mirrors/homebox
1
0
Fork 1
mirror of https://github.com/hay-kot/homebox.git synced 2025-08-03 16:20:27 +00:00
Code Issues Projects Releases Packages Wiki Activity

added some units test for trusted header SSO

Browse source
This commit is contained in:
verybadsoldier 2023-05-06 17:26:49 +02:00
parent a5914df807
commit 4122cc8ade
3 changed files with 50 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Taskfile.yml
View file

@ -127,7 +127,7 @@ tasks:
desc: Runs end-to-end test on a live server (only for use in CI) desc: Runs end-to-end test on a live server (only for use in CI)
cmds: cmds:
- cd backend && go build ./app/api - cd backend && go build ./app/api
- backend/api & - HBOX_OPTIONS_HEADER_SSO_ENABLED=1 HBOX_OPTIONS_HEADER_SSO_ALLOWED_IP=127.0.0.1 backend/api &
- sleep 5 - sleep 5
- cd frontend && pnpm run test:ci - cd frontend && pnpm run test:ci
silent: true silent: true

39
frontend/lib/api/__test__/user/trusted_headers.test.ts Normal file
View file

@ -0,0 +1,39 @@
import { describe, expect, test } from "vitest";
import { PublicApi } from "../../public";
import * as config from "../../../../test/config";
import { Requests } from "../../../requests";
import { overrideParts } from "../../base/urls";
describe("trusted header handling", () => {
overrideParts(config.BASE_URL, "/api/v1");
const requests = new Requests("");
const pub = new PublicApi(requests);
test("basic login using HTTP headers", async () => {
const ssoHeaders = {
"Remote-Email": "test@test.com",
"Remote-Name": "Test User",
"Remote-Groups": "admins,local",
};
const response = await pub.login_sso_header(ssoHeaders);
expect(response.error).toBeFalsy();
}, 20000);
test("basic login using HTTP headers fails no headers", async () => {
const ssoHeaders = {};
const response = await pub.login_sso_header(ssoHeaders);
expect(response.error).toBeTruthy();
}, 20000);
test("basic login using HTTP headers empty email header", async () => {
const ssoHeaders = {
"Remote-Email": "",
};
const response = await pub.login_sso_header(ssoHeaders);
expect(response.error).toBeTruthy();
}, 20000);
});

17
frontend/lib/api/public.ts
View file

@ -24,15 +24,18 @@ export class PublicApi extends BaseAPI {
}); });
} }
public login_sso_header() { // headers parameter only here for unit testing
public login_sso_header(headers = {}) {
const testHeaders = {
/** TODO: remove headers here. Only for testing. Usually the SSO servie will add this */
// "Remote-Email": "demo3@example.com",
// "Remote-Name": "Fritz3",
// "Remote-Groups": "admins,local",
};
const queryHeaders = { ...headers, ...testHeaders };
return this.http.post<string, TokenResponse>({ return this.http.post<string, TokenResponse>({
url: route("/users/login-sso-header"), url: route("/users/login-sso-header"),
/** TODO: remove header here. Only for testing. Usually the SSO servie will add this */ headers: queryHeaders,
headers: {
"Remote-Email": "demo3@example.com",
"Remote-Name": "Fritz3",
"Remote-Groups": "admins,local",
},
}); });
} }