mirror of
https://github.com/lukaszraczylo/traefikoidc.git
synced 2026-06-05 22:44:17 +00:00
lukaszraczylo
e64fc7f730
* Add redis support for distributed caching * Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * fixup! fixup! fixup! fixup! fixup! Move towards the self-provided Redis connection pool and RESP protocol implementation. Official redis client library won't work with yaegi. * ... and another all nighter. * fixup! ... and another all nighter. * fixup! fixup! ... and another all nighter. * fixup! fixup! fixup! ... and another all nighter. * Resolve issue #85 by adding ability to set custom claims in JWT tokens * Remove redundant validation in auth middleware ( issue #89 ) * Add ability to set cookie prefix for session cookies ( #87 ) * fixup! Add ability to set cookie prefix for session cookies ( #87 ) * Add ability to set cookie max age - issue #91 * Potential fix for code scanning alert no. 10: Size computation for allocation may overflow Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> * fixup! Merge main into 0.8.0-redis: resolve conflicts --------- Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
146 lines
4.7 KiB
Go
146 lines
4.7 KiB
Go
package traefikoidc
|
|
|
|
import (
|
|
"fmt"
|
|
"net/http/httptest"
|
|
"testing"
|
|
|
|
"github.com/gorilla/sessions"
|
|
)
|
|
|
|
// TestSetCodeVerifier_NoChange tests the branch where the code verifier value doesn't change
|
|
func TestSetCodeVerifier_NoChange(t *testing.T) {
|
|
logger := NewLogger("debug")
|
|
sm, err := NewSessionManager("0123456789abcdef0123456789abcdef0123456789abcdef", false, "", "", 0, logger)
|
|
if err != nil {
|
|
t.Fatalf("Failed to create session manager: %v", err)
|
|
}
|
|
defer sm.Shutdown()
|
|
|
|
req := httptest.NewRequest("GET", "http://example.com/test", nil)
|
|
session, err := sm.GetSession(req)
|
|
if err != nil {
|
|
t.Fatalf("Failed to get session: %v", err)
|
|
}
|
|
defer session.ReturnToPool()
|
|
|
|
// Set initial code verifier
|
|
initialVerifier := "test-code-verifier-12345"
|
|
session.SetCodeVerifier(initialVerifier)
|
|
|
|
if !session.IsDirty() {
|
|
t.Error("Session should be dirty after first SetCodeVerifier")
|
|
}
|
|
|
|
// Mark clean to test the no-change branch
|
|
session.dirty = false
|
|
|
|
// Set the same code verifier again - this should hit the uncovered branch
|
|
session.SetCodeVerifier(initialVerifier)
|
|
|
|
// Verify that dirty flag remains false (no change occurred)
|
|
if session.IsDirty() {
|
|
t.Error("Session should not be dirty when setting same code verifier value")
|
|
}
|
|
|
|
// Verify the code verifier value is still correct
|
|
if got := session.GetCodeVerifier(); got != initialVerifier {
|
|
t.Errorf("Expected code verifier %q, got %q", initialVerifier, got)
|
|
}
|
|
}
|
|
|
|
// TestClearTokenChunks_EmptyChunks tests the branch where the chunks map is empty
|
|
func TestClearTokenChunks_EmptyChunks(t *testing.T) {
|
|
logger := NewLogger("debug")
|
|
sm, err := NewSessionManager("0123456789abcdef0123456789abcdef0123456789abcdef", false, "", "", 0, logger)
|
|
if err != nil {
|
|
t.Fatalf("Failed to create session manager: %v", err)
|
|
}
|
|
defer sm.Shutdown()
|
|
|
|
req := httptest.NewRequest("GET", "http://example.com/test", nil)
|
|
session, err := sm.GetSession(req)
|
|
if err != nil {
|
|
t.Fatalf("Failed to get session: %v", err)
|
|
}
|
|
defer session.ReturnToPool()
|
|
|
|
// Test with empty chunks map - this should hit the uncovered branch where the loop body doesn't execute
|
|
emptyChunks := make(map[int]*sessions.Session)
|
|
|
|
// This should not panic and should handle empty map gracefully
|
|
session.clearTokenChunks(req, emptyChunks)
|
|
|
|
// Verify that no errors occurred and the session is still valid
|
|
if session == nil {
|
|
t.Fatal("Session should still be valid after clearing empty chunks")
|
|
}
|
|
|
|
// Additional test: clear already-empty chunk maps in the session
|
|
session.clearTokenChunks(req, session.accessTokenChunks)
|
|
session.clearTokenChunks(req, session.refreshTokenChunks)
|
|
session.clearTokenChunks(req, session.idTokenChunks)
|
|
|
|
// Verify session is still valid
|
|
if session.GetAuthenticated() {
|
|
// This is fine - session can be authenticated even with no chunks
|
|
}
|
|
}
|
|
|
|
// TestClearTokenChunks_WithSessions tests the branch where the chunks map contains actual sessions
|
|
func TestClearTokenChunks_WithSessions(t *testing.T) {
|
|
logger := NewLogger("debug")
|
|
sm, err := NewSessionManager("0123456789abcdef0123456789abcdef0123456789abcdef", false, "", "", 0, logger)
|
|
if err != nil {
|
|
t.Fatalf("Failed to create session manager: %v", err)
|
|
}
|
|
defer sm.Shutdown()
|
|
|
|
req := httptest.NewRequest("GET", "http://example.com/test", nil)
|
|
session, err := sm.GetSession(req)
|
|
if err != nil {
|
|
t.Fatalf("Failed to get session: %v", err)
|
|
}
|
|
defer session.ReturnToPool()
|
|
|
|
// Create chunks map with actual sessions
|
|
chunksWithSessions := make(map[int]*sessions.Session)
|
|
|
|
// Create a few test sessions and add them to the chunks map
|
|
for i := 0; i < 3; i++ {
|
|
chunkSession, err := sm.store.Get(req, fmt.Sprintf("test_chunk_%d", i))
|
|
if err != nil {
|
|
t.Fatalf("Failed to create test chunk session: %v", err)
|
|
}
|
|
// Add some test data to the session
|
|
chunkSession.Values["test_data"] = fmt.Sprintf("chunk_%d_data", i)
|
|
chunkSession.Values["chunk_index"] = i
|
|
chunksWithSessions[i] = chunkSession
|
|
}
|
|
|
|
// Verify chunks have data before clearing
|
|
if len(chunksWithSessions) != 3 {
|
|
t.Errorf("Expected 3 chunks, got %d", len(chunksWithSessions))
|
|
}
|
|
|
|
for i, chunkSession := range chunksWithSessions {
|
|
if chunkSession.Values["test_data"] == nil {
|
|
t.Errorf("Chunk %d should have test data before clearing", i)
|
|
}
|
|
}
|
|
|
|
// Call clearTokenChunks - this should hit the loop body and clear all sessions
|
|
session.clearTokenChunks(req, chunksWithSessions)
|
|
|
|
// Verify that the sessions were cleared
|
|
for i, chunkSession := range chunksWithSessions {
|
|
if len(chunkSession.Values) != 0 {
|
|
t.Errorf("Chunk %d should have no values after clearing, but has %d values", i, len(chunkSession.Values))
|
|
}
|
|
// Verify MaxAge was set to -1 (expired)
|
|
if chunkSession.Options.MaxAge != -1 {
|
|
t.Errorf("Chunk %d should have MaxAge=-1 (expired), but has MaxAge=%d", i, chunkSession.Options.MaxAge)
|
|
}
|
|
}
|
|
}
|