zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-04-29 19:47:51 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add a test of failover certificate (#2008)

Browse source 
Verifies that client can log in with correct failover certificate.
This commit is contained in:
Weimin Yu 2023-04-26 15:47:47 -04:00 committed by GitHub
parent d4a91ce65a
commit 68e7b51abf
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
core/src/test/java/google/registry/flows/TlsCredentialsTest.java
View file

@ -17,6 +17,7 @@ package google.registry.flows;
import static com.google.common.truth.Truth.assertThat;
import static com.google.common.truth.Truth8.assertThat;
import static google.registry.testing.CertificateSamples.SAMPLE_CERT;
import static google.registry.testing.CertificateSamples.SAMPLE_CERT_HASH;
import static google.registry.testing.DatabaseHelper.loadRegistrar;
import static google.registry.testing.DatabaseHelper.persistResource;
import static google.registry.util.DateTimeUtils.START_OF_TIME;
@ -128,4 +129,18 @@ final class TlsCredentialsTest {
// This would throw a RegistrarCertificateNotConfiguredException if cert hashes wren't bypassed.
tls.validateCertificateHash(Registrar.loadByRegistrarId("TheRegistrar").get());
}
@Test
void test_validateCertificateHash_passWithFailOverCerticate() throws Exception {
TlsCredentials tls =
new TlsCredentials(
false, Optional.of(SAMPLE_CERT_HASH), Optional.of("192.168.1.1"), certificateChecker);
persistResource(
loadRegistrar("TheRegistrar")
.asBuilder()
.setClientCertificate(null, clock.nowUtc())
.setFailoverClientCertificate(SAMPLE_CERT, clock.nowUtc())
.build());
tls.validateCertificateHash(Registrar.loadByRegistrarId("TheRegistrar").get());
}
}