mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-01-06 03:53:54 +02:00
Merge branch 'master' into banner-flag
This commit is contained in:
commit
aa37564655
13
.golangci.yml
Normal file
13
.golangci.yml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
run:
|
||||||
|
deadline: 120s
|
||||||
|
linters:
|
||||||
|
enable:
|
||||||
|
- govet
|
||||||
|
- golint
|
||||||
|
- ineffassign
|
||||||
|
- goconst
|
||||||
|
- deadcode
|
||||||
|
- gofmt
|
||||||
|
- goimports
|
||||||
|
enable-all: false
|
||||||
|
disable-all: true
|
@ -6,8 +6,7 @@ install:
|
|||||||
- wget -O dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
- wget -O dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
||||||
- chmod +x dep
|
- chmod +x dep
|
||||||
- mv dep $GOPATH/bin/dep
|
- mv dep $GOPATH/bin/dep
|
||||||
- go get github.com/alecthomas/gometalinter
|
- curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $GOPATH/bin v1.17.1
|
||||||
- gometalinter --install
|
|
||||||
script:
|
script:
|
||||||
- ./configure && make test
|
- ./configure && make test
|
||||||
sudo: false
|
sudo: false
|
||||||
|
@ -63,6 +63,7 @@
|
|||||||
- [#141](https://github.com/pusher/oauth2_proxy/pull/141) Check google group membership based on email address (@bchess)
|
- [#141](https://github.com/pusher/oauth2_proxy/pull/141) Check google group membership based on email address (@bchess)
|
||||||
- Google Group membership is additionally checked via email address, allowing users outside a GSuite domain to be authorized.
|
- Google Group membership is additionally checked via email address, allowing users outside a GSuite domain to be authorized.
|
||||||
- [#195](https://github.com/pusher/outh2_proxy/pull/195) Add `-banner` flag for overriding the banner line that is displayed (@steakunderscore)
|
- [#195](https://github.com/pusher/outh2_proxy/pull/195) Add `-banner` flag for overriding the banner line that is displayed (@steakunderscore)
|
||||||
|
- [#198](https://github.com/pusher/outh2_proxy/pull/198) Switch from gometalinter to golangci-lint (@steakunderscore)
|
||||||
|
|
||||||
# v3.2.0
|
# v3.2.0
|
||||||
|
|
||||||
|
@ -3,6 +3,7 @@ FROM golang:1.12-stretch AS builder
|
|||||||
# Download tools
|
# Download tools
|
||||||
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
||||||
RUN chmod +x $GOPATH/bin/dep
|
RUN chmod +x $GOPATH/bin/dep
|
||||||
|
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(go env GOPATH)/bin v1.17.1
|
||||||
|
|
||||||
# Copy sources
|
# Copy sources
|
||||||
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
||||||
|
@ -3,6 +3,7 @@ FROM golang:1.12-stretch AS builder
|
|||||||
# Download tools
|
# Download tools
|
||||||
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
||||||
RUN chmod +x $GOPATH/bin/dep
|
RUN chmod +x $GOPATH/bin/dep
|
||||||
|
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(go env GOPATH)/bin v1.17.1
|
||||||
|
|
||||||
# Copy sources
|
# Copy sources
|
||||||
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
||||||
|
@ -3,6 +3,7 @@ FROM golang:1.12-stretch AS builder
|
|||||||
# Download tools
|
# Download tools
|
||||||
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
RUN wget -O $GOPATH/bin/dep https://github.com/golang/dep/releases/download/v0.5.0/dep-linux-amd64
|
||||||
RUN chmod +x $GOPATH/bin/dep
|
RUN chmod +x $GOPATH/bin/dep
|
||||||
|
RUN curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(go env GOPATH)/bin v1.17.1
|
||||||
|
|
||||||
# Copy sources
|
# Copy sources
|
||||||
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
WORKDIR $GOPATH/src/github.com/pusher/oauth2_proxy
|
||||||
|
12
Makefile
12
Makefile
@ -17,17 +17,7 @@ distclean: clean
|
|||||||
|
|
||||||
.PHONY: lint
|
.PHONY: lint
|
||||||
lint:
|
lint:
|
||||||
$(GOMETALINTER) --vendor --disable-all \
|
$(GOLANGCILINT) run
|
||||||
--enable=vet \
|
|
||||||
--enable=vetshadow \
|
|
||||||
--enable=golint \
|
|
||||||
--enable=ineffassign \
|
|
||||||
--enable=goconst \
|
|
||||||
--enable=deadcode \
|
|
||||||
--enable=gofmt \
|
|
||||||
--enable=goimports \
|
|
||||||
--deadline=120s \
|
|
||||||
--tests ./...
