add test

pkg/cookies/cookies_test.go

@@ -3,6 +3,9 @@ package cookies
 import (
 	"fmt"
 	"net/http"
+	"time"
+
+	"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
 
 	middlewareapi "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/middleware"
 	. "github.com/onsi/ginkgo"
@@ -76,4 +79,77 @@ var _ = Describe("Cookie Tests", func() {
 			}),
 		)
 	})
+
+	Context("MakeCookieFromOptions", func() {
+		type MakeCookieFromOptionsTableInput struct {
+			host           string
+			name string
+			value string
+			opts options.Cookie
+			expiration time.Duration
+			now time.Time
+			expectedOutput time.Time
+		}
+
+		validName := "_oauth2_proxy"
+		validSecret := "secretthirtytwobytes+abcdefghijk"
+		domains :=  []string{"a.localhost"}
+
+		now := time.Now()
+		expectedExpires, e := time.Parse("", "0001-01-01T00:00:00Z")
+		if e != nil {
+			fmt.Println(e)
+		}
+
+		DescribeTable("should return expected results",
+			func(in MakeCookieFromOptionsTableInput) {
+				req, err := http.NewRequest(
+					http.MethodGet,
+					fmt.Sprintf("https://%s/%s", in.host, cookiePath),
+					nil,
+				)
+				Expect(err).ToNot(HaveOccurred())
+
+				Expect(MakeCookieFromOptions(req, in.name, in.value, &in.opts, in.expiration, in.now).Expires).To(Equal(in.expectedOutput))
+			},
+			Entry("normal cookie", MakeCookieFromOptionsTableInput{
+				host:           "a.localhost",
+				name: validName,
+				value: "1",
+				opts: options.Cookie{
+					Name:     validName,
+					Secret:   validSecret,
+					Domains:  domains,
+					Path:     "",
+					Expire:   time.Hour,
+					Refresh:  15 * time.Minute,
+					Secure:   true,
+					HTTPOnly: false,
+					SameSite: "",
+				},
+				expiration: 15 * time.Minute,
+				now: now,
+				expectedOutput: now.Add(15 * time.Minute),
+			}),
+			Entry("session cookie", MakeCookieFromOptionsTableInput{
+				host:           "a.localhost",
+				name: validName,
+				value: "1",
+				opts: options.Cookie{
+					Name:     validName,
+					Secret:   validSecret,
+					Domains:  domains,
+					Path:     "",
+					Expire:   0,
+					Refresh:  15 * time.Minute,
+					Secure:   true,
+					HTTPOnly: false,
+					SameSite: "",
+				},
+				expiration: 0,
+				now: now,
+				expectedOutput: expectedExpires,
+			}),
+		)
+	})
 })

pkg/encryption/utils_test.go

@@ -5,8 +5,10 @@ import (
 	"crypto/sha1"
 	"crypto/sha256"
 	"encoding/base64"
+	"net/http"
 	"fmt"
 	"io"
+	"time"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
@@ -100,3 +102,27 @@ func TestSignAndValidate(t *testing.T) {
 	assert.False(t, checkSignature(sha256sig, seed, key, "tampered", epoch))
 	assert.False(t, checkSignature(sha1sig, seed, key, "tampered", epoch))
 }
+
+func TestValidate(t *testing.T) {
+	seed := "0123456789abcdef"
+	key := "cookie-name"
+	value := base64.URLEncoding.EncodeToString([]byte("I am soooo encoded"))
+	epoch := "123456789"
+
+	sha256sig, err := cookieSignature(sha256.New, seed, key, value, epoch)
+	assert.NoError(t, err)
+
+	cookie := &http.Cookie{
+		Name:  key,
+		Value: value + "|" + epoch + "|" + sha256sig,
+	}
+
+
+	validValue, timestamp, ok := Validate(cookie, seed, 0);
+
+	expectedValue, err := base64.URLEncoding.DecodeString(value)
+	assert.NoError(t, err)
+	assert.Equal(t, validValue, expectedValue)
+	assert.Equal(t, timestamp, time.Time(time.Date(1973, time.November, 29, 21, 33, 9, 0, time.Local)))
+	assert.True(t, ok)
+}

pkg/validation/cookie_test.go

@@ -256,6 +256,21 @@ func TestValidateCookie(t *testing.T) {
 				invalidSameSiteMsg,
 			},
 		},
+		{
+			name: "with session cookie configuration",
+			cookie: options.Cookie{
+				Name:     validName,
+				Secret:   validSecret,
+				Domains:  domains,
+				Path:     "",
+				Expire:   0,
+				Refresh:  15 * time.Minute,
+				Secure:   true,
+				HTTPOnly: false,
+				SameSite: "",
+			},
+			errStrings: []string{},
+		},
 	}
 
 	for _, tc := range testCases {