Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/components/image-builder-bob/pkg/proxy/auth_test.go
2506 views
1
// Copyright (c) 2025 Gitpod GmbH. All rights reserved.

2
// Licensed under the GNU Affero General Public License (AGPL).

3
// See License.AGPL.txt in the project root for license information.

4


5
package proxy

6


7
import (

8
	"testing"

9
)

10


11
func TestAuthorize(t *testing.T) {

12
	type expectation struct {

13
		user string

14
		pass string

15
		err  string

16
	}

17
	tests := []struct {

18
		name        string

19
		constructor func(string) (MapAuthorizer, error)

20
		input       string

21
		testHost    string

22
		expected    expectation

23
	}{

24
		{

25
			name:        "docker auth format - valid credentials",

26
			constructor: NewAuthorizerFromDockerEnvVar,

27
			input:       `{"auths": {"registry.example.com": {"auth": "dXNlcjpwYXNz"}}}`, // base64(user:pass)

28
			testHost:    "registry.example.com",

29
			expected: expectation{

30
				user: "user",

31
				pass: "pass",

32
			},

33
		},

34
		{

35
			name:        "docker auth format - valid credentials - host with :443 port",

36
			constructor: NewAuthorizerFromDockerEnvVar,

37
			input:       `{"auths": {"registry.example.com": {"auth": "dXNlcjpwYXNz"}}}`, // base64(user:pass)

38
			testHost:    "registry.example.com:443",

39
			expected: expectation{

40
				user: "user",

41
				pass: "pass",

42
			},

43
		},

44
		{

45
			name:        "docker auth format - invalid host",

46
			constructor: NewAuthorizerFromDockerEnvVar,

47
			input:       `{"auths": {"registry.example.com": {"auth": "dXNlcjpwYXNz"}}}`,

48
			testHost:    "wrong.registry.com",

49
			expected: expectation{

50
				user: "",

51
				pass: "",

52
			},

53
		},

54
		{

55
			name:        "env var format - valid credentials",

56
			constructor: NewAuthorizerFromEnvVar,

57
			input:       `{"registry.example.com": {"auth": "dXNlcjpwYXNz"}}`,

58
			testHost:    "registry.example.com",

59
			expected: expectation{

60
				user: "user",

61
				pass: "pass",

62
			},

63
		},

64
		{

65
			name:        "env var format - empty input",

66
			constructor: NewAuthorizerFromEnvVar,

67
			input:       "",

68
			testHost:    "registry.example.com",

69
			expected: expectation{

70
				user: "",

71
				pass: "",

72
			},

73
		},

74
		{

75
			name:        "gitpod format - valid credentials",

76
			constructor: NewAuthorizerFromEnvVar,

77
			input:       `{"registry.example.com": {"auth": "dXNlcjpwYXNz"}}`,

78
			testHost:    "registry.example.com",

79
			expected: expectation{

80
				user: "user",

81
				pass: "pass",

82
			},

83
		},

84
		{

85
			name:        "gitpod format - multiple hosts",

86
			constructor: NewAuthorizerFromEnvVar,

87
			input:       `{"registry1.example.com": {"auth": "dXNlcjE6cGFzczEK"}, "registry2.example.com": {"auth": "dXNlcjI6cGFzczIK"}}`,

88
			testHost:    "registry2.example.com",

89
			expected: expectation{

90
				user: "user2",

91
				pass: "pass2",

92
			},

93
		},

94
		{

95
			name:        "gitpod format - invalid format",

96
			constructor: NewAuthorizerFromEnvVar,

97
			input:       "invalid:format:with:toomany:colons",

98
			testHost:    "registry.example.com",

99
			expected: expectation{

100
				err: "invalid character 'i' looking for beginning of value",

101
			},

102
		},

103
		{

104
			name:        "gitpod format - empty input",

105
			constructor: NewAuthorizerFromEnvVar,

106
			input:       "",

107
			testHost:    "registry.example.com",

108
			expected: expectation{

109
				user: "",

110
				pass: "",

111
			},

112
		},

113
		{

114
			name:        "Docker Hub",

115
			constructor: NewAuthorizerFromEnvVar,

116
			input:       `{"docker.io": {"auth": "dXNlcjpwYXNz"}}`,

117
			testHost:    "registry-1.docker.io",

118
			expected: expectation{

119
				user: "user",

120
				pass: "pass",

121
			},

122
		},

123
		{

124
			name:        "docker auth format - valid credentials - host with :5000 port",

125
			constructor: NewAuthorizerFromDockerEnvVar,

126
			input:       `{"auths": {"registry.example.com:5000": {"auth": "dXNlcjpwYXNz"}}}`, // base64(user:pass)

127
			testHost:    "registry.example.com:5000",

128
			expected: expectation{

129
				user: "user",

130
				pass: "pass",

131
			},

132
		},

133
	}

134


135
	for _, tt := range tests {

136
		t.Run(tt.name, func(t *testing.T) {

137
			auth, err := tt.constructor(tt.input)

138
			if err != nil {

139
				if tt.expected.err == "" {

140
					t.Errorf("Constructor failed: %s", err)

141
				}

142
				return

143
			}

144


145
			actualUser, actualPassword, err := auth.Authorize(tt.testHost)

146
			if (err != nil) != (tt.expected.err != "") {

147
				t.Errorf("Authorize() error = %v, wantErr %v", err, tt.expected.err)

148
				return

149
			}

150
			if actualUser != tt.expected.user {

151
				t.Errorf("Authorize() actual user = %v, want %v", actualUser, tt.expected.user)

152
			}

153
			if actualPassword != tt.expected.pass {

154
				t.Errorf("Authorize() actual password = %v, want %v", actualPassword, tt.expected.pass)

155
			}

156
		})

157
	}

158
}

159


160