mirror of https://github.com/restic/restic.git
138 lines
4.5 KiB
Go
138 lines
4.5 KiB
Go
package autorest
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http"
|
|
"reflect"
|
|
"testing"
|
|
|
|
"github.com/Azure/go-autorest/autorest/adal"
|
|
"github.com/Azure/go-autorest/autorest/mocks"
|
|
)
|
|
|
|
const (
|
|
TestTenantID = "TestTenantID"
|
|
TestActiveDirectoryEndpoint = "https://login/test.com/"
|
|
)
|
|
|
|
func TestWithAuthorizer(t *testing.T) {
|
|
r1 := mocks.NewRequest()
|
|
|
|
na := &NullAuthorizer{}
|
|
r2, err := Prepare(r1,
|
|
na.WithAuthorization())
|
|
if err != nil {
|
|
t.Fatalf("autorest: NullAuthorizer#WithAuthorization returned an unexpected error (%v)", err)
|
|
} else if !reflect.DeepEqual(r1, r2) {
|
|
t.Fatalf("autorest: NullAuthorizer#WithAuthorization modified the request -- received %v, expected %v", r2, r1)
|
|
}
|
|
}
|
|
|
|
func TestTokenWithAuthorization(t *testing.T) {
|
|
token := &adal.Token{
|
|
AccessToken: "TestToken",
|
|
Resource: "https://azure.microsoft.com/",
|
|
Type: "Bearer",
|
|
}
|
|
|
|
ba := NewBearerAuthorizer(token)
|
|
req, err := Prepare(&http.Request{}, ba.WithAuthorization())
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
} else if req.Header.Get(http.CanonicalHeaderKey("Authorization")) != fmt.Sprintf("Bearer %s", token.AccessToken) {
|
|
t.Fatal("azure: BearerAuthorizer#WithAuthorization failed to set Authorization header")
|
|
}
|
|
}
|
|
|
|
func TestServicePrincipalTokenWithAuthorizationNoRefresh(t *testing.T) {
|
|
oauthConfig, err := adal.NewOAuthConfig(TestActiveDirectoryEndpoint, TestTenantID)
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
}
|
|
spt, err := adal.NewServicePrincipalToken(*oauthConfig, "id", "secret", "resource", nil)
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
}
|
|
spt.SetAutoRefresh(false)
|
|
s := mocks.NewSender()
|
|
spt.SetSender(s)
|
|
|
|
ba := NewBearerAuthorizer(spt)
|
|
req, err := Prepare(mocks.NewRequest(), ba.WithAuthorization())
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
} else if req.Header.Get(http.CanonicalHeaderKey("Authorization")) != fmt.Sprintf("Bearer %s", spt.AccessToken) {
|
|
t.Fatal("azure: BearerAuthorizer#WithAuthorization failed to set Authorization header")
|
|
}
|
|
}
|
|
|
|
func TestServicePrincipalTokenWithAuthorizationRefresh(t *testing.T) {
|
|
|
|
oauthConfig, err := adal.NewOAuthConfig(TestActiveDirectoryEndpoint, TestTenantID)
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
}
|
|
refreshed := false
|
|
spt, err := adal.NewServicePrincipalToken(*oauthConfig, "id", "secret", "resource", func(t adal.Token) error {
|
|
refreshed = true
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
}
|
|
|
|
jwt := `{
|
|
"access_token" : "accessToken",
|
|
"expires_in" : "3600",
|
|
"expires_on" : "test",
|
|
"not_before" : "test",
|
|
"resource" : "test",
|
|
"token_type" : "Bearer"
|
|
}`
|
|
body := mocks.NewBody(jwt)
|
|
resp := mocks.NewResponseWithBodyAndStatus(body, http.StatusOK, "OK")
|
|
c := mocks.NewSender()
|
|
s := DecorateSender(c,
|
|
(func() SendDecorator {
|
|
return func(s Sender) Sender {
|
|
return SenderFunc(func(r *http.Request) (*http.Response, error) {
|
|
return resp, nil
|
|
})
|
|
}
|
|
})())
|
|
spt.SetSender(s)
|
|
|
|
ba := NewBearerAuthorizer(spt)
|
|
req, err := Prepare(mocks.NewRequest(), ba.WithAuthorization())
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
} else if req.Header.Get(http.CanonicalHeaderKey("Authorization")) != fmt.Sprintf("Bearer %s", spt.AccessToken) {
|
|
t.Fatal("azure: BearerAuthorizer#WithAuthorization failed to set Authorization header")
|
|
}
|
|
|
|
if !refreshed {
|
|
t.Fatal("azure: BearerAuthorizer#WithAuthorization must refresh the token")
|
|
}
|
|
}
|
|
|
|
func TestServicePrincipalTokenWithAuthorizationReturnsErrorIfConnotRefresh(t *testing.T) {
|
|
oauthConfig, err := adal.NewOAuthConfig(TestActiveDirectoryEndpoint, TestTenantID)
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
}
|
|
spt, err := adal.NewServicePrincipalToken(*oauthConfig, "id", "secret", "resource", nil)
|
|
if err != nil {
|
|
t.Fatalf("azure: BearerAuthorizer#WithAuthorization returned an error (%v)", err)
|
|
}
|
|
|
|
s := mocks.NewSender()
|
|
s.AppendResponse(mocks.NewResponseWithStatus("400 Bad Request", http.StatusBadRequest))
|
|
spt.SetSender(s)
|
|
|
|
ba := NewBearerAuthorizer(spt)
|
|
_, err = Prepare(mocks.NewRequest(), ba.WithAuthorization())
|
|
if err == nil {
|
|
t.Fatal("azure: BearerAuthorizer#WithAuthorization failed to return an error when refresh fails")
|
|
}
|
|
}
|