|
|
||||||
|
|
||||||
.PHONY: dep
|
.PHONY: dep
|
||||||
dep:
|
dep:
|
||||||
|
4
configure
vendored
4
configure
vendored
@ -126,7 +126,7 @@ check_for go
|
|||||||
check_go_version
|
check_go_version
|
||||||
check_go_env
|
check_go_env
|
||||||
check_for dep
|
check_for dep
|
||||||
check_for gometalinter
|
check_for golangci-lint
|
||||||
|
|
||||||
echo
|
echo
|
||||||
|
|
||||||
@ -135,7 +135,7 @@ cat <<- EOF > .env
|
|||||||
GO := "${tools[go]}"
|
GO := "${tools[go]}"
|
||||||
GO_VERSION := ${tools[go_version]}
|
GO_VERSION := ${tools[go_version]}
|
||||||
DEP := "${tools[dep]}"
|
DEP := "${tools[dep]}"
|
||||||
GOMETALINTER := "${tools[gometalinter]}"
|
GOLANGCILINT := "${tools[golangci-lint]}"
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
echo "Environment configuration written to .env"
|
echo "Environment configuration written to .env"
|
||||||
|
27
http_test.go
27
http_test.go
@ -8,6 +8,9 @@ import (
|
|||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const localhost = "127.0.0.1"
|
||||||
|
const host = "test-server"
|
||||||
|
|
||||||
func TestGCPHealthcheckLiveness(t *testing.T) {
|
func TestGCPHealthcheckLiveness(t *testing.T) {
|
||||||
handler := func(w http.ResponseWriter, req *http.Request) {
|
handler := func(w http.ResponseWriter, req *http.Request) {
|
||||||
w.Write([]byte("test"))
|
w.Write([]byte("test"))
|
||||||
@ -16,8 +19,8 @@ func TestGCPHealthcheckLiveness(t *testing.T) {
|
|||||||
h := gcpHealthcheck(http.HandlerFunc(handler))
|
h := gcpHealthcheck(http.HandlerFunc(handler))
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
r, _ := http.NewRequest("GET", "/liveness_check", nil)
|
r, _ := http.NewRequest("GET", "/liveness_check", nil)
|
||||||
r.RemoteAddr = "127.0.0.1"
|
r.RemoteAddr = localhost
|
||||||
r.Host = "test-server"
|
r.Host = host
|
||||||
h.ServeHTTP(rw, r)
|
h.ServeHTTP(rw, r)
|
||||||
|
|
||||||
assert.Equal(t, 200, rw.Code)
|
assert.Equal(t, 200, rw.Code)
|
||||||
@ -32,8 +35,8 @@ func TestGCPHealthcheckReadiness(t *testing.T) {
|
|||||||
h := gcpHealthcheck(http.HandlerFunc(handler))
|
h := gcpHealthcheck(http.HandlerFunc(handler))
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
r, _ := http.NewRequest("GET", "/readiness_check", nil)
|
r, _ := http.NewRequest("GET", "/readiness_check", nil)
|
||||||
r.RemoteAddr = "127.0.0.1"
|
r.RemoteAddr = localhost
|
||||||
r.Host = "test-server"
|
r.Host = host
|
||||||
h.ServeHTTP(rw, r)
|
h.ServeHTTP(rw, r)
|
||||||
|
|
||||||
assert.Equal(t, 200, rw.Code)
|
assert.Equal(t, 200, rw.Code)
|
||||||
@ -48,8 +51,8 @@ func TestGCPHealthcheckNotHealthcheck(t *testing.T) {
|
|||||||
h := gcpHealthcheck(http.HandlerFunc(handler))
|
h := gcpHealthcheck(http.HandlerFunc(handler))
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
r, _ := http.NewRequest("GET", "/not_any_check", nil)
|
r, _ := http.NewRequest("GET", "/not_any_check", nil)
|
||||||
r.RemoteAddr = "127.0.0.1"
|
r.RemoteAddr = localhost
|
||||||
r.Host = "test-server"
