nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-25 16:33:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

nixos/tests/dex-oidc: fix build

Browse Source 
- change way of getting approval code to parsing query parameter from
redirect_url of login request
- add 2 minute timeouts to parts that can wait up to 15 minutes
by default (timeout defaults to 900)
This commit is contained in:
ghpzin 2024-09-06 12:48:00 +03:00
parent f7bff2d6e4
commit e7d5deb19f
No known key found for this signature in database
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
nixos/tests/dex-oidc.nix
View File

@ -57,15 +57,16 @@ import ./make-test-python.nix ({ lib, ... }: {
testScript = '' testScript = ''
with subtest("Web server gets ready"): with subtest("Web server gets ready"):
machine.wait_for_unit("dex.service") machine.wait_for_unit("dex.service", timeout=120)
# Wait until server accepts connections # Wait until server accepts connections
machine.wait_until_succeeds("curl -fs 'localhost:8080/dex/auth/mock?client_id=oidcclient&response_type=code&redirect_uri=https://example.com/callback&scope=openid'") machine.wait_until_succeeds("curl -fs 'localhost:8080/dex/auth/mock?client_id=oidcclient&response_type=code&redirect_uri=https://example.com/callback&scope=openid'", timeout=120)
with subtest("Login"): with subtest("Login"):
state = machine.succeed("curl -fs 'localhost:8080/dex/auth/mock?client_id=oidcclient&response_type=code&redirect_uri=https://example.com/callback&scope=openid' | sed -n 's/.*state=\\(.*\\)\">.*/\\1/p'").strip() state = machine.succeed("curl -fs 'localhost:8080/dex/auth/mock?client_id=oidcclient&response_type=code&redirect_uri=https://example.com/callback&scope=openid' | sed -n 's/.*state=\\(.*\\)\">.*/\\1/p'").strip()
print(f"Got state {state}") print(f"Got state {state}")
machine.succeed(f"curl -fs 'localhost:8080/dex/auth/mock/login?back=&state={state}' -d 'login=admin&password=password'") # Login request returns 303 with redirect_url that has code as query parameter:
code = machine.succeed(f"curl -fs localhost:8080/dex/approval?req={state} | sed -n 's/.*code=\\(.*\\)&.*/\\1/p'").strip() # https://example.com/callback?code=kibsamwdupuy2iwqnlbqei3u6&state=
code = machine.succeed(f"curl -fs 'localhost:8080/dex/auth/mock/login?back=&state={state}' -d 'login=admin&password=password' -w '%{{redirect_url}}' | sed -n 's/.*code=\\(.*\\)&.*/\\1/p'")
print(f"Got approval code {code}") print(f"Got approval code {code}")
bearer = machine.succeed(f"curl -fs localhost:8080/dex/token -u oidcclient:oidcclientsecret -d 'grant_type=authorization_code&redirect_uri=https://example.com/callback&code={code}' | jq .access_token -r").strip() bearer = machine.succeed(f"curl -fs localhost:8080/dex/token -u oidcclient:oidcclientsecret -d 'grant_type=authorization_code&redirect_uri=https://example.com/callback&code={code}' | jq .access_token -r").strip()
print(f"Got access token {bearer}") print(f"Got access token {bearer}")