|
|
@ -59,8 +59,9 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
webhooks []*Webhook
|
|
|
|
webhooks []*Webhook
|
|
|
|
}
|
|
|
|
}
|
|
|
|
type args struct {
|
|
|
|
type args struct {
|
|
|
|
challenge string
|
|
|
|
provisionerName string
|
|
|
|
transactionID string
|
|
|
|
challenge string
|
|
|
|
|
|
|
|
transactionID string
|
|
|
|
}
|
|
|
|
}
|
|
|
|
tests := []struct {
|
|
|
|
tests := []struct {
|
|
|
|
name string
|
|
|
|
name string
|
|
|
@ -72,7 +73,7 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
{
|
|
|
|
{
|
|
|
|
name: "fail/no-webhook",
|
|
|
|
name: "fail/no-webhook",
|
|
|
|
fields: fields{http.DefaultClient, nil},
|
|
|
|
fields: fields{http.DefaultClient, nil},
|
|
|
|
args: args{"no-webhook", "transaction-1"},
|
|
|
|
args: args{"my-scep-provisioner", "no-webhook", "transaction-1"},
|
|
|
|
expErr: errors.New("webhook server did not allow request"),
|
|
|
|
expErr: errors.New("webhook server did not allow request"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
{
|
|
|
@ -83,7 +84,7 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
CertType: linkedca.Webhook_SSH.String(),
|
|
|
|
CertType: linkedca.Webhook_SSH.String(),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}},
|
|
|
|
}},
|
|
|
|
args: args{"wrong-cert-type", "transaction-1"},
|
|
|
|
args: args{"my-scep-provisioner", "wrong-cert-type", "transaction-1"},
|
|
|
|
expErr: errors.New("webhook server did not allow request"),
|
|
|
|
expErr: errors.New("webhook server did not allow request"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
{
|
|
|
|
{
|
|
|
@ -99,8 +100,9 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}},
|
|
|
|
}},
|
|
|
|
args: args{
|
|
|
|
args: args{
|
|
|
|
challenge: "wrong-secret-value",
|
|
|
|
provisionerName: "my-scep-provisioner",
|
|
|
|
transactionID: "transaction-1",
|
|
|
|
challenge: "wrong-secret-value",
|
|
|
|
|
|
|
|
transactionID: "transaction-1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
expErr: errors.New("failed executing webhook request: illegal base64 data at input byte 0"),
|
|
|
|
expErr: errors.New("failed executing webhook request: illegal base64 data at input byte 0"),
|
|
|
|
},
|
|
|
|
},
|
|
|
@ -117,8 +119,9 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}},
|
|
|
|
}},
|
|
|
|
args: args{
|
|
|
|
args: args{
|
|
|
|
challenge: "not-allowed",
|
|
|
|
provisionerName: "my-scep-provisioner",
|
|
|
|
transactionID: "transaction-1",
|
|
|
|
challenge: "not-allowed",
|
|
|
|
|
|
|
|
transactionID: "transaction-1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
server: nokServer,
|
|
|
|
server: nokServer,
|
|
|
|
expErr: errors.New("webhook server did not allow request"),
|
|
|
|
expErr: errors.New("webhook server did not allow request"),
|
|
|
@ -136,8 +139,9 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}},
|
|
|
|
}},
|
|
|
|
args: args{
|
|
|
|
args: args{
|
|
|
|
challenge: "challenge",
|
|
|
|
provisionerName: "my-scep-provisioner",
|
|
|
|
transactionID: "transaction-1",
|
|
|
|
challenge: "challenge",
|
|
|
|
|
|
|
|
transactionID: "transaction-1",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
server: okServer,
|
|
|
|
server: okServer,
|
|
|
|
},
|
|
|
|
},
|
|
|
@ -151,7 +155,7 @@ func Test_challengeValidationController_Validate(t *testing.T) {
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
ctx := context.Background()
|
|
|
|
ctx := context.Background()
|
|
|
|
err := c.Validate(ctx, dummyCSR, tt.args.challenge, tt.args.transactionID)
|
|
|
|
err := c.Validate(ctx, dummyCSR, tt.args.provisionerName, tt.args.challenge, tt.args.transactionID)
|
|
|
|
|
|
|
|
|
|
|
|
if tt.expErr != nil {
|
|
|
|
if tt.expErr != nil {
|
|
|
|
assert.EqualError(t, err, tt.expErr.Error())
|
|
|
|
assert.EqualError(t, err, tt.expErr.Error())
|
|
|
|