github.com/versent/saml2aws@v2.17.0+incompatible/pkg/provider/pingfed/pingfed_test.go

github.com/versent/saml2aws@v2.17.0+incompatible/pkg/provider/pingfed/pingfed_test.go (about)

     1  package pingfed
     2  
     3  import (
     4  	"bytes"
     5  	"context"
     6  	"io/ioutil"
     7  	"testing"
     8  
     9  	"github.com/PuerkitoBio/goquery"
    10  	"github.com/stretchr/testify/require"
    11  	"github.com/versent/saml2aws/mocks"
    12  	"github.com/versent/saml2aws/pkg/creds"
    13  	"github.com/versent/saml2aws/pkg/prompter"
    14  )
    15  
    16  func TestMakeAbsoluteURL(t *testing.T) {
    17  	require.Equal(t, makeAbsoluteURL("/a", "https://example.com"), "https://example.com/a")
    18  	require.Equal(t, makeAbsoluteURL("https://foo.com/a/b", "https://bar.com"), "https://foo.com/a/b")
    19  }
    20  
    21  var docTests = []struct {
    22  	fn       func(*goquery.Document) bool
    23  	file     string
    24  	expected bool
    25  }{
    26  	{docIsLogin, "example/login.html", true},
    27  	{docIsLogin, "example/login2.html", true},
    28  	{docIsLogin, "example/otp.html", false},
    29  	{docIsLogin, "example/swipe.html", false},
    30  	{docIsLogin, "example/form-redirect.html", false},
    31  	{docIsLogin, "example/webauthn.html", false},
    32  	{docIsOTP, "example/login.html", false},
    33  	{docIsOTP, "example/otp.html", true},
    34  	{docIsOTP, "example/swipe.html", false},
    35  	{docIsOTP, "example/form-redirect.html", false},
    36  	{docIsOTP, "example/webauthn.html", false},
    37  	{docIsSwipe, "example/login.html", false},
    38  	{docIsSwipe, "example/otp.html", false},
    39  	{docIsSwipe, "example/swipe.html", true},
    40  	{docIsSwipe, "example/form-redirect.html", false},
    41  	{docIsSwipe, "example/webauthn.html", false},
    42  	{docIsFormRedirect, "example/login.html", false},
    43  	{docIsFormRedirect, "example/otp.html", false},
    44  	{docIsFormRedirect, "example/swipe.html", false},
    45  	{docIsFormRedirect, "example/form-redirect.html", true},
    46  	{docIsFormRedirect, "example/webauthn.html", false},
    47  	{docIsWebAuthn, "example/login.html", false},
    48  	{docIsWebAuthn, "example/otp.html", false},
    49  	{docIsWebAuthn, "example/swipe.html", false},
    50  	{docIsWebAuthn, "example/form-redirect.html", false},
    51  	{docIsWebAuthn, "example/webauthn.html", true},
    52  }
    53  
    54  func TestDocTypes(t *testing.T) {
    55  	for _, tt := range docTests {
    56  		data, err := ioutil.ReadFile(tt.file)
    57  		require.Nil(t, err)
    58  
    59  		doc, err := goquery.NewDocumentFromReader(bytes.NewReader(data))
    60  		require.Nil(t, err)
    61  
    62  		if tt.fn(doc) != tt.expected {
    63  			t.Errorf("expect doc check of %v to be %v", tt.file, tt.expected)
    64  		}
    65  	}
    66  }
    67  
    68  func TestHandleLogin(t *testing.T) {
    69  	ac := Client{}
    70  	loginDetails := creds.LoginDetails{
    71  		Username: "fdsa",
    72  		Password: "secret",
    73  		URL:      "https://example.com/foo",
    74  	}
    75  	ctx := context.WithValue(context.Background(), ctxKey("login"), &loginDetails)
    76  
    77  	data, err := ioutil.ReadFile("example/login.html")
    78  	require.Nil(t, err)
    79  
    80  	doc, err := goquery.NewDocumentFromReader(bytes.NewReader(data))
    81  	require.Nil(t, err)
    82  
    83  	ctx, req, err := ac.handleLogin(ctx, doc)
    84  	require.Nil(t, err)
    85  
    86  	b, err := ioutil.ReadAll(req.Body)
    87  	require.Nil(t, err)
    88  
    89  	s := string(b[:])
    90  	require.Contains(t, s, "pf.username=fdsa")
    91  	require.Contains(t, s, "pf.pass=secret")
    92  }
    93  
    94  func TestHandleOTP(t *testing.T) {
    95  	pr := &mocks.Prompter{}
    96  	prompter.SetPrompter(pr)
    97  	pr.Mock.On("StringRequired", "Enter passcode").Return("5309")
    98  
    99  	data, err := ioutil.ReadFile("example/otp.html")
   100  	require.Nil(t, err)
   101  
   102  	doc, err := goquery.NewDocumentFromReader(bytes.NewReader(data))
   103  	require.Nil(t, err)
   104  
   105  	ac := Client{}
   106  	_, req, err := ac.handleOTP(context.Background(), doc)
   107  	require.Nil(t, err)
   108  
   109  	b, err := ioutil.ReadAll(req.Body)
   110  	require.Nil(t, err)
   111  
   112  	s := string(b[:])
   113  	require.Contains(t, s, "otp=5309")
   114  }
   115  
   116  func TestHandleFormRedirect(t *testing.T) {
   117  	data, err := ioutil.ReadFile("example/form-redirect.html")
   118  	require.Nil(t, err)
   119  
   120  	doc, err := goquery.NewDocumentFromReader(bytes.NewReader(data))
   121  	require.Nil(t, err)
   122  
   123  	ac := Client{}
   124  	_, req, err := ac.handleFormRedirect(context.Background(), doc)
   125  	require.Nil(t, err)
   126  
   127  	b, err := ioutil.ReadAll(req.Body)
   128  	require.Nil(t, err)
   129  
   130  	s := string(b[:])
   131  	require.Contains(t, s, "ppm_request=secret")
   132  	require.Contains(t, s, "idp_account_id=some-uuid")
   133  }
   134  
   135  func TestHandleWebAuthn(t *testing.T) {
   136  	data, err := ioutil.ReadFile("example/webauthn.html")
   137  	require.Nil(t, err)
   138  
   139  	doc, err := goquery.NewDocumentFromReader(bytes.NewReader(data))
   140  	require.Nil(t, err)
   141  
   142  	ac := Client{}
   143  	_, req, err := ac.handleWebAuthn(context.Background(), doc)
   144  	require.Nil(t, err)
   145  
   146  	b, err := ioutil.ReadAll(req.Body)
   147  	require.Nil(t, err)
   148  
   149  	s := string(b[:])
   150  	require.Contains(t, s, "isWebAuthnSupportedByBrowser=false")
   151  }