Merge branch '16212-pam-login'
[arvados.git] / lib / controller / federation / login_test.go
1 // Copyright (C) The Arvados Authors. All rights reserved.
2 //
3 // SPDX-License-Identifier: AGPL-3.0
4
5 package federation
6
7 import (
8         "context"
9         "net/url"
10
11         "git.arvados.org/arvados.git/sdk/go/arvados"
12         "git.arvados.org/arvados.git/sdk/go/arvadostest"
13         "git.arvados.org/arvados.git/sdk/go/auth"
14         check "gopkg.in/check.v1"
15 )
16
17 var _ = check.Suite(&LoginSuite{})
18
19 type LoginSuite struct {
20         FederationSuite
21 }
22
23 func (s *LoginSuite) TestDeferToLoginCluster(c *check.C) {
24         s.addHTTPRemote(c, "zhome", &arvadostest.APIStub{})
25         s.cluster.Login.LoginCluster = "zhome"
26
27         returnTo := "https://app.example.com/foo?bar"
28         for _, remote := range []string{"", "ccccc"} {
29                 resp, err := s.fed.Login(context.Background(), arvados.LoginOptions{Remote: remote, ReturnTo: returnTo})
30                 c.Check(err, check.IsNil)
31                 c.Logf("remote %q -- RedirectLocation %q", remote, resp.RedirectLocation)
32                 target, err := url.Parse(resp.RedirectLocation)
33                 c.Check(err, check.IsNil)
34                 c.Check(target.Host, check.Equals, s.cluster.RemoteClusters["zhome"].Host)
35                 c.Check(target.Scheme, check.Equals, "http")
36                 c.Check(target.Query().Get("return_to"), check.Equals, returnTo)
37                 c.Check(target.Query().Get("remote"), check.Equals, remote)
38                 _, remotePresent := target.Query()["remote"]
39                 c.Check(remotePresent, check.Equals, remote != "")
40         }
41 }
42
43 func (s *LoginSuite) TestLogout(c *check.C) {
44         s.cluster.Services.Workbench1.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench1.example.com"}
45         s.cluster.Services.Workbench2.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench2.example.com"}
46         s.cluster.Login.GoogleClientID = "zzzzzzzzzzzzzz"
47         s.addHTTPRemote(c, "zhome", &arvadostest.APIStub{})
48         s.cluster.Login.LoginCluster = "zhome"
49         // s.fed is already set by SetUpTest, but we need to
50         // reinitialize with the above config changes.
51         s.fed = New(s.cluster)
52
53         returnTo := "https://app.example.com/foo?bar"
54         for _, trial := range []struct {
55                 token    string
56                 returnTo string
57                 target   string
58         }{
59                 {token: "", returnTo: "", target: s.cluster.Services.Workbench2.ExternalURL.String()},
60                 {token: "", returnTo: returnTo, target: returnTo},
61                 {token: "zzzzzzzzzzzzzzzzzzzzz", returnTo: returnTo, target: returnTo},
62                 {token: "v2/zzzzz-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: returnTo, target: returnTo},
63                 {token: "v2/zhome-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: returnTo, target: "http://" + s.cluster.RemoteClusters["zhome"].Host + "/logout?" + url.Values{"return_to": {returnTo}}.Encode()},
64         } {
65                 c.Logf("trial %#v", trial)
66                 ctx := context.Background()
67                 if trial.token != "" {
68                         ctx = auth.NewContext(ctx, &auth.Credentials{Tokens: []string{trial.token}})
69                 }
70                 resp, err := s.fed.Logout(ctx, arvados.LogoutOptions{ReturnTo: trial.returnTo})
71                 c.Assert(err, check.IsNil)
72                 c.Logf("  RedirectLocation %q", resp.RedirectLocation)
73                 target, err := url.Parse(resp.RedirectLocation)
74                 c.Check(err, check.IsNil)
75                 c.Check(target.String(), check.Equals, trial.target)
76         }
77 }