diff options
author | Pierre Bourdon <delroth@gmail.com> | 2018-12-28 11:41:52 +0100 |
---|---|---|
committer | Pierre Bourdon <delroth@gmail.com> | 2019-01-29 19:54:14 +0100 |
commit | 20b1febace9c75958904fee603ae4a09ac91a305 (patch) | |
tree | 0c43b7427a3715feb1d2b4936a45cd3ab36c9c3f /nixos/tests/nginx-sso.nix | |
parent | 43fcfc274d5b6ba11839ce780c09fc53cde7380b (diff) | |
download | nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.tar nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.tar.gz nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.tar.bz2 nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.tar.lz nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.tar.xz nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.tar.zst nixpkgs-20b1febace9c75958904fee603ae4a09ac91a305.zip |
nixos/tests: add nginx-sso basic functionality test
Diffstat (limited to 'nixos/tests/nginx-sso.nix')
-rw-r--r-- | nixos/tests/nginx-sso.nix | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/nixos/tests/nginx-sso.nix b/nixos/tests/nginx-sso.nix new file mode 100644 index 00000000000..e19992cb6bf --- /dev/null +++ b/nixos/tests/nginx-sso.nix @@ -0,0 +1,44 @@ +import ./make-test.nix ({ pkgs, ... }: { + name = "nginx-sso"; + meta = { + maintainers = with pkgs.stdenv.lib.maintainers; [ delroth ]; + }; + + machine = { + services.nginx.sso = { + enable = true; + configuration = { + listen = { addr = "127.0.0.1"; port = 8080; }; + + providers.token.tokens = { + myuser = "MyToken"; + }; + + acl = { + rule_sets = [ + { + rules = [ { field = "x-application"; equals = "MyApp"; } ]; + allow = [ "myuser" ]; + } + ]; + }; + }; + }; + }; + + testScript = '' + startAll; + + $machine->waitForUnit("nginx-sso.service"); + $machine->waitForOpenPort(8080); + + # No valid user -> 401. + $machine->fail("curl -sSf http://localhost:8080/auth"); + + # Valid user but no matching ACL -> 403. + $machine->fail("curl -sSf -H 'Authorization: Token MyToken' http://localhost:8080/auth"); + + # Valid user and matching ACL -> 200. + $machine->succeed("curl -sSf -H 'Authorization: Token MyToken' -H 'X-Application: MyApp' http://localhost:8080/auth"); + ''; +}) |