3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-30 10:56:28 +02:00
Code Issues Projects Releases Packages Wiki Activity

config: fix httptest local certificate (#3056)

Browse source 
* config: fix httptest local certificate

* config: remote unused localCert
This commit is contained in:
Caleb Doxsey 2022-02-17 10:44:14 -07:00 committed by GitHub
parent 99b9a3ee12
commit 908ea35ed8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
config/http_test.go
View file

@ -2,6 +2,7 @@ package config
import ( import (
"encoding/base64" "encoding/base64"
"encoding/pem"
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"testing" "testing"
@ -9,23 +10,12 @@ import (
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
) )
// this cert is the cert used by httptest when creating a TLS server func getLocalCertPEM(s *httptest.Server) []byte {
var localCert = ` return pem.EncodeToMemory(&pem.Block{
-----BEGIN CERTIFICATE----- Type: "CERTIFICATE",
MIICEzCCAXygAwIBAgIQMIMChMLGrR+QvmQvpwAU6zANBgkqhkiG9w0BAQsFADAS Bytes: s.Certificate().Raw,
MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw })
MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB }
iQKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9SjY1bIw4
iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZBl2+XsDul
rKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQABo2gwZjAO
BgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw
AwEB/zAuBgNVHREEJzAlggtleGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAA
AAAAATANBgkqhkiG9w0BAQsFAAOBgQCEcetwO59EWk7WiJsG4x8SY+UIAA+flUI9
tyC4lNhbcF2Idq9greZwbYCqTTTr2XiRNSMLCOjKyI7ukPoPjo16ocHj+P3vZGfs
h1fIw3cSS2OolhloGw/XM6RWPWtPAlGykKLciQrBru5NAPvCMsb/I1DAceTiotQM
fblo6RBxUQ==
-----END CERTIFICATE-----
`
func TestHTTPTransport(t *testing.T) { func TestHTTPTransport(t *testing.T) {
s := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { s := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
@ -35,7 +25,7 @@ func TestHTTPTransport(t *testing.T) {
src := NewStaticSource(&Config{ src := NewStaticSource(&Config{
Options: &Options{ Options: &Options{
CA: base64.StdEncoding.EncodeToString([]byte(localCert)), CA: base64.StdEncoding.EncodeToString(getLocalCertPEM(s)),
}, },
}) })
transport := NewHTTPTransport(src) transport := NewHTTPTransport(src)
@ -70,13 +60,13 @@ func TestPolicyHTTPTransport(t *testing.T) {
}) })
t.Run("ca", func(t *testing.T) { t.Run("ca", func(t *testing.T) {
_, err := get(&Options{ _, err := get(&Options{
CA: base64.StdEncoding.EncodeToString([]byte(localCert)), CA: base64.StdEncoding.EncodeToString(getLocalCertPEM(s)),
}, &Policy{}) }, &Policy{})
assert.NoError(t, err) assert.NoError(t, err)
}) })
t.Run("custom ca", func(t *testing.T) { t.Run("custom ca", func(t *testing.T) {
_, err := get(&Options{}, &Policy{ _, err := get(&Options{}, &Policy{
TLSCustomCA: base64.StdEncoding.EncodeToString([]byte(localCert)), TLSCustomCA: base64.StdEncoding.EncodeToString(getLocalCertPEM(s)),
}) })
assert.NoError(t, err) assert.NoError(t, err)
}) })