Documentation ¶
Index ¶
- func AssertAccessError(t *testing.T, wantErr error, accessErr error, msg string)
- func CheckIsProvisioned(ctx context.Context, access IsActiver, subject string, args []byte, ...) error
- func ProviderWith(providerID string) ([]byte, error)
- func RunTests(t *testing.T, ctx context.Context, providerName string, p providers.Accessor, ...)
- func WithProviderConfig(config []byte) func(*IntegrationTests)
- type IntegrationTests
- type IsActiver
- type TestCase
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AssertAccessError ¶
assertAccessError checks the access error against the expected validation error for the test case. If we expect validation to fail, granting and revoking access should also fail and accessErr should be non-nil. If we expect validation to succeed, granting and revoking access should also succeed and accessErr should be nil.
func CheckIsProvisioned ¶
func CheckIsProvisioned(ctx context.Context, access IsActiver, subject string, args []byte, grantID string, want bool) error
CheckIsProvisioned calls the underlying integration's API to check that access was provisioned or not. It returns an error if the access status doesn't match what we wanted.
Passing 'want' as true means that we expect access to have been provisioned (i.e. the user should be a member of the Okta group). Passing 'want' as false means that we expect access to have been revoked (i.e. the user should NOT be a member of the Okta group.
For some integrations the API is eventually consistent, and access won't be reflected immediately when calling this function. To handle this, CheckIsProvisioned uses go-retry to call the API again with a backoff with a maximum duration of 10 seconds.
func ProviderWith ¶
ProviderWith fetches teh provider with config from the environment
func RunTests ¶
func RunTests(t *testing.T, ctx context.Context, providerName string, p providers.Accessor, testcases []TestCase, opts ...func(*IntegrationTests))
RunTests runs standardised integration tests to check the behaviour of a Common Fate Provider. It tests validation, granting, and revoking of access.
This should be used against the live version of any integration APIs - you shouldn't mock the API that you are trying to test access against.
RunTests is the entrypoint to the integration testing package.
func WithProviderConfig ¶
func WithProviderConfig(config []byte) func(*IntegrationTests)
Types ¶
type IntegrationTests ¶
type IntegrationTests struct {
// contains filtered or unexported fields
}