github.com/verrazzano/verrazzano@v1.7.0/authproxy/internal/httputil/httputil_test.go (about)

     1  // Copyright (c) 2023, Oracle and/or its affiliates.
     2  // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
     3  
     4  package httputil
     5  
     6  import (
     7  	"crypto/x509"
     8  	"net/http"
     9  	"strings"
    10  	"testing"
    11  
    12  	"github.com/stretchr/testify/assert"
    13  )
    14  
    15  // TestGetHTTPClientWithCABundle tests that a retryable http client can be created with a cert pool
    16  // GIVEN a request to create a http client
    17  // WHEN the cert pool is given
    18  // THEN the client returned is not nil
    19  func TestGetHTTPClientWithCABundle(t *testing.T) {
    20  	cli := GetHTTPClientWithCABundle(&x509.CertPool{})
    21  	assert.NotNil(t, cli)
    22  }
    23  
    24  // TestObfuscateTestData tests that request authorization headers get scrubbed
    25  // GIVEN a request with an authorization header
    26  // WHEN  the request is scrubbed
    27  // THEN  the header contains a different value
    28  func TestObfuscateTestData(t *testing.T) {
    29  	req, err := http.NewRequest(http.MethodGet, "", strings.NewReader(""))
    30  	assert.NoError(t, err)
    31  
    32  	authKey := "Authorization"
    33  	basicAuth := "Basic username:pass"
    34  	tokenAuth := "Bearer test-token"
    35  	req.Header[authKey] = []string{basicAuth, tokenAuth}
    36  
    37  	obfReq := ObfuscateRequestData(req)
    38  	assert.NotEqual(t, basicAuth, obfReq.Header[authKey][0])
    39  	assert.NotEqual(t, tokenAuth, obfReq.Header[authKey][1])
    40  }