(t *testing.T)
| 17 | ) |
| 18 | |
| 19 | func TestProxyController(t *testing.T) { |
| 20 | tlog.NewTestLogger().Init() |
| 21 | tempDir := t.TempDir() |
| 22 | |
| 23 | authServiceCfg := service.AuthServiceConfig{ |
| 24 | Users: []config.User{ |
| 25 | { |
| 26 | Username: "testuser", |
| 27 | Password: "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password |
| 28 | }, |
| 29 | { |
| 30 | Username: "totpuser", |
| 31 | Password: "$2a$10$ZwVYQH07JX2zq7Fjkt3gU.BjwvvwPeli4OqOno04RQIv0P7usBrXa", // password |
| 32 | TotpSecret: "JPIEBDKJH6UGWJMX66RR3S55UFP2SGKK", |
| 33 | }, |
| 34 | }, |
| 35 | SessionExpiry: 10, // 10 seconds, useful for testing |
| 36 | CookieDomain: "example.com", |
| 37 | LoginTimeout: 10, // 10 seconds, useful for testing |
| 38 | LoginMaxRetries: 3, |
| 39 | SessionCookieName: "tinyauth-session", |
| 40 | } |
| 41 | |
| 42 | controllerCfg := controller.ProxyControllerConfig{ |
| 43 | AppURL: "https://tinyauth.example.com", |
| 44 | } |
| 45 | |
| 46 | acls := map[string]config.App{ |
| 47 | "app_path_allow": { |
| 48 | Config: config.AppConfig{ |
| 49 | Domain: "path-allow.example.com", |
| 50 | }, |
| 51 | Path: config.AppPath{ |
| 52 | Allow: "/allowed", |
| 53 | }, |
| 54 | }, |
| 55 | "app_user_allow": { |
| 56 | Config: config.AppConfig{ |
| 57 | Domain: "user-allow.example.com", |
| 58 | }, |
| 59 | Users: config.AppUsers{ |
| 60 | Allow: "testuser", |
| 61 | }, |
| 62 | }, |
| 63 | "ip_bypass": { |
| 64 | Config: config.AppConfig{ |
| 65 | Domain: "ip-bypass.example.com", |
| 66 | }, |
| 67 | IP: config.AppIP{ |
| 68 | Bypass: []string{"10.10.10.10"}, |
| 69 | }, |
| 70 | }, |
| 71 | } |
| 72 | |
| 73 | const browserUserAgent = ` |
| 74 | Mozilla/5.0 (Linux; Android 8.0.0; SM-G955U Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Mobile Safari/537.36` |
| 75 | |
| 76 | simpleCtx := func(c *gin.Context) { |
nothing calls this directly
no test coverage detected