From 9ad85126cb308caa8ad6adcd5c135734bbce551f Mon Sep 17 00:00:00 2001 From: Thomas Schmitt Date: Thu, 9 May 2024 10:21:33 +0300 Subject: [PATCH] Add global parameter identity-uri Added a new global parameter to override the identity server uri. This makes it easier to use the UiPath services with an external identity token provider. It was possible before to override the identity server uri by setting the UIPATH_IDENTITY_URI environment variable but not by providing a global CLI parameter. Refactored the code so that the CLI parameter, config value and environment variable parsing is done in the command_builder like all the other parameters and removed the env variable parsing from the bearer authenticator. --- README.md | 1 + auth/authenticator_context.go | 16 +++-- auth/bearer_authenticator.go | 26 +------- auth/bearer_authenticator_config.go | 4 +- auth/oauth_authenticator.go | 23 +------ auth/oauth_authenticator_config.go | 4 +- auth/oauth_authenticator_test.go | 97 +++++++---------------------- commandline/command_builder.go | 40 ++++++++++++ commandline/parameter_formatter.go | 4 +- executor/execution_context.go | 4 +- executor/http_executor.go | 6 +- executor/plugin_executor.go | 6 +- test/auth_test.go | 29 +++++++++ test/show_command_test.go | 2 +- 14 files changed, 123 insertions(+), 139 deletions(-) diff --git a/README.md b/README.md index 24a0aa0..8e6bdbb 100644 --- a/README.md +++ b/README.md @@ -569,6 +569,7 @@ You can either pass global arguments as CLI parameters, set an env variable or s | `--uri` | `UIPATH_URI` | `uri` | `https://cloud.uipath.com` | URL override | | `--organization` | `UIPATH_ORGANIZATION` | `string` | | Organization name | | `--tenant` | `UIPATH_TENANT` | `string` | | Tenant name | +| `--identity-uri` | `UIPATH_IDENTITY_URI` | `uri` | `https://cloud.uipath.com/identity_` | URL override for identity calls | | | `UIPATH_CLIENT_ID` | `string` | | Client Id | | | `UIPATH_CLIENT_SECRET` | `string` | | Client Secret | | | `UIPATH_PAT` | `string` | | Personal Access Token | diff --git a/auth/authenticator_context.go b/auth/authenticator_context.go index 25f4060..3c974f8 100644 --- a/auth/authenticator_context.go +++ b/auth/authenticator_context.go @@ -1,19 +1,23 @@ package auth +import "net/url" + // AuthenticatorContext provides information required for authenticating requests. type AuthenticatorContext struct { - Type string `json:"type"` - Config map[string]interface{} `json:"config"` - Debug bool `json:"debug"` - Insecure bool `json:"insecure"` - Request AuthenticatorRequest `json:"request"` + Type string `json:"type"` + Config map[string]interface{} `json:"config"` + IdentityUri url.URL `json:"identityUri"` + Debug bool `json:"debug"` + Insecure bool `json:"insecure"` + Request AuthenticatorRequest `json:"request"` } func NewAuthenticatorContext( authType string, config map[string]interface{}, + identityUri url.URL, debug bool, insecure bool, request AuthenticatorRequest) *AuthenticatorContext { - return &AuthenticatorContext{authType, config, debug, insecure, request} + return &AuthenticatorContext{authType, config, identityUri, debug, insecure, request} } diff --git a/auth/bearer_authenticator.go b/auth/bearer_authenticator.go index 4895840..ea82e84 100644 --- a/auth/bearer_authenticator.go +++ b/auth/bearer_authenticator.go @@ -2,7 +2,6 @@ package auth import ( "fmt" - "net/url" "os" "github.com/UiPath/uipathcli/cache" @@ -10,7 +9,6 @@ import ( const ClientIdEnvVarName = "UIPATH_CLIENT_ID" const ClientSecretEnvVarName = "UIPATH_CLIENT_SECRET" //nolint // This is not a secret but just the env variable name -const IdentityUriEnvVarName = "UIPATH_IDENTITY_URI" // The BearerAuthenticator calls the identity token-endpoint to retrieve a JWT bearer token. // It requires clientId and clientSecret. @@ -26,21 +24,9 @@ func (a BearerAuthenticator) Auth(ctx AuthenticatorContext) AuthenticatorResult if err != nil { return *AuthenticatorError(fmt.Errorf("Invalid bearer authenticator configuration: %w", err)) } - identityBaseUri := config.IdentityUri - if identityBaseUri == nil { - requestUrl, err := url.Parse(ctx.Request.URL) - if err != nil { - return *AuthenticatorError(fmt.Errorf("Invalid request url '%s': %w", ctx.Request.URL, err)) - } - identityBaseUri, err = url.Parse(fmt.Sprintf("%s://%s/identity_", requestUrl.Scheme, requestUrl.Host)) - if err != nil { - return *AuthenticatorError(fmt.Errorf("Invalid identity url '%s': %w", ctx.Request.URL, err)) - } - } - identityClient := newIdentityClient(a.cache) tokenRequest := newTokenRequest( - *identityBaseUri, + config.IdentityUri, config.GrantType, config.Scopes, config.ClientId, @@ -85,15 +71,7 @@ func (a BearerAuthenticator) getConfig(ctx AuthenticatorContext) (*bearerAuthent if err != nil { return nil, err } - var uri *url.URL - uriString, err := a.parseRequiredString(ctx.Config, "uri", os.Getenv(IdentityUriEnvVarName)) - if err == nil { - uri, err = url.Parse(uriString) - if err != nil { - return nil, fmt.Errorf("Error parsing identity uri: %w", err) - } - } - return newBearerAuthenticatorConfig(grantType, scopes, clientId, clientSecret, properties, uri), nil + return newBearerAuthenticatorConfig(grantType, scopes, clientId, clientSecret, properties, ctx.IdentityUri), nil } func (a BearerAuthenticator) parseProperties(config map[string]interface{}) (map[string]string, error) { diff --git a/auth/bearer_authenticator_config.go b/auth/bearer_authenticator_config.go index 5505af4..375b0a9 100644 --- a/auth/bearer_authenticator_config.go +++ b/auth/bearer_authenticator_config.go @@ -8,7 +8,7 @@ type bearerAuthenticatorConfig struct { ClientId string ClientSecret string Properties map[string]string - IdentityUri *url.URL + IdentityUri url.URL } func newBearerAuthenticatorConfig( @@ -17,6 +17,6 @@ func newBearerAuthenticatorConfig( clientId string, clientSecret string, properties map[string]string, - identityUri *url.URL) *bearerAuthenticatorConfig { + identityUri url.URL) *bearerAuthenticatorConfig { return &bearerAuthenticatorConfig{grantType, scopes, clientId, clientSecret, properties, identityUri} } diff --git a/auth/oauth_authenticator.go b/auth/oauth_authenticator.go index caf10f6..69ae271 100644 --- a/auth/oauth_authenticator.go +++ b/auth/oauth_authenticator.go @@ -35,18 +35,7 @@ func (a OAuthAuthenticator) Auth(ctx AuthenticatorContext) AuthenticatorResult { if err != nil { return *AuthenticatorError(fmt.Errorf("Invalid oauth authenticator configuration: %w", err)) } - identityBaseUri := config.IdentityUri - if identityBaseUri == nil { - requestUrl, err := url.Parse(ctx.Request.URL) - if err != nil { - return *AuthenticatorError(fmt.Errorf("Invalid request url '%s': %w", ctx.Request.URL, err)) - } - identityBaseUri, err = url.Parse(fmt.Sprintf("%s://%s/identity_", requestUrl.Scheme, requestUrl.Host)) - if err != nil { - return *AuthenticatorError(fmt.Errorf("Invalid identity url '%s': %w", ctx.Request.URL, err)) - } - } - token, err := a.retrieveToken(*identityBaseUri, *config, ctx.Insecure) + token, err := a.retrieveToken(config.IdentityUri, *config, ctx.Insecure) if err != nil { return *AuthenticatorError(fmt.Errorf("Error retrieving access token: %w", err)) } @@ -176,15 +165,7 @@ func (a OAuthAuthenticator) getConfig(ctx AuthenticatorContext) (*oauthAuthentic if err != nil { return nil, err } - var uri *url.URL - uriString, err := a.parseRequiredString(ctx.Config, "uri") - if err == nil { - uri, err = url.Parse(uriString) - if err != nil { - return nil, fmt.Errorf("Error parsing identity uri: %w", err) - } - } - return newOAuthAuthenticatorConfig(clientId, *parsedRedirectUri, scopes, uri), nil + return newOAuthAuthenticatorConfig(clientId, *parsedRedirectUri, scopes, ctx.IdentityUri), nil } func (a OAuthAuthenticator) parseRequiredString(config map[string]interface{}, name string) (string, error) { diff --git a/auth/oauth_authenticator_config.go b/auth/oauth_authenticator_config.go index 6bf9ea3..8847859 100644 --- a/auth/oauth_authenticator_config.go +++ b/auth/oauth_authenticator_config.go @@ -6,13 +6,13 @@ type oauthAuthenticatorConfig struct { ClientId string RedirectUrl url.URL Scopes string - IdentityUri *url.URL + IdentityUri url.URL } func newOAuthAuthenticatorConfig( clientId string, redirectUrl url.URL, scopes string, - identityUri *url.URL) *oauthAuthenticatorConfig { + identityUri url.URL) *oauthAuthenticatorConfig { return &oauthAuthenticatorConfig{clientId, redirectUrl, scopes, identityUri} } diff --git a/auth/oauth_authenticator_test.go b/auth/oauth_authenticator_test.go index 4c24009..7a9563f 100644 --- a/auth/oauth_authenticator_test.go +++ b/auth/oauth_authenticator_test.go @@ -23,7 +23,7 @@ func TestOAuthAuthenticatorNotEnabled(t *testing.T) { "scopes": "OR.Users", } request := NewAuthenticatorRequest("http:/localhost", map[string]string{}) - context := NewAuthenticatorContext("login", config, false, false, *request) + context := NewAuthenticatorContext("login", config, createIdentityUrl(""), false, false, *request) authenticator := NewOAuthAuthenticator(cache.NewFileCache(), nil) result := authenticator.Auth(*context) @@ -44,7 +44,7 @@ func TestOAuthAuthenticatorPreservesExistingHeaders(t *testing.T) { "my-header": "my-value", } request := NewAuthenticatorRequest("http:/localhost", headers) - context := NewAuthenticatorContext("login", config, false, false, *request) + context := NewAuthenticatorContext("login", config, createIdentityUrl(""), false, false, *request) authenticator := NewOAuthAuthenticator(cache.NewFileCache(), nil) result := authenticator.Auth(*context) @@ -56,38 +56,6 @@ func TestOAuthAuthenticatorPreservesExistingHeaders(t *testing.T) { } } -func TestOAuthAuthenticatorInvalidRequestUrl(t *testing.T) { - config := map[string]interface{}{ - "clientId": "my-client-id", - "redirectUri": "http://localhost:0", - "scopes": "OR.Users", - } - request := NewAuthenticatorRequest("://invalid", map[string]string{}) - context := NewAuthenticatorContext("login", config, false, false, *request) - - authenticator := NewOAuthAuthenticator(cache.NewFileCache(), nil) - result := authenticator.Auth(*context) - if result.Error != `Invalid request url '://invalid': parse "://invalid": missing protocol scheme` { - t.Errorf("Expected error with invalid request url, but got: %v", result.Error) - } -} - -func TestOAuthAuthenticatorInvalidIdentityUrl(t *testing.T) { - config := map[string]interface{}{ - "clientId": "my-client-id", - "redirectUri": "http://localhost:0", - "scopes": "OR.Users", - } - request := NewAuthenticatorRequest("INVALID-URL", map[string]string{}) - context := NewAuthenticatorContext("login", config, false, false, *request) - - authenticator := NewOAuthAuthenticator(cache.NewFileCache(), nil) - result := authenticator.Auth(*context) - if result.Error != `Invalid identity url 'INVALID-URL': parse ":///identity_": missing protocol scheme` { - t.Errorf("Expected error with invalid request url, but got: %v", result.Error) - } -} - func TestOAuthAuthenticatorInvalidConfig(t *testing.T) { config := map[string]interface{}{ "clientId": 1, @@ -95,7 +63,7 @@ func TestOAuthAuthenticatorInvalidConfig(t *testing.T) { "scopes": "OR.Users", } request := NewAuthenticatorRequest("http:/localhost", map[string]string{}) - context := NewAuthenticatorContext("login", config, false, false, *request) + context := NewAuthenticatorContext("login", config, createIdentityUrl(""), false, false, *request) authenticator := NewOAuthAuthenticator(cache.NewFileCache(), nil) result := authenticator.Auth(*context) @@ -109,9 +77,9 @@ func TestOAuthFlowIdentityFails(t *testing.T) { ResponseStatus: 400, ResponseBody: "Invalid token request", } - identityUrl := identityServerFake.Start(t) + identityBaseUrl := identityServerFake.Start(t) - context := createAuthContext(identityUrl) + context := createAuthContext(identityBaseUrl) loginUrl, resultChannel := callAuthenticator(context) performLogin(loginUrl, t) @@ -126,9 +94,9 @@ func TestOAuthFlowSuccessful(t *testing.T) { ResponseStatus: 200, ResponseBody: `{"access_token": "my-access-token", "expires_in": 3600, "token_type": "Bearer", "scope": "OR.Users"}`, } - identityUrl := identityServerFake.Start(t) + identityBaseUrl := identityServerFake.Start(t) - context := createAuthContext(identityUrl) + context := createAuthContext(identityBaseUrl) loginUrl, resultChannel := callAuthenticator(context) performLogin(loginUrl, t) @@ -142,42 +110,14 @@ func TestOAuthFlowSuccessful(t *testing.T) { } } -func TestOAuthFlowWithCustomIdentityUri(t *testing.T) { - identityServerFake := identityServerFake{ - ResponseStatus: 200, - ResponseBody: `{"access_token": "my-access-token", "expires_in": 3600, "token_type": "Bearer", "scope": "OR.Users"}`, - } - identityUrl := identityServerFake.Start(t) - config := map[string]interface{}{ - "clientId": newClientId(), - "redirectUri": "http://localhost:0", - "scopes": "OR.Users", - "uri": identityUrl.String() + "/identity_", - } - request := NewAuthenticatorRequest("no-url", map[string]string{}) - context := NewAuthenticatorContext("login", config, false, false, *request) - - loginUrl, resultChannel := callAuthenticator(*context) - performLogin(loginUrl, t) - - result := <-resultChannel - if result.Error != "" { - t.Errorf("Expected no error when performing oauth flow, but got: %v", result.Error) - } - authorizationHeader := result.RequestHeader["Authorization"] - if authorizationHeader != "Bearer my-access-token" { - t.Errorf("Expected JWT bearer token in authorization header, but got: %v", authorizationHeader) - } -} - func TestOAuthFlowIsCached(t *testing.T) { identityServerFake := identityServerFake{ ResponseStatus: 200, ResponseBody: `{"access_token": "my-access-token", "expires_in": 3600, "token_type": "Bearer", "scope": "OR.Users"}`, } - identityUrl := identityServerFake.Start(t) + identityBaseUrl := identityServerFake.Start(t) - context := createAuthContext(identityUrl) + context := createAuthContext(identityBaseUrl) loginUrl, resultChannel := callAuthenticator(context) performLogin(loginUrl, t) <-resultChannel @@ -217,9 +157,9 @@ func TestShowsSuccessfullyLoggedInPage(t *testing.T) { ResponseStatus: 200, ResponseBody: `{"access_token": "my-access-token", "expires_in": 3600, "token_type": "Bearer", "scope": "OR.Users"}`, } - identityUrl := identityServerFake.Start(t) + identityBaseUrl := identityServerFake.Start(t) - context := createAuthContext(identityUrl) + context := createAuthContext(identityBaseUrl) loginUrl, _ := callAuthenticator(context) responseBody := performLogin(loginUrl, t) @@ -283,17 +223,26 @@ func callAuthenticator(context AuthenticatorContext) (url.URL, chan Authenticato return *url, resultChannel } -func createAuthContext(identityUrl url.URL) AuthenticatorContext { +func createAuthContext(baseUrl url.URL) AuthenticatorContext { config := map[string]interface{}{ "clientId": newClientId(), "redirectUri": "http://localhost:0", "scopes": "OR.Users", } - request := NewAuthenticatorRequest(fmt.Sprintf("%s://%s", identityUrl.Scheme, identityUrl.Host), map[string]string{}) - context := NewAuthenticatorContext("login", config, false, false, *request) + identityUrl := createIdentityUrl(baseUrl.Host) + request := NewAuthenticatorRequest(fmt.Sprintf("%s://%s", baseUrl.Scheme, baseUrl.Host), map[string]string{}) + context := NewAuthenticatorContext("login", config, identityUrl, false, false, *request) return *context } +func createIdentityUrl(hostName string) url.URL { + if hostName == "" { + hostName = "localhost" + } + identityUrl, _ := url.Parse(fmt.Sprintf("http://%s/identity_", hostName)) + return *identityUrl +} + func performLogin(loginUrl url.URL, t *testing.T) string { redirectUri := loginUrl.Query().Get("redirect_uri") state := loginUrl.Query().Get("state") diff --git a/commandline/command_builder.go b/commandline/command_builder.go index b6c22a2..1fc6b3c 100644 --- a/commandline/command_builder.go +++ b/commandline/command_builder.go @@ -26,6 +26,7 @@ const insecureFlagName = "insecure" const debugFlagName = "debug" const profileFlagName = "profile" const uriFlagName = "uri" +const identityUriFlagName = "identity-uri" const organizationFlagName = "organization" const tenantFlagName = "tenant" const helpFlagName = "help" @@ -41,6 +42,7 @@ var predefinedFlags = []string{ debugFlagName, profileFlagName, uriFlagName, + identityUriFlagName, organizationFlagName, tenantFlagName, helpFlagName, @@ -220,6 +222,32 @@ func (b CommandBuilder) createBaseUri(operation parser.Operation, config config. return builder.Uri(), nil } +func (b CommandBuilder) createIdentityUri(context *cli.Context, config config.Config, baseUri url.URL) (*url.URL, error) { + uri := context.String(identityUriFlagName) + if uri != "" { + identityUri, err := url.Parse(uri) + if err != nil { + return nil, fmt.Errorf("Error parsing %s argument: %w", identityUriFlagName, err) + } + return identityUri, nil + } + + value := config.Auth.Config["uri"] + uri, valid := value.(string) + if valid && uri != "" { + identityUri, err := url.Parse(uri) + if err != nil { + return nil, fmt.Errorf("Error parsing identity uri config: %w", err) + } + return identityUri, nil + } + identityUri, err := url.Parse(fmt.Sprintf("%s://%s/identity_", baseUri.Scheme, baseUri.Host)) + if err != nil { + return nil, fmt.Errorf("Error parsing identity uri: %w", err) + } + return identityUri, nil +} + func (b CommandBuilder) parseUriArgument(context *cli.Context) (*url.URL, error) { uriFlag := context.String(uriFlagName) if uriFlag == "" { @@ -363,6 +391,11 @@ func (b CommandBuilder) createOperationCommand(operation