|
r.Host = host
|
||||||
h.ServeHTTP(rw, r)
|
h.ServeHTTP(rw, r)
|
||||||
|
|
||||||
assert.Equal(t, "test", rw.Body.String())
|
assert.Equal(t, "test", rw.Body.String())
|
||||||
@ -63,8 +66,8 @@ func TestGCPHealthcheckIngress(t *testing.T) {
|
|||||||
h := gcpHealthcheck(http.HandlerFunc(handler))
|
h := gcpHealthcheck(http.HandlerFunc(handler))
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
r, _ := http.NewRequest("GET", "/", nil)
|
r, _ := http.NewRequest("GET", "/", nil)
|
||||||
r.RemoteAddr = "127.0.0.1"
|
r.RemoteAddr = localhost
|
||||||
r.Host = "test-server"
|
r.Host = host
|
||||||
r.Header.Set(userAgentHeader, googleHealthCheckUserAgent)
|
r.Header.Set(userAgentHeader, googleHealthCheckUserAgent)
|
||||||
h.ServeHTTP(rw, r)
|
h.ServeHTTP(rw, r)
|
||||||
|
|
||||||
@ -80,8 +83,8 @@ func TestGCPHealthcheckNotIngress(t *testing.T) {
|
|||||||
h := gcpHealthcheck(http.HandlerFunc(handler))
|
h := gcpHealthcheck(http.HandlerFunc(handler))
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
r, _ := http.NewRequest("GET", "/foo", nil)
|
r, _ := http.NewRequest("GET", "/foo", nil)
|
||||||
r.RemoteAddr = "127.0.0.1"
|
r.RemoteAddr = localhost
|
||||||
r.Host = "test-server"
|
r.Host = host
|
||||||
r.Header.Set(userAgentHeader, googleHealthCheckUserAgent)
|
r.Header.Set(userAgentHeader, googleHealthCheckUserAgent)
|
||||||
h.ServeHTTP(rw, r)
|
h.ServeHTTP(rw, r)
|
||||||
|
|
||||||
@ -96,8 +99,8 @@ func TestGCPHealthcheckNotIngressPut(t *testing.T) {
|
|||||||
h := gcpHealthcheck(http.HandlerFunc(handler))
|
h := gcpHealthcheck(http.HandlerFunc(handler))
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
r, _ := http.NewRequest("PUT", "/", nil)
|
r, _ := http.NewRequest("PUT", "/", nil)
|
||||||
r.RemoteAddr = "127.0.0.1"
|
r.RemoteAddr = localhost
|
||||||
r.Host = "test-server"
|
r.Host = host
|
||||||
r.Header.Set(userAgentHeader, googleHealthCheckUserAgent)
|
r.Header.Set(userAgentHeader, googleHealthCheckUserAgent)
|
||||||
h.ServeHTTP(rw, r)
|
h.ServeHTTP(rw, r)
|
||||||
|
|
||||||
|
@ -161,7 +161,7 @@ func NewFileServer(path string, filesystemPath string) (proxy http.Handler) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// NewWebSocketOrRestReverseProxy creates a reverse proxy for REST or websocket based on url
|
// NewWebSocketOrRestReverseProxy creates a reverse proxy for REST or websocket based on url
|
||||||
func NewWebSocketOrRestReverseProxy(u *url.URL, opts *Options, auth hmacauth.HmacAuth) (restProxy http.Handler) {
|
func NewWebSocketOrRestReverseProxy(u *url.URL, opts *Options, auth hmacauth.HmacAuth) http.Handler {
|
||||||
u.Path = ""
|
u.Path = ""
|
||||||
proxy := NewReverseProxy(u, opts.FlushInterval)
|
proxy := NewReverseProxy(u, opts.FlushInterval)
|
||||||
if !opts.PassHostHeader {
|
if !opts.PassHostHeader {
|
||||||
@ -177,7 +177,12 @@ func NewWebSocketOrRestReverseProxy(u *url.URL, opts *Options, auth hmacauth.Hma
|
|||||||
wsURL := &url.URL{Scheme: wsScheme, Host: u.Host}
|
