Update authz plugin test to not use httputil
Signed-off-by: Derek McGowan <derek@mcg.dev>
This commit is contained in:
Derek McGowan
parent
bb4e9c72d7
commit
35a51fd697
1 changed files with 27 additions and 12 deletions
|
|
@ -8,7 +8,6 @@ import (
|
||||||
"io"
|
"io"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/http/httputil"
|
|
||||||
"net/url"
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
@ -25,6 +24,7 @@ import (
|
||||||
"github.com/docker/docker/pkg/archive"
|
"github.com/docker/docker/pkg/archive"
|
||||||
"github.com/docker/docker/pkg/authorization"
|
"github.com/docker/docker/pkg/authorization"
|
||||||
"github.com/docker/docker/testutil/environment"
|
"github.com/docker/docker/testutil/environment"
|
||||||
|
"github.com/docker/go-connections/sockets"
|
||||||
"gotest.tools/v3/assert"
|
"gotest.tools/v3/assert"
|
||||||
"gotest.tools/v3/skip"
|
"gotest.tools/v3/skip"
|
||||||
)
|
)
|
||||||
|
|
@ -81,6 +81,17 @@ func isAllowed(reqURI string) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func socketHTTPClient(u *url.URL) (*http.Client, error) {
|
||||||
|
transport := &http.Transport{}
|
||||||
|
err := sockets.ConfigureTransport(transport, u.Scheme, u.Path)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &http.Client{
|
||||||
|
Transport: transport,
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
|
||||||
func TestAuthZPluginAllowRequest(t *testing.T) {
|
func TestAuthZPluginAllowRequest(t *testing.T) {
|
||||||
ctx := setupTestV1(t)
|
ctx := setupTestV1(t)
|
||||||
|
|
||||||
|
|
@ -176,15 +187,17 @@ func TestAuthZPluginAPIDenyResponse(t *testing.T) {
|
||||||
daemonURL, err := url.Parse(d.Sock())
|
daemonURL, err := url.Parse(d.Sock())
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
|
|
||||||
conn, err := net.DialTimeout(daemonURL.Scheme, daemonURL.Path, time.Second*10)
|
socketClient, err := socketHTTPClient(daemonURL)
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
c := httputil.NewClientConn(conn, nil)
|
|
||||||
req, err := http.NewRequest(http.MethodGet, "/version", nil)
|
|
||||||
assert.NilError(t, err)
|
|
||||||
req = req.WithContext(ctx)
|
|
||||||
resp, err := c.Do(req)
|
|
||||||
|
|
||||||
|
req, err := http.NewRequestWithContext(ctx, http.MethodGet, "/version", nil)
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
|
req.URL.Scheme = "http"
|
||||||
|
req.URL.Host = client.DummyHost
|
||||||
|
|
||||||
|
resp, err := socketClient.Do(req)
|
||||||
|
assert.NilError(t, err)
|
||||||
|
|
||||||
assert.DeepEqual(t, http.StatusForbidden, resp.StatusCode)
|
assert.DeepEqual(t, http.StatusForbidden, resp.StatusCode)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -471,13 +484,15 @@ func TestAuthZPluginHeader(t *testing.T) {
|
||||||
daemonURL, err := url.Parse(d.Sock())
|
daemonURL, err := url.Parse(d.Sock())
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
|
|
||||||
conn, err := net.DialTimeout(daemonURL.Scheme, daemonURL.Path, time.Second*10)
|
socketClient, err := socketHTTPClient(daemonURL)
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
client := httputil.NewClientConn(conn, nil)
|
|
||||||
req, err := http.NewRequest(http.MethodGet, "/version", nil)
|
req, err := http.NewRequestWithContext(ctx, http.MethodGet, "/version", nil)
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
req = req.WithContext(ctx)
|
req.URL.Scheme = "http"
|
||||||
resp, err := client.Do(req)
|
req.URL.Host = client.DummyHost
|
||||||
|
|
||||||
|
resp, err := socketClient.Do(req)
|
||||||
assert.NilError(t, err)
|
assert.NilError(t, err)
|
||||||
assert.Equal(t, "application/json", resp.Header["Content-Type"][0])
|
assert.Equal(t, "application/json", resp.Header["Content-Type"][0])
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue