summaryrefslogtreecommitdiff
path: root/pkg/auth
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2021-09-11 21:13:33 +0200
committerMiloslav Trmač <mitr@redhat.com>2021-12-10 18:16:14 +0100
commitad7e5e34f20da1422f79b704fc10a3cfec85e447 (patch)
tree79ac99f5ce95c7e0ea4538fd7a4fdac4fcd77382 /pkg/auth
parent5a5aa6009fdfde0524bc4e551742c366ad0164df (diff)
downloadpodman-ad7e5e34f20da1422f79b704fc10a3cfec85e447.tar.gz
podman-ad7e5e34f20da1422f79b704fc10a3cfec85e447.tar.bz2
podman-ad7e5e34f20da1422f79b704fc10a3cfec85e447.zip
Add tests for auth.Header
Just a single function that handles all of Header, headerConfig and headerAuth; we will split that later. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Diffstat (limited to 'pkg/auth')
-rw-r--r--pkg/auth/auth_test.go128
1 files changed, 128 insertions, 0 deletions
diff --git a/pkg/auth/auth_test.go b/pkg/auth/auth_test.go
index 38f82ee04..e39a0e041 100644
--- a/pkg/auth/auth_test.go
+++ b/pkg/auth/auth_test.go
@@ -2,6 +2,8 @@ package auth
import (
"encoding/base64"
+ "encoding/json"
+ "fmt"
"io/ioutil"
"net/http"
"os"
@@ -12,6 +14,132 @@ import (
"github.com/stretchr/testify/require"
)
+const largeAuthFile = `{"auths":{
+ "docker.io/vendor": {"auth": "ZG9ja2VyOnZlbmRvcg=="},
+ "https://index.docker.io/v1": {"auth": "ZG9ja2VyOnRvcA=="},
+ "quay.io/libpod": {"auth": "cXVheTpsaWJwb2Q="},
+ "quay.io": {"auth": "cXVheTp0b3A="}
+}}`
+
+func TestHeader(t *testing.T) {
+ for _, tc := range []struct {
+ headerName HeaderAuthName
+ name string
+ fileContents string
+ username, password string
+ shouldErr bool
+ expectedContents string
+ }{
+ {
+ headerName: XRegistryConfigHeader,
+ name: "no data",
+ fileContents: "",
+ username: "",
+ password: "",
+ expectedContents: "",
+ },
+ {
+ headerName: XRegistryConfigHeader,
+ name: "invalid JSON",
+ fileContents: "@invalid JSON",
+ username: "",
+ password: "",
+ shouldErr: true,
+ },
+ {
+ headerName: XRegistryConfigHeader,
+ name: "file data",
+ fileContents: largeAuthFile,
+ username: "",
+ password: "",
+ expectedContents: `{
+ "docker.io/vendor": {"username": "docker", "password": "vendor"},
+ "docker.io": {"username": "docker", "password": "top"},
+ "quay.io/libpod": {"username": "quay", "password": "libpod"},
+ "quay.io": {"username": "quay", "password": "top"}
+ }`,
+ },
+ {
+ headerName: XRegistryConfigHeader,
+ name: "file data + override",
+ fileContents: largeAuthFile,
+ username: "override-user",
+ password: "override-pass",
+ expectedContents: `{
+ "docker.io/vendor": {"username": "docker", "password": "vendor"},
+ "docker.io": {"username": "docker", "password": "top"},
+ "quay.io/libpod": {"username": "quay", "password": "libpod"},
+ "quay.io": {"username": "quay", "password": "top"},
+ "": {"username": "override-user", "password": "override-pass"}
+ }`,
+ },
+ {
+ headerName: XRegistryAuthHeader,
+ name: "override",
+ fileContents: "",
+ username: "override-user",
+ password: "override-pass",
+ expectedContents: `{"username": "override-user", "password": "override-pass"}`,
+ },
+ {
+ headerName: XRegistryAuthHeader,
+ name: "invalid JSON",
+ fileContents: "@invalid JSON",
+ username: "",
+ password: "",
+ shouldErr: true,
+ },
+ {
+ headerName: XRegistryAuthHeader,
+ name: "file data",
+ fileContents: largeAuthFile,
+ username: "",
+ password: "",
+ expectedContents: `{
+ "docker.io/vendor": {"username": "docker", "password": "vendor"},
+ "docker.io": {"username": "docker", "password": "top"},
+ "quay.io/libpod": {"username": "quay", "password": "libpod"},
+ "quay.io": {"username": "quay", "password": "top"}
+ }`,
+ },
+ } {
+ name := fmt.Sprintf("%s: %s", tc.headerName, tc.name)
+ authFile := ""
+ if tc.fileContents != "" {
+ f, err := ioutil.TempFile("", "auth.json")
+ require.NoError(t, err, name)
+ defer os.Remove(f.Name())
+ authFile = f.Name()
+ err = ioutil.WriteFile(authFile, []byte(tc.fileContents), 0700)
+ require.NoError(t, err, name)
+ }
+
+ res, err := Header(nil, tc.headerName, authFile, tc.username, tc.password)
+ if tc.shouldErr {
+ assert.Error(t, err, name)
+ } else {
+ require.NoError(t, err, name)
+ if tc.expectedContents == "" {
+ assert.Empty(t, res, name)
+ } else {
+ require.Len(t, res, 1, name)
+ header, ok := res[tc.headerName.String()]
+ require.True(t, ok, name)
+ decodedHeader, err := base64.URLEncoding.DecodeString(header)
+ require.NoError(t, err, name)
+ // Don't test for a specific JSON representation, just for the expected contents.
+ expected := map[string]interface{}{}
+ actual := map[string]interface{}{}
+ err = json.Unmarshal([]byte(tc.expectedContents), &expected)
+ require.NoError(t, err, name)
+ err = json.Unmarshal(decodedHeader, &actual)
+ require.NoError(t, err, name)
+ assert.Equal(t, expected, actual, name)
+ }
+ }
+ }
+}
+
func TestAuthConfigsToAuthFile(t *testing.T) {
for _, tc := range []struct {
name string