcvc2VjdXJpdHktcHJvZHVjdHMiLCJnaXRsYWItb3JnL3NlY3VyaXR5LXByb2R1Y3RzL2FuYWx5emVycyIsImN1c3RvbS1yb2xlcy1yb290LWdyb3VwL2FhIiwiY3VzdG9tLXJvbGVzLXJvb3QtZ3JvdXAvYWEvYWFhIiwibWFzc19pbnNlcnRfZ3JvdXBfXzBfMTAwIl19.SZu_l7tQ2Kkeogq0z8cRaDWPfv52JTo-RkiExbnud_lrfrXXneS77BIzaGKX_bzq4SM_oO_Q63AzK66B1r6Gp7ACo4DjOUEIWETg7ZBKcDzEZnresB7kmI_MJ5rfIJTmnH75GOfc_pl5l8T896TbaShN6zSpaXXIVEfhyUrflSWb4hhA7Hbwy2b6laXiaDv0qpcn1udPVYMTsll8I5ni_2yzuEPSVRgrcQoQ46OwVDZIi9tlfdT2qNVjH6FxJ3mkBcxtIVjf3_JYAawFEscg2uvQYwFWj9T6LleMknAh3QFJJMrS6mPqlXJGPUE5pTQgsBInfEikfm9PXxezA-IY6g", tokens["id_token"])
+				assert.NotEmpty(t, tokens["id_token"])
 			})
 
 			t.Run("stores the access token in a session cookie", func(t *testing.T) {
-				assert.Equal(t, "14fa6e71afaabbe5e31ef2b47ccab7ca7a3c26f8dfdb74acce3eca30099af028", tokens["access_token"])
-				assert.Equal(t, "Bearer", tokens["token_type"])
+				assert.NotEmpty(t, tokens["access_token"])
+				assert.Equal(t, "bearer", tokens["token_type"])
 			})
 
 			t.Run("stores the refresh token in a session cookie", func(t *testing.T) {
-				assert.Equal(t, "365b261d4b25ba37e7c1e14e6501902aeecfb7fffc4602c44d6ac22b4c715b0f", tokens["refresh_token"])
+				assert.NotEmpty(t, tokens["refresh_token"])
 			})
 
 			t.Run("redirects to the homepage", func(t *testing.T) {