luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-nomad/lib/auth/oidc/identity_test.go
James Rasell 485d216ab3
lib: add OIDC provider cache and callback server. 
The OIDC provider cache is used by the RPC handler as the OIDC
implementation keeps long lived processes running. These process
include connections to the remote OIDC provider.

The Callback server is used by the CLI and starts when the login
command is triggered. This callback server includes success HTML
which is displayed when the user successfully logs into the remote
OIDC provider.
2023-01-13 13:14:50 +00:00

65 lines
1.9 KiB
Go
Raw Blame History

package oidc
import (
"github.com/shoenig/test/must"
"testing"
"github.com/hashicorp/nomad/ci"
"github.com/hashicorp/nomad/nomad/structs"
)
func Test_NewIdentity(t *testing.T) {
ci.Parallel(t)
testCases := []struct {
name string
inputAuthMethodConfig *structs.ACLAuthMethodConfig
inputAuthClaims *structs.ACLAuthClaims
expectedOutputIdentity *Identity
}{
{
name: "identity with claims",
inputAuthMethodConfig: &structs.ACLAuthMethodConfig{
ClaimMappings: map[string]string{"http://nomad.internal/username": "username"},
ListClaimMappings: map[string]string{"http://nomad.internal/roles": "roles"},
},
inputAuthClaims: &structs.ACLAuthClaims{
Value: map[string]string{"username": "jrasell"},
List: map[string][]string{"roles": {"engineering"}},
},
expectedOutputIdentity: &Identity{
Claims: &structs.ACLAuthClaims{
Value: map[string]string{"username": "jrasell"},
List: map[string][]string{"roles": {"engineering"}},
},
ClaimMappings: map[string]string{"value.username": "jrasell"},
},
},
{
name: "identity without claims",
inputAuthMethodConfig: &structs.ACLAuthMethodConfig{
ClaimMappings: map[string]string{"http://nomad.internal/username": "username"},
ListClaimMappings: map[string]string{"http://nomad.internal/roles": "roles"},
},
inputAuthClaims: &structs.ACLAuthClaims{
Value: map[string]string{"username": ""},
List: map[string][]string{"roles": {""}},
},
expectedOutputIdentity: &Identity{
Claims: &structs.ACLAuthClaims{
Value: map[string]string{"username": ""},
List: map[string][]string{"roles": {""}},
},
ClaimMappings: map[string]string{"value.username": ""},
},
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
actualOutput := NewIdentity(tc.inputAuthMethodConfig, tc.inputAuthClaims)
must.Eq(t, tc.expectedOutputIdentity, actualOutput)
})
}
}
Reference in a new issue View git blame Copy permalink