Add TestHeaderGetCredentialsRoundtrip

... as an end-to-end unit test of the header creation/parsing code. Leave the docker.io and docker.io/vendor test cases commented out, because they are currently failing. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
author: Miloslav Trmač <mitr@redhat.com> 2021-09-11 21:39:26 +0200
committer: Miloslav Trmač <mitr@redhat.com> 2021-12-10 18:16:15 +0100
commit: d29a4a6d173988b83ac78355e271d0f60e5d2830 (patch)
tree: 3c6efbad7f49b47036c94675b52a22ecb88b62da /pkg
parent: ad7e5e34f20da1422f79b704fc10a3cfec85e447 (diff)
download: podman-d29a4a6d173988b83ac78355e271d0f60e5d2830.tar.gz
podman-d29a4a6d173988b83ac78355e271d0f60e5d2830.tar.bz2
podman-d29a4a6d173988b83ac78355e271d0f60e5d2830.zip
1 files changed, 106 insertions, 0 deletions
diff --git a/pkg/auth/auth_test.go b/pkg/auth/auth_test.go
index e39a0e041..ee16d832b 100644
--- a/pkg/auth/auth_test.go
+++ b/pkg/auth/auth_test.go
@@ -9,6 +9,7 @@ import (
 	"os"
 	"testing"
 
+	"github.com/containers/image/v5/pkg/docker/config"
 	"github.com/containers/image/v5/types"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
@@ -21,6 +22,111 @@ const largeAuthFile = `{"auths":{
 	"quay.io": {"auth": "cXVheTp0b3A="}
 }}`
 
+// Semantics of largeAuthFile
+var largeAuthFileValues = map[string]types.DockerAuthConfig{
+	// "docker.io/vendor": {Username: "docker", Password: "vendor"},
+	// "docker.io":        {Username: "docker", Password: "top"},
+	"quay.io/libpod": {Username: "quay", Password: "libpod"},
+	"quay.io":        {Username: "quay", Password: "top"},
+}
+
+// Test that GetCredentials() correctly parses what Header() produces
+func TestHeaderGetCredentialsRoundtrip(t *testing.T) {
+	for _, tc := range []struct {
+		headerName         HeaderAuthName
+		name               string
+		fileContents       string
+		username, password string
+		expectedOverride   *types.DockerAuthConfig
+		expectedFileValues map[string]types.DockerAuthConfig
+	}{
+		{
+			headerName:         XRegistryConfigHeader,
+			name:               "no data",
+			fileContents:       "",
+			username:           "",
+			password:           "",
+			expectedOverride:   nil,
+			expectedFileValues: nil,
+		},
+		{
+			headerName:         XRegistryConfigHeader,
+			name:               "file data",
+			fileContents:       largeAuthFile,
+			username:           "",
+			password:           "",
+			expectedOverride:   nil,
+			expectedFileValues: largeAuthFileValues,
+		},
+		{
+			headerName:         XRegistryConfigHeader,
+			name:               "file data + override",
+			fileContents:       largeAuthFile,
+			username:           "override-user",
+			password:           "override-pass",
+			expectedOverride:   &types.DockerAuthConfig{Username: "override-user", Password: "override-pass"},
+			expectedFileValues: largeAuthFileValues,
+		},
+		{
+			headerName:         XRegistryAuthHeader,
+			name:               "override",
+			fileContents:       "",
+			username:           "override-user",
+			password:           "override-pass",
+			expectedOverride:   &types.DockerAuthConfig{Username: "override-user", Password: "override-pass"},
+			expectedFileValues: nil,
+		},
+		{
+			headerName:         XRegistryAuthHeader,
+			name:               "file data",
+			fileContents:       largeAuthFile,
+			username:           "",
+			password:           "",
+			expectedFileValues: largeAuthFileValues,
+		},
+	} {
+		name := fmt.Sprintf("%s: %s", tc.headerName, tc.name)
+		inputAuthFile := ""
+		if tc.fileContents != "" {
+			f, err := ioutil.TempFile("", "auth.json")
+			require.NoError(t, err, name)
+			defer os.Remove(f.Name())
+			inputAuthFile = f.Name()
+			err = ioutil.WriteFile(inputAuthFile, []byte(tc.fileContents), 0700)
+			require.NoError(t, err, name)
+		}
+
+		headers, err := Header(nil, tc.headerName, inputAuthFile, tc.username, tc.password)
+		require.NoError(t, err)
+		req, err := http.NewRequest(http.MethodPost, "/", nil)
+		require.NoError(t, err, name)
+		for k, v := range headers {
+			req.Header.Set(k, v)
+		}
+
+		override, resPath, parsedHeader, err := GetCredentials(req)
+		require.NoError(t, err, name)
+		defer RemoveAuthfile(resPath)
+		if tc.expectedOverride == nil {
+			assert.Nil(t, override, name)
+		} else {
+			require.NotNil(t, override, name)
+			assert.Equal(t, *tc.expectedOverride, *override, name)
+		}
+		for key, expectedAuth := range tc.expectedFileValues {
+			auth, err := config.GetCredentials(&types.SystemContext{AuthFilePath: resPath}, key)
+			require.NoError(t, err, name)
+			assert.Equal(t, expectedAuth, auth, "%s, key %s", name, key)
+		}
+		if len(headers) != 0 {
+			assert.Len(t, headers, 1)
+			assert.Equal(t, tc.headerName, parsedHeader)
+		} else {
+			assert.Equal(t, HeaderAuthName(""), parsedHeader)
+		}
+	}
+}
+
 func TestHeader(t *testing.T) {
 	for _, tc := range []struct {
 		headerName         HeaderAuthName
author	Miloslav Trmač <mitr@redhat.com>	2021-09-11 21:39:26 +0200
committer	Miloslav Trmač <mitr@redhat.com>	2021-12-10 18:16:15 +0100
commit	d29a4a6d173988b83ac78355e271d0f60e5d2830 (patch)
tree	3c6efbad7f49b47036c94675b52a22ecb88b62da /pkg
parent	ad7e5e34f20da1422f79b704fc10a3cfec85e447 (diff)
download	podman-d29a4a6d173988b83ac78355e271d0f60e5d2830.tar.gz podman-d29a4a6d173988b83ac78355e271d0f60e5d2830.tar.bz2 podman-d29a4a6d173988b83ac78355e271d0f60e5d2830.zip