1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
package sessions
import (
"net/http"
"net/url"
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/test"
"golang.org/x/oauth2"
)
func TestSessions(t *testing.T) {
cfg := &oauth2.Config{
ClientID: "client_id",
RedirectURL: "https://sparklelab.example.com/callback",
Scopes: []string{"openid"},
Endpoint: oauth2.Endpoint{
AuthURL: "https://gitlab.com/oauth/authorize",
TokenURL: "https://gitlab.com/oauth/token",
},
}
controller := New(cfg)
mux := http.NewServeMux()
controller.MountTo(mux)
t.Run("GET /", func(t *testing.T) {
t.Run("Without an authenticated session", func(t *testing.T) {
t.Run("redirect to the OIDC Provider", func(t *testing.T) {
r, w := test.RequestResponse("GET", "/session/new")
mux.ServeHTTP(w, r)
require.Equal(t, http.StatusFound, w.Code)
require.NotEmpty(t, w.Header().Get("Location"))
redirectURL, err := url.Parse(w.Header().Get("Location"))
require.NoError(t, err)
assert.Equal(t, "https", redirectURL.Scheme)
assert.Equal(t, "gitlab.com", redirectURL.Host)
assert.Equal(t, "/oauth/authorize", redirectURL.Path)
assert.NotEmpty(t, redirectURL.Query().Get("state"))
assert.Equal(t, "client_id", redirectURL.Query().Get("client_id"))
assert.Equal(t, "openid", redirectURL.Query().Get("scope"))
assert.Equal(t, "https://sparklelab.example.com/callback", redirectURL.Query().Get("redirect_uri"))
assert.Equal(t, "code", redirectURL.Query().Get("response_type"))
})
})
})
}
|