wsURL := &url.URL{Scheme: wsScheme, Host: u.Host}
|
||||||
wsProxy = wsutil.NewSingleHostReverseProxy(wsURL)
|
wsProxy = wsutil.NewSingleHostReverseProxy(wsURL)
|
||||||
}
|
}
|
||||||
return &UpstreamProxy{u.Host, proxy, wsProxy, auth}
|
return &UpstreamProxy{
|
||||||
|
upstream: u.Host,
|
||||||
|
handler: proxy,
|
||||||
|
wsHandler: wsProxy,
|
||||||
|
auth: auth,
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewOAuthProxy creates a new instance of OOuthProxy from the options provided
|
// NewOAuthProxy creates a new instance of OOuthProxy from the options provided
|
||||||
@ -202,7 +207,13 @@ func NewOAuthProxy(opts *Options, validator func(string) bool) *OAuthProxy {
|
|||||||
}
|
}
|
||||||
logger.Printf("mapping path %q => file system %q", path, u.Path)
|
logger.Printf("mapping path %q => file system %q", path, u.Path)
|
||||||
proxy := NewFileServer(path, u.Path)
|
proxy := NewFileServer(path, u.Path)
|
||||||
serveMux.Handle(path, &UpstreamProxy{path, proxy, nil, nil})
|
uProxy := UpstreamProxy{
|
||||||
|
upstream: path,
|
||||||
|
handler: proxy,
|
||||||
|
wsHandler: nil,
|
||||||
|
auth: nil,
|
||||||
|
}
|
||||||
|
serveMux.Handle(path, &uProxy)
|
||||||
default:
|
default:
|
||||||
panic(fmt.Sprintf("unknown upstream protocol %s", u.Scheme))
|
panic(fmt.Sprintf("unknown upstream protocol %s", u.Scheme))
|
||||||
}
|
}
|
||||||
|
@ -163,9 +163,9 @@ func TestEncodedSlashes(t *testing.T) {
|
|||||||
|
|
||||||
func TestRobotsTxt(t *testing.T) {
|
func TestRobotsTxt(t *testing.T) {
|
||||||
opts := NewOptions()
|
opts := NewOptions()
|
||||||
opts.ClientID = "bazquux"
|
opts.ClientID = "asdlkjx"
|
||||||
opts.ClientSecret = "foobar"
|
opts.ClientSecret = "alkgks"
|
||||||
opts.CookieSecret = "xyzzyplugh"
|
opts.CookieSecret = "asdkugkj"
|
||||||
opts.Validate()
|
opts.Validate()
|
||||||
|
|
||||||
proxy := NewOAuthProxy(opts, func(string) bool { return true })
|
proxy := NewOAuthProxy(opts, func(string) bool { return true })
|
||||||
@ -178,9 +178,9 @@ func TestRobotsTxt(t *testing.T) {
|
|||||||
|
|
||||||
func TestIsValidRedirect(t *testing.T) {
|
func TestIsValidRedirect(t *testing.T) {
|
||||||
opts := NewOptions()
|
opts := NewOptions()
|
||||||
opts.ClientID = "bazquux"
|
opts.ClientID = "skdlfj"
|
||||||
opts.ClientSecret = "foobar"
|
opts.ClientSecret = "fgkdsgj"
|
||||||
opts.CookieSecret = "xyzzyplugh"
|
opts.CookieSecret = "ljgiogbj"
|
||||||
// Should match domains that are exactly foo.bar and any subdomain of bar.foo
|
// Should match domains that are exactly foo.bar and any subdomain of bar.foo
|
||||||
opts.WhitelistDomains = []string{"foo.bar", ".bar.foo"}
|
opts.WhitelistDomains = []string{"foo.bar", ".bar.foo"}
|
||||||
opts.Validate()
|
opts.Validate()
|
||||||
@ -298,8 +298,8 @@ func TestBasicAuthPassword(t *testing.T) {
|
|||||||
// The CookieSecret must be 32 bytes in order to create the AES
|
// The CookieSecret must be 32 bytes in order to create the AES
|
||||||
// cipher.
|
// cipher.
