github.com/greenpau/go-authcrunch@v1.1.4/pkg/ids/store_test.go

github.com/greenpau/go-authcrunch@v1.1.4/pkg/ids/store_test.go (about)

     1  // Copyright 2022 Paul Greenberg greenpau@outlook.com
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package ids
    16  
    17  import (
    18  	"fmt"
    19  	"github.com/google/go-cmp/cmp"
    20  	"github.com/greenpau/go-authcrunch/internal/tests"
    21  	"github.com/greenpau/go-authcrunch/pkg/errors"
    22  	logutil "github.com/greenpau/go-authcrunch/pkg/util/log"
    23  	"go.uber.org/zap"
    24  	"testing"
    25  )
    26  
    27  func TestNewIdentityStore(t *testing.T) {
    28  	testcases := []struct {
    29  		name          string
    30  		config        *IdentityStoreConfig
    31  		disableLogger bool
    32  		want          string
    33  		shouldErr     bool
    34  		err           error
    35  	}{
    36  		{
    37  			name: "test local identity store",
    38  			config: &IdentityStoreConfig{
    39  				Name: "default",
    40  				Kind: "local",
    41  				Params: map[string]interface{}{
    42  					"path":  "foo",
    43  					"realm": "local",
    44  				},
    45  			},
    46  			want: `{
    47  			  "name": "default",
    48  			  "kind": "local",
    49  			  "realm": "local"
    50              }`,
    51  		},
    52  		{
    53  			name: "test ldap identity store",
    54  			config: &IdentityStoreConfig{
    55  				Name: "contoso.com",
    56  				Kind: "ldap",
    57  				Params: map[string]interface{}{
    58  					"realm":              "contoso.com",
    59  					"bind_password":      "P@ssW0rd123",
    60  					"bind_username":      "CN=authzsvc,OU=Service Accounts,OU=Administrative Accounts,DC=CONTOSO,DC=COM",
    61  					"search_base_dn":     "DC=CONTOSO,DC=COM",
    62  					"search_user_filter": "(&(|(sAMAccountName=%s)(mail=%s))(objectclass=user))",
    63  					"attributes": map[string]interface{}{
    64  						"email":     "mail",
    65  						"member_of": "memberOf",
    66  						"name":      "givenName",
    67  						"surname":   "sn",
    68  						"username":  "sAMAccountName",
    69  					},
    70  					"servers": []map[string]interface{}{
    71  						{
    72  							"address":            "ldaps://ldaps.contoso.com",
    73  							"ignore_cert_errors": true,
    74  						},
    75  					},
    76  					"groups": []map[string]interface{}{
    77  						{
    78  							"dn":    "CN=Admins,OU=Security,OU=Groups,DC=CONTOSO,DC=COM",
    79  							"roles": []string{"admin"},
    80  						},
    81  						{
    82  							"dn":    "CN=Editors,OU=Security,OU=Groups,DC=CONTOSO,DC=COM",
    83  							"roles": []string{"editor"},
    84  						},
    85  						{
    86  							"dn":    "CN=Viewers,OU=Security,OU=Groups,DC=CONTOSO,DC=COM",
    87  							"roles": []string{"viewer"},
    88  						},
    89  					},
    90  				},
    91  			},
    92  			want: `{
    93                "name": "contoso.com",
    94                "kind": "ldap",
    95  			  "realm": "contoso.com"
    96  			}`,
    97  		},
    98  		{
    99  			name: "test logger nil error",
   100  			config: &IdentityStoreConfig{
   101  				Name: "default",
   102  				Kind: "local",
   103  				Params: map[string]interface{}{
   104  					"path":  "foo",
   105  					"realm": "local",
   106  				},
   107  			},
   108  			disableLogger: true,
   109  			shouldErr:     true,
   110  			err:           errors.ErrIdentityStoreConfigureLoggerNotFound,
   111  		},
   112  		{
   113  			name: "test config validation error",
   114  			config: &IdentityStoreConfig{
   115  				Kind: "local",
   116  				Params: map[string]interface{}{
   117  					"path":  "foo",
   118  					"realm": "local",
   119  				},
   120  			},
   121  			shouldErr: true,
   122  			err: errors.ErrIdentityStoreConfigInvalid.WithArgs(
   123  				"empty identity store name",
   124  			),
   125  		},
   126  	}
   127  	for _, tc := range testcases {
   128  		t.Run(tc.name, func(t *testing.T) {
   129  			var logger *zap.Logger
   130  			msgs := []string{fmt.Sprintf("test name: %s", tc.name)}
   131  			msgs = append(msgs, fmt.Sprintf("config:\n%v", tc.config))
   132  			if !tc.disableLogger {
   133  				logger = logutil.NewLogger()
   134  			}
   135  
   136  			st, err := NewIdentityStore(tc.config, logger)
   137  			if err != nil {
   138  				if !tc.shouldErr {
   139  					t.Fatalf("expected success, got: %v", err)
   140  				}
   141  				if diff := cmp.Diff(err.Error(), tc.err.Error()); diff != "" {
   142  					t.Fatalf("unexpected error: %v, want: %v", err, tc.err)
   143  				}
   144  				return
   145  			}
   146  			if tc.shouldErr {
   147  				t.Fatalf("unexpected success, want: %v", tc.err)
   148  			}
   149  			got := map[string]interface{}{
   150  				"name":  st.GetName(),
   151  				"realm": st.GetRealm(),
   152  				"kind":  st.GetKind(),
   153  			}
   154  
   155  			want := tests.Unpack(t, tc.want)
   156  
   157  			if diff := cmp.Diff(want, got); diff != "" {
   158  				t.Logf("JSON: %v", tests.UnpackJSON(t, got))
   159  				t.Errorf("NewIdentityStore() mismatch (-want +got):\n%s", diff)
   160  			}
   161  		})
   162  	}
   163  }