3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-10 23:03:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

mcp: add to route config, 401 when unauthenticated (#5578)

Browse source
This commit is contained in:
Denis Mishin 2025-04-22 11:47:09 -04:00 committed by GitHub
parent a10b505386
commit e71fca76f2
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 889 additions and 775 deletions
Download patch file Download diff file Expand all files Collapse all files

12
authorize/check_response_test.go
View file

@ -113,6 +113,18 @@ func TestAuthorize_handleResult(t *testing.T) {
assert.NoError(t, err)
assert.Equal(t, 495, int(res.GetDeniedResponse().GetStatus().GetCode()))
})
t.Run("mcp-route-unauthenticated", func(t *testing.T) {
res, err := a.handleResult(context.Background(),
&envoy_service_auth_v3.CheckRequest{},
&evaluator.Request{
Policy: &config.Policy{MCP: &config.MCP{}},
},
&evaluator.Result{
Allow: evaluator.NewRuleResult(false, criteria.ReasonUserUnauthenticated),
})
assert.NoError(t, err)
assert.Equal(t, 401, int(res.GetDeniedResponse().GetStatus().GetCode()))
})
}
func TestAuthorize_okResponse(t *testing.T) {