MCPcopy
hub / github.com/smallstep/cli / TestOptions

Function TestOptions

token/options_test.go:26–111  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

24)
25
26func TestOptions(t *testing.T) {
27 empty := new(Claims)
28 now := time.Now()
29
30 c25519CACert, c25519CAKey := mustNebulaCurve25519CA(t)
31 p256CACert, p256CAKey := mustNebulaP256CA(t)
32 c25519Cert, c25519Signer := mustNebulaCurve25519Cert(t, "test.lan", mustNebulaIPNet(t, "10.1.0.1/16"), []string{"test"}, c25519CACert, c25519CAKey)
33 p256Cert, p256Signer := mustNebulaP256Cert(t, "test.lan", mustNebulaIPNet(t, "10.1.0.1/16"), []string{"test"}, p256CACert, p256CAKey)
34
35 tempDir := t.TempDir()
36 c25519CACertFilename, c25519CACertData := serializeAndWriteNebulaCert(t, tempDir, c25519CACert)
37 c25519CertFilename, c25519CertData := serializeAndWriteNebulaCert(t, tempDir, c25519Cert)
38 p256CertFilename, p256CertData := serializeAndWriteNebulaCert(t, tempDir, p256Cert)
39
40 p256ECDHSigner, err := p256Signer.ECDH()
41 require.NoError(t, err)
42
43 testCSR, err := pemutil.ReadCertificateRequest("testdata/test.csr")
44 require.NoError(t, err)
45
46 testSSH := mustReadSSHPublicKey(t, "testdata/ssh-key.pub")
47
48 wrongNebulaContentsFilename := "testdata/ca.crt"
49
50 emptyFile, err := os.CreateTemp(tempDir, "empty-file")
51 require.NoError(t, err)
52 emptyFile.Close()
53
54 tests := []struct {
55 name string
56 option Options
57 want *Claims
58 wantErr bool
59 }{
60 {"WithClaim ok", WithClaim("name", "foo"), &Claims{ExtraClaims: map[string]interface{}{"name": "foo"}}, false},
61 {"WithClaim fail", WithClaim("", "foo"), empty, true},
62 {"WithRootCA ok", WithRootCA("testdata/ca.crt"), &Claims{ExtraClaims: map[string]interface{}{"sha": "6908751f68290d4573ae0be39a98c8b9b7b7d4e8b2a6694b7509946626adfe98"}}, false},
63 {"WithRootCA fail", WithRootCA("not-exists"), empty, true},
64 {"WithValidity ok", WithValidity(now, now.Add(5*time.Minute)), &Claims{Claims: jose.Claims{NotBefore: jose.NewNumericDate(now), Expiry: jose.NewNumericDate(now.Add(5 * time.Minute))}}, false},
65 {"WithRootCA expired", WithValidity(now, now.Add(-1*time.Second)), empty, true},
66 {"WithRootCA long delay", WithValidity(now.Add(MaxValidityDelay+time.Minute), now.Add(MaxValidityDelay+10*time.Minute)), empty, true},
67 {"WithRootCA min validity ok", WithValidity(now, now.Add(MinValidity)), &Claims{Claims: jose.Claims{NotBefore: jose.NewNumericDate(now), Expiry: jose.NewNumericDate(now.Add(MinValidity))}}, false},
68 {"WithRootCA min validity fail", WithValidity(now, now.Add(MinValidity-time.Second)), empty, true},
69 {"WithRootCA max validity ok", WithValidity(now, now.Add(MaxValidity)), &Claims{Claims: jose.Claims{NotBefore: jose.NewNumericDate(now), Expiry: jose.NewNumericDate(now.Add(MaxValidity))}}, false},
70 {"WithRootCA max validity fail", WithValidity(now, now.Add(MaxValidity+time.Second)), empty, true},
71 {"WithIssuer ok", WithIssuer("value"), &Claims{Claims: jose.Claims{Issuer: "value"}}, false},
72 {"WithIssuer fail", WithIssuer(""), empty, true},
73 {"WithSubject ok", WithSubject("value"), &Claims{Claims: jose.Claims{Subject: "value"}}, false},
74 {"WithSubject fail", WithSubject(""), empty, true},
75 {"WithAudience ok", WithAudience("value"), &Claims{Claims: jose.Claims{Audience: jose.Audience{"value"}}}, false},
76 {"WithAudience fail", WithAudience(""), empty, true},
77 {"WithJWTID ok", WithJWTID("value"), &Claims{Claims: jose.Claims{ID: "value"}}, false},
78 {"WithJWTID fail", WithJWTID(""), empty, true},
79 {"WithKid ok", WithKid("value"), &Claims{ExtraHeaders: map[string]interface{}{"kid": "value"}}, false},
80 {"WithKid fail", WithKid(""), empty, true},
81 {"WithSHA ok", WithSHA("6908751f68290d4573ae0be39a98c8b9b7b7d4e8b2a6694b7509946626adfe98"), &Claims{ExtraClaims: map[string]interface{}{"sha": "6908751f68290d4573ae0be39a98c8b9b7b7d4e8b2a6694b7509946626adfe98"}}, false},
82 {"WithNebulaCurve25519Cert ok", WithNebulaCert(c25519CertFilename, c25519Signer), &Claims{ExtraHeaders: map[string]interface{}{"nebula": c25519CertData}}, false},
83 {"WithNebulaCurve25519CACert ok", WithNebulaCert(c25519CACertFilename, c25519CAKey), &Claims{ExtraHeaders: map[string]interface{}{"nebula": c25519CACertData}}, false},

Callers

nothing calls this directly

Calls 15

mustNebulaP256CAFunction · 0.85
mustNebulaCurve25519CertFunction · 0.85
mustNebulaIPNetFunction · 0.85
mustNebulaP256CertFunction · 0.85
mustReadSSHPublicKeyFunction · 0.85
WithClaimFunction · 0.85
WithRootCAFunction · 0.85
WithValidityFunction · 0.85
WithIssuerFunction · 0.85
WithSubjectFunction · 0.85
WithAudienceFunction · 0.85
WithJWTIDFunction · 0.85

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…