dagdotdev/internal/apk/auth_test.go at ce96fa1600ad1a9693987434be7d2f5d898ed6a6 · jonjohnsonjr/dagdotdev · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package apk

import (
	"context"
	"encoding/base64"
	"net/http"
	"net/http/httptest"
	"testing"
)

type mockAuth struct {
	token string
}

func (m *mockAuth) AddAuth(ctx context.Context, req *http.Request) error {
	if m.token != "" {
		req.SetBasicAuth("user", m.token)
	}
	return nil
}

func TestNewMultiAuthenticator(t *testing.T) {
	auth := NewMultiAuthenticator(&mockAuth{}, &mockAuth{token: "foo"})
	req := httptest.NewRequest("GET", "/", nil)
	if err := auth.AddAuth(context.Background(), req); err != nil {
		t.Fatalf("NewMultiAuthenticator() error = %v", err)
	}
	want := "Basic " + base64.StdEncoding.EncodeToString([]byte("user:foo"))
	got := req.Header.Get("Authorization")
	if got != want {
		t.Errorf("Authorization = %v, want %v", string(got), want)
	}
}

func TestNewChainguardMultiKeychain(t *testing.T) {
	_, err := NewChainguardMultiKeychain("uidp,chainguard://uidp@apk.cgr.dev?iss=issuer.enforce.dev", "foo", "bar")
	if err != nil {
		t.Fatal(err)
	}
}

func TestNewChainguardIdentityAuthFromURL(t *testing.T) {
	auth, err := NewChainguardIdentityAuthFromURL("chainguard://uidp@apk.cgr.dev?iss=issuer.enforce.dev")
	if err != nil {
		t.Fatal(err)
	}
	cgauth, ok := auth.(*cgAuth)
	if !ok {
		t.Fatalf("NewChainguardIdentityAuthFromURL() = %T, want *cgAuth", auth)
	}

	if cgauth.id != "uidp" {
		t.Errorf("id = %v, want uidp", cgauth.id)
	}
	if cgauth.iss != "https://issuer.enforce.dev" {
		t.Errorf("iss = %v, want https://issuer.enforce.dev", cgauth.iss)
	}
	if cgauth.aud != "apk.cgr.dev" {
		t.Errorf("aud = %v, want apk.cgr.dev", cgauth.aud)
	}
}