diff options
author | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-06-15 13:09:36 +0300 |
---|---|---|
committer | feistel <6742251-feistel@users.noreply.gitlab.com> | 2021-07-22 15:23:32 +0300 |
commit | 7a9c492b619078aed6f9c3f95cf21640afd63100 (patch) | |
tree | adc5b78be1cc17fba212e3859e7515d29cbb7760 /test | |
parent | b72ce71418f5474b1e7dc455052a32b12ae67c39 (diff) |
Use internal-gitlab-server in auth-related tasks
Update the auth package to use the internal server
when fetching access token or checking for authentication.
Changelog: changed
Diffstat (limited to 'test')
-rw-r--r-- | test/acceptance/auth_test.go | 22 | ||||
-rw-r--r-- | test/acceptance/helpers_test.go | 7 |
2 files changed, 15 insertions, 14 deletions
diff --git a/test/acceptance/auth_test.go b/test/acceptance/auth_test.go index 96205020..c6948c13 100644 --- a/test/acceptance/auth_test.go +++ b/test/acceptance/auth_test.go @@ -26,7 +26,7 @@ func TestWhenAuthIsDisabledPrivateIsNotAccessible(t *testing.T) { } func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) { - teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "") + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com") defer teardown() rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/") @@ -48,7 +48,7 @@ func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) { require.NoError(t, err) require.Equal(t, "https", url.Scheme) - require.Equal(t, "gitlab-auth.com", url.Host) + require.Equal(t, "public-gitlab-auth.com", url.Host) require.Equal(t, "/oauth/authorize", url.Path) require.Equal(t, "clientID", url.Query().Get("client_id")) require.Equal(t, "https://projects.gitlab-example.com/auth", url.Query().Get("redirect_uri")) @@ -57,7 +57,7 @@ func TestWhenAuthIsEnabledPrivateWillRedirectToAuthorize(t *testing.T) { } func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) { - teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "") + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com") defer teardown() rsp, err := GetPageFromListener(t, httpsListener, "projects.gitlab-example.com", "/auth?error=access_denied") @@ -68,7 +68,7 @@ func TestWhenAuthDeniedWillCauseUnauthorized(t *testing.T) { require.Equal(t, http.StatusUnauthorized, rsp.StatusCode) } func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) { - teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "") + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com") defer teardown() rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/") @@ -86,7 +86,7 @@ func TestWhenLoginCallbackWithWrongStateShouldFail(t *testing.T) { } func TestWhenLoginCallbackWithUnencryptedCode(t *testing.T) { - teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "") + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com") defer teardown() rsp, err := GetRedirectPage(t, httpsListener, "group.auth.gitlab-example.com", "private.project/") @@ -182,7 +182,7 @@ func TestAccessControlUnderCustomDomain(t *testing.T) { testServer.Start() defer testServer.Close() - teardown := RunPagesProcessWithGitlabServer(t, *pagesBinary, supportedListeners(), "", testServer.URL) + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), testServer.URL, "https://public-gitlab-auth.com") defer teardown() tests := map[string]struct { @@ -263,7 +263,7 @@ func TestCustomErrorPageWithAuth(t *testing.T) { testServer.Start() defer testServer.Close() - teardown := RunPagesProcessWithGitlabServer(t, *pagesBinary, supportedListeners(), "", testServer.URL) + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), testServer.URL, "https://public-gitlab-auth.com") defer teardown() tests := []struct { @@ -373,7 +373,7 @@ func TestAccessControlUnderCustomDomainWithHTTPSProxy(t *testing.T) { testServer.Start() defer testServer.Close() - teardown := RunPagesProcessWithGitlabServer(t, *pagesBinary, supportedListeners(), "", testServer.URL) + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), testServer.URL, "https://public-gitlab-auth.com") defer teardown() rsp, err := GetProxyRedirectPageWithCookie(t, proxyListener, "private.domain.com", "/", "", true) @@ -435,7 +435,7 @@ func TestAccessControlUnderCustomDomainWithHTTPSProxy(t *testing.T) { } func TestAccessControlGroupDomain404RedirectsAuth(t *testing.T) { - teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "") + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com") defer teardown() rsp, err := GetRedirectPage(t, httpListener, "group.gitlab-example.com", "/nonexistent/") @@ -449,7 +449,7 @@ func TestAccessControlGroupDomain404RedirectsAuth(t *testing.T) { require.Equal(t, "/auth", url.Path) } func TestAccessControlProject404DoesNotRedirect(t *testing.T) { - teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "") + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), "https://internal-gitlab-auth.com", "https://public-gitlab-auth.com") defer teardown() rsp, err := GetRedirectPage(t, httpListener, "group.gitlab-example.com", "/project/nonexistent/") @@ -649,7 +649,7 @@ func TestHijackedCode(t *testing.T) { testServer.Start() defer testServer.Close() - teardown := RunPagesProcessWithGitlabServer(t, *pagesBinary, supportedListeners(), "", testServer.URL) + teardown := RunPagesProcessWithAuth(t, *pagesBinary, supportedListeners(), testServer.URL, "https://public-gitlab-auth.com") defer teardown() /****ATTACKER******/ diff --git a/test/acceptance/helpers_test.go b/test/acceptance/helpers_test.go index ebb498d0..2aa7041d 100644 --- a/test/acceptance/helpers_test.go +++ b/test/acceptance/helpers_test.go @@ -260,13 +260,14 @@ func RunPagesProcessWithStubGitLabServer(t *testing.T, opts ...processOption) *L return logBuf } -func RunPagesProcessWithAuth(t *testing.T, pagesBinary string, listeners []ListenSpec, promPort string) func() { +func RunPagesProcessWithAuth(t *testing.T, pagesBinary string, listeners []ListenSpec, internalServer string, publicServer string) func() { configFile, cleanup := defaultConfigFileWith(t, - "gitlab-server=https://gitlab-auth.com", + "internal-gitlab-server="+internalServer, + "gitlab-server="+publicServer, "auth-redirect-uri=https://projects.gitlab-example.com/auth") defer cleanup() - _, cleanup2 := runPagesProcess(t, true, pagesBinary, listeners, promPort, nil, + _, cleanup2 := runPagesProcess(t, true, pagesBinary, listeners, "", nil, "-config="+configFile, ) return cleanup2 |