Use a generic http.HandlerFunc in Keycloak tests

providers/keycloak_test.go

@@ -17,13 +17,6 @@ import (
 const (
 	keycloakAccessToken  = "eyJKeycloak.eyJAccess.Token"
 	keycloakUserinfoPath = "/api/v3/user"
-
-	// Userinfo Test Cases querystring toggles
-	tcUIStandard      = "userinfo-standard"
-	tcUIFail          = "userinfo-fail"
-	tcUISingleGroup   = "userinfo-single-group"
-	tcUIMissingEmail  = "userinfo-missing-email"
-	tcUIMissingGroups = "userinfo-missing-groups"
 )
 
 func testKeycloakProvider(backend *httptest.Server) (*KeycloakProvider, error) {
@@ -52,62 +45,6 @@ func testKeycloakProvider(backend *httptest.Server) (*KeycloakProvider, error) {
 	return p, nil
 }
 
-func testKeycloakBackend() *httptest.Server {
-	return httptest.NewServer(http.HandlerFunc(
-		func(w http.ResponseWriter, r *http.Request) {
-			if r.URL.Path != keycloakUserinfoPath {
-				w.WriteHeader(404)
-			}
-
-			var err error
-			switch r.URL.Query().Get("testcase") {
-			case tcUIStandard:
-				w.WriteHeader(200)
-				_, err = w.Write([]byte(`
-					{
-						"email": "michael.bland@gsa.gov",
-						"groups": [
-							"test-grp1",
-							"test-grp2"
-						]
-					}
-				`))
-			case tcUIFail:
-				w.WriteHeader(500)
-			case tcUISingleGroup:
-				w.WriteHeader(200)
-				_, err = w.Write([]byte(`
-					{
-						"email": "michael.bland@gsa.gov",
-						"groups": ["test-grp1"]
-					}
-				`))
-			case tcUIMissingEmail:
-				w.WriteHeader(200)
-				_, err = w.Write([]byte(`
-					{
-						"groups": [
-							"test-grp1",
-							"test-grp2"
-						]
-					}
-				`))
-			case tcUIMissingGroups:
-				w.WriteHeader(200)
-				_, err = w.Write([]byte(`
-					{
-						"email": "michael.bland@gsa.gov"
-					}
-				`))
-			default:
-				w.WriteHeader(404)
-			}
-			if err != nil {
-				panic(err)
-			}
-		}))
-}
-
 var _ = Describe("Keycloak Provider Tests", func() {
 	Context("New Provider Init", func() {
 		It("uses defaults", func() {
@@ -151,87 +88,123 @@ var _ = Describe("Keycloak Provider Tests", func() {
 		})
 	})
 
-	Context("With a test HTTP Server & Provider", func() {
+	Context("EnrichSession", func() {
-		var p *KeycloakProvider
+		type enrichSessionTableInput struct {
-		var b *httptest.Server
+			backendHandler http.HandlerFunc
+			expectedError  error
+			expectedEmail  string
+			expectedGroups []string
+		}
 
-		BeforeEach(func() {
+		DescribeTable("should return expected results",
-			b = testKeycloakBackend()
+			func(in enrichSessionTableInput) {
+				backend := httptest.NewServer(in.backendHandler)
+				p, err := testKeycloakProvider(backend)
+				Expect(err).To(BeNil())
 
-			var err error
+				p.ProfileURL, err = url.Parse(
-			p, err = testKeycloakProvider(b)
+					fmt.Sprintf("%s%s", backend.URL, keycloakUserinfoPath),
-			Expect(err).To(BeNil())
+				)
-		})
+				Expect(err).To(BeNil())
 
-		AfterEach(func() {
+				session := &sessions.SessionState{AccessToken: keycloakAccessToken}
-			b.Close()
+				err = p.EnrichSession(context.Background(), session)
-		})
 
-		Context("EnrichSession", func() {
+				if in.expectedError != nil {
-			type enrichSessionTableInput struct {
+					Expect(err).To(Equal(in.expectedError))
-				testcase       string
+				} else {
-				expectedError  error
-				expectedEmail  string
-				expectedGroups []string
-			}
-
-			DescribeTable("should return expected results",
-				func(in enrichSessionTableInput) {
-					var err error
-					p.ProfileURL, err = url.Parse(
-						fmt.Sprintf("%s%s?testcase=%s", b.URL, keycloakUserinfoPath, in.testcase),
-					)
 					Expect(err).To(BeNil())
+				}
 
-					session := &sessions.SessionState{AccessToken: keycloakAccessToken}
+				Expect(session.Email).To(Equal(in.expectedEmail))
-					err = p.EnrichSession(context.Background(), session)
 
