You've already forked oauth2-proxy
mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-12-01 22:51:45 +02:00
Initalize TLS.Config when connecting to Redis with TLS (#1296)
* init TLS.Config when connecting to Redis with TLS * don't overwrite TLS config if it exists * add tests for Redis with TLS * remove hardcoded certs * add GenerateCert func * use GenerateCert util func * fix issue reported by go fmt * limit return statements in GenerateCert
This commit is contained in:
Maciej Strzelecki
committed by
GitHub
GitHub
parent
ea261ca014
commit
b49e62f9b2
@@ -2,20 +2,15 @@ package http
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/rand"
|
||||
"crypto/rsa"
|
||||
"crypto/tls"
|
||||
"crypto/x509"
|
||||
"crypto/x509/pkix"
|
||||
"encoding/pem"
|
||||
"math/big"
|
||||
"net"
|
||||
"net/http"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
|
||||
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
|
||||
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/util"
|
||||
. "github.com/onsi/ginkgo"
|
||||
. "github.com/onsi/gomega"
|
||||
)
|
||||
@@ -34,38 +29,16 @@ func TestHTTPSuite(t *testing.T) {
|
||||
|
||||
var _ = BeforeSuite(func() {
|
||||
By("Generating a self-signed cert for TLS tests", func() {
|
||||
priv, err := rsa.GenerateKey(rand.Reader, 2048)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
|
||||
keyOut := bytes.NewBuffer(nil)
|
||||
privBytes, err := x509.MarshalPKCS8PrivateKey(priv)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
Expect(pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: privBytes})).To(Succeed())
|
||||
keyDataSource.Value = keyOut.Bytes()
|
||||
|
||||
serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
|
||||
serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
|
||||
template := x509.Certificate{
|
||||
SerialNumber: serialNumber,
|
||||
Subject: pkix.Name{
|
||||
Organization: []string{"OAuth2 Proxy Test Suite"},
|
||||
},
|
||||
NotBefore: time.Now(),
|
||||
NotAfter: time.Now().Add(time.Hour),
|
||||
IPAddresses: []net.IP{net.ParseIP("127.0.0.1")},
|
||||
KeyUsage: x509.KeyUsageDigitalSignature | x509.KeyUsageKeyEncipherment,
|
||||
ExtKeyUsage: []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
|
||||
}
|
||||
|
||||
certBytes, err := x509.CreateCertificate(rand.Reader, &template, &template, &priv.PublicKey, priv)
|
||||
certBytes, keyBytes, err := util.GenerateCert()
|
||||
Expect(err).ToNot(HaveOccurred())
|
||||
certData = certBytes
|
||||
|
||||
certOut := bytes.NewBuffer(nil)
|
||||
certOut := new(bytes.Buffer)
|
||||
Expect(pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: certBytes})).To(Succeed())
|
||||
certDataSource.Value = certOut.Bytes()
|
||||
keyOut := new(bytes.Buffer)
|
||||
Expect(pem.Encode(keyOut, &pem.Block{Type: "PRIVATE KEY", Bytes: keyBytes})).To(Succeed())
|
||||
keyDataSource.Value = keyOut.Bytes()
|
||||
})
|
||||
|
||||
By("Setting up a http client", func() {
|
||||
|
||||
Reference in New Issue
Block a user