crypt/step-ca-cli
1
0
Fork 0
mirror of https://github.com/smallstep/cli.git synced 2025-07-31 08:24:22 +03:00
Code Activity
Files
master
step-ca-cli/token/provision/provision_test.go
Mariano Cano d63010ef16 Use go.step.sm/jose
2022-10-04 15:26:08 -07:00

115 lines
3.2 KiB
Go
Raw Permalink Blame History

package provision
import (
"crypto/rsa"
"reflect"
"testing"
"time"
"github.com/smallstep/cli/token"
"github.com/stretchr/testify/assert"
"go.step.sm/crypto/jose"
"go.step.sm/crypto/pemutil"
)
func withFixedTime(tok *Token, t time.Time) {
if tok == nil {
return
}
tok.claims.IssuedAt = jose.NewNumericDate(t)
tok.claims.NotBefore = jose.NewNumericDate(t)
tok.claims.Expiry = jose.NewNumericDate(t.Add(5 * time.Minute))
}
func TestNew(t *testing.T) {
type args struct {
subject string
opts []token.Options
}
now := time.Now()
want := &Token{
claims: token.DefaultClaims(),
}
wantWithOptions := &Token{
claims: token.DefaultClaims(),
}
want.claims.Subject = "test.domain"
wantWithOptions.claims.Subject = "test.domain"
wantWithOptions.claims.Issuer = "new-issuer"
wantWithOptions.claims.ExtraClaims = map[string]interface{}{"sha": "b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c"}
tests := []struct {
name string
args args
want *Token
wantErr bool
}{
{"ok", args{"test.domain", nil}, want, false},
{"ok empty options", args{"test.domain", []token.Options{}}, want, false},
{"ok with options", args{"test.domain", []token.Options{token.WithIssuer("new-issuer"), token.WithClaim("sha", "b5bb9d8014a0f9b1d61e21e796d78dccdf1352f23cd32812f4850b878ae4944c")}}, wantWithOptions, false},
{"fail no subject", args{"", []token.Options{}}, nil, true},
{"fail bad option", args{"test.domain", []token.Options{token.WithIssuer("")}}, nil, true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := New(tt.args.subject, tt.args.opts...)
withFixedTime(got, now)
if (err != nil) != tt.wantErr {
t.Errorf("New() error = %v, wantErr %v", err, tt.wantErr)
return
}
assert.Equal(t, got, tt.want)
if !reflect.DeepEqual(got, tt.want) {
t.Errorf("New() = %v, want %v", got, tt.want)
}
})
}
}
func TestToken_SignedString(t *testing.T) {
type fields struct {
claims *token.Claims
}
type args struct {
sigAlg string
key interface{}
}
rsaKey, err := pemutil.Read("../testdata/openssl.rsa1024.pem")
if err != nil {
t.Fatal(err)
}
rsaPublic := rsaKey.(*rsa.PrivateKey).Public()
expected := "eyJhbGciOiJSUzI1NiIsImtpZCI6Im50U2lnZFFZNHRLOFlmTDdHQjZjNGRuZzhvSGVGOU5VMkl0QUlVOGtHZGciLCJ0eXAiOiJKV1QifQ.e30.spzx_GFrhXg_LTPBIE3z3uWaA-GH7G0rbPdskxbUahJnXRLwF8S_AAQMTjtsWY9iELwOQQUXW7aPES-jONCebTpXl00RYP7maiS87wcGW6nZ0ICmsbS5NnCDJIKpV4Ei3MZ4MXfZ4vLaONaR5BunHYkicMDqWif_2v8yvxebh7c"
tests := []struct {
name string
fields fields
args args
want string
wantErr bool
}{
{"ok", fields{&token.Claims{}}, args{"RS256", rsaKey}, expected, false},
{"fail bad alg", fields{&token.Claims{}}, args{"ES256", rsaKey}, "", true},
{"fail with public", fields{&token.Claims{}}, args{"RS256", rsaPublic}, "", true},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
tok := &Token{
claims: tt.fields.claims,
}
got, err := tok.SignedString(tt.args.sigAlg, tt.args.key)
if (err != nil) != tt.wantErr {
t.Errorf("Token.SignedString() error = %v, wantErr %v", err, tt.wantErr)
return
}
if got != tt.want {
t.Errorf("Token.SignedString() = %v, want %v", got, tt.want)
}
})
}
}
View Git Blame Copy Permalink