-					if in.expectedError != nil {
+				if in.expectedGroups != nil {
-						Expect(err).To(Equal(in.expectedError))
+					Expect(session.Groups).To(Equal(in.expectedGroups))
-					} else {
+				} else {
-						Expect(err).To(BeNil())
+					Expect(session.Groups).To(BeNil())
-					}
+				}
-
+			},
-					Expect(session.Email).To(Equal(in.expectedEmail))
+			Entry("email and multiple groups", enrichSessionTableInput{
-
+				backendHandler: func(w http.ResponseWriter, _ *http.Request) {
-					if in.expectedGroups != nil {
+					w.WriteHeader(200)
-						Expect(session.Groups).To(Equal(in.expectedGroups))
+					_, err := w.Write([]byte(`
-					} else {
+						{
-						Expect(session.Groups).To(BeNil())
+							"email": "michael.bland@gsa.gov",
+							"groups": [
+								"test-grp1",
+								"test-grp2"
+							]
+						}
+					`))
+					if err != nil {
+						panic(err)
 					}
 				},
-				Entry("email and multiple groups", enrichSessionTableInput{
+				expectedError:  nil,
-					testcase:       tcUIStandard,
+				expectedEmail:  "michael.bland@gsa.gov",
-					expectedError:  nil,
+				expectedGroups: []string{"test-grp1", "test-grp2"},
-					expectedEmail:  "michael.bland@gsa.gov",
+			}),
-					expectedGroups: []string{"test-grp1", "test-grp2"},
+			Entry("email and single group", enrichSessionTableInput{
-				}),
+				backendHandler: func(w http.ResponseWriter, _ *http.Request) {
-				Entry("email and single group", enrichSessionTableInput{
+					w.WriteHeader(200)
-					testcase:       tcUISingleGroup,
+					_, err := w.Write([]byte(`
-					expectedError:  nil,
+						{
-					expectedEmail:  "michael.bland@gsa.gov",
+							"email": "michael.bland@gsa.gov",
-					expectedGroups: []string{"test-grp1"},
+							"groups": ["test-grp1"]
-				}),
+						}
-				Entry("email and no groups", enrichSessionTableInput{
+					`))
-					testcase:       tcUIMissingGroups,
+					if err != nil {
-					expectedError:  nil,
+						panic(err)
-					expectedEmail:  "michael.bland@gsa.gov",
+					}
-					expectedGroups: nil,
+				},
-				}),
+				expectedError:  nil,
-				Entry("missing email", enrichSessionTableInput{
+				expectedEmail:  "michael.bland@gsa.gov",
-					testcase: tcUIMissingEmail,
+				expectedGroups: []string{"test-grp1"},
-					expectedError: errors.New(
+			}),
-						"unable to extract email from userinfo endpoint: type assertion to string failed"),
+			Entry("email and no groups", enrichSessionTableInput{
-					expectedEmail:  "",
+				backendHandler: func(w http.ResponseWriter, _ *http.Request) {
-					expectedGroups: []string{"test-grp1", "test-grp2"},
+					w.WriteHeader(200)
-				}),
+					_, err := w.Write([]byte(`
-				Entry("request failure", enrichSessionTableInput{
+						{
-					testcase:       tcUIFail,
+							"email": "michael.bland@gsa.gov"
-					expectedError:  errors.New(`unexpected status "500": `),
+						}
-					expectedEmail:  "",
+					`))
-					expectedGroups: nil,
+					if err != nil {
-				}),
+						panic(err)
-			)
+					}
-		})
+				},
+				expectedError:  nil,
+				expectedEmail:  "michael.bland@gsa.gov",
+				expectedGroups: nil,
+			}),
+			Entry("missing email", enrichSessionTableInput{
+				backendHandler: func(w http.ResponseWriter, _ *http.Request) {
+					w.WriteHeader(200)
+					_, err := w.Write([]byte(`
+						{
+							"groups": [
+								"test-grp1",
+								"test-grp2"
+							]
+						}
+					`))
+					if err != nil {
+						panic(err)
+					}
+				},
+				expectedError: errors.New(
+					"unable to extract email from userinfo endpoint: type assertion to string failed"),
+				expectedEmail:  "",
+				expectedGroups: []string{"test-grp1", "test-grp2"},
+			}),
+			Entry("request failure", enrichSessionTableInput{
+				backendHandler: func(w http.ResponseWriter, _ *http.Request) {
+					w.WriteHeader(500)
+				},
+				expectedError:  errors.New(`unexpected status "500": `),
+				expectedEmail:  "",
+				expectedGroups: nil,
+			}),
+		)
 	})
 })