luci: go.chromium.org/luci/server/auth/authtest Index | Files

package authtest

import "go.chromium.org/luci/server/auth/authtest"

Package authtest implements some interfaces used by auth package to simplify unit testing.

Index

Package Files

config.go db.go doc.go method.go session.go state.go

Variables 

var ErrAuthenticationError = errors.New("authtest: fake Authenticate error")

ErrAuthenticationError is returned by FakeAuth.Authenticate.

func MockAuthConfig Uses

func MockAuthConfig(c context.Context) context.Context

MockAuthConfig configures auth library for unit tests environment.

If modifies the configure stored in the context. See auth.Initialize for more info.

type FakeAuth Uses

type FakeAuth struct {
    User *auth.User // user to return in Authenticate or nil for error
}

FakeAuth implements auth.Method's Authenticate by returning predefined user.

func (FakeAuth) Authenticate Uses

func (m FakeAuth) Authenticate(context.Context, *http.Request) (*auth.User, error)

Authenticate returns predefined User object (if it is not nil) or error.

func (FakeAuth) LoginURL Uses

func (m FakeAuth) LoginURL(c context.Context, dest string) (string, error)

LoginURL returns fake login URL.

func (FakeAuth) LogoutURL Uses

func (m FakeAuth) LogoutURL(c context.Context, dest string) (string, error)

LogoutURL returns fake logout URL.

type FakeDB Uses

type FakeDB map[identity.Identity][]string

FakeDB implements user group checking part of db.DB (IsMember).

It is a mapping "identity -> list of its groups". Intended to be used mostly for testing request handlers, thus all other DB methods are hardcoded to implement some default behavior sufficient for fake requests to pass authentication.

func (FakeDB) CheckMembership Uses

func (db FakeDB) CheckMembership(c context.Context, id identity.Identity, groups []string) (out []string, err error)

CheckMembership is part of authdb.DB interface.

It returns a list of groups the identity belongs to.

func (FakeDB) GetAuthServiceURL Uses

func (db FakeDB) GetAuthServiceURL(c context.Context) (string, error)

GetAuthServiceURL is part of authdb.DB interface.

func (FakeDB) GetCertificates Uses

func (db FakeDB) GetCertificates(c context.Context, id identity.Identity) (*signing.PublicCertificates, error)

GetCertificates is part of authdb.DB interface.

func (FakeDB) GetTokenServiceURL Uses

func (db FakeDB) GetTokenServiceURL(c context.Context) (string, error)

GetTokenServiceURL is part of authdb.DB interface.

func (FakeDB) GetWhitelistForIdentity Uses

func (db FakeDB) GetWhitelistForIdentity(c context.Context, ident identity.Identity) (string, error)

GetWhitelistForIdentity is part of authdb.DB interface.

func (FakeDB) IsAllowedOAuthClientID Uses

func (db FakeDB) IsAllowedOAuthClientID(c context.Context, email, clientID string) (bool, error)

IsAllowedOAuthClientID is part of authdb.DB interface.

func (FakeDB) IsInWhitelist Uses

func (db FakeDB) IsInWhitelist(c context.Context, ip net.IP, whitelist string) (bool, error)

IsInWhitelist is part of authdb.DB interface.

func (FakeDB) IsInternalService Uses

func (db FakeDB) IsInternalService(c context.Context, hostname string) (bool, error)

IsInternalService is part of authdb.DB interface.

func (FakeDB) IsMember Uses

func (db FakeDB) IsMember(c context.Context, id identity.Identity, groups []string) (bool, error)

IsMember is part of authdb.DB interface.

It returns true if any of 'groups' is listed in db[id].

func (FakeDB) Use Uses

func (db FakeDB) Use(c context.Context) context.Context

Use installs the fake db into the context.

type FakeErroringDB Uses

type FakeErroringDB struct {
    FakeDB

    // Error is returned by IsMember.
    Error error
}

FakeErroringDB is authdb.DB with IsMember returning an error.

func (*FakeErroringDB) CheckMembership Uses

func (db *FakeErroringDB) CheckMembership(c context.Context, id identity.Identity, groups []string) ([]string, error)

CheckMembership is part of authdb.DB interface.

