X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/24223057a8dd3a03f1c6457287cb12167c6b67ee..4529d84afb3549ccb4ae9005a8f64f558c2bbe5c:/lib/controller/auth_test.go?ds=sidebyside

diff --git a/lib/controller/auth_test.go b/lib/controller/auth_test.go
index a188c30828..5d477a7664 100644
--- a/lib/controller/auth_test.go
+++ b/lib/controller/auth_test.go
@@ -8,6 +8,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"net"
 	"net/http"
 	"net/http/httptest"
 	"os"
@@ -62,10 +63,9 @@ func (s *AuthSuite) SetUpTest(c *check.C) {
 	s.fakeProvider.ValidClientSecret = "test#client/secret"
 
 	cluster := &arvados.Cluster{
-		ClusterID:        "zhome",
-		PostgreSQL:       integrationTestCluster().PostgreSQL,
-		ForceLegacyAPI14: forceLegacyAPI14,
-		SystemRootToken:  arvadostest.SystemRootToken,
+		ClusterID:       "zhome",
+		PostgreSQL:      integrationTestCluster().PostgreSQL,
+		SystemRootToken: arvadostest.SystemRootToken,
 	}
 	cluster.TLS.Insecure = true
 	cluster.API.MaxItemsPerResponse = 1000
@@ -95,12 +95,15 @@ func (s *AuthSuite) SetUpTest(c *check.C) {
 	cluster.Login.OpenIDConnect.ClientSecret = s.fakeProvider.ValidClientSecret
 	cluster.Login.OpenIDConnect.EmailClaim = "email"
 	cluster.Login.OpenIDConnect.EmailVerifiedClaim = "email_verified"
+	cluster.Login.OpenIDConnect.AcceptAccessToken = true
+	cluster.Login.OpenIDConnect.AcceptAccessTokenScope = ""
 
-	s.testHandler = &Handler{Cluster: cluster}
+	s.testHandler = &Handler{Cluster: cluster, BackgroundContext: ctxlog.Context(context.Background(), s.log)}
 	s.testServer = newServerFromIntegrationTestEnv(c)
-	s.testServer.Server.Handler = httpserver.HandlerWithContext(
-		ctxlog.Context(context.Background(), s.log),
-		httpserver.AddRequestIDs(httpserver.LogRequests(s.testHandler)))
+	s.testServer.Server.BaseContext = func(net.Listener) context.Context {
+		return ctxlog.Context(context.Background(), s.log)
+	}
+	s.testServer.Server.Handler = httpserver.AddRequestIDs(httpserver.LogRequests(s.testHandler))
 	c.Assert(s.testServer.Start(), check.IsNil)
 }
 
@@ -115,4 +118,12 @@ func (s *AuthSuite) TestLocalOIDCAccessToken(c *check.C) {
 	c.Check(json.NewDecoder(resp.Body).Decode(&u), check.IsNil)
 	c.Check(u.UUID, check.Equals, arvadostest.ActiveUserUUID)
 	c.Check(u.OwnerUUID, check.Equals, "zzzzz-tpzed-000000000000000")
+
+	// Request again to exercise cache.
+	req = httptest.NewRequest("GET", "/arvados/v1/users/current", nil)
+	req.Header.Set("Authorization", "Bearer "+s.fakeProvider.ValidAccessToken())
+	rr = httptest.NewRecorder()
+	s.testServer.Server.Handler.ServeHTTP(rr, req)
+	resp = rr.Result()
+	c.Check(resp.StatusCode, check.Equals, http.StatusOK)
 }