MCPcopy
hub / github.com/tailscale/tailscale / TestResolveAuthKey

Function TestResolveAuthKey

tsnet/tsnet_test.go:2943–3179  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

2941}
2942
2943func TestResolveAuthKey(t *testing.T) {
2944 tests := []struct {
2945 name string
2946 authKey string
2947 clientSecret string
2948 clientID string
2949 idToken string
2950 audience string
2951 oauthAvailable bool
2952 wifAvailable bool
2953 resolveViaOAuth func(ctx context.Context, clientSecret string, tags []string) (string, error)
2954 resolveViaWIF func(ctx context.Context, baseURL, clientID, idToken, audience string, tags []string) (string, error)
2955 wantAuthKey string
2956 wantErr bool
2957 wantErrContains string
2958 }{
2959 {
2960 name: "success-oauth-client-secret",
2961 clientSecret: "tskey-client-secret-123",
2962 oauthAvailable: true,
2963 resolveViaOAuth: func(ctx context.Context, clientSecret string, tags []string) (string, error) {
2964 if clientSecret != "tskey-client-secret-123" {
2965 return "", fmt.Errorf("unexpected client secret: %s", clientSecret)
2966 }
2967 return "tskey-auth-via-oauth", nil
2968 },
2969 wantAuthKey: "tskey-auth-via-oauth",
2970 wantErrContains: "",
2971 },
2972 {
2973 name: "fail-oauth-client-secret",
2974 clientSecret: "tskey-client-secret-123",
2975 oauthAvailable: true,
2976 resolveViaOAuth: func(ctx context.Context, clientSecret string, tags []string) (string, error) {
2977 return "", fmt.Errorf("resolution failed")
2978 },
2979 wantErrContains: "resolution failed",
2980 },
2981 {
2982 name: "success-federated-id-token",
2983 clientID: "client-id-123",
2984 idToken: "id-token-456",
2985 wifAvailable: true,
2986 resolveViaWIF: func(ctx context.Context, baseURL, clientID, idToken, audience string, tags []string) (string, error) {
2987 if clientID != "client-id-123" {
2988 return "", fmt.Errorf("unexpected client ID: %s", clientID)
2989 }
2990 if idToken != "id-token-456" {
2991 return "", fmt.Errorf("unexpected ID token: %s", idToken)
2992 }
2993 return "tskey-auth-via-wif", nil
2994 },
2995 wantAuthKey: "tskey-auth-via-wif",
2996 wantErrContains: "",
2997 },
2998 {
2999 name: "success-federated-audience",
3000 clientID: "client-id-123",

Callers

nothing calls this directly

Calls 7

resolveAuthKeyMethod · 0.95
ErrorfMethod · 0.65
RunMethod · 0.65
CleanupMethod · 0.65
ErrorMethod · 0.65
SetForTestMethod · 0.45
ContainsMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…