parent
43fcfc274d
commit
20b1febace
@ -0,0 +1,44 @@ |
||||
import ./make-test.nix ({ pkgs, ... }: { |
||||
name = "nginx-sso"; |
||||
meta = { |
||||
maintainers = with pkgs.stdenv.lib.maintainers; [ delroth ]; |
||||
}; |
||||
|
||||
machine = { |
||||
services.nginx.sso = { |
||||
enable = true; |
||||
configuration = { |
||||
listen = { addr = "127.0.0.1"; port = 8080; }; |
||||
|
||||
providers.token.tokens = { |
||||
myuser = "MyToken"; |
||||
}; |
||||
|
||||
acl = { |
||||
rule_sets = [ |
||||
{ |
||||
rules = [ { field = "x-application"; equals = "MyApp"; } ]; |
||||
allow = [ "myuser" ]; |
||||
} |
||||
]; |
||||
}; |
||||
}; |
||||
}; |
||||
}; |
||||
|
||||
testScript = '' |
||||
startAll; |
||||
|
||||
$machine->waitForUnit("nginx-sso.service"); |
||||
$machine->waitForOpenPort(8080); |
||||
|
||||
# No valid user -> 401. |
||||
$machine->fail("curl -sSf http://localhost:8080/auth"); |
||||
|
||||
# Valid user but no matching ACL -> 403. |
||||
$machine->fail("curl -sSf -H 'Authorization: Token MyToken' http://localhost:8080/auth"); |
||||
|
||||
# Valid user and matching ACL -> 200. |
||||
$machine->succeed("curl -sSf -H 'Authorization: Token MyToken' -H 'X-Application: MyApp' http://localhost:8080/auth"); |
||||
''; |
||||
}) |
Loading…
Reference in new issue