[ARVADOS] updated: 1.1.0-36-gfb7a5ed
Git user
git at public.curoverse.com
Wed Nov 1 04:02:26 EDT 2017
Summary of changes:
services/arv-git-httpd/auth_handler_test.go | 54 +++++++++++++++++++++++++++++
1 file changed, 54 insertions(+)
create mode 100644 services/arv-git-httpd/auth_handler_test.go
via fb7a5ed138af5189206a5939610c1d96f599dfb9 (commit)
from 1ff58b4325d1d0dcfc091742c64f1f87118b55ce (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit fb7a5ed138af5189206a5939610c1d96f599dfb9
Author: Tom Clegg <tclegg at veritasgenetics.com>
Date: Wed Nov 1 03:58:36 2017 -0400
12494: Add CORS test.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg at veritasgenetics.com>
diff --git a/services/arv-git-httpd/auth_handler_test.go b/services/arv-git-httpd/auth_handler_test.go
new file mode 100644
index 0000000..df64999
--- /dev/null
+++ b/services/arv-git-httpd/auth_handler_test.go
@@ -0,0 +1,54 @@
+// Copyright (C) The Arvados Authors. All rights reserved.
+//
+// SPDX-License-Identifier: AGPL-3.0
+
+package main
+
+import (
+ "net/http"
+ "net/http/httptest"
+ "net/url"
+
+ check "gopkg.in/check.v1"
+)
+
+var _ = check.Suite(&AuthHandlerSuite{})
+
+type AuthHandlerSuite struct{}
+
+func (s *AuthHandlerSuite) TestCORS(c *check.C) {
+ h := &authHandler{}
+
+ // CORS preflight
+ resp := httptest.NewRecorder()
+ req := &http.Request{
+ Method: "OPTIONS",
+ Header: http.Header{
+ "Origin": {"*"},
+ "Access-Control-Request-Method": {"GET"},
+ },
+ }
+ h.ServeHTTP(resp, req)
+ c.Check(resp.Code, check.Equals, http.StatusOK)
+ c.Check(resp.Header().Get("Access-Control-Allow-Methods"), check.Equals, "GET, POST")
+ c.Check(resp.Header().Get("Access-Control-Allow-Headers"), check.Equals, "Authorization, Content-Type")
+ c.Check(resp.Header().Get("Access-Control-Allow-Origin"), check.Equals, "*")
+ c.Check(resp.Body.String(), check.Equals, "")
+
+ // CORS actual request. Bogus token and path ensure
+ // authHandler responds 4xx without calling our wrapped (nil)
+ // handler.
+ u, err := url.Parse("git.zzzzz.arvadosapi.com/test")
+ c.Assert(err, check.Equals, nil)
+ resp = httptest.NewRecorder()
+ req = &http.Request{
+ Method: "GET",
+ URL: u,
+ Header: http.Header{
+ "Origin": {"*"},
+ "Authorization": {"OAuth2 foobar"},
+ },
+ }
+ h.ServeHTTP(resp, req)
+ c.Check(resp.Header().Get("Access-Control-Allow-Origin"), check.Equals, "*")
+}
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list