projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge branch 'main' into 18842-arv-mount-disk-config
[arvados.git] / lib / controller / federation / login_test.go
diff --git a/lib/controller/federation/login_test.go b/lib/controller/federation/login_test.go
index 8ec2bd5a4910db98d04d5d042453371d78455870..e1114bf7eb21fd6752598ee7f31fe08199f9ef74 100644 (file)
--- a/lib/controller/federation/login_test.go
+++ b/lib/controller/federation/login_test.go
@@ -8,8 +8,9 @@ import (
        "context"
        "net/url"
 
-       "git.curoverse.com/arvados.git/sdk/go/arvados"
-       "git.curoverse.com/arvados.git/sdk/go/arvadostest"
+       "git.arvados.org/arvados.git/sdk/go/arvados"
+       "git.arvados.org/arvados.git/sdk/go/arvadostest"
+       "git.arvados.org/arvados.git/sdk/go/auth"
        check "gopkg.in/check.v1"
 )
 
@@ -38,3 +39,40 @@ func (s *LoginSuite) TestDeferToLoginCluster(c *check.C) {
                c.Check(remotePresent, check.Equals, remote != "")
        }
 }
+
+func (s *LoginSuite) TestLogout(c *check.C) {
+       otherOrigin := arvados.URL{Scheme: "https", Host: "app.example.com", Path: "/"}
+       otherURL := "https://app.example.com/foo"
+       s.cluster.Services.Workbench1.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench1.example.com"}
+       s.cluster.Services.Workbench2.ExternalURL = arvados.URL{Scheme: "https", Host: "workbench2.example.com"}
+       s.cluster.Login.TrustedClients = map[arvados.URL]struct{}{otherOrigin: {}}
+       s.addHTTPRemote(c, "zhome", &arvadostest.APIStub{})
+       s.cluster.Login.LoginCluster = "zhome"
+       // s.fed is already set by SetUpTest, but we need to
+       // reinitialize with the above config changes.
+       s.fed = New(s.cluster, nil)
+
+       for _, trial := range []struct {
+               token    string
+               returnTo string
+               target   string
+       }{
+               {token: "", returnTo: "", target: s.cluster.Services.Workbench2.ExternalURL.String()},
+               {token: "", returnTo: otherURL, target: otherURL},
+               {token: "zzzzzzzzzzzzzzzzzzzzz", returnTo: otherURL, target: otherURL},
+               {token: "v2/zzzzz-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: otherURL, target: otherURL},
+               {token: "v2/zhome-aaaaa-aaaaaaaaaaaaaaa/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", returnTo: otherURL, target: "http://" + s.cluster.RemoteClusters["zhome"].Host + "/logout?" + url.Values{"return_to": {otherURL}}.Encode()},
+       } {
+               c.Logf("trial %#v", trial)
+               ctx := s.ctx
+               if trial.token != "" {
+                       ctx = auth.NewContext(ctx, &auth.Credentials{Tokens: []string{trial.token}})
+               }
+               resp, err := s.fed.Logout(ctx, arvados.LogoutOptions{ReturnTo: trial.returnTo})
+               c.Assert(err, check.IsNil)
+               c.Logf("  RedirectLocation %q", resp.RedirectLocation)
+               target, err := url.Parse(resp.RedirectLocation)
+               c.Check(err, check.IsNil)
+               c.Check(target.String(), check.Equals, trial.target)
+       }
+}