func setup() {
var err error
if err = configuration.Setup(""); err != nil {
panic(fmt.Errorf("Failed to setup the configuration: %s", err.Error()))
}
oauth := &oauth2.Config{
ClientID: configuration.GetKeycloakClientID(),
ClientSecret: configuration.GetKeycloakSecret(),
Scopes: []string{"user:email"},
Endpoint: oauth2.Endpoint{
AuthURL: "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/auth",
TokenURL: "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/token",
},
}
privateKey, err := token.ParsePrivateKey([]byte(configuration.GetTokenPrivateKey()))
if err != nil {
panic(err)
}
tokenManager := token.NewManagerWithPrivateKey(privateKey)
userRepository := account.NewUserRepository(nil)
identityRepository := account.NewIdentityRepository(nil)
loginService = &KeycloakOAuthProvider{
config: oauth,
Identities: identityRepository,
Users: userRepository,
TokenManager: tokenManager,
}
}
func createManager(t *testing.T) token.Manager {
privateKey, err := token.ParsePrivateKey([]byte(token.RSAPrivateKey))
if err != nil {
t.Fatal("Could not parse private key")
}
return token.NewManagerWithPrivateKey(privateKey)
}
func (s *CommentsSuite) securedControllers(identity account.Identity) (*goa.Service, *WorkitemController, *WorkItemCommentsController, *CommentsController) {
priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
svc := testsupport.ServiceAsUser("Comment-Service", almtoken.NewManagerWithPrivateKey(priv), identity)
workitemCtrl := NewWorkitemController(svc, s.db)
workitemCommentsCtrl := NewWorkItemCommentsController(svc, s.db)
commentsCtrl := NewCommentsController(svc, s.db)
return svc, workitemCtrl, workitemCommentsCtrl, commentsCtrl
}
// The SetupSuite method will run before the tests in the suite are run.
// It sets up a database connection for all the tests in this suite without polluting global space.
func (s *workItemLinkSuite) SetupSuite() {
var err error
if err = configuration.Setup(""); err != nil {
panic(fmt.Errorf("Failed to setup the configuration: %s", err.Error()))
}
s.db, err = gorm.Open("postgres", configuration.GetPostgresConfigString())
if err != nil {
panic("Failed to connect database: " + err.Error())
}
// Make sure the database is populated with the correct types (e.g. bug etc.)
if err := models.Transactional(DB, func(tx *gorm.DB) error {
return migration.PopulateCommonTypes(context.Background(), tx, workitem.NewWorkItemTypeRepository(tx))
}); err != nil {
panic(err.Error())
}
require.Nil(s.T(), err)
priv, err := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
require.Nil(s.T(), err)
svc := goa.New("TestWorkItemLinkType-Service")
require.NotNil(s.T(), svc)
s.workItemLinkTypeCtrl = NewWorkItemLinkTypeController(svc, gormapplication.NewGormDB(DB))
require.NotNil(s.T(), s.workItemLinkTypeCtrl)
svc = goa.New("TestWorkItemLinkCategory-Service")
require.NotNil(s.T(), svc)
s.workItemLinkCategoryCtrl = NewWorkItemLinkCategoryController(svc, gormapplication.NewGormDB(DB))
require.NotNil(s.T(), s.workItemLinkCategoryCtrl)
svc = goa.New("TestWorkItemLink-Service")
require.NotNil(s.T(), svc)
s.workItemLinkCtrl = NewWorkItemLinkController(svc, gormapplication.NewGormDB(DB))
require.NotNil(s.T(), s.workItemLinkCtrl)
svc = goa.New("TestWorkItemRelationshipsLinks-Service")
require.NotNil(s.T(), svc)
s.workItemRelsLinksCtrl = NewWorkItemRelationshipsLinksController(svc, gormapplication.NewGormDB(DB))
require.NotNil(s.T(), s.workItemRelsLinksCtrl)
s.workItemSvc = testsupport.ServiceAsUser("TestWorkItem-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
require.NotNil(s.T(), s.workItemSvc)
s.workItemCtrl = NewWorkitemController(svc, gormapplication.NewGormDB(DB))
require.NotNil(s.T(), s.workItemCtrl)
}
func TestExtractWithInvalidToken(t *testing.T) {
