authtest

package

v0.0.0-...-35d8de9 Latest Latest Go to latest Published: Oct 1, 2019 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/xinghun61/luci-go

Links

Open Source Insights

Documentation ¶

Overview ¶

Package authtest implements some interfaces used by auth package to simplify unit testing.

Index ¶

Variables
func MockAuthConfig(c context.Context) context.Context
type FakeAuth
type FakeDB
type FakeErroringDB
type FakeState
type MemorySessionStore

Constants ¶

This section is empty.

Variables ¶

View Source

var ErrAuthenticationError = errors.New("authtest: fake Authenticate error")

ErrAuthenticationError is returned by FakeAuth.Authenticate.

Functions ¶

func MockAuthConfig ¶

func MockAuthConfig(c context.Context) context.Context

MockAuthConfig configures auth library for unit tests environment.

If modifies the configure stored in the context. See auth.Initialize for more info.

Types ¶

type FakeAuth ¶

type FakeAuth struct {
	User *auth.User // user to return in Authenticate or nil for error
}

FakeAuth implements auth.Method's Authenticate by returning predefined user.

func (FakeAuth) Authenticate ¶

func (m FakeAuth) Authenticate(context.Context, *http.Request) (*auth.User, error)

Authenticate returns predefined User object (if it is not nil) or error.

func (FakeAuth) LoginURL ¶

func (m FakeAuth) LoginURL(c context.Context, dest string) (string, error)

LoginURL returns fake login URL.

func (FakeAuth) LogoutURL ¶

func (m FakeAuth) LogoutURL(c context.Context, dest string) (string, error)

LogoutURL returns fake logout URL.

type FakeDB ¶

type FakeDB map[identity.Identity][]string

FakeDB implements user group checking part of db.DB (IsMember).

It is a mapping "identity -> list of its groups". Intended to be used mostly for testing request handlers, thus all other DB methods are hardcoded to implement some default behavior sufficient for fake requests to pass authentication.

func (FakeDB) CheckMembership ¶

func (db FakeDB) CheckMembership(c context.Context, id identity.Identity, groups []string) (out []string, err error)

CheckMembership is part of authdb.DB interface.

It returns a list of groups the identity belongs to.

func (FakeDB) GetAuthServiceURL ¶

func (db FakeDB) GetAuthServiceURL(c context.Context) (string, error)

GetAuthServiceURL is part of authdb.DB interface.

func (FakeDB) GetCertificates ¶

func (db FakeDB) GetCertificates(c context.Context, id identity.Identity) (*signing.PublicCertificates, error)

GetCertificates is part of authdb.DB interface.

func (FakeDB) GetTokenServiceURL ¶

func (db FakeDB) GetTokenServiceURL(c context.Context) (string, error)

GetTokenServiceURL is part of authdb.DB interface.

func (FakeDB) GetWhitelistForIdentity ¶

func (db FakeDB) GetWhitelistForIdentity(c context.Context, ident identity.Identity) (string, error)

GetWhitelistForIdentity is part of authdb.DB interface.

func (FakeDB) IsAllowedOAuthClientID ¶

func (db FakeDB) IsAllowedOAuthClientID(c context.Context, email, clientID string) (bool, error)

IsAllowedOAuthClientID is part of authdb.DB interface.

func (FakeDB) IsInWhitelist ¶

func (db FakeDB) IsInWhitelist(c context.Context, ip net.IP, whitelist string) (bool, error)

IsInWhitelist is part of authdb.DB interface.

func (FakeDB) IsInternalService ¶

func (db FakeDB) IsInternalService(c context.Context, hostname string) (bool, error)

IsInternalService is part of authdb.DB interface.

func (FakeDB) IsMember ¶

func (db FakeDB) IsMember(c context.Context, id identity.Identity, groups []string) (bool, error)

IsMember is part of authdb.DB interface.

