diff options
author | Krasimir Angelov <kangelov@gitlab.com> | 2019-09-06 07:06:25 +0300 |
---|---|---|
committer | Krasimir Angelov <kangelov@gitlab.com> | 2019-09-06 07:06:25 +0300 |
commit | 477ba2b3465736cdccfb6cb6a36f78447942e310 (patch) | |
tree | d1d29ae1a34d8a359fb93815d7df1345749a9341 /spec/lib | |
parent | 9d38778f4146fec734695be02f1e63c58f6d78db (diff) |
Add skeleton Pages internal API
Basic `/internal/pages` endpoint that will be used for Pages virtual
domains internal API. The endpoint is currently behind feature flag and
provides authetication similar to how Workhorse is authenticating with
the GitLab.
Diffstat (limited to 'spec/lib')
-rw-r--r-- | spec/lib/gitlab/pages_spec.rb | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/spec/lib/gitlab/pages_spec.rb b/spec/lib/gitlab/pages_spec.rb new file mode 100644 index 00000000000..affa2ebab2a --- /dev/null +++ b/spec/lib/gitlab/pages_spec.rb @@ -0,0 +1,29 @@ +# frozen_string_literal: true + +require 'spec_helper' + +describe Gitlab::Pages do + let(:pages_shared_secret) { SecureRandom.random_bytes(Gitlab::Pages::SECRET_LENGTH) } + + before do + allow(described_class).to receive(:secret).and_return(pages_shared_secret) + end + + describe '.verify_api_request' do + let(:payload) { { 'iss' => 'gitlab-pages' } } + + it 'returns false if fails to validate the JWT' do + encoded_token = JWT.encode(payload, 'wrongsecret', 'HS256') + headers = { described_class::INTERNAL_API_REQUEST_HEADER => encoded_token } + + expect(described_class.verify_api_request(headers)).to eq(false) + end + + it 'returns the decoded JWT' do + encoded_token = JWT.encode(payload, described_class.secret, 'HS256') + headers = { described_class::INTERNAL_API_REQUEST_HEADER => encoded_token } + + expect(described_class.verify_api_request(headers)).to eq([{ "iss" => "gitlab-pages" }, { "alg" => "HS256" }]) + end + end +end |