From 1ebb1f5410903b26ac1b38e958d03d426dbc62c9 Mon Sep 17 00:00:00 2001 From: hopleus Date: Thu, 10 Oct 2024 20:01:22 +0300 Subject: [PATCH] Fixed loginUrl with "WithTLS()" used. Added "WithTLS()" to scenario integration tests --- integration/auth_oidc_test.go | 5 +++++ integration/auth_web_flow_test.go | 20 ++++++++++++++++++-- integration/cli_test.go | 9 ++++++++- 3 files changed, 31 insertions(+), 3 deletions(-) diff --git a/integration/auth_oidc_test.go b/integration/auth_oidc_test.go index d0929c4e5d4..6fbdd9e42e7 100644 --- a/integration/auth_oidc_test.go +++ b/integration/auth_oidc_test.go @@ -68,6 +68,7 @@ func TestOIDCAuthenticationPingAll(t *testing.T) { spec, hsic.WithTestName("oidcauthping"), hsic.WithConfigEnv(oidcMap), + hsic.WithTLS(), hsic.WithHostnameAsServerURL(), hsic.WithFileInContainer("/tmp/hs_client_oidc_secret", []byte(oidcConfig.ClientSecret)), ) @@ -299,6 +300,10 @@ func (s *AuthOIDCScenario) runTailscaleUp( loginURL.Host = fmt.Sprintf("%s:8080", headscale.GetIP()) loginURL.Scheme = "http" + if len(headscale.GetCert()) > 0 { + loginURL.Scheme = "https" + } + insecureTransport := &http.Transport{ TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // nolint } diff --git a/integration/auth_web_flow_test.go b/integration/auth_web_flow_test.go index 2eacd276627..3ef31422452 100644 --- a/integration/auth_web_flow_test.go +++ b/integration/auth_web_flow_test.go @@ -2,6 +2,7 @@ package integration import ( "context" + "crypto/tls" "errors" "fmt" "io" @@ -41,7 +42,13 @@ func TestAuthWebFlowAuthenticationPingAll(t *testing.T) { "user2": len(MustTestVersions), } - err = scenario.CreateHeadscaleEnv(spec, hsic.WithTestName("webauthping")) + err = scenario.CreateHeadscaleEnv( + spec, + hsic.WithTestName("webauthping"), + hsic.WithEmbeddedDERPServerOnly(), + hsic.WithTLS(), + hsic.WithHostnameAsServerURL(), + ) assertNoErrHeadscaleEnv(t, err) allClients, err := scenario.ListTailscaleClients() @@ -275,7 +282,16 @@ func (s *AuthWebFlowScenario) runHeadscaleRegister(userStr string, loginURL *url loginURL.Host = fmt.Sprintf("%s:8080", headscale.GetIP()) loginURL.Scheme = "http" - httpClient := &http.Client{} + if len(headscale.GetCert()) > 0 { + loginURL.Scheme = "https" + } + + insecureTransport := &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, // nolint + } + httpClient := &http.Client{ + Transport: insecureTransport, + } ctx := context.Background() req, _ := http.NewRequestWithContext(ctx, http.MethodGet, loginURL.String(), nil) resp, err := httpClient.Do(req) diff --git a/integration/cli_test.go b/integration/cli_test.go index aa34dc4792b..2b81e81484e 100644 --- a/integration/cli_test.go +++ b/integration/cli_test.go @@ -405,7 +405,14 @@ func TestPreAuthKeyCorrectUserLoggedInCommand(t *testing.T) { user2: 0, } - err = scenario.CreateHeadscaleEnv(spec, []tsic.Option{}, hsic.WithTestName("clipak")) + err = scenario.CreateHeadscaleEnv( + spec, + []tsic.Option{}, + hsic.WithTestName("clipak"), + hsic.WithEmbeddedDERPServerOnly(), + hsic.WithTLS(), + hsic.WithHostnameAsServerURL(), + ) assertNoErr(t, err) headscale, err := scenario.Headscale()