github/infisical
1
0
Fork 0
mirror of https://github.com/Infisical/infisical.git synced 2026-01-09 23:48:05 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix broken tests

Browse Source
This commit is contained in:
Fang-Pen Lin
2025-12-01 21:38:05 -08:00
parent a688389599
commit 91b916c9ad
2 changed files with 42 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
backend/bdd/features/pki/acme/challenge.feature
View File

@@ -85,13 +85,12 @@ Feature: Challenge
When I create certificate signing request as csr When I create certificate signing request as csr
Then I add names to certificate signing request csr Then I add names to certificate signing request csr
""" """
{ {}
"COMMON_NAME": "localhost"
}
""" """
And I add subject alternative name to certificate signing request csr And I add subject alternative name to certificate signing request csr
""" """
[ [
"localhost",
"infisical.com" "infisical.com"
] ]
""" """
@@ -104,56 +103,19 @@ Feature: Challenge
# the localhost auth should be valid # the localhost auth should be valid
And I memorize order with jq ".authorizations | map(select(.body.identifier.value == "localhost")) | first | .uri" as localhost_auth And I memorize order with jq ".authorizations | map(select(.body.identifier.value == "localhost")) | first | .uri" as localhost_auth
And I peak and memorize the next nonce as nonce And I wait until the status of authorization localhost_auth becomes valid
When I send a raw ACME request to "{localhost_auth}"
"""
{
"protected": {
"alg": "RS256",
"nonce": "{nonce}",
"url": "{localhost_auth}",
"kid": "{acme_account.uri}"
}
}
"""
Then the value response.status_code should be equal to 200
And the value response with jq ".status" should be equal to "valid"
# the infisical.com auth should still be pending # the infisical.com auth should still be pending
And I memorize order with jq ".authorizations | map(select(.body.identifier.value == "infisical.com")) | first | .uri" as infisical_auth And I memorize order with jq ".authorizations | map(select(.body.identifier.value == "infisical.com")) | first | .uri" as infisical_auth
And I memorize response.headers with jq ".["replay-nonce"]" as nonce And I post-as-get {infisical_auth} as infisical_auth_resp
When I send a raw ACME request to "{infisical_auth}" And the value infisical_auth_resp with jq ".status" should be equal to "pending"
"""
{
"protected": {
"alg": "RS256",
"nonce": "{nonce}",
"url": "{infisical_auth}",
"kid": "{acme_account.uri}"
}
}
"""
Then the value response.status_code should be equal to 200
And the value response with jq ".status" should be equal to "pending"
# the order should be pending as well # the order should be pending as well
And I memorize response.headers with jq ".["replay-nonce"]" as nonce And I post-as-get {order.uri} as order_resp
When I send a raw ACME request to "{order.uri}" And the value order_resp with jq ".status" should be equal to "pending"
"""
{
"protected": {
"alg": "RS256",
"nonce": "{nonce}",
"url": "{order.uri}",
"kid": "{acme_account.uri}"
}
}
"""
Then the value response.status_code should be equal to 200
And the value response with jq ".status" should be equal to "pending"
# finalize should not be allowed when all auths are not valid yet # finalize should not be allowed when all auths are not valid yet
And I memorize response.headers with jq ".["replay-nonce"]" as nonce And I get a new-nonce as nonce
When I send a raw ACME request to "{order.body.finalize}" When I send a raw ACME request to "{order.body.finalize}"
""" """
{ {

35
backend/bdd/features/steps/pki_acme.py
View File

@@ -726,6 +726,15 @@ def step_impl(context: Context, var_path: str, jq_query, var_name: str):
context.vars[var_name] = value context.vars[var_name] = value
@then("I get a new-nonce as {var_name}")
def step_impl(context: Context, var_name: str):
acme_client = context.acme_client
nonce = acme_client.net._get_nonce(
url=None, new_nonce_url=acme_client.directory.newNonce
)
context.vars[var_name] = json_util.encode_b64jose(nonce)
@then("I peak and memorize the next nonce as {var_name}") @then("I peak and memorize the next nonce as {var_name}")
def step_impl(context: Context, var_name: str): def step_impl(context: Context, var_name: str):
acme_client = context.acme_client acme_client = context.acme_client
@@ -951,11 +960,35 @@ def step_impl(context: Context, order_var: str, status: str):
order = messages.Order.from_json(response.json()) order = messages.Order.from_json(response.json())
if order.status.name == status: if order.status.name == status:
return return
acme_client -= 1 attempt_count -= 1
time.sleep(10) time.sleep(10)
raise TimeoutError(f"The status of order doesn't become {status} before timeout") raise TimeoutError(f"The status of order doesn't become {status} before timeout")
@then("I wait until the status of authorization {auth_var} becomes {status}")
def step_impl(context: Context, auth_var: str, status: str):
acme_client = context.acme_client
attempt_count = 6
while attempt_count:
auth = eval_var(context, auth_var, as_json=False)
response = acme_client._post_as_get(
auth.uri if isinstance(auth, messages.Authorization) else auth
)
auth = messages.Authorization.from_json(response.json())
if auth.status.name == status:
return
attempt_count -= 1
time.sleep(10)
raise TimeoutError(f"The status of auth doesn't become {status} before timeout")
@then("I post-as-get {uri} as {resp_var}")
def step_impl(context: Context, uri: str, resp_var: str):
acme_client = context.acme_client
response = acme_client._post_as_get(replace_vars(uri, vars=context.vars))
context.vars[resp_var] = response.json()
@then("I poll and finalize the ACME order {var_path} as {finalized_var}") @then("I poll and finalize the ACME order {var_path} as {finalized_var}")
def step_impl(context: Context, var_path: str, finalized_var: str): def step_impl(context: Context, var_path: str, finalized_var: str):
order = eval_var(context, var_path, as_json=False) order = eval_var(context, var_path, as_json=False)