77 "errors"
88 "net/http"
99 "net/url"
10+ "strconv"
1011 "testing"
1112 "time"
1213)
@@ -122,6 +123,10 @@ func TestUnitGetSSO(t *testing.T) {
122123 if err != nil {
123124 t .Fatalf ("failed to get HTML content. err: %v" , err )
124125 }
126+ _ , err = getSSO (context .Background (), sr , & url.Values {}, make (map [string ]string ), "invalid!@url$%^" , 0 )
127+ if err == nil {
128+ t .Fatal ("should have failed to parse URL." )
129+ }
125130}
126131
127132func postAuthSAMLError (_ context.Context , _ * snowflakeRestful , _ map [string ]string , _ []byte , _ time.Duration ) (* authResponse , error ) {
@@ -135,6 +140,14 @@ func postAuthSAMLAuthFail(_ context.Context, _ *snowflakeRestful, _ map[string]s
135140 }, nil
136141}
137142
143+ func postAuthSAMLAuthFailWithCode (_ context.Context , _ * snowflakeRestful , _ map [string ]string , _ []byte , _ time.Duration ) (* authResponse , error ) {
144+ return & authResponse {
145+ Success : false ,
146+ Code : strconv .Itoa (ErrCodeIdpConnectionError ),
147+ Message : "SAML auth failed" ,
148+ }, nil
149+ }
150+
138151func postAuthSAMLAuthSuccessButInvalidURL (_ context.Context , _ * snowflakeRestful , _ map [string ]string , _ []byte , _ time.Duration ) (* authResponse , error ) {
139152 return & authResponse {
140153 Success : true ,
@@ -146,6 +159,28 @@ func postAuthSAMLAuthSuccessButInvalidURL(_ context.Context, _ *snowflakeRestful
146159 }, nil
147160}
148161
162+ func postAuthSAMLAuthSuccessButInvalidTokenURL (_ context.Context , _ * snowflakeRestful , _ map [string ]string , _ []byte , _ time.Duration ) (* authResponse , error ) {
163+ return & authResponse {
164+ Success : true ,
165+ Message : "" ,
166+ Data : authResponseMain {
167+ TokenURL : "invalid!@url$%^" ,
168+ SSOURL : "https://abc.com/sso" ,
169+ },
170+ }, nil
171+ }
172+
173+ func postAuthSAMLAuthSuccessButInvalidSSOURL (_ context.Context , _ * snowflakeRestful , _ map [string ]string , _ []byte , _ time.Duration ) (* authResponse , error ) {
174+ return & authResponse {
175+ Success : true ,
176+ Message : "" ,
177+ Data : authResponseMain {
178+ TokenURL : "https://abc.com/token" ,
179+ SSOURL : "invalid!@url$%^" ,
180+ },
181+ }, nil
182+ }
183+
149184func postAuthSAMLAuthSuccess (_ context.Context , _ * snowflakeRestful , _ map [string ]string , _ []byte , _ time.Duration ) (* authResponse , error ) {
150185 return & authResponse {
151186 Success : true ,
@@ -177,6 +212,10 @@ func getSSOSuccess(_ context.Context, _ *snowflakeRestful, _ *url.Values, _ map[
177212 return []byte (`<html><form id="1" action="https://abc.com/"></form></html>` ), nil
178213}
179214
215+ func getSSOSuccessButWrongPrefixURL (_ context.Context , _ * snowflakeRestful , _ * url.Values , _ map [string ]string , _ string , _ time.Duration ) ([]byte , error ) {
216+ return []byte (`<html><form id="1" action="https://1abc.com/"></form></html>` ), nil
217+ }
218+
180219func TestUnitAuthenticateBySAML (t * testing.T ) {
181220 authenticator := & url.URL {
182221 Scheme : "https" ,
@@ -195,46 +234,63 @@ func TestUnitAuthenticateBySAML(t *testing.T) {
195234 }
196235 var err error
197236 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
198- if err == nil {
199- t . Fatal ( "should have failed. "
200- }
237+ assertNotNilF ( t , err , "should have failed at FuncPostAuthSAML." )
238+ assertEqualE ( t , err . Error (), "failed to get SAML response "
239+
201240 sr .FuncPostAuthSAML = postAuthSAMLAuthFail
202241 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
203- if err == nil {
204- t . Fatal ( "should have failed. "
205- }
206- sr .FuncPostAuthSAML = postAuthSAMLAuthSuccessButInvalidURL
