diff options
| author | Paul Okstad <pokstad@gitlab.com> | 2020-11-17 04:01:50 +0000 |
|---|---|---|
| committer | Ash McKenzie <amckenzie@gitlab.com> | 2020-11-17 04:01:50 +0000 |
| commit | b16898c348ad4c110a87695903f8189ffd314033 (patch) | |
| tree | 68e527a98582969454472465f49c634786479f4c /client/httpsclient_test.go | |
| parent | da924afd346db029f6aa0fe17ccab92e85ce07c7 (diff) | |
| download | gitlab-shell-b16898c348ad4c110a87695903f8189ffd314033.tar.gz | |
GitLab API Client support for client certificates
Diffstat (limited to 'client/httpsclient_test.go')
| -rw-r--r-- | client/httpsclient_test.go | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/client/httpsclient_test.go b/client/httpsclient_test.go index d76890b..dadd095 100644 --- a/client/httpsclient_test.go +++ b/client/httpsclient_test.go @@ -13,11 +13,13 @@ import ( "gitlab.com/gitlab-org/gitlab-shell/internal/testhelper" ) +//go:generate openssl req -newkey rsa:4096 -new -nodes -x509 -days 3650 -out ../internal/testhelper/testdata/testroot/certs/client/server.crt -keyout ../internal/testhelper/testdata/testroot/certs/client/key.pem -subj "/C=US/ST=California/L=San Francisco/O=GitLab/OU=GitLab-Shell/CN=localhost" func TestSuccessfulRequests(t *testing.T) { testCases := []struct { - desc string - caFile, caPath string - selfSigned bool + desc string + caFile, caPath string + selfSigned bool + clientCAPath, clientCertPath, clientKeyPath string // used for TLS client certs }{ { desc: "Valid CaFile", @@ -36,11 +38,20 @@ func TestSuccessfulRequests(t *testing.T) { caFile: path.Join(testhelper.TestRoot, "certs/valid/server.crt"), selfSigned: true, }, + { + desc: "Client certs with CA", + caFile: path.Join(testhelper.TestRoot, "certs/valid/server.crt"), + // Run the command "go generate httpsclient_test.go" to + // regenerate the following test fixtures: + clientCAPath: path.Join(testhelper.TestRoot, "certs/client/server.crt"), + clientCertPath: path.Join(testhelper.TestRoot, "certs/client/server.crt"), + clientKeyPath: path.Join(testhelper.TestRoot, "certs/client/key.pem"), + }, } for _, tc := range testCases { t.Run(tc.desc, func(t *testing.T) { - client, cleanup := setupWithRequests(t, tc.caFile, tc.caPath, tc.selfSigned) + client, cleanup := setupWithRequests(t, tc.caFile, tc.caPath, tc.clientCAPath, tc.clientCertPath, tc.clientKeyPath, tc.selfSigned) defer cleanup() response, err := client.Get(context.Background(), "/hello") @@ -77,7 +88,7 @@ func TestFailedRequests(t *testing.T) { for _, tc := range testCases { t.Run(tc.desc, func(t *testing.T) { - client, cleanup := setupWithRequests(t, tc.caFile, tc.caPath, false) + client, cleanup := setupWithRequests(t, tc.caFile, tc.caPath, "", "", "", false) defer cleanup() _, err := client.Get(context.Background(), "/hello") @@ -88,7 +99,7 @@ func TestFailedRequests(t *testing.T) { } } -func setupWithRequests(t *testing.T, caFile, caPath string, selfSigned bool) (*GitlabNetClient, func()) { +func setupWithRequests(t *testing.T, caFile, caPath, clientCAPath, clientCertPath, clientKeyPath string, selfSigned bool) (*GitlabNetClient, func()) { testDirCleanup, err := testhelper.PrepareTestRootDir() require.NoError(t, err) defer testDirCleanup() @@ -104,9 +115,15 @@ func setupWithRequests(t *testing.T, caFile, caPath string, selfSigned bool) (*G }, } - url, cleanup := testserver.StartHttpsServer(t, requests) + url, cleanup := testserver.StartHttpsServer(t, requests, clientCAPath) - httpClient := NewHTTPClient(url, "", caFile, caPath, selfSigned, 1) + var opts []HTTPClientOpt + if clientCertPath != "" && clientKeyPath != "" { + opts = append(opts, WithClientCert(clientCertPath, clientKeyPath)) + } + + httpClient, err := NewHTTPClientWithOpts(url, "", caFile, caPath, selfSigned, 1, opts) + require.NoError(t, err) client, err := NewGitlabNetClient("", "", "", httpClient) require.NoError(t, err) |