github.com/kyma-project/kyma-environment-broker@v0.0.1/internal/ias/bundle_test.go (about) 1 package ias 2 3 import ( 4 "fmt" 5 "testing" 6 7 "github.com/stretchr/testify/assert" 8 ) 9 10 func TestServiceProviderBundle_ServiceProviderType(t *testing.T) { 11 // given 12 client := NewFakeClient() 13 bundle := NewServiceProviderBundle(FakeGrafanaName, ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 14 15 // when 16 ssoType := bundle.ServiceProviderType() 17 18 // then 19 assert.Equal(t, OIDC, ssoType) 20 } 21 22 func TestServiceProviderBundle_FetchServiceProviderData(t *testing.T) { 23 // given 24 client := NewFakeClient() 25 bundle := NewServiceProviderBundle(FakeGrafanaName, ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 26 27 // when 28 err := bundle.FetchServiceProviderData() 29 30 // then 31 assert.NoError(t, err) 32 assert.True(t, bundle.ServiceProviderExist()) 33 assert.Equal(t, ProviderID(FakeIdentityProviderID), bundle.providerID) 34 } 35 36 func TestServiceProviderBundle_CreateServiceProvider(t *testing.T) { 37 // given 38 client := NewFakeClient() 39 bundle := NewServiceProviderBundle("sp", ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 40 41 // when 42 err := bundle.CreateServiceProvider() 43 44 // then 45 assert.NoError(t, err) 46 47 err = bundle.FetchServiceProviderData() 48 assert.NoError(t, err) 49 assert.True(t, bundle.ServiceProviderExist()) 50 } 51 52 func TestServiceProviderBundle_ConfigureServiceProviderType_OIDC(t *testing.T) { 53 // given 54 client := NewFakeClient() 55 bundle := NewServiceProviderBundle(FakeGrafanaName, ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 56 57 err := bundle.FetchServiceProviderData() 58 assert.NoError(t, err) 59 60 // when 61 err = bundle.ConfigureServiceProviderType("https://console.example.com") 62 63 // then 64 assert.NoError(t, err) 65 provider, err := client.GetServiceProvider(FakeGrafanaID) 66 assert.NoError(t, err) 67 assert.Equal(t, fmt.Sprintf("SKR Grafana (instanceID: %s)", FakeGrafanaName), provider.DisplayName) 68 assert.Equal(t, "openIdConnect", provider.SsoType) 69 assert.Equal(t, "https://grafana.example.com/login/generic_oauth", provider.RedirectURIs[0]) 70 } 71 72 func TestServiceProviderBundle_ConfigureServiceProvider(t *testing.T) { 73 // given 74 client := NewFakeClient() 75 bundle := NewServiceProviderBundle(FakeGrafanaName, ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 76 77 err := bundle.FetchServiceProviderData() 78 assert.NoError(t, err) 79 80 // when 81 err = bundle.ConfigureServiceProvider() 82 83 // then 84 assert.NoError(t, err) 85 provider, err := client.GetServiceProvider(FakeGrafanaID) 86 assert.NoError(t, err) 87 88 assert.Len(t, provider.AssertionAttributes, 4) 89 assert.ElementsMatch(t, []AssertionAttribute{ 90 {AssertionAttribute: "first_name", UserAttribute: "firstName"}, 91 {AssertionAttribute: "last_name", UserAttribute: "lastName"}, 92 {AssertionAttribute: "email", UserAttribute: "mail"}, 93 {AssertionAttribute: "groups", UserAttribute: "companyGroups"}, 94 }, provider.AssertionAttributes) 95 96 assert.Equal(t, "mail", provider.NameIDAttribute) 97 98 assert.Equal(t, FakeIdentityProviderID, provider.AuthenticatingIdp.ID) 99 assert.Equal(t, FakeIdentityProviderName, provider.AuthenticatingIdp.Name) 100 101 assert.Len(t, provider.RBAConfig.RBARules, 2) 102 assert.ElementsMatch(t, []RBARules{ 103 {Action: "Allow", Group: "skr-monitoring-admin", GroupType: "Cloud"}, 104 {Action: "Allow", Group: "skr-monitoring-viewer", GroupType: "Cloud"}, 105 }, provider.RBAConfig.RBARules) 106 assert.Equal(t, "Deny", provider.RBAConfig.DefaultAction) 107 } 108 109 func TestServiceProviderBundle_GenerateSecret(t *testing.T) { 110 // given 111 client := NewFakeClient() 112 bundle := NewServiceProviderBundle(FakeGrafanaName, ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 113 114 err := bundle.FetchServiceProviderData() 115 assert.NoError(t, err) 116 117 // when 118 secret, err := bundle.GenerateSecret() 119 120 // then 121 assert.NoError(t, err) 122 assert.Equal(t, FakeClientID, secret.ClientID) 123 assert.Equal(t, FakeClientSecret, secret.ClientSecret) 124 125 provider, err := client.GetServiceProvider(FakeGrafanaID) 126 assert.NoError(t, err) 127 assert.Len(t, provider.Secret, 1) 128 assert.Equal(t, FakeClientID, provider.Secret[0].SecretID) 129 assert.Equal(t, "SAP Kyma Runtime Secret", provider.Secret[0].Description) 130 assert.ElementsMatch(t, []string{"ManageApp", "ManageUsers", "OAuth"}, provider.Secret[0].Scopes) 131 132 // when 133 err = bundle.FetchServiceProviderData() 134 assert.NoError(t, err) 135 secret, err = bundle.GenerateSecret() 136 137 // then 138 provider, err = client.GetServiceProvider(FakeGrafanaID) 139 assert.NoError(t, err) 140 assert.Len(t, provider.Secret, 1) 141 } 142 143 func TestServiceProviderBundle_DeleteServiceProvider(t *testing.T) { 144 // given 145 client := NewFakeClient() 146 bundle := NewServiceProviderBundle(FakeGrafanaName, ServiceProviderInputs[SPGrafanaID], client, Config{IdentityProvider: FakeIdentityProviderName}) 147 148 // when 149 err := bundle.DeleteServiceProvider() 150 151 // then 152 assert.NoError(t, err) 153 provider, err := client.GetServiceProvider(FakeGrafanaID) 154 assert.Error(t, err) 155 assert.EqualError(t, err, fmt.Sprintf("cannot find ServiceProvider with ID: %s", FakeGrafanaID)) 156 assert.Nil(t, provider) 157 }