From b29d2b04433c9240c94cfa70d3ccd478b248714c Mon Sep 17 00:00:00 2001 From: Jake Scott Date: Wed, 28 Aug 2024 14:22:11 -0400 Subject: [PATCH] Test coverage fixes --- .github/workflows/checks.yml | 4 +- .gitignore | 2 + .testcoverage.yml | 9 +-- v3/mechs_test.go | 2 +- v3/provider_test.go | 105 +++++++++++++++++++++++++++++++++++ v3/status.go | 6 +- v3/status_test.go | 35 ++++++++++++ 7 files changed, 153 insertions(+), 10 deletions(-) create mode 100644 v3/provider_test.go diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 41ef421..1eae09c 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -49,9 +49,9 @@ jobs: echo pkgs=$(cd v3 && go list ./... | grep -v /examples/) >> "$GITHUB_ENV" - name: Run tests - run: cd v3 && go test $pkgs -count 100 -coverprofile=../cover.out -covermode=atomic + run: pushd v3 ; go test -v $pkgs -count 100 -coverprofile=../cover.out -covermode=atomic; popd - name: Check test coverage - uses: vladopajic/go-test-coverage@v2 + uses: jake-scott/go-test-coverage@v1.0.0 with: config: ./.testcoverage.yml diff --git a/.gitignore b/.gitignore index 554b9ae..4e197c8 100644 --- a/.gitignore +++ b/.gitignore @@ -23,3 +23,5 @@ examples/go/gss-server-go # # toolbin/ + +v3/cover.out diff --git a/.testcoverage.yml b/.testcoverage.yml index 8819f87..394dfe0 100644 --- a/.testcoverage.yml +++ b/.testcoverage.yml @@ -6,22 +6,23 @@ # profiles into one. In this case, the profile should have a comma-separated list # of profile files, e.g., 'cover_unit.out,cover_integration.out'. profile: cover.out +working-directory: v3 # (optional; but recommended to set) # When specified reported file paths will not contain local prefix in the output -local-prefix: "github.com/jake-scott/go-functional" +local-prefix: "github.com/golang-auth/go-gssapi/v3" # Holds coverage thresholds percentages, values should be in range [0-100] threshold: # (optional; default 0) # The minimum coverage that each file should have - file: 75 + file: 60 # (optional; default 0) # The minimum coverage that each package should have - package: 85 + package: 70 # (optional; default 0) # The minimum total coverage project should have - total: 95 + total: 85 diff --git a/v3/mechs_test.go b/v3/mechs_test.go index 290fa89..3771ee6 100644 --- a/v3/mechs_test.go +++ b/v3/mechs_test.go @@ -35,7 +35,7 @@ func TestMechString(t *testing.T) { assert.Equal("GSS_MECH_SPNEGO", oid) badMech := gssMechImpl(100) - assert.PanicsWithValue(ErrBadMech, func() { badMech.OidString() }) + assert.PanicsWithValue(ErrBadMech, func() { badMech.String() }) } func TestMechFromOid(t *testing.T) { diff --git a/v3/provider_test.go b/v3/provider_test.go new file mode 100644 index 0000000..f0ca266 --- /dev/null +++ b/v3/provider_test.go @@ -0,0 +1,105 @@ +// SPDX-License-Identifier: Apache-2.0 +package gssapi + +import ( + "testing" + "time" + + "github.com/stretchr/testify/assert" +) + +type someProvider struct { + name string +} + +func (someProvider) ImportName(name string, nameType GssNameType) (GssName, error) { + return nil, nil +} + +func (someProvider) AcquireCredential(name GssName, mechs []GssMech, usage CredUsage, lifetime time.Duration) (Credential, error) { + return nil, nil +} + +func (someProvider) InitSecContext(name GssName, opts ...InitSecContextOption) (SecContext, []byte, error) { + return nil, nil, nil +} + +func (someProvider) AcceptSecContext(cred Credential, inputToken []byte) (SecContext, []byte, error) { + return nil, nil, nil +} + +func (someProvider) ImportSecContext(b []byte) (SecContext, error) { + return nil, nil +} + +func (someProvider) InquireNamesForMech(m GssMech) ([]GssNameType, error) { + return nil, nil +} + +func TestRegister(t *testing.T) { + assert := assert.New(t) + + registry.libs = make(map[string]ProviderFactory) + + assert.Equal(0, len(registry.libs)) + + factory := func() Provider { + return someProvider{name: "TEST"} + } + + RegisterProvider("test", factory) + assert.Equal(1, len(registry.libs)) + f, ok := registry.libs["test"] + assert.True(ok) + assert.NotNil(f) + + p := NewProvider("test") + assert.NotNil(p) + sp, ok := p.(someProvider) + assert.True(ok) + assert.Equal("TEST", sp.name) + + assert.Panics(func() { NewProvider("") }) + assert.Panics(func() { NewProvider("xyz") }) +} + +type someCredential struct{} + +func (someCredential) Release() error { + return nil +} + +func (someCredential) Inquire() (*CredInfo, error) { + return nil, nil +} + +func (someCredential) Add(name GssName, mech GssMech, usage CredUsage, initiatorLifetime time.Duration, acceptorLifetime time.Duration) error { + return nil +} + +func (someCredential) InquireByMech(mech GssMech) (*CredInfo, error) { + return nil, nil +} + +func TestInitSecContextOptions(t *testing.T) { + assert := assert.New(t) + + cred := &someCredential{} + + opts := []InitSecContextOption{ + WithInitiatorCredential(cred), + WithInitatorMech(GSS_MECH_KRB5), + WithInitiatorFlags(ContextFlagMutual | ContextFlagInteg), + WithInitiatorLifetime(time.Second * 123), + } + + isco := InitSecContextOptions{} + for _, f := range opts { + f(&isco) + } + + assert.EqualValues(cred, isco.Credential) + assert.EqualValues(GSS_MECH_KRB5, isco.Mech) + assert.Equal(ContextFlagMutual|ContextFlagInteg, isco.Flags) + assert.Equal(time.Second*123, isco.Lifetime) +} diff --git a/v3/status.go b/v3/status.go index 95b1958..a14c821 100644 --- a/v3/status.go +++ b/v3/status.go @@ -34,7 +34,7 @@ const ( errDefectiveToken errDefectiveCredential errCredentialsExpired - errContexctExpired + errContextExpired errFailure errBadQop errUnauthorized @@ -71,7 +71,7 @@ var ErrBadQop = errors.New("the quality-of-protection (QOP) requested could not var ErrUnauthorized = errors.New("the operation is forbidden by local security policy") var ErrUnavailable = errors.New("the operation or option is not available or supported") var ErrDuplicateElement = errors.New("the requested credential element already exists") -var ErrNameNotMn = errors.New("the provided name was not mechsnism specific (MN)") +var ErrNameNotMn = errors.New("the provided name was not mechanism specific (MN)") //lint:ignore ST1012 these aren't actually errors var InfoContinueNeeded = errors.New("the routine must be called again to complete its function") @@ -114,7 +114,7 @@ func (s FatalStatus) Fatal() error { return ErrDefectiveCredential case errCredentialsExpired: return ErrCredentialsExpired - case errContexctExpired: + case errContextExpired: return ErrContextExpired case errFailure: return ErrFailure diff --git a/v3/status_test.go b/v3/status_test.go index 611d95a..34eeb41 100644 --- a/v3/status_test.go +++ b/v3/status_test.go @@ -24,6 +24,40 @@ func TestConstValues(t *testing.T) { assert.Equal(InformationCode(16), infoGapToken) } +func TestFatal(t *testing.T) { + assert := assert.New(t) + + tests := []struct { + code FatalErrorCode + errContains string + }{ + {errBadMech, "unsupported mech"}, + {errBadName, "invalid name"}, + {errBadNameType, "unsupported type"}, + {errBadBindings, "channel bindings"}, + {errBadStatus, "invalid status"}, + {errBadMic, "invalid signature"}, + {errNoCred, "no credentials"}, + {errNoContext, "no context"}, + {errDefectiveToken, "invalid token"}, + {errDefectiveCredential, "invalid credential"}, + {errCredentialsExpired, "credentials have expired"}, + {errContextExpired, "context has expired"}, + {errFailure, "unspecified GSS"}, + {errBadQop, "quality-of-protection"}, + {errUnauthorized, "operation is forbidden"}, + {errUnavailable, "not available"}, + {errDuplicateElement, "already exists"}, + {errNameNotMn, "not mechanism"}, + {1000, "invalid status"}, + } + + for _, tt := range tests { + fs := FatalStatus{FatalErrorCode: tt.code} + assert.Contains(fs.Fatal().Error(), tt.errContains) + } +} + func TestFatalUnwrap(t *testing.T) { assert := assert.New(t) @@ -49,6 +83,7 @@ func TestFatalError(t *testing.T) { FatalErrorCode: errBadMech, InfoStatus: InfoStatus{ InformationCode: infoDuplicateToken | infoGapToken, + MechErrors: []error{errors.New("TEST")}, }, }