parser.Operation) *cli. } insecure := context.Bool(insecureFlagName) || config.Insecure debug := context.Bool(debugFlagName) || config.Debug + identityUri, err := b.createIdentityUri(context, *config, baseUri) + if err != nil { + return err + } + executionContext := executor.NewExecutionContext( organization, tenant, @@ -375,6 +408,7 @@ func (b CommandBuilder) createOperationCommand(operation parser.Operation) *cli. config.Auth, insecure, debug, + *identityUri, operation.Plugin) if wait != "" { @@ -875,6 +909,12 @@ func (b CommandBuilder) CreateDefaultFlags(hidden bool) []cli.Flag { Value: "", Hidden: hidden, }, + &cli.StringFlag{ + Name: identityUriFlagName, + Usage: "Identity Server URI", + EnvVars: []string{"UIPATH_IDENTITY_URI"}, + Hidden: hidden, + }, b.VersionFlag(hidden), } } diff --git a/commandline/parameter_formatter.go b/commandline/parameter_formatter.go index 77fe110..e238aa4 100644 --- a/commandline/parameter_formatter.go +++ b/commandline/parameter_formatter.go @@ -2,7 +2,7 @@ package commandline import ( "fmt" - "slices" + "sort" "strings" "github.com/UiPath/uipathcli/parser" @@ -68,7 +68,7 @@ func (f parameterFormatter) descriptionFields(parameter parser.Parameter) []inte func (f parameterFormatter) usageExample(parameter parser.Parameter) string { parameters := f.collectUsageParameters(parameter, "") - slices.Sort(parameters) + sort.Strings(parameters) builder := strings.Builder{} for _, value := range parameters { diff --git a/executor/execution_context.go b/executor/execution_context.go index 9768c36..d800473 100644 --- a/executor/execution_context.go +++ b/executor/execution_context.go @@ -22,6 +22,7 @@ type ExecutionContext struct { AuthConfig config.AuthConfig Insecure bool Debug bool + IdentityUri url.URL Plugin plugin.CommandPlugin } @@ -37,6 +38,7 @@ func NewExecutionContext( authConfig config.AuthConfig, insecure bool, debug bool, + identityUri url.URL, plugin plugin.CommandPlugin) *ExecutionContext { - return &ExecutionContext{organization, tenant, method, uri, route, contentType, input, parameters, authConfig, insecure, debug, plugin} + return &ExecutionContext{organization, tenant, method, uri, route, contentType, input, parameters, authConfig, insecure, debug, identityUri, plugin} } diff --git a/executor/http_executor.go b/executor/http_executor.go index d5233dc..e032b3d 100644 --- a/executor/http_executor.go +++ b/executor/http_executor.go @@ -144,9 +144,9 @@ func (e HttpExecutor) formatUri(baseUri url.URL, route string, pathParameters [] return e.validateUri(formatter.Uri()) } -func (e HttpExecutor) executeAuthenticators(authConfig config.AuthConfig, debug bool, insecure bool, request *http.Request) (*auth.AuthenticatorResult, error) { +func (e HttpExecutor) executeAuthenticators(authConfig config.AuthConfig, identityUri url.URL, debug bool, insecure bool, request *http.Request) (*auth.AuthenticatorResult, error) { authRequest := *auth.NewAuthenticatorRequest(request.URL.String(), map[string]string{}) - ctx := *auth.NewAuthenticatorContext(authConfig.Type, authConfig.Config, debug, insecure, authRequest) + ctx := *auth.NewAuthenticatorContext(authConfig.Type, authConfig.Config, identityUri, debug, insecure, authRequest) for _, authProvider := range e.authenticators { result := authProvider.Auth(ctx) if result.Error != "" { @@ -318,7 +318,7 @@ func (e HttpExecutor) call(context ExecutionContext, writer output.OutputWriter, request.Header.Add("Content-Type", contentType) } e.addHeaders(request, context.Parameters.Header()) - auth, err := e.executeAuthenticators(context.AuthConfig, context.Debug, context.Insecure, request) + auth, err := e.executeAuthenticators(context.AuthConfig, context.IdentityUri, context.Debug, context.Insecure, request) if err != nil { return err } diff --git a/executor/plugin_executor.go b/executor/plugin_executor.go index c6b1d80..0d0d21b 100644 --- a/executor/plugin_executor.go +++ b/executor/plugin_executor.go @@ -19,9 +19,9 @@ type PluginExecutor struct { authenticators []auth.Authenticator } -func (e PluginExecutor) executeAuthenticators(baseUri url.URL, authConfig config.AuthConfig, debug bool, insecure bool) (*auth.AuthenticatorResult, error) { +func (e PluginExecutor) executeAuthenticators(baseUri url.URL, authConfig config.AuthConfig, identityUri url.URL, debug bool, insecure bool) (*auth.AuthenticatorResult, error) { authRequest := *auth.NewAuthenticatorRequest(baseUri.String(), map[string]string{}) - ctx := *auth.NewAuthenticatorContext(authConfig.Type, authConfig.Config, debug, insecure, authRequest) + ctx := *auth.NewAuthenticatorContext(authConfig.Type, authConfig.Config, identityUri, debug, insecure, authRequest) for _, authProvider := range e.authenticators { result := authProvider.Auth(ctx) if result.Error != "" { @@ -51,7 +51,7 @@ func (e PluginExecutor) pluginAuth(auth *auth.AuthenticatorResult) plugin.AuthRe } func (e PluginExecutor) Call(context ExecutionContext, writer output.OutputWriter, logger log.Logger) error { - auth, err := e.executeAuthenticators(context.BaseUri, context.AuthConfig, context.Debug, context.Insecure) + auth, err := e.executeAuthenticators(context.BaseUri, context.AuthConfig, context.IdentityUri, context.Debug, context.Insecure) if err != nil { return err } diff --git a/test/auth_test.go b/test/auth_test.go index 0e29252..9dea567 100644 --- a/test/auth_test.go +++ b/test/auth_test.go @@ -122,6 +122,35 @@ paths: } } +func TestBearerAuthWithInvalidIdentityUriParameter(t *testing.T) { + config := ` +profiles: + - name: default + auth: + clientId: success-client-id + clientSecret: success-client-secret +` + definition := ` +paths: + /ping: + get: + operationId: ping +` + + context := NewContextBuilder(). + WithDefinition("myservice", definition). + WithConfig(config). + WithResponse(200, ""). + WithIdentityResponse(200, `{"access_token": "my-jwt-access-token", "expires_in": 3600, "token_type": "Bearer", "scope": "OR.Ping"}`). + Build() + + result := RunCli([]string{"myservice", "ping", "--identity-uri", ":invalid"}, context) + + if !strings.Contains(result.Error.Error(), "Error parsing identity-uri argument") { + t.Errorf("Expected identity uri parsing error, but got: %v", result.Error) + } +} + func TestBearerAuthTokenIsCached(t *testing.T) { config := ` profiles: diff --git a/test/show_command_test.go b/test/show_command_test.go index e8fba2d..9171d5d 100644 --- a/test/show_command_test.go +++ b/test/show_command_test.go @@ -141,7 +141,7 @@ paths: names = append(names, parameter["name"].(string)) } - expectedNames := []string{"debug", "profile", "uri", "organization", "tenant", "insecure", "output", "query", "wait", "wait-timeout", "file", "version", "help"} + expectedNames := []string{"debug", "profile", "uri", "organization", "tenant", "insecure", "output", "query", "wait", "wait-timeout", "file", "identity-uri", "version", "help"} if !reflect.DeepEqual(names, expectedNames) { t.Errorf("Unexpected global parameters in output, expected: %v but got: %v", expectedNames, names) }