|
||||||
opts.CookieSecret = "xyzzyplughxyzzyplughxyzzyplughxp"
|
opts.CookieSecret = "xyzzyplughxyzzyplughxyzzyplughxp"
|
||||||
opts.ClientID = "bazquux"
|
opts.ClientID = "dlgkj"
|
||||||
opts.ClientSecret = "foobar"
|
opts.ClientSecret = "alkgret"
|
||||||
opts.CookieSecure = false
|
opts.CookieSecure = false
|
||||||
opts.PassBasicAuth = true
|
opts.PassBasicAuth = true
|
||||||
opts.PassUserHeaders = true
|
opts.PassUserHeaders = true
|
||||||
@ -392,8 +392,8 @@ func NewPassAccessTokenTest(opts PassAccessTokenTestOptions) *PassAccessTokenTes
|
|||||||
// The CookieSecret must be 32 bytes in order to create the AES
|
// The CookieSecret must be 32 bytes in order to create the AES
|
||||||
// cipher.
|
// cipher.
|
||||||
t.opts.CookieSecret = "xyzzyplughxyzzyplughxyzzyplughxp"
|
t.opts.CookieSecret = "xyzzyplughxyzzyplughxyzzyplughxp"
|
||||||
t.opts.ClientID = "bazquux"
|
t.opts.ClientID = "slgkj"
|
||||||
t.opts.ClientSecret = "foobar"
|
t.opts.ClientSecret = "gfjgojl"
|
||||||
t.opts.CookieSecure = false
|
t.opts.CookieSecure = false
|
||||||
t.opts.PassAccessToken = opts.PassAccessToken
|
t.opts.PassAccessToken = opts.PassAccessToken
|
||||||
t.opts.Validate()
|
t.opts.Validate()
|
||||||
@ -518,9 +518,9 @@ func NewSignInPageTest(skipProvider bool) *SignInPageTest {
|
|||||||
var sipTest SignInPageTest
|
var sipTest SignInPageTest
|
||||||
|
|
||||||
sipTest.opts = NewOptions()
|
sipTest.opts = NewOptions()
|
||||||
sipTest.opts.CookieSecret = "foobar"
|
sipTest.opts.CookieSecret = "adklsj2"
|
||||||
sipTest.opts.ClientID = "bazquux"
|
sipTest.opts.ClientID = "lkdgj"
|
||||||
sipTest.opts.ClientSecret = "xyzzyplugh"
|
sipTest.opts.ClientSecret = "sgiufgoi"
|
||||||
sipTest.opts.SkipProviderButton = skipProvider
|
sipTest.opts.SkipProviderButton = skipProvider
|
||||||
sipTest.opts.Validate()
|
sipTest.opts.Validate()
|
||||||
|
|
||||||
@ -624,8 +624,8 @@ func NewProcessCookieTest(opts ProcessCookieTestOpts, modifiers ...OptionsModifi
|
|||||||
for _, modifier := range modifiers {
|
for _, modifier := range modifiers {
|
||||||
modifier(pcTest.opts)
|
modifier(pcTest.opts)
|
||||||
}
|
}
|
||||||
pcTest.opts.ClientID = "bazquux"
|
pcTest.opts.ClientID = "asdfljk"
|
||||||
pcTest.opts.ClientSecret = "xyzzyplugh"
|
pcTest.opts.ClientSecret = "lkjfdsig"
|
||||||
pcTest.opts.CookieSecret = "0123456789abcdefabcd"
|
pcTest.opts.CookieSecret = "0123456789abcdefabcd"
|
||||||
// First, set the CookieRefresh option so proxy.AesCipher is created,
|
// First, set the CookieRefresh option so proxy.AesCipher is created,
|
||||||
// needed to encrypt the access_token.
|
// needed to encrypt the access_token.
