Skip to content

Commit cbcf4ef

Browse files
EmyrkEmyrk
authored
chore: add faking 429 responses from fake idp (coder#12365)
Required to trigger error condition in fe. See pull (coder#12367)
1 parent eba8cd7 commit cbcf4ef

File tree

2 files changed

+79
-1
lines changed

2 files changed

+79
-1
lines changed

coderd/coderdtest/oidctest/idp.go

Lines changed: 50 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -244,6 +244,56 @@ func WithIssuer(issuer string) func(*FakeIDP) {
244244
}
245245
}
246246

247+
type With429Arguments struct {
248+
AllPaths bool
249+
TokenPath bool
250+
AuthorizePath bool
251+
KeysPath bool
252+
UserInfoPath bool
253+
DeviceAuth bool
254+
DeviceVerify bool
255+
}
256+
257+
// With429 will emulate a 429 response for the selected paths.
258+
func With429(params With429Arguments) func(*FakeIDP) {
259+
return func(f *FakeIDP) {
260+
f.middlewares = append(f.middlewares, func(next http.Handler) http.Handler {
261+
return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
262+
if params.AllPaths {
263+
http.Error(rw, "429, being manually blocked (all)", http.StatusTooManyRequests)
264+
return
265+
}
266+
if params.TokenPath && strings.Contains(r.URL.Path, tokenPath) {
267+
http.Error(rw, "429, being manually blocked (token)", http.StatusTooManyRequests)
268+
return
269+
}
270+
if params.AuthorizePath && strings.Contains(r.URL.Path, authorizePath) {
271+
http.Error(rw, "429, being manually blocked (authorize)", http.StatusTooManyRequests)
272+
return
273+
}
274+
if params.KeysPath && strings.Contains(r.URL.Path, keysPath) {
275+
http.Error(rw, "429, being manually blocked (keys)", http.StatusTooManyRequests)
276+
return
277+
}
278+
if params.UserInfoPath && strings.Contains(r.URL.Path, userInfoPath) {
279+
http.Error(rw, "429, being manually blocked (userinfo)", http.StatusTooManyRequests)
280+
return
281+
}
282+
if params.DeviceAuth && strings.Contains(r.URL.Path, deviceAuth) {
283+
http.Error(rw, "429, being manually blocked (device-auth)", http.StatusTooManyRequests)
284+
return
285+
}
286+
if params.DeviceVerify && strings.Contains(r.URL.Path, deviceVerify) {
287+
http.Error(rw, "429, being manually blocked (device-verify)", http.StatusTooManyRequests)
288+
return
289+
}
290+
291+
next.ServeHTTP(rw, r)
292+
})
293+
})
294+
}
295+
}
296+
247297
const (
248298
// nolint:gosec // It thinks this is a secret lol
249299
tokenPath = "/oauth2/token"

scripts/testidp/main.go

Lines changed: 29 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import (
66
"log"
77
"os"
88
"os/signal"
9+
"strings"
910
"testing"
1011
"time"
1112

@@ -25,7 +26,8 @@ var (
2526
clientSecret = flag.String("client-sec", "static-client-secret", "Client Secret, set empty to be random")
2627
deviceFlow = flag.Bool("device-flow", false, "Enable device flow")
2728
// By default, no regex means it will never match anything. So at least default to matching something.
28-
extRegex = flag.String("ext-regex", `^(https?://)?example\.com(/.*)?$`, "External auth regex")
29+
extRegex = flag.String("ext-regex", `^(https?://)?example\.com(/.*)?$`, "External auth regex")
30+
tooManyRequests = flag.String("429", "", "Simulate too many requests for a given endpoint.")
2931
)
3032

3133
func main() {
@@ -54,6 +56,31 @@ type withClientSecret struct {
5456
// RunIDP needs the testing.T because our oidctest package requires the
5557
// testing.T.
5658
func RunIDP() func(t *testing.T) {
59+
tooManyRequestParams := oidctest.With429Arguments{}
60+
if *tooManyRequests != "" {
61+
for _, v := range strings.Split(*tooManyRequests, ",") {
62+
v = strings.ToLower(strings.TrimSpace(v))
63+
switch v {
64+
case "all":
65+
tooManyRequestParams.AllPaths = true
66+
case "auth":
67+
tooManyRequestParams.AuthorizePath = true
68+
case "token":
69+
tooManyRequestParams.TokenPath = true
70+
case "keys":
71+
tooManyRequestParams.KeysPath = true
72+
case "userinfo":
73+
tooManyRequestParams.UserInfoPath = true
74+
case "device":
75+
tooManyRequestParams.DeviceAuth = true
76+
case "device-verify":
77+
tooManyRequestParams.DeviceVerify = true
78+
default:
79+
log.Printf("Unknown too-many-requests value: %s\nView the `testidp/main.go` for valid values.", v)
80+
}
81+
}
82+
}
83+
5784
return func(t *testing.T) {
5885
idp := oidctest.NewFakeIDP(t,
5986
oidctest.WithServing(),
@@ -63,6 +90,7 @@ func RunIDP() func(t *testing.T) {
6390
oidctest.WithStaticCredentials(*clientID, *clientSecret),
6491
oidctest.WithIssuer("http://localhost:4500"),
6592
oidctest.WithLogger(slog.Make(sloghuman.Sink(os.Stderr))),
93+
oidctest.With429(tooManyRequestParams),
6694
)
6795
id, sec := idp.AppCredentials()
6896
prov := idp.WellknownConfig()

0 commit comments

Comments
 (0)