devhong/grafana_bak
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
grafana_bak/pkg/services/ssosettings/strategies/saml_strategy_test.go
devhong 0f6332c6c2 grafane 생성
2025-04-01 10:38:02 +09:00

118 lines
4.2 KiB
Go
Raw Blame History

package strategies
import (
"context"
"testing"
"time"
"gopkg.in/ini.v1"
"github.com/grafana/grafana/pkg/setting"
"github.com/stretchr/testify/require"
)
var (
iniSAMLContent = `
[auth.saml]
enabled = true
entity_id = custom-entity-id
single_logout = true
name = "SAML Test"
allow_sign_up = true
auto_login = true
certificate = devenv/docker/blocks/auth/saml-enterprise/cert.crt
certificate_path = /path/to/cert
private_key = dGhpcyBpcyBteSBwcml2YXRlIGtleSB0aGF0IEkgd2FudCB0byBnZXQgZW5jb2RlZCBpbiBiYXNlIDY0
private_key_path = devenv/docker/blocks/auth/saml-enterprise/key.pem
signature_algorithm = rsa-sha256
idp_metadata = dGhpcyBpcyBteSBwcml2YXRlIGtleSB0aGF0IEkgd2FudCB0byBnZXQgZW5jb2RlZCBpbiBiYXNlIDY0
idp_metadata_path = /path/to/metadata
idp_metadata_url = http://localhost:8086/realms/grafana/protocol/saml/descriptor
max_issue_delay = 90s
metadata_valid_duration = 48h
allow_idp_initiated = false
relay_state = relay_state
assertion_attribute_name = name
assertion_attribute_login = login
assertion_attribute_email = email
assertion_attribute_groups = groups
assertion_attribute_role = roles
assertion_attribute_org = orgs
allowed_organizations = org1 org2
org_mapping = org1:1:editor, *:2:viewer
role_values_viewer = viewer
role_values_editor = editor
role_values_admin = admin
role_values_grafana_admin = serveradmin
name_id_format = urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
skip_org_role_sync = false
role_values_none = guest disabled
token_url = http://localhost:8086/auth/realms/grafana/protocol/openid-connect/token
client_id = grafana
client_secret = grafana
force_use_graph_api = false
`
expectedSAMLInfo = map[string]any{
"enabled": true,
"entity_id": "custom-entity-id",
"single_logout": true,
"allow_sign_up": true,
"auto_login": true,
"name": "SAML Test",
"certificate": "devenv/docker/blocks/auth/saml-enterprise/cert.crt",
"certificate_path": "/path/to/cert",
"private_key": "dGhpcyBpcyBteSBwcml2YXRlIGtleSB0aGF0IEkgd2FudCB0byBnZXQgZW5jb2RlZCBpbiBiYXNlIDY0",
"private_key_path": "devenv/docker/blocks/auth/saml-enterprise/key.pem",
"signature_algorithm": "rsa-sha256",
"idp_metadata": "dGhpcyBpcyBteSBwcml2YXRlIGtleSB0aGF0IEkgd2FudCB0byBnZXQgZW5jb2RlZCBpbiBiYXNlIDY0",
"idp_metadata_path": "/path/to/metadata",
"idp_metadata_url": "http://localhost:8086/realms/grafana/protocol/saml/descriptor",
"max_issue_delay": 90 * time.Second,
"metadata_valid_duration": 48 * time.Hour,
"allow_idp_initiated": false,
"relay_state": "relay_state",
"assertion_attribute_name": "name",
"assertion_attribute_login": "login",
"assertion_attribute_email": "email",
"assertion_attribute_groups": "groups",
"assertion_attribute_role": "roles",
"assertion_attribute_org": "orgs",
"allowed_organizations": "org1 org2",
"org_mapping": "org1:1:editor, *:2:viewer",
"role_values_viewer": "viewer",
"role_values_editor": "editor",
"role_values_admin": "admin",
"role_values_grafana_admin": "serveradmin",
"name_id_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress",
"skip_org_role_sync": false,
"role_values_none": "guest disabled",
"token_url": "http://localhost:8086/auth/realms/grafana/protocol/openid-connect/token",
"client_id": "grafana",
"client_secret": "grafana",
"force_use_graph_api": false,
}
)
func TestSAMLIsMatch(t *testing.T) {
cfg := setting.NewCfg()
strategy := NewSAMLStrategy(&setting.OSSImpl{Cfg: cfg})
require.True(t, strategy.IsMatch("saml"))
require.False(t, strategy.IsMatch("oauth"))
}
func TestSAMLGetProviderConfig(t *testing.T) {
configurationFile, err := ini.Load([]byte(iniSAMLContent))
require.NoError(t, err)
cfg := setting.NewCfg()
cfg.Raw = configurationFile
strategy := NewSAMLStrategy(&setting.OSSImpl{Cfg: cfg})
result, err := strategy.GetProviderConfig(context.Background(), "saml")
require.NoError(t, err)
require.Equal(t, expectedSAMLInfo, result)
}
Reference in New Issue View Git Blame Copy Permalink