mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-29 17:07:24 +02:00
config: use tls_custom_ca from policy if available (#2077)
This commit is contained in:
parent
6d1d2bec54
commit
8924b1a5fc
2 changed files with 48 additions and 1 deletions
|
@ -45,3 +45,39 @@ func TestHTTPTransport(t *testing.T) {
|
|||
_, err := client.Get(s.URL)
|
||||
assert.NoError(t, err)
|
||||
}
|
||||
|
||||
func TestPolicyHTTPTransport(t *testing.T) {
|
||||
s := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}))
|
||||
defer s.Close()
|
||||
|
||||
get := func(options *Options, policy *Policy) (*http.Response, error) {
|
||||
transport := NewPolicyHTTPTransport(options, policy)
|
||||
client := &http.Client{
|
||||
Transport: transport,
|
||||
}
|
||||
return client.Get(s.URL)
|
||||
}
|
||||
|
||||
t.Run("default", func(t *testing.T) {
|
||||
_, err := get(&Options{}, &Policy{})
|
||||
assert.Error(t, err)
|
||||
})
|
||||
t.Run("skip verify", func(t *testing.T) {
|
||||
_, err := get(&Options{}, &Policy{TLSSkipVerify: true})
|
||||
assert.NoError(t, err)
|
||||
})
|
||||
t.Run("ca", func(t *testing.T) {
|
||||
_, err := get(&Options{
|
||||
CA: base64.StdEncoding.EncodeToString([]byte(localCert)),
|
||||
}, &Policy{})
|
||||
assert.NoError(t, err)
|
||||
})
|
||||
t.Run("custom ca", func(t *testing.T) {
|
||||
_, err := get(&Options{}, &Policy{
|
||||
TLSCustomCA: base64.StdEncoding.EncodeToString([]byte(localCert)),
|
||||
})
|
||||
assert.NoError(t, err)
|
||||
})
|
||||
}
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue