Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in
Toggle navigation
D
dex
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
go
dex
Commits
7b416b5a
Commit
7b416b5a
authored
May 01, 2019
by
Nandor Kracser
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
gitlab: add tests
parent
a08a5811
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
230 additions
and
3 deletions
+230
-3
gitlab.go
connector/gitlab/gitlab.go
+10
-3
gitlab_test.go
connector/gitlab/gitlab_test.go
+220
-0
No files found.
connector/gitlab/gitlab.go
View file @
7b416b5a
...
...
@@ -74,6 +74,7 @@ type gitlabConnector struct {
clientID
string
clientSecret
string
logger
log
.
Logger
httpClient
*
http
.
Client
}
func
(
c
*
gitlabConnector
)
oauth2Config
(
scopes
connector
.
Scopes
)
*
oauth2
.
Config
{
...
...
@@ -118,7 +119,11 @@ func (c *gitlabConnector) HandleCallback(s connector.Scopes, r *http.Request) (i
}
oauth2Config
:=
c
.
oauth2Config
(
s
)
ctx
:=
r
.
Context
()
if
c
.
httpClient
!=
nil
{
ctx
=
context
.
WithValue
(
r
.
Context
(),
oauth2
.
HTTPClient
,
c
.
httpClient
)
}
token
,
err
:=
oauth2Config
.
Exchange
(
ctx
,
q
.
Get
(
"code"
))
if
err
!=
nil
{
...
...
@@ -226,6 +231,10 @@ func (c *gitlabConnector) user(ctx context.Context, client *http.Client) (gitlab
return
u
,
nil
}
type
userInfo
struct
{
Groups
[]
string
}
// userGroups queries the GitLab API for group membership.
//
// The HTTP passed client is expected to be constructed by the golang.org/x/oauth2 package,
...
...
@@ -249,9 +258,7 @@ func (c *gitlabConnector) userGroups(ctx context.Context, client *http.Client) (
}
return
nil
,
fmt
.
Errorf
(
"%s: %s"
,
resp
.
Status
,
body
)
}
u
:=
struct
{
Groups
[]
string
}{}
var
u
userInfo
if
err
:=
json
.
NewDecoder
(
resp
.
Body
)
.
Decode
(
&
u
);
err
!=
nil
{
return
nil
,
fmt
.
Errorf
(
"failed to decode response: %v"
,
err
)
}
...
...
connector/gitlab/gitlab_test.go
0 → 100644
View file @
7b416b5a
package
gitlab
import
(
"context"
"crypto/tls"
"encoding/json"
"net/http"
"net/http/httptest"
"net/url"
"reflect"
"testing"
"github.com/dexidp/dex/connector"
)
func
TestUserGroups
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{
"team-1"
,
"team-2"
},
},
})
defer
s
.
Close
()
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
}
groups
,
err
:=
c
.
getGroups
(
context
.
Background
(),
newClient
(),
true
,
"joebloggs"
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
groups
,
[]
string
{
"team-1"
,
"team-2"
,
})
}
func
TestUserGroupsWithFiltering
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{
"team-1"
,
"team-2"
},
},
})
defer
s
.
Close
()
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
,
groups
:
[]
string
{
"team-1"
}}
groups
,
err
:=
c
.
getGroups
(
context
.
Background
(),
newClient
(),
true
,
"joebloggs"
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
groups
,
[]
string
{
"team-1"
,
})
}
func
TestUserGroupsWithoutOrgs
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{},
},
})
defer
s
.
Close
()
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
}
groups
,
err
:=
c
.
getGroups
(
context
.
Background
(),
newClient
(),
true
,
"joebloggs"
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
len
(
groups
),
0
)
}
// tests that the email is used as their username when they have no username set
func
TestUsernameIncludedInFederatedIdentity
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/api/v4/user"
:
gitlabUser
{
Email
:
"some@email.com"
,
ID
:
12345678
},
"/oauth/token"
:
map
[
string
]
interface
{}{
"access_token"
:
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
,
"expires_in"
:
"30"
,
},
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{
"team-1"
},
},
})
defer
s
.
Close
()
hostURL
,
err
:=
url
.
Parse
(
s
.
URL
)
expectNil
(
t
,
err
)
req
,
err
:=
http
.
NewRequest
(
"GET"
,
hostURL
.
String
(),
nil
)
expectNil
(
t
,
err
)
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
,
httpClient
:
newClient
()}
identity
,
err
:=
c
.
HandleCallback
(
connector
.
Scopes
{
Groups
:
false
},
req
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
identity
.
Username
,
"some@email.com"
)
expectEquals
(
t
,
identity
.
UserID
,
"12345678"
)
expectEquals
(
t
,
0
,
len
(
identity
.
Groups
))
c
=
gitlabConnector
{
baseURL
:
s
.
URL
,
httpClient
:
newClient
()}
identity
,
err
=
c
.
HandleCallback
(
connector
.
Scopes
{
Groups
:
true
},
req
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
identity
.
Username
,
"some@email.com"
)
expectEquals
(
t
,
identity
.
UserID
,
"12345678"
)
expectEquals
(
t
,
identity
.