|
||||||
@ -860,9 +860,9 @@ func TestAuthSkippedForPreflightRequests(t *testing.T) {
|
|||||||
|
|
||||||
opts := NewOptions()
|
opts := NewOptions()
|
||||||
opts.Upstreams = append(opts.Upstreams, upstream.URL)
|
opts.Upstreams = append(opts.Upstreams, upstream.URL)
|
||||||
opts.ClientID = "bazquux"
|
opts.ClientID = "aljsal"
|
||||||
opts.ClientSecret = "foobar"
|
opts.ClientSecret = "jglkfsdgj"
|
||||||
opts.CookieSecret = "xyzzyplugh"
|
opts.CookieSecret = "dkfjgdls"
|
||||||
opts.SkipAuthPreflight = true
|
opts.SkipAuthPreflight = true
|
||||||
opts.Validate()
|
opts.Validate()
|
||||||
|
|
||||||
@ -999,8 +999,8 @@ func TestNoRequestSignature(t *testing.T) {
|
|||||||
func TestRequestSignatureGetRequest(t *testing.T) {
|
func TestRequestSignatureGetRequest(t *testing.T) {
|
||||||
st := NewSignatureTest()
|
st := NewSignatureTest()
|
||||||
defer st.Close()
|
defer st.Close()
|
||||||
st.opts.SignatureKey = "sha1:foobar"
|
st.opts.SignatureKey = "sha1:7d9e1aa87a5954e6f9fc59266b3af9d7c35fda2d"
|
||||||
st.MakeRequestWithExpectedKey("GET", "", "foobar")
|
st.MakeRequestWithExpectedKey("GET", "", "7d9e1aa87a5954e6f9fc59266b3af9d7c35fda2d")
|
||||||
assert.Equal(t, 200, st.rw.Code)
|
assert.Equal(t, 200, st.rw.Code)
|
||||||
assert.Equal(t, st.rw.Body.String(), "signatures match")
|
assert.Equal(t, st.rw.Body.String(), "signatures match")
|
||||||
}
|
}
|
||||||
@ -1008,9 +1008,9 @@ func TestRequestSignatureGetRequest(t *testing.T) {
|
|||||||
func TestRequestSignaturePostRequest(t *testing.T) {
|
func TestRequestSignaturePostRequest(t *testing.T) {
|
||||||
st := NewSignatureTest()
|
st := NewSignatureTest()
|
||||||
defer st.Close()
|
defer st.Close()
|
||||||
st.opts.SignatureKey = "sha1:foobar"
|
st.opts.SignatureKey = "sha1:d90df39e2d19282840252612dd7c81421a372f61"
|
||||||
payload := `{ "hello": "world!" }`
|
payload := `{ "hello": "world!" }`
|
||||||
st.MakeRequestWithExpectedKey("POST", payload, "foobar")
|
st.MakeRequestWithExpectedKey("POST", payload, "d90df39e2d19282840252612dd7c81421a372f61")
|
||||||
assert.Equal(t, 200, st.rw.Code)
|
assert.Equal(t, 200, st.rw.Code)
|
||||||
assert.Equal(t, st.rw.Body.String(), "signatures match")
|
assert.Equal(t, st.rw.Body.String(), "signatures match")
|
||||||
}
|
}
|
||||||
@ -1056,9 +1056,9 @@ type ajaxRequestTest struct {
|
|||||||
func newAjaxRequestTest() *ajaxRequestTest {
|
func newAjaxRequestTest() *ajaxRequestTest {
|
||||||
test := &ajaxRequestTest{}
|
test := &ajaxRequestTest{}
|
||||||
test.opts = NewOptions()
|
test.opts = NewOptions()
|
||||||
test.opts.CookieSecret = "foobar"
|
test.opts.CookieSecret = "sdflsw"
|
||||||
test.opts.ClientID = "bazquux"
|
test.opts.ClientID = "gkljfdl"
|
||||||
test.opts.ClientSecret = "xyzzyplugh"
|
test.opts.ClientSecret = "sdflkjs"
|
||||||
test.opts.Validate()
|
test.opts.Validate()
|
||||||
test.proxy = NewOAuthProxy(test.opts, func(email string) bool {
|
test.proxy = NewOAuthProxy(test.opts, func(email string) bool {
|
||||||
return true
|
return true
|
||||||
|
@ -455,7 +455,7 @@ func parseSignatureKey(o *Options, msgs []string) []string {
|
|||||||
return append(msgs, "unsupported signature hash algorithm: "+
|
return append(msgs, "unsupported signature hash algorithm: "+
|
||||||
o.SignatureKey)
|
o.SignatureKey)
|
||||||
}
|
}
|
||||||
o.signatureData = &SignatureData{hash, secretKey}
|
o.signatureData = &SignatureData{hash: hash, key: secretKey}
|
||||||
return msgs
|
return msgs
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user