1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
// +build integration
package integration
import (
"encoding/json"
"flag"
"fmt"
"log"
"os"
"strings"
"testing"
"time"
"github.com/smallstep/assert"
)
const (
TempDirectory = "testdata-tmp"
DefaultTimeout = 2 * time.Second
)
func TestMain(m *testing.M) {
flag.Parse()
os.Setenv("PATH", os.Getenv("GOPATH")+"/src/github.com/smallstep/cli/bin"+":"+os.Getenv("PATH"))
if err := os.Mkdir(TempDirectory, os.ModeDir|os.ModePerm); err != nil {
log.Fatal(err)
}
var rval int
defer func() {
if os.Getenv("STEP_INTEGRATION_DEBUG") != "1" {
os.RemoveAll(TempDirectory)
}
if err := recover(); err != nil {
log.Fatal(err)
}
os.Exit(rval)
}()
rval = m.Run()
}
func TestVersion(t *testing.T) {
out, err := Output("step version | head -1")
assert.FatalError(t, err)
assert.True(t, strings.HasPrefix(string(out), "Smallstep CLI"))
}
func TestCryptoJWTSign(t *testing.T) {
out, err := Output("step crypto jwt sign -key testdata/p256.pem -iss TestIssuer -aud TestAudience -sub TestSubject -nbf 1 -iat 1 -exp 1 -subtle")
assert.FatalError(t, err)
assert.True(t, strings.HasPrefix(string(out), "eyJhbGciOiJFUzI1NiIsImtpZCI6IiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJUZXN0QXVkaWVuY2UiLCJleHAiOjEsImlhdCI6MSwiaXNzIjoiVGVzdElzc3VlciIsIm5iZiI6MSwic3ViIjoiVGVzdFN1YmplY3QifQ."))
}
func TestCryptoJWTVerifyWithPrivate(t *testing.T) {
exp := time.Now().Add(1 * time.Minute)
out, err := CombinedOutput(fmt.Sprintf("step crypto jwt sign -key testdata/p256.pem -iss TestIssuer -aud TestAudience -sub TestSubject -exp %d | step crypto jwt verify -key testdata/p256.pem -subtle", exp.Unix()))
assert.FatalError(t, err)
m := make(map[string]interface{})
assert.FatalError(t, json.Unmarshal(out, &m))
assert.Equals(t, "TestIssuer", m["payload"].(map[string]interface{})["iss"])
}
func TestCertificateFingerprint(t *testing.T) {
tests := []struct {
name string
crt string
flag string
want string
}{
{"default", "test_files/intermediate_ca.crt", "", "626dca961bfde13341b32e7711c7127612988dbc5d0082fb220efd8ab4087b4b"},
{"hex", "test_files/intermediate_ca.crt", " --format=hex", "626dca961bfde13341b32e7711c7127612988dbc5d0082fb220efd8ab4087b4b"},
{"base64", "test_files/intermediate_ca.crt", " --format=base64", "Ym3Klhv94TNBsy53EccSdhKYjbxdAIL7Ig79irQIe0s="},
{"base64url", "test_files/intermediate_ca.crt", " --format=base64-url", "Ym3Klhv94TNBsy53EccSdhKYjbxdAIL7Ig79irQIe0s="},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
out, err := Output(fmt.Sprintf("step certificate fingerprint %s%s", tt.crt, tt.flag))
assert.FatalError(t, err)
assert.True(t, strings.HasPrefix(string(out), tt.want))
})
}
}
|
