Merge branch '19896-ldap-tls-downgrade'
[arvados.git] / services / api / test / unit / api_client_test.rb
1 # Copyright (C) The Arvados Authors. All rights reserved.
2 #
3 # SPDX-License-Identifier: AGPL-3.0
4
5 require 'test_helper'
6
7 class ApiClientTest < ActiveSupport::TestCase
8   include CurrentApiClient
9
10   [true, false].each do |token_lifetime_enabled|
11     test "configured workbench is trusted when token lifetime is#{token_lifetime_enabled ? '': ' not'} enabled" do
12       Rails.configuration.Login.TokenLifetime = token_lifetime_enabled ? 8.hours : 0
13       Rails.configuration.Login.IssueTrustedTokens = !token_lifetime_enabled;
14       Rails.configuration.Services.Workbench1.ExternalURL = URI("http://wb1.example.com")
15       Rails.configuration.Services.Workbench2.ExternalURL = URI("https://wb2.example.com:443")
16       Rails.configuration.Login.TrustedClients = ActiveSupport::OrderedOptions.new
17       Rails.configuration.Login.TrustedClients[:"https://wb3.example.com"] = ActiveSupport::OrderedOptions.new
18
19       act_as_system_user do
20         [["http://wb0.example.com", false],
21         ["http://wb1.example.com", true],
22         ["http://wb2.example.com", false],
23         ["https://wb2.example.com", true],
24         ["https://wb2.example.com/", true],
25         ["https://wb3.example.com/", true],
26         ["https://wb4.example.com/", false],
27         ].each do |pfx, result|
28           a = ApiClient.create(url_prefix: pfx, is_trusted: false)
29           if token_lifetime_enabled
30             assert_equal false, a.is_trusted, "API client with url prefix '#{pfx}' shouldn't be trusted"
31           else
32             assert_equal result, a.is_trusted
33           end
34         end
35
36         a = ApiClient.create(url_prefix: "http://example.com", is_trusted: true)
37         a.save!
38         a.reload
39         assert a.is_trusted
40       end
41     end
42   end
43 end