242+ assertNotNilF ( t , err , "should have failed at FuncPostAuthSAML." )
243+ assertEqualE ( t , err . Error (), "strconv.Atoi: parsing \" \" : invalid syntax "
244+
245+ sr .FuncPostAuthSAML = postAuthSAMLAuthFailWithCode
207246 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
208- if err == nil {
209- t .Fatal ("should have failed." )
210- }
247+ assertNotNilF (t , err , "should have failed at FuncPostAuthSAML." )
211248 driverErr , ok := err .(* SnowflakeError )
212- if ! ok {
213- t .Fatalf ("should be snowflake error. err: %v" , err )
214- }
215- if driverErr .Number != ErrCodeIdpConnectionError {
216- t .Fatalf ("unexpected error code. expected: %v, got: %v" , ErrCodeIdpConnectionError , driverErr .Number )
217- }
249+ assertTrueF (t , ok , "should be a SnowflakeError" )
250+ assertEqualE (t , driverErr .Number , ErrCodeIdpConnectionError )
251+
252+ sr .FuncPostAuthSAML = postAuthSAMLAuthSuccessButInvalidURL
253+ _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
254+ assertNotNilF (t , err , "should have failed at FuncPostAuthSAML." )
255+ driverErr , ok = err .(* SnowflakeError )
256+ assertTrueF (t , ok , "should be a SnowflakeError" )
257+ assertEqualE (t , driverErr .Number , ErrCodeIdpConnectionError )
258+
259+ sr .FuncPostAuthSAML = postAuthSAMLAuthSuccessButInvalidTokenURL
260+ _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
261+ assertNotNilF (t , err , "should have failed at FuncPostAuthSAML." )
262+ assertEqualE (t , err .Error (), "failed to parse token URL. invalid!@url$%^" )
263+
264+ sr .FuncPostAuthSAML = postAuthSAMLAuthSuccessButInvalidSSOURL
265+ _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
266+ assertNotNilF (t , err , "should have failed at FuncPostAuthSAML." )
267+ assertEqualE (t , err .Error (), "failed to parse SSO URL. invalid!@url$%^" )
268+
218269 sr .FuncPostAuthSAML = postAuthSAMLAuthSuccess
219270 sr .FuncPostAuthOKTA = postAuthOKTAError
220271 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
221- if err == nil {
222- t . Fatal ( "should have failed. "
223- }
272+ assertNotNilF ( t , err , "should have failed at FuncPostAuthOKTA." )
273+ assertEqualE ( t , err . Error (), "failed to get SAML response "
274+
224275 sr .FuncPostAuthOKTA = postAuthOKTASuccess
225276 sr .FuncGetSSO = getSSOError
226277 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
227- if err == nil {
228- t . Fatal ( "should have failed. "
229- }
278+ assertNotNilF ( t , err , "should have failed at FuncGetSSO." )
279+ assertEqualE ( t , err . Error (), "failed to get SSO html "
280+
230281 sr .FuncGetSSO = getSSOSuccessButInvalidURL
231282 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
232- if err == nil {
233- t . Fatal ( "should have failed. "
234- }
283+ assertNotNilF ( t , err , "should have failed at FuncGetSSO." )
284+ assertHasPrefixE ( t , err . Error (), "failed to find action field in HTML response "
285+
235286 sr .FuncGetSSO = getSSOSuccess
236287 _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
237- if err != nil {
238- t .Fatalf ("failed. err: %v" , err )
239- }
288+ assertNilF (t , err , "should have succeeded at FuncGetSSO." )
289+
290+ sr .FuncGetSSO = getSSOSuccessButWrongPrefixURL
291+ _ , err = authenticateBySAML (context .Background (), sr , authenticator , application , account , user , password )
292+ assertNotNilF (t , err , "should have failed at FuncGetSSO." )
293+ driverErr , ok = err .(* SnowflakeError )
294+ assertTrueF (t , ok , "should be a SnowflakeError" )
295+ assertEqualE (t , driverErr .Number , ErrCodeSSOURLNotMatch )
240296}
0 commit comments