mirror of
https://github.com/pomerium/pomerium.git
synced 2025-04-30 10:56:28 +02:00
71 lines
2 KiB
Go
71 lines
2 KiB
Go
package cognito
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"net/url"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/pomerium/pomerium/pkg/identity/oauth"
|
|
)
|
|
|
|
func TestProvider(t *testing.T) {
|
|
t.Parallel()
|
|
|
|
ctx, clearTimeout := context.WithTimeout(context.Background(), time.Second*10)
|
|
t.Cleanup(clearTimeout)
|
|
|
|
var srv *httptest.Server
|
|
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
baseURL, err := url.Parse(srv.URL)
|
|
require.NoError(t, err)
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
switch r.URL.Path {
|
|
case "/.well-known/openid-configuration":
|
|
json.NewEncoder(w).Encode(map[string]any{
|
|
"issuer": baseURL.String(),
|
|
"authorization_endpoint": srv.URL + "/authorize",
|
|
})
|
|
|
|
default:
|
|
assert.Failf(t, "unexpected http request", "url: %s", r.URL.String())
|
|
}
|
|
})
|
|
srv = httptest.NewServer(handler)
|
|
t.Cleanup(srv.Close)
|
|
|
|
redirectURL, err := url.Parse(srv.URL)
|
|
require.NoError(t, err)
|
|
|
|
p, err := New(ctx, &oauth.Options{
|
|
ProviderURL: srv.URL,
|
|
RedirectURL: redirectURL,
|
|
ClientID: "CLIENT_ID",
|
|
ClientSecret: "CLIENT_SECRET",
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotNil(t, p)
|
|
|
|
t.Run("SignOut", func(t *testing.T) {
|
|
w := httptest.NewRecorder()
|
|
r := httptest.NewRequest(http.MethodGet, "https://authenticate.example.com/.pomerium/sign_out", nil)
|
|
err := p.SignOut(w, r, "", "https://authenticate.example.com/.pomerium/signed_out", "https://www.example.com?a=b")
|
|
assert.NoError(t, err)
|
|
assert.Equal(t, srv.URL+"/logout?client_id=CLIENT_ID&logout_uri=https%3A%2F%2Fauthenticate.example.com%2F.pomerium%2Fsigned_out", w.Header().Get("Location"))
|
|
assert.Equal(t, []*http.Cookie{{
|
|
Name: "_pomerium_signed_out_redirect_uri",
|
|
Value: "https://www.example.com?a=b",
|
|
MaxAge: 300,
|
|
Secure: true,
|
|
HttpOnly: true,
|
|
Raw: "_pomerium_signed_out_redirect_uri=https://www.example.com?a=b; Max-Age=300; HttpOnly; Secure",
|
|
}}, w.Result().Cookies())
|
|
})
|
|
}
|