mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-12-26 23:54:01 +00:00
45 lines
1.1 KiB
Nix
45 lines
1.1 KiB
Nix
import ./make-test.nix ({ pkgs, ... }: {
|
|
name = "nginx-sso";
|
|
meta = {
|
|
maintainers = with pkgs.stdenv.lib.maintainers; [ delroth ];
|
|
};
|
|
|
|
machine = {
|
|
services.nginx.sso = {
|
|
enable = true;
|
|
configuration = {
|
|
listen = { addr = "127.0.0.1"; port = 8080; };
|
|
|
|
providers.token.tokens = {
|
|
myuser = "MyToken";
|
|
};
|
|
|
|
acl = {
|
|
rule_sets = [
|
|
{
|
|
rules = [ { field = "x-application"; equals = "MyApp"; } ];
|
|
allow = [ "myuser" ];
|
|
}
|
|
];
|
|
};
|
|
};
|
|
};
|
|
};
|
|
|
|
testScript = ''
|
|
startAll;
|
|
|
|
$machine->waitForUnit("nginx-sso.service");
|
|
$machine->waitForOpenPort(8080);
|
|
|
|
# No valid user -> 401.
|
|
$machine->fail("curl -sSf http://localhost:8080/auth");
|
|
|
|
# Valid user but no matching ACL -> 403.
|
|
$machine->fail("curl -sSf -H 'Authorization: Token MyToken' http://localhost:8080/auth");
|
|
|
|
# Valid user and matching ACL -> 200.
|
|
$machine->succeed("curl -sSf -H 'Authorization: Token MyToken' -H 'X-Application: MyApp' http://localhost:8080/auth");
|
|
'';
|
|
})
|