Skip to content

test: add full OIDC fake IDP #9317

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 20 commits into from
Aug 25, 2023
Merged

test: add full OIDC fake IDP #9317

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
20 commits
Select commit Hold shift + click to select a range
46c2c62
test: implement fake OIDC provider with full functionality
Emyrk Aug 23, 2023
7d16bc1
full idp fake for oidc
Emyrk Aug 24, 2023
8bfd428
Refactor existing tests
Emyrk Aug 24, 2023
da69b16
create refresh helper
Emyrk Aug 24, 2023
f906fae
Merge remote-tracking branch 'origin/main' into stevenmasley/full_oid…
Emyrk Aug 24, 2023
a8a9633
refactor all old tests, delete old fake
Emyrk Aug 24, 2023
a1b716b
comments
Emyrk Aug 24, 2023
dffeb16
Fix import
Emyrk Aug 24, 2023
3be7d31
Fix comments
Emyrk Aug 24, 2023
4b31e28
Fix issue with expirary json
Emyrk Aug 24, 2023
722e36f
fixup! Fix issue with expirary json
Emyrk Aug 24, 2023
00b4760
Linting
Emyrk Aug 24, 2023
1c7e8b4
Pr feedback, add authorized redirect urls
Emyrk Aug 25, 2023
930e7dd
PR Feedback
Emyrk Aug 25, 2023
c61ceb9
Linting
Emyrk Aug 25, 2023
6e6084b
Linting
Emyrk Aug 25, 2023
9a600c0
Move sync map to utils
Emyrk Aug 25, 2023
6030a5f
Fix panic
Emyrk Aug 25, 2023
2b0ff9c
Linting
Emyrk Aug 25, 2023
64866da
Merge remote-tracking branch 'origin/main' into stevenmasley/full_oid…
Emyrk Aug 25, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
PR Feedback
  • Loading branch information
@Emyrk
Emyrk committed Aug 25, 2023
commit 930e7dd3797120b733d5bd985eaad6834cedb23b
11 changes: 7 additions & 4 deletions coderd/coderdtest/oidctest/idp.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -376,15 +376,18 @@ func (f *FakeIDP) authenticateBearerTokenRequest(t testing.TB, req *http.Request
return token, nil
}

// authenticateOIDClientRequest enforces the client_id and client_secret are valid.
func (f *FakeIDP) authenticateOIDClientRequest(t testing.TB, req *http.Request) (url.Values, error) {
// authenticateOIDCClientRequest enforces the client_id and client_secret are valid.
func (f *FakeIDP) authenticateOIDCClientRequest(t testing.TB, req *http.Request) (url.Values, error) {
t.Helper()

if f.hookAuthenticateClient != nil {
return f.hookAuthenticateClient(t, req)
}

data, _ := io.ReadAll(req.Body)
data, err := io.ReadAll(req.Body)
if !assert.NoError(t, err, "read token request body") {
return nil, xerrors.Errorf("authenticate request, read body: %w", err)
}
values, err := url.ParseQuery(string(data))
if !assert.NoError(t, err, "parse token request values") {
return nil, xerrors.New("invalid token request")
Expand Down Expand Up @@ -491,7 +494,7 @@ func (f *FakeIDP) httpHandler(t testing.TB) http.Handler {
}))

mux.Handle(tokenPath, http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
values, err := f.authenticateOIDClientRequest(t, r)
values, err := f.authenticateOIDCClientRequest(t, r)
f.logger.Info(r.Context(), "HTTP Call Token",
slog.Error(err),
slog.F("values", values.Encode()),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

potential NPE here on values

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yup, but this is intentional and ok. The Encode function accepts a nil pointer!
https://go.dev/play/p/tSOYbeQJJG4

Expand Down
4 changes: 2 additions & 2 deletions enterprise/coderd/userauth_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ func TestUserOIDC(t *testing.T) {
// roles from an updated claim.
t.Run("NewUserAndRemoveRolesOnRefresh", func(t *testing.T) {
// TODO: Implement new feature to update roles/groups on OIDC
// refresh tokens.
// refresh tokens. https://github.com/coder/coder/issues/9312
t.Skip("Refreshing tokens does not update roles :(")
t.Parallel()

Expand Down Expand Up @@ -224,7 +224,7 @@ func TestUserOIDC(t *testing.T) {
t.Parallel()

// TODO: Implement new feature to update roles/groups on OIDC
// refresh tokens.
// refresh tokens. https://github.com/coder/coder/issues/9312
t.Skip("Refreshing tokens does not update groups :(")

const groupClaim = "custom-groups"
Expand Down