3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-18 09:08:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

add a unit test

Browse source
This commit is contained in:
Kenneth Jenkins 2023-07-07 16:32:23 -07:00
parent 363b2d8033
commit f5e1875f11
1 changed files with 13 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

13
authorize/check_response_test.go
View file

@ -88,6 +88,19 @@ func TestAuthorize_handleResult(t *testing.T) {
assert.NotNil(t, res.GetOkResponse()) assert.NotNil(t, res.GetOkResponse())
}) })
}) })
t.Run("invalid-client-certificate", func(t *testing.T) {
// Even if the user is unauthenticated, if a client certificate was required and no valid
// certificate was provided, access should be denied (no login redirect).
res, err := a.handleResult(context.Background(),
&envoy_service_auth_v3.CheckRequest{},
&evaluator.Request{},
&evaluator.Result{
Allow: evaluator.NewRuleResult(false, criteria.ReasonUserUnauthenticated),
Deny: evaluator.NewRuleResult(true, criteria.ReasonInvalidClientCertificate),
})
assert.NoError(t, err)
assert.Equal(t, 495, int(res.GetDeniedResponse().GetStatus().GetCode()))
})
} }
func TestAuthorize_okResponse(t *testing.T) { func TestAuthorize_okResponse(t *testing.T) {