It returns true if any of 'groups' is listed in db[id].

func (FakeDB) Use ¶

func (db FakeDB) Use(c context.Context) context.Context

Use installs the fake db into the context.

type FakeErroringDB ¶

type FakeErroringDB struct {
	FakeDB

	// Error is returned by IsMember.
	Error error
}

FakeErroringDB is authdb.DB with IsMember returning an error.

func (*FakeErroringDB) CheckMembership ¶

func (db *FakeErroringDB) CheckMembership(c context.Context, id identity.Identity, groups []string) ([]string, error)

CheckMembership is part of authdb.DB interface.

It returns db.Error if it is not nil.

func (*FakeErroringDB) IsMember ¶

func (db *FakeErroringDB) IsMember(c context.Context, id identity.Identity, groups []string) (bool, error)

IsMember is part of authdb.DB interface.

It returns db.Error if it is not nil.

func (*FakeErroringDB) Use ¶

func (db *FakeErroringDB) Use(c context.Context) context.Context

Use installs the fake db into the context.

type FakeState ¶

type FakeState struct {
	// Identity is main identity associated with the request.
	//
	// identity.AnonymousIdentity if not set.
	Identity identity.Identity

	// IdentityGroups is list of groups the calling identity belongs to.
	IdentityGroups []string

	// Error if not nil is returned by IsMember checks.
	Error error

	// FakeDB is a mock authdb.DB implementation to use.
	//
	// If not nil, overrides 'IdentityGroups' and 'Error'.
	FakeDB authdb.DB

	// PeerIdentityOverride may be set for PeerIdentity() to return custom value.
	//
	// By default PeerIdentity() returns Identity (i.e. no delegation is
	// happening).
	PeerIdentityOverride identity.Identity

	// PeerIPOverride may be set for PeerIP() to return custom value.
	//
	// By default PeerIP() returns "127.0.0.1".
	PeerIPOverride net.IP

	// UserCredentialsOverride may be set to override UserCredentials().
	//
	// By default UserCredentials() returns ErrNoForwardableCreds error.
	UserCredentialsOverride *oauth2.Token
}

FakeState implements auth.State returning predefined values.

Inject it into the context when testing handlers that expect auth state:

ctx = auth.WithState(ctx, &authtest.FakeState{
  Identity: "user:user@example.com",
  IdentityGroups: []string{"admins"},
})
auth.IsMember(ctx, "admins") -> returns true.

func (*FakeState) Authenticator ¶

func (s *FakeState) Authenticator() *auth.Authenticator

Authenticator is part of State interface.

func (*FakeState) DB ¶

func (s *FakeState) DB() authdb.DB

DB is part of State interface.

func (*FakeState) Method ¶

func (s *FakeState) Method() auth.Method

Method is part of State interface.

func (*FakeState) PeerIP ¶

func (s *FakeState) PeerIP() net.IP

PeerIP is part of State interface.

func (*FakeState) PeerIdentity ¶

func (s *FakeState) PeerIdentity() identity.Identity

PeerIdentity is part of State interface.

func (*FakeState) User ¶

func (s *FakeState) User() *auth.User

User is part of State interface.

func (*FakeState) UserCredentials ¶

func (s *FakeState) UserCredentials() (*oauth2.Token, error)

UserCredentials is part of State interface.

type MemorySessionStore ¶

type MemorySessionStore struct {
	// contains filtered or unexported fields
}

MemorySessionStore implement auth.SessionStore.

func (*MemorySessionStore) CloseSession ¶

func (s *MemorySessionStore) CloseSession(c context.Context, sessionID string) error

CloseSession closes a session given its ID. Does nothing if session is already closed or doesn't exist. Returns only transient errors.

func (*MemorySessionStore) GetSession ¶

func (s *MemorySessionStore) GetSession(c context.Context, sessionID string) (*auth.Session, error)

GetSession returns existing non-expired session given its ID. Returns nil if session doesn't exist, closed or expired. Returns only transient errors.

func (*MemorySessionStore) OpenSession ¶

func (s *MemorySessionStore) OpenSession(c context.Context, userID string, u *auth.User, exp time.Time) (string, error)

OpenSession create a new session for a user with given expiration time. It returns unique session ID.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL