authn_test.go

Documentation: github.com/google/go-containerregistry/pkg/authn

     1  // Copyright 2022 Google LLC All Rights Reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //    http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package authn
    16  
    17  import (
    18  	"encoding/json"
    19  	"strings"
    20  	"testing"
    21  
    22  	"github.com/google/go-cmp/cmp"
    23  )
    24  
    25  func TestAuthConfigMarshalJSON(t *testing.T) {
    26  	cases := []struct {
    27  		name   string
    28  		config AuthConfig
    29  		json   string
    30  	}{{
    31  		name: "auth field is calculated",
    32  		config: AuthConfig{
    33  			Username:      "user",
    34  			Password:      "pass",
    35  			IdentityToken: "id",
    36  			RegistryToken: "reg",
    37  		},
    38  		json: `{"username":"user","password":"pass","auth":"dXNlcjpwYXNz","identitytoken":"id","registrytoken":"reg"}`,
    39  	}, {
    40  		name: "auth field replaced",
    41  		config: AuthConfig{
    42  			Username:      "user",
    43  			Password:      "pass",
    44  			Auth:          "blah",
    45  			IdentityToken: "id",
    46  			RegistryToken: "reg",
    47  		},
    48  		json: `{"username":"user","password":"pass","auth":"dXNlcjpwYXNz","identitytoken":"id","registrytoken":"reg"}`,
    49  	}}
    50  
    51  	for _, tc := range cases {
    52  		t.Run(tc.name, func(t *testing.T) {
    53  			bytes, err := json.Marshal(&tc.config)
    54  
    55  			if err != nil {
    56  				t.Fatal("Marshal() =", err)
    57  			}
    58  
    59  			if diff := cmp.Diff(tc.json, string(bytes)); diff != "" {
    60  				t.Error("json output diff (-want, +got): ", diff)
    61  			}
    62  		})
    63  	}
    64  }
    65  
    66  func TestAuthConfigUnmarshalJSON(t *testing.T) {
    67  	cases := []struct {
    68  		name string
    69  		json string
    70  		err  string
    71  		want AuthConfig
    72  	}{{
    73  		name: "valid config no auth",
    74  		json: `{
    75  			"username": "user",
    76  			"password": "pass",
    77  			"identitytoken": "id",
    78  			"registrytoken": "reg"
    79  		}`,
    80  		want: AuthConfig{
    81  			// Auth value is set based on username and password
    82  			Auth:          "dXNlcjpwYXNz",
    83  			Username:      "user",
    84  			Password:      "pass",
    85  			IdentityToken: "id",
    86  			RegistryToken: "reg",
    87  		},
    88  	}, {
    89  		name: "bad json input",
    90  		json: `{"username":true}`,
    91  		err:  "json: cannot unmarshal",
    92  	}, {
    93  		name: "auth is base64",
    94  		json: `{ "auth": "dXNlcjpwYXNz" }`, // user:pass
    95  		want: AuthConfig{
    96  			Username: "user",
    97  			Password: "pass",
    98  			Auth:     "dXNlcjpwYXNz",
    99  		},
   100  	}, {
   101  		name: "auth field overrides others",
   102  		json: `{ "auth": "dXNlcjpwYXNz", "username":"foo", "password":"bar" }`, // user:pass
   103  		want: AuthConfig{
   104  			Username: "user",
   105  			Password: "pass",
   106  			Auth:     "dXNlcjpwYXNz",
   107  		},
   108  	}, {
   109  		name: "auth is base64 padded",
   110  		json: `{ "auth": "dXNlcjpwYXNzd29yZA==" }`, // user:password
   111  		want: AuthConfig{
   112  			Username: "user",
   113  			Password: "password",
   114  			Auth:     "dXNlcjpwYXNzd29yZA==",
   115  		},
   116  	}, {
   117  		name: "auth is not base64",
   118  		json: `{ "auth": "bad-auth-bad" }`,
   119  		err:  "unable to decode auth field",
   120  	}, {
   121  		name: "decoded auth is not valid",
   122  		json: `{ "auth": "Zm9vYmFy" }`,
   123  		err:  "unable to decode auth field: must be formatted as base64(username:password)",
   124  	}}
   125  
   126  	for _, tc := range cases {
   127  		t.Run(tc.name, func(t *testing.T) {
   128  			var got AuthConfig
   129  			err := json.Unmarshal([]byte(tc.json), &got)
   130  			if tc.err != "" && err == nil {
   131  				t.Fatal("no error occurred expected:", tc.err)
   132  			} else if tc.err != "" && err != nil {
   133  				if !strings.HasPrefix(err.Error(), tc.err) {
   134  					t.Fatalf("expected err %q to have prefix %q", err, tc.err)
   135  				}
   136  				return
   137  			}
   138  
   139  			if err != nil {
   140  				t.Fatal("Unmarshal()=", err)
   141  			}
   142  
   143  			if diff := cmp.Diff(tc.want, got); diff != "" {
   144  				t.Fatal("unexpected diff (-want, +got)\n", diff)
   145  			}
   146  		})
   147  	}
   148  }
   149
View as plain text