// This tests generates invalid Token
// by setting expired date, empty UUID, not setting UUID
// all above cases are invalid
// hence manager.Extract should fail in all above cases
manager := createManager(t)
privateKey, err := token.ParsePrivateKey([]byte(token.RSAPrivateKey))
tok := jwt.New(jwt.SigningMethodRS256)
// add already expired time to "exp" claim"
claims := jwt.MapClaims{"sub": "some_uuid", "exp": float64(time.Now().Unix() - 100)}
tok.Claims = claims
tokenStr, err := tok.SignedString(privateKey)
if err != nil {
panic(err)
}
idn, err := manager.Extract(tokenStr)
if err == nil {
t.Error("Expired token should not be parsed. Error must not be nil", idn, err)
}
// now set correct EXP but do not set uuid
claims = jwt.MapClaims{"exp": float64(time.Now().AddDate(0, 0, 1).Unix())}
tok.Claims = claims
tokenStr, err = tok.SignedString(privateKey)
if err != nil {
panic(err)
}
idn, err = manager.Extract(tokenStr)
if err == nil {
t.Error("Invalid token should not be parsed. Error must not be nil", idn, err)
}
// now set UUID to empty String
claims = jwt.MapClaims{"sub": ""}
tok.Claims = claims
tokenStr, err = tok.SignedString(privateKey)
if err != nil {
panic(err)
}
idn, err = manager.Extract(tokenStr)
if err == nil {
t.Error("Invalid token should not be parsed. Error must not be nil", idn, err)
}
}
func TestMain(m *testing.M) {
if _, c := os.LookupEnv(resource.Database); c != false {
var err error
if err = configuration.Setup(""); err != nil {
panic(fmt.Errorf("Failed to setup the configuration: %s", err.Error()))
}
db, err = gorm.Open("postgres", configuration.GetPostgresConfigString())
if err != nil {
panic("Failed to connect database: " + err.Error())
}
defer db.Close()
// Migrate the schema
err = migration.Migrate(db.DB())
if err != nil {
panic(err.Error())
}
}
oauth := &oauth2.Config{
ClientID: configuration.GetKeycloakClientID(),
ClientSecret: configuration.GetKeycloakSecret(),
Scopes: []string{"user:email"},
Endpoint: oauth2.Endpoint{
AuthURL: "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/auth",
TokenURL: "http://sso.demo.almighty.io/auth/realms/demo/protocol/openid-connect/token",
},
}
privateKey, err := token.ParsePrivateKey([]byte(token.RSAPrivateKey))
if err != nil {
panic(err)
}
tokenManager := token.NewManagerWithPrivateKey(privateKey)
userRepository := account.NewUserRepository(db)
identityRepository := account.NewIdentityRepository(db)
app := gormapplication.NewGormDB(db)
loginService = NewKeycloakOAuthProvider(oauth, identityRepository, userRepository, tokenManager, app)
os.Exit(m.Run())
}
func getServiceAsUser() *goa.Service {
priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
service := testsupport.ServiceAsUser("TestSearch-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
return service
}
func (rest *TestSpaceIterationREST) SecuredController() (*goa.Service, *SpaceIterationsController) {
priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
svc := testsupport.ServiceAsUser("Iteration-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
return svc, NewSpaceIterationsController(svc, rest.db)
}
func newUserController(identity *account.Identity, user *account.User) *UserController {
priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
return NewUserController(goa.New("alm-test"), newGormTestBase(identity, user), almtoken.NewManagerWithPrivateKey(priv))
}
func (rest *TestCommentREST) SecuredController() (*goa.Service, *WorkItemCommentsController) {
priv, _ := almtoken.ParsePrivateKey([]byte(almtoken.RSAPrivateKey))
svc := testsupport.ServiceAsUser("WorkItemComment-Service", almtoken.NewManagerWithPrivateKey(priv), testsupport.TestIdentity)
return svc, NewWorkItemCommentsController(svc, rest.db)
}
