summaryrefslogtreecommitdiff
path: root/app/controllers/sessions/controller_test.go
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/sessions/controller_test.go')
-rw-r--r--app/controllers/sessions/controller_test.go10
1 files changed, 10 insertions, 0 deletions
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index c40dbe7..8efc813 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -6,10 +6,12 @@ import (
"net/http"
"net/url"
"testing"
+ "time"
"github.com/oauth2-proxy/mockoidc"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
+ "github.com/xlgmokha/x/pkg/x"
xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
@@ -150,6 +152,14 @@ func TestSessions(t *testing.T) {
sub, err := token.Claims.GetSubject()
require.NoError(t, err)
assert.Equal(t, user.Subject, sub)
+
+ assert.Equal(t, "/", cookie.Path)
+ assert.Equal(t, "localhost", cookie.Domain)
+ assert.Equal(t, "session", cookie.Name)
+ assert.Zero(t, cookie.SameSite)
+ assert.Equal(t, x.Must(time.Parse(time.RFC3339, tokens["expiry"].(string))).Unix(), cookie.Expires.Unix())
+ assert.True(t, cookie.HttpOnly)
+ assert.True(t, cookie.Secure)
})
t.Run("stores the refresh token in a session cookie", func(t *testing.T) {
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 03:12:16 +0000