@ -15,6 +15,7 @@ import (
"strings"
"testing"
"github.com/google/uuid"
"github.com/smallstep/assert"
"github.com/smallstep/certificates/acme"
tassert "github.com/stretchr/testify/assert"
@ -831,8 +832,37 @@ func TestHandler_lookupJWK(t *testing.T) {
} ,
statusCode : http . StatusUnauthorized ,
err : acme . NewError ( acme . ErrorUnauthorizedType ,
"account provisioner does not match requested provisioner; account provisioner = %s, reqested provisioner = %s" ,
prov . GetName ( ) , "other" ) ,
"account provisioner does not match requested provisioner; account provisioner = %s, requested provisioner = %s" ,
"other" , prov . GetName ( ) ) ,
}
} ,
"fail/account-with-location-prefix/bad-provisioner-id" : func ( t * testing . T ) test {
p := newProvWithID ( )
acc := & acme . Account { LocationPrefix : prefix + accID , Status : "valid" , Key : jwk , ProvisionerID : uuid . NewString ( ) }
ctx := acme . NewProvisionerContext ( context . Background ( ) , p )
ctx = context . WithValue ( ctx , jwsContextKey , parsedJWS )
return test {
linker : acme . NewLinker ( "test.ca.smallstep.com" , "acme" ) ,
db : & acme . MockDB {
MockGetAccount : func ( ctx context . Context , id string ) ( * acme . Account , error ) {
assert . Equals ( t , id , accID )
return acc , nil
} ,
} ,
ctx : ctx ,
next : func ( w http . ResponseWriter , r * http . Request ) {
_acc , err := accountFromContext ( r . Context ( ) )
assert . FatalError ( t , err )
assert . Equals ( t , _acc , acc )
_jwk , err := jwkFromContext ( r . Context ( ) )
assert . FatalError ( t , err )
assert . Equals ( t , _jwk , jwk )
w . Write ( testBody )
} ,
statusCode : http . StatusUnauthorized ,
err : acme . NewError ( acme . ErrorUnauthorizedType ,
"account provisioner does not match requested provisioner; account provisioner = %s, requested provisioner = %s" ,
acc . ProvisionerID , p . GetID ( ) ) ,
}
} ,
"ok/account-with-location-prefix" : func ( t * testing . T ) test {
@ -885,6 +915,32 @@ func TestHandler_lookupJWK(t *testing.T) {
statusCode : 200 ,
}
} ,
"ok/account-with-provisioner-id" : func ( t * testing . T ) test {
p := newProvWithID ( )
acc := & acme . Account { LocationPrefix : prefix + accID , Status : "valid" , Key : jwk , ProvisionerID : p . GetID ( ) }
ctx := acme . NewProvisionerContext ( context . Background ( ) , p )
ctx = context . WithValue ( ctx , jwsContextKey , parsedJWS )
return test {
linker : acme . NewLinker ( "test.ca.smallstep.com" , "acme" ) ,
db : & acme . MockDB {
MockGetAccount : func ( ctx context . Context , id string ) ( * acme . Account , error ) {
assert . Equals ( t , id , accID )
return acc , nil
} ,
} ,
ctx : ctx ,
next : func ( w http . ResponseWriter , r * http . Request ) {
_acc , err := accountFromContext ( r . Context ( ) )
assert . FatalError ( t , err )
assert . Equals ( t , _acc , acc )
_jwk , err := jwkFromContext ( r . Context ( ) )
assert . FatalError ( t , err )
assert . Equals ( t , _jwk , jwk )
w . Write ( testBody )
} ,
statusCode : 200 ,
}
} ,
}
for name , run := range tests {
tc := run ( t )