fix bouncer test

2024-02-09 12:24:46 +01:00 · 2024-02-09 12:24:46 +01:00 · a01ce0a907
commit a01ce0a907
parent 91e6bf7638
2 changed files with 3 additions and 2 deletions
--- a/pkg/apiserver/middlewares/v1/api_key.go
+++ b/pkg/apiserver/middlewares/v1/api_key.go
@ -66,7 +66,7 @@ func (a *APIKey) authTLS(c *gin.Context, logger *log.Entry) *ent.Bouncer {

 	validCert, extractedCN, err := a.TlsAuth.ValidateCert(c)
 	if !validCert {
-		logger.Errorf("invalid client certificate: %s", err)
+		logger.Error(err)
 		return nil
 	}

--- a/test/bats/11_bouncers_tls.bats
+++ b/test/bats/11_bouncers_tls.bats
@ -92,7 +92,8 @@ teardown() {
@test "simulate one bouncer request with a revoked certificate" {
    truncate_log
    rune -0 curl -i -s --cert "${tmpdir}/bouncer_revoked.pem" --key "${tmpdir}/bouncer_revoked-key.pem" --cacert "${tmpdir}/bundle.pem" https://localhost:8080/v1/decisions\?ip=42.42.42.42
-    assert_log --partial "invalid client certificate: client certificate is revoked"
+    assert_log --partial "client certificate is revoked by CRL"
+    assert_log --partial "client certificate for CN=localhost OU=[bouncer-ou] is revoked"
    assert_output --partial "access forbidden"
    rune -0 cscli bouncers list -o json
    assert_output "[]"