It returns db.Error if it is not nil.

func (*FakeErroringDB) IsMember Uses

func (db *FakeErroringDB) IsMember(c context.Context, id identity.Identity, groups []string) (bool, error)

IsMember is part of authdb.DB interface.

It returns db.Error if it is not nil.

func (*FakeErroringDB) Use Uses

func (db *FakeErroringDB) Use(c context.Context) context.Context

Use installs the fake db into the context.

type FakeState Uses

type FakeState struct {
    // Identity is main identity associated with the request.
    //
    // identity.AnonymousIdentity if not set.
    Identity identity.Identity

    // IdentityGroups is list of groups the calling identity belongs to.
    IdentityGroups []string

    // Error if not nil is returned by IsMember checks.
    Error error

    // FakeDB is a mock authdb.DB implementation to use.
    //
    // If not nil, overrides 'IdentityGroups' and 'Error'.
    FakeDB authdb.DB

    // PeerIdentityOverride may be set for PeerIdentity() to return custom value.
    //
    // By default PeerIdentity() returns Identity (i.e. no delegation is
    // happening).
    PeerIdentityOverride identity.Identity

    // PeerIPOverride may be set for PeerIP() to return custom value.
    //
    // By default PeerIP() returns "127.0.0.1".
    PeerIPOverride net.IP

    // UserCredentialsOverride may be set to override UserCredentials().
    //
    // By default UserCredentials() returns ErrNoForwardableCreds error.
    UserCredentialsOverride *oauth2.Token
}

FakeState implements auth.State returning predefined values.

Inject it into the context when testing handlers that expect auth state: 

ctx = auth.WithState(ctx, &authtest.FakeState{
  Identity: "user:user@example.com",
  IdentityGroups: []string{"admins"},
})
auth.IsMember(ctx, "admins") -> returns true.

func (*FakeState) Authenticator Uses

func (s *FakeState) Authenticator() *auth.Authenticator

Authenticator is part of State interface.

func (*FakeState) DB Uses

func (s *FakeState) DB() authdb.DB

DB is part of State interface.

func (*FakeState) Method Uses

func (s *FakeState) Method() auth.Method

Method is part of State interface.

func (*FakeState) PeerIP Uses

func (s *FakeState) PeerIP() net.IP

PeerIP is part of State interface.

func (*FakeState) PeerIdentity Uses

func (s *FakeState) PeerIdentity() identity.Identity

PeerIdentity is part of State interface.

func (*FakeState) User Uses

func (s *FakeState) User() *auth.User

User is part of State interface.

func (*FakeState) UserCredentials Uses

func (s *FakeState) UserCredentials() (*oauth2.Token, error)

UserCredentials is part of State interface.

type MemorySessionStore Uses

type MemorySessionStore struct {
    // contains filtered or unexported fields
}

MemorySessionStore implement auth.SessionStore.

func (*MemorySessionStore) CloseSession Uses

func (s *MemorySessionStore) CloseSession(c context.Context, sessionID string) error

CloseSession closes a session given its ID. Does nothing if session is already closed or doesn't exist. Returns only transient errors.

func (*MemorySessionStore) GetSession Uses

func (s *MemorySessionStore) GetSession(c context.Context, sessionID string) (*auth.Session, error)

GetSession returns existing non-expired session given its ID. Returns nil if session doesn't exist, closed or expired. Returns only transient errors.

func (*MemorySessionStore) OpenSession Uses

func (s *MemorySessionStore) OpenSession(c context.Context, userID string, u *auth.User, exp time.Time) (string, error)

OpenSession create a new session for a user with given expiration time. It returns unique session ID.

Package authtest imports 15 packages (graph) and is imported by 5 packages. Updated 2020-01-20. Refresh now. Tools for package owners.