Groups
,
[]
string
{
"team-1"
})
}
func
TestLoginUsedAsIDWhenConfigured
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/api/v4/user"
:
gitlabUser
{
Email
:
"some@email.com"
,
ID
:
12345678
,
Name
:
"Joe Bloggs"
},
"/oauth/token"
:
map
[
string
]
interface
{}{
"access_token"
:
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
,
"expires_in"
:
"30"
,
},
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{
"team-1"
},
},
})
defer
s
.
Close
()
hostURL
,
err
:=
url
.
Parse
(
s
.
URL
)
expectNil
(
t
,
err
)
req
,
err
:=
http
.
NewRequest
(
"GET"
,
hostURL
.
String
(),
nil
)
expectNil
(
t
,
err
)
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
,
httpClient
:
newClient
()}
identity
,
err
:=
c
.
HandleCallback
(
connector
.
Scopes
{
Groups
:
true
},
req
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
identity
.
UserID
,
"12345678"
)
expectEquals
(
t
,
identity
.
Username
,
"Joe Bloggs"
)
}
func
TestLoginWithTeamWhitelisted
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/api/v4/user"
:
gitlabUser
{
Email
:
"some@email.com"
,
ID
:
12345678
,
Name
:
"Joe Bloggs"
},
"/oauth/token"
:
map
[
string
]
interface
{}{
"access_token"
:
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
,
"expires_in"
:
"30"
,
},
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{
"team-1"
},
},
})
defer
s
.
Close
()
hostURL
,
err
:=
url
.
Parse
(
s
.
URL
)
expectNil
(
t
,
err
)
req
,
err
:=
http
.
NewRequest
(
"GET"
,
hostURL
.
String
(),
nil
)
expectNil
(
t
,
err
)
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
,
httpClient
:
newClient
(),
groups
:
[]
string
{
"team-1"
}}
identity
,
err
:=
c
.
HandleCallback
(
connector
.
Scopes
{
Groups
:
true
},
req
)
expectNil
(
t
,
err
)
expectEquals
(
t
,
identity
.
UserID
,
"12345678"
)
expectEquals
(
t
,
identity
.
Username
,
"Joe Bloggs"
)
}
func
TestLoginWithTeamNonWhitelisted
(
t
*
testing
.
T
)
{
s
:=
newTestServer
(
map
[
string
]
interface
{}{
"/api/v4/user"
:
gitlabUser
{
Email
:
"some@email.com"
,
ID
:
12345678
,
Name
:
"Joe Bloggs"
,
Username
:
"joebloggs"
},
"/oauth/token"
:
map
[
string
]
interface
{}{
"access_token"
:
"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9"
,
"expires_in"
:
"30"
,
},
"/oauth/userinfo"
:
userInfo
{
Groups
:
[]
string
{
"team-1"
},
},
})
defer
s
.
Close
()
hostURL
,
err
:=
url
.
Parse
(
s
.
URL
)
expectNil
(
t
,
err
)
req
,
err
:=
http
.
NewRequest
(
"GET"
,
hostURL
.
String
(),
nil
)
expectNil
(
t
,
err
)
c
:=
gitlabConnector
{
baseURL
:
s
.
URL
,
httpClient
:
newClient
(),
groups
:
[]
string
{
"team-2"
}}
_
,
err
=
c
.
HandleCallback
(
connector
.
Scopes
{
Groups
:
true
},
req
)
expectNotNil
(
t
,
err
,
"HandleCallback error"
)
expectEquals
(
t
,
err
.
Error
(),
"gitlab: get groups: gitlab: user
\"
joebloggs
\"
is not in any of the required groups"
)
}
func
newTestServer
(
responses
map
[
string
]
interface
{})
*
httptest
.
Server
{
var
s
*
httptest
.
Server
s
=
httptest
.
NewTLSServer
(
http
.
HandlerFunc
(
func
(
w
http
.
ResponseWriter
,
r
*
http
.
Request
)
{
response
:=
responses
[
r
.
RequestURI
]
w
.
Header
()
.
Add
(
"Content-Type"
,
"application/json"
)
json
.
NewEncoder
(
w
)
.
Encode
(
response
)
}))
return
s
}
func
newClient
()
*
http
.
Client
{
tr
:=
&
http
.
Transport
{
TLSClientConfig
:
&
tls
.
Config
{
InsecureSkipVerify
:
true
},
}
return
&
http
.
Client
{
Transport
:
tr
}
}
func
expectNil
(
t
*
testing
.
T
,
a
interface
{})
{
if
a
!=
nil
{
t
.
Errorf
(
"Expected %+v to equal nil"
,
a
)
}
}
func
expectNotNil
(
t
*
testing
.
T
,
a
interface
{},
msg
string
)
{
if
a
==
nil
{
t
.
Errorf
(
"Expected %+v to not to be nil"
,
msg
)
}
}
func
expectEquals
(
t
*
testing
.
T
,
a
interface
{},
b
interface
{})
{
if
!
reflect
.
DeepEqual
(
a
,
b
)
{
t
.
Errorf
(
"Expected %+v to equal %+v"
,
a
,
b
)
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment