diff options
author | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-11-02 20:17:37 +0300 |
---|---|---|
committer | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-11-02 20:17:37 +0300 |
commit | 95bd97cb2d80fbddd36d89d5fac86ad9e5e62a6f (patch) | |
tree | d5a6c141e64259dcba74f2d42d3261e6f067350e | |
parent | 2b5f9c3202c73306a6d7bafb58b7570b7dfec87d (diff) |
test: refactor RunPagesProcess function to take functional arguments
-rw-r--r-- | test/acceptance/auth_test.go | 90 | ||||
-rw-r--r-- | test/acceptance/helpers_test.go | 31 |
2 files changed, 79 insertions, 42 deletions
diff --git a/test/acceptance/auth_test.go b/test/acceptance/auth_test.go index c3155400..49d2806d 100644 --- a/test/acceptance/auth_test.go +++ b/test/acceptance/auth_test.go @@ -24,7 +24,12 @@ func TestWhenAuthIsDisabledPrivateIsNotAccessible(t *testing.T) { } func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpsListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpsListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/") @@ -55,7 +60,12 @@ func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) { } func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpsListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpsListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetPageFromListener(t, httpsListener, "projects.gitlab-example.com", "/auth?error=access_denied") @@ -65,7 +75,12 @@ func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) { require.Equal(t, http.StatusUnauthorized, rsp.StatusCode) } func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpsListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpsListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/") @@ -82,7 +97,12 @@ func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) { } func TestWhenLoginCallbackWithUnencryptedCode(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpsListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpsListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/") @@ -110,7 +130,12 @@ func TestWhenLoginCallbackWithUnencryptedCode(t *testing.T) { } func TestAccessControlUnderCustomDomain(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) tests := map[string]struct { domain string @@ -186,7 +211,12 @@ func TestAccessControlUnderCustomDomain(t *testing.T) { } func TestCustomErrorPageWithAuth(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) tests := []struct { name string @@ -290,7 +320,12 @@ func TestCustomErrorPageWithAuth(t *testing.T) { } func TestAccessControlUnderCustomDomainWithHTTPSProxy(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{proxyListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{proxyListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetProxyRedirectPageWithCookie(t, proxyListener, "private.domain.com", "/", "", true) require.NoError(t, err) @@ -352,7 +387,12 @@ func TestAccessControlUnderCustomDomainWithHTTPSProxy(t *testing.T) { } func TestAccessControlGroupDomain404RedirectsAuth(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetRedirectPage(t, httpListener, "group.gitlab-example.com", "/nonexistent/") require.NoError(t, err) @@ -366,7 +406,12 @@ func TestAccessControlGroupDomain404RedirectsAuth(t *testing.T) { } func TestAccessControlProject404DoesNotRedirect(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{httpListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{httpListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) rsp, err := GetRedirectPage(t, httpListener, "group.gitlab-example.com", "/project/nonexistent/") require.NoError(t, err) @@ -520,7 +565,12 @@ func TestAccessControlWithSSLCertDir(t *testing.T) { // Read the issue description if any changes to internal/auth/ break this test. // Related to https://tools.ietf.org/html/rfc6749#section-10.6. func TestHijackedCode(t *testing.T) { - runPagesWithAuth(t, []ListenSpec{proxyListener}) + RunPagesProcess(t, + withListeners([]ListenSpec{proxyListener}), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + ) /****ATTACKER******/ // get valid cookie for a different private project @@ -593,25 +643,15 @@ func getValidCookieAndState(t *testing.T, domain string) (string, string) { return cookie, state } -func runPagesWithAuth(t *testing.T, listeners []ListenSpec) { +func defaultAuthConfigWith(t *testing.T, configs ...string) string { t.Helper() - runPagesWithAuthAndEnv(t, listeners, nil) -} - -func runPagesWithAuthAndEnv(t *testing.T, listeners []ListenSpec, env []string) { - t.Helper() - - configFile := defaultConfigFileWith(t, + configs = append(configs, "gitlab-server=https://public-gitlab-auth.com", "auth-redirect-uri=https://projects.gitlab-example.com/auth", ) - RunPagesProcess(t, - withListeners(listeners), - withArguments([]string{ - "-config=" + configFile, - }), - withEnv(env), - ) + configFile := defaultConfigFileWith(t, configs...) + + return configFile } diff --git a/test/acceptance/helpers_test.go b/test/acceptance/helpers_test.go index caa4ec3b..8433646a 100644 --- a/test/acceptance/helpers_test.go +++ b/test/acceptance/helpers_test.go @@ -203,21 +203,6 @@ func (l ListenSpec) JoinHostPort() string { return net.JoinHostPort(l.Host, l.Port) } -// RunPagesProcessWithoutGitLabStub will start a gitlab-pages process with the specified listeners -// and return a function you can call to shut it down again. Use -// GetPageFromProcess to do a HTTP GET against a listener. -// -// If run as root via sudo, the gitlab-pages process will drop privileges -func RunPagesProcessWithoutGitLabStub(t *testing.T, pagesBinary string, listeners []ListenSpec, promPort string, extraArgs ...string) (teardown func()) { - _, cleanup := runPagesProcess(t, true, pagesBinary, listeners, promPort, nil, extraArgs...) - return cleanup -} - -func RunPagesProcessWithEnvs(t *testing.T, wait bool, pagesBinary string, listeners []ListenSpec, promPort string, envs []string, extraArgs ...string) (teardown func()) { - _, cleanup := runPagesProcess(t, wait, pagesBinary, listeners, promPort, envs, extraArgs...) - return cleanup -} - func RunPagesProcess(t *testing.T, opts ...processOption) *LogCaptureBuffer { chdir := false chdirCleanup := testhelpers.ChdirInPath(t, "../../shared/pages", &chdir) @@ -257,7 +242,13 @@ func RunPagesProcess(t *testing.T, opts ...processOption) *LogCaptureBuffer { } func RunPagesProcessWithSSLCertFile(t *testing.T, listeners []ListenSpec, sslCertFile string) { - runPagesWithAuthAndEnv(t, listeners, []string{"SSL_CERT_FILE=" + sslCertFile}) + RunPagesProcess(t, + withListeners(listeners), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + withEnv([]string{"SSL_CERT_FILE=" + sslCertFile}), + ) } func RunPagesProcessWithSSLCertDir(t *testing.T, listeners []ListenSpec, sslCertFile string) { @@ -269,7 +260,13 @@ func RunPagesProcessWithSSLCertDir(t *testing.T, listeners []ListenSpec, sslCert err = copyFile(sslCertDir+"/"+path.Base(sslCertFile), sslCertFile) require.NoError(t, err) - runPagesWithAuthAndEnv(t, listeners, []string{"SSL_CERT_DIR=" + sslCertDir}) + RunPagesProcess(t, + withListeners(listeners), + withArguments([]string{ + "-config=" + defaultAuthConfigWith(t), + }), + withEnv([]string{"SSL_CERT_DIR=" + sslCertDir}), + ) t.Cleanup(func() { os.RemoveAll(sslCertDir) |