NotificationsYou must be signed in to change notification settings
Fork913
Star10k

Commit3a243c1

authored

fix: remove shared mutable state between oidc tests (#17179)

Spotted on main:https://github.com/coder/coder/actions/runs/14179449567/job/39721999486```=== FAIL: coderd TestOIDCDomainErrorMessage/MalformedEmailErrorOmitsDomains (0.01s)==================WARNING: DATA RACERead at 0x00c060b54e68 by goroutine 296485: golang.org/x/oauth2.(*Config).Exchange() /home/runner/go/pkg/mod/golang.org/x/oauth2@v0.28.0/oauth2.go:228 +0x1d8 github.com/coder/coder/v2/coderd.(*OIDCConfig).Exchange() <autogenerated>:1 +0xb7 github.com/coder/coder/v2/coderd.New.func11.12.1.2.ExtractOAuth2.1.1() /home/runner/work/coder/coder/coderd/httpmw/oauth2.go:168 +0x7b5 net/http.HandlerFunc.ServeHTTP() /opt/hostedtoolcache/go/1.24.1/x64/src/net/http/server.go:2294 +0x47[...]Previous write at 0x00c060b54e68 by goroutine 55730: github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).SetRedirect() /home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:1280 +0x1e6 github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).LoginWithClient() /home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:494 +0x170 github.com/coder/coder/v2/coderd/coderdtest/oidctest.(*FakeIDP).AttemptLogin() /home/runner/work/coder/coder/coderd/coderdtest/oidctest/idp.go:479 +0x624 github.com/coder/coder/v2/coderd_test.TestOIDCDomainErrorMessage.func3() /home/runner/work/coder/coder/coderd/userauth_test.go:2041 +0x1f2```As seen, this race was caused by sharing a `*oidctest.FakeIDP` between test cases. The fix is to simply do the setup twice.```$ go test -race -run "TestOIDCDomainErrorMessage" github.com/coder/coder/v2/coderd -count=100ok github.com/coder/coder/v2/coderd 7.551s````

1 parent7d08bf0 commit3a243c1Copy full SHA for 3a243c1

File tree

1 file changed

+19

-11

lines changed

coderd
- userauth_test.go

1 file changed

+19

-11

lines changed

`‎coderd/userauth_test.go`

Lines changed: 19 additions & 11 deletions

Original file line number	Diff line number	Diff line change
`@@ -1988,30 +1988,36 @@ func TestUserLogout(t *testing.T) {`
`1988`	`1988`	`funcTestOIDCDomainErrorMessage(t*testing.T) {`
`1989`	`1989`	`t.Parallel()`
`1990`	`1990`
`1991`		`-fake:=oidctest.NewFakeIDP(t,oidctest.WithServing())`
`1992`		`-`
`1993`	`1991`	`allowedDomains:= []string{"allowed1.com","allowed2.org","company.internal"}`
`1994`		`-cfg:=fake.OIDCConfig(t,nil,func(cfg*coderd.OIDCConfig) {`
`1995`		`-cfg.EmailDomain=allowedDomains`
`1996`		`-cfg.AllowSignups=true`
`1997`		`-})`
`1998`	`1992`
`1999`		`-server:=coderdtest.New(t,&coderdtest.Options{`
`2000`		`-OIDCConfig:cfg,`
`2001`		`-})`
	`1993`	`+setup:=func() (oidctest.FakeIDP,codersdk.Client) {`
	`1994`	`+fake:=oidctest.NewFakeIDP(t,oidctest.WithServing())`
	`1995`	`+`
	`1996`	`+cfg:=fake.OIDCConfig(t,nil,func(cfg*coderd.OIDCConfig) {`
	`1997`	`+cfg.EmailDomain=allowedDomains`
	`1998`	`+cfg.AllowSignups=true`
	`1999`	`+})`
	`2000`	`+`
	`2001`	`+client:=coderdtest.New(t,&coderdtest.Options{`
	`2002`	`+OIDCConfig:cfg,`
	`2003`	`+})`
	`2004`	`+returnfake,client`
	`2005`	`+}`
`2002`	`2006`
`2003`	`2007`	`// Test case 1: Email domain not in allowed list`
`2004`	`2008`	`t.Run("ErrorMessageOmitsDomains",func(t*testing.T) {`
`2005`	`2009`	`t.Parallel()`
`2006`	`2010`
	`2011`	`+fake,client:=setup()`
	`2012`	`+`
`2007`	`2013`	`// Prepare claims with email from unauthorized domain`
`2008`	`2014`	`claims:= jwt.MapClaims{`
`2009`	`2015`	`"email":"user@unauthorized.com",`
`2010`	`2016`	`"email_verified":true,`
`2011`	`2017`	`"sub":uuid.NewString(),`
`2012`	`2018`	`}`
`2013`	`2019`
`2014`		`-_,resp:=fake.AttemptLogin(t,server,claims)`
	`2020`	`+_,resp:=fake.AttemptLogin(t,client,claims)`
`2015`	`2021`	`deferresp.Body.Close()`
`2016`	`2022`
`2017`	`2023`	`require.Equal(t,http.StatusForbidden,resp.StatusCode)`
`@@ -2031,14 +2037,16 @@ func TestOIDCDomainErrorMessage(t *testing.T) {`
`2031`	`2037`	`t.Run("MalformedEmailErrorOmitsDomains",func(t*testing.T) {`
`2032`	`2038`	`t.Parallel()`
`2033`	`2039`
	`2040`	`+fake,client:=setup()`
	`2041`	`+`
`2034`	`2042`	`// Prepare claims with an invalid email format (no @ symbol)`
`2035`	`2043`	`claims:= jwt.MapClaims{`
`2036`	`2044`	`"email":"invalid-email-without-domain",`
`2037`	`2045`	`"email_verified":true,`
`2038`	`2046`	`"sub":uuid.NewString(),`
`2039`	`2047`	`}`
`2040`	`2048`
`2041`		`-_,resp:=fake.AttemptLogin(t,server,claims)`
	`2049`	`+_,resp:=fake.AttemptLogin(t,client,claims)`
`2042`	`2050`	`deferresp.Body.Close()`
`2043`	`2051`
`2044`	`2052`	`require.Equal(t,http.StatusForbidden,resp.StatusCode)`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit3a243c1

File tree

1 file changed

1 file changed

`‎coderd/userauth_test.go`

0 commit comments