[ARVADOS] updated: 1.1.0-36-gfb7a5ed

Git user git at public.curoverse.com
Wed Nov 1 04:02:26 EDT 2017 

Summary of changes:
 services/arv-git-httpd/auth_handler_test.go | 54 +++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 services/arv-git-httpd/auth_handler_test.go

       via  fb7a5ed138af5189206a5939610c1d96f599dfb9 (commit)
      from  1ff58b4325d1d0dcfc091742c64f1f87118b55ce (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.


commit fb7a5ed138af5189206a5939610c1d96f599dfb9
Author: Tom Clegg <tclegg at veritasgenetics.com>
Date:   Wed Nov 1 03:58:36 2017 -0400

    12494: Add CORS test.
    
    Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tclegg at veritasgenetics.com>

diff --git a/services/arv-git-httpd/auth_handler_test.go b/services/arv-git-httpd/auth_handler_test.go
new file mode 100644
index 0000000..df64999
--- /dev/null
+++ b/services/arv-git-httpd/auth_handler_test.go
@@ -0,0 +1,54 @@
+// Copyright (C) The Arvados Authors. All rights reserved.
+//
+// SPDX-License-Identifier: AGPL-3.0
+
+package main
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+
+	check "gopkg.in/check.v1"
+)
+
+var _ = check.Suite(&AuthHandlerSuite{})
+
+type AuthHandlerSuite struct{}
+
+func (s *AuthHandlerSuite) TestCORS(c *check.C) {
+	h := &authHandler{}
+
+	// CORS preflight
+	resp := httptest.NewRecorder()
+	req := &http.Request{
+		Method: "OPTIONS",
+		Header: http.Header{
+			"Origin":                        {"*"},
+			"Access-Control-Request-Method": {"GET"},
+		},
+	}
+	h.ServeHTTP(resp, req)
+	c.Check(resp.Code, check.Equals, http.StatusOK)
+	c.Check(resp.Header().Get("Access-Control-Allow-Methods"), check.Equals, "GET, POST")
+	c.Check(resp.Header().Get("Access-Control-Allow-Headers"), check.Equals, "Authorization, Content-Type")
+	c.Check(resp.Header().Get("Access-Control-Allow-Origin"), check.Equals, "*")
+	c.Check(resp.Body.String(), check.Equals, "")
+
+	// CORS actual request. Bogus token and path ensure
+	// authHandler responds 4xx without calling our wrapped (nil)
+	// handler.
+	u, err := url.Parse("git.zzzzz.arvadosapi.com/test")
+	c.Assert(err, check.Equals, nil)
+	resp = httptest.NewRecorder()
+	req = &http.Request{
+		Method: "GET",
+		URL:    u,
+		Header: http.Header{
+			"Origin":        {"*"},
+			"Authorization": {"OAuth2 foobar"},
+		},
+	}
+	h.ServeHTTP(resp, req)
+	c.Check(resp.Header().Get("Access-Control-Allow-Origin"), check.Equals, "*")
+}

-----------------------------------------------------------------------


hooks/post-receive
--

More information about the arvados-commits mailing list