Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit424579e

Browse files
committed
Add test case for invalid tokens
1 parent7eb897a commit424579e

File tree

2 files changed

+40
-14
lines changed

2 files changed

+40
-14
lines changed

‎coderd/userauth.go

Lines changed: 0 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -48,13 +48,6 @@ func (api *API) userAuthMethods(rw http.ResponseWriter, _ *http.Request) {
4848
}
4949

5050
func (api*API)userOAuth2Github(rw http.ResponseWriter,r*http.Request) {
51-
ifapi.GithubOAuth2Config==nil {
52-
httpapi.Write(rw,http.StatusPreconditionRequired, codersdk.Response{
53-
Message:"GitHub authentication is not enabled!",
54-
})
55-
return
56-
}
57-
5851
state:=httpmw.OAuth2(r)
5952

6053
oauthClient:=oauth2.NewClient(r.Context(),oauth2.StaticTokenSource(state.Token))
@@ -227,13 +220,6 @@ type OIDCConfig struct {
227220
}
228221

229222
func (api*API)userOIDC(rw http.ResponseWriter,r*http.Request) {
230-
ifapi.OIDCConfig==nil {
231-
httpapi.Write(rw,http.StatusPreconditionRequired, codersdk.Response{
232-
Message:"OpenID Connect authentication is not enabled!",
233-
})
234-
return
235-
}
236-
237223
state:=httpmw.OAuth2(r)
238224

239225
// See the example here: https://github.com/coreos/go-oidc

‎coderd/userauth_test.go

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -340,6 +340,46 @@ func TestUserOIDC(t *testing.T) {
340340
}
341341
})
342342
}
343+
344+
t.Run("Disabled",func(t*testing.T) {
345+
t.Parallel()
346+
client:=coderdtest.New(t,nil)
347+
resp:=oidcCallback(t,client)
348+
require.Equal(t,http.StatusPreconditionRequired,resp.StatusCode)
349+
})
350+
351+
t.Run("NoIDToken",func(t*testing.T) {
352+
t.Parallel()
353+
client:=coderdtest.New(t,&coderdtest.Options{
354+
OIDCConfig:&coderd.OIDCConfig{
355+
OAuth2Config:&oauth2Config{},
356+
},
357+
})
358+
resp:=oidcCallback(t,client)
359+
require.Equal(t,http.StatusBadRequest,resp.StatusCode)
360+
})
361+
362+
t.Run("BadVerify",func(t*testing.T) {
363+
t.Parallel()
364+
verifier:=oidc.NewVerifier("",&oidc.StaticKeySet{
365+
PublicKeys: []crypto.PublicKey{},
366+
},&oidc.Config{})
367+
368+
client:=coderdtest.New(t,&coderdtest.Options{
369+
OIDCConfig:&coderd.OIDCConfig{
370+
OAuth2Config:&oauth2Config{
371+
token: (&oauth2.Token{
372+
AccessToken:"token",
373+
}).WithExtra(map[string]interface{}{
374+
"id_token":"invalid",
375+
}),
376+
},
377+
Verifier:verifier,
378+
},
379+
})
380+
resp:=oidcCallback(t,client)
381+
require.Equal(t,http.StatusBadRequest,resp.StatusCode)
382+
})
343383
}
344384

345385
// createOIDCConfig generates a new OIDCConfig that returns a static token

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp