fleet/server/mdm/android/tests/http.go

package tests

import (
	"fmt"
	"io"
	"net/http"

	"github.com/fleetdm/fleet/v4/pkg/fleethttp"
	"github.com/fleetdm/fleet/v4/server/fleet"
	"github.com/fleetdm/fleet/v4/server/test/httptest"
	"github.com/go-json-experiment/json"
	"github.com/stretchr/testify/require"
)

func (ts *WithServer) DoJSON(verb, path string, params interface{}, expectedStatusCode int, v interface{}, queryParams ...string) {
	resp := ts.Do(verb, path, params, expectedStatusCode, queryParams...)
	err := json.UnmarshalRead(resp.Body, v)
	require.NoError(ts.T(), err)
	if e, ok := v.(fleet.Errorer); ok {
		require.NoError(ts.T(), e.Error())
	}
}

func (ts *WithServer) Do(verb, path string, params interface{}, expectedStatusCode int, queryParams ...string) *http.Response {
	j, err := json.Marshal(params)
	require.NoError(ts.T(), err)

	resp := ts.DoRaw(verb, path, j, expectedStatusCode, queryParams...)

	ts.T().Cleanup(func() {
		resp.Body.Close()
	})
	return resp
}

func (ts *WithServer) DoRaw(verb string, path string, rawBytes []byte, expectedStatusCode int, queryParams ...string) *http.Response {
	return ts.DoRawWithHeaders(verb, path, rawBytes, expectedStatusCode, map[string]string{
		"Authorization": fmt.Sprintf("Bearer %s", ts.Token),
	}, queryParams...)
}

func (ts *WithServer) DoRawWithHeaders(
	verb string, path string, rawBytes []byte, expectedStatusCode int, headers map[string]string, queryParams ...string,
) *http.Response {
	opts := []fleethttp.ClientOpt{}
	if expectedStatusCode >= 300 && expectedStatusCode <= 399 {
		opts = append(opts, fleethttp.WithFollowRedir(false))
	}
	client := fleethttp.NewClient(opts...)
	return httptest.DoHTTPReq(ts.T(), client, decodeJSON, verb, rawBytes, ts.Server.URL+path, headers, expectedStatusCode, queryParams...)
}

func decodeJSON(r io.Reader, v interface{}) error {
	return json.UnmarshalRead(r, v)
}
Added GET enterprise API endpoint. (#26555) For #26218 - Added `GET /api/_version_/fleet/android_enterprise` andpoint and tests - Set up some testing infrastructure for Android service tests -- see new README.md # Checklist for submitter - [x] Added/updated automated tests - [x] Manual QA for all new/changed functionality 2025-02-26 16:47:05 +00:00			`package tests`

			`import (`
			`"fmt"`
			`"io"`
			`"net/http"`

Replace home-made SAML implementation with https://github.com/crewjam/saml (#28486) For https://github.com/fleetdm/confidential/issues/9931. [Here](https://github.com/fleetdm/fleet/blob/ec3e8edbdc3f1b4220ada22c8290dbf0237ce1ba/docs/Contributing/Testing-and-local-development.md?plain=1#L339)'s how to test SAML locally with SimpleSAML. - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * New Features * Improved SSO and SAML integration with enhanced session management using secure cookies. * Added support for IdP-initiated login flows. * Introduced new tests covering SSO login flows, metadata handling, and error scenarios. * Bug Fixes * Enhanced validation and error handling for invalid or tampered SAML responses. * Fixed session cookie handling during SSO and Apple MDM SSO flows. * Refactor * Replaced custom SAML implementation with the crewjam/saml library for improved reliability. * Simplified SAML metadata parsing and session store management. * Streamlined SSO authorization request and response processing. * Removed deprecated fields and redundant code related to SSO. * Documentation * Updated testing and local development docs with clearer instructions for SSO and IdP-initiated login. * Chores * Upgraded dependencies including crewjam/saml and related packages. * Cleaned up tests and configuration by removing deprecated fields and unused imports. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2025-07-07 18:13:46 +00:00			`"github.com/fleetdm/fleet/v4/pkg/fleethttp"`
Added GET enterprise API endpoint. (#26555) For #26218 - Added `GET /api/_version_/fleet/android_enterprise` andpoint and tests - Set up some testing infrastructure for Android service tests -- see new README.md # Checklist for submitter - [x] Added/updated automated tests - [x] Manual QA for all new/changed functionality 2025-02-26 16:47:05 +00:00			`"github.com/fleetdm/fleet/v4/server/fleet"`
			`"github.com/fleetdm/fleet/v4/server/test/httptest"`
			`"github.com/go-json-experiment/json"`
			`"github.com/stretchr/testify/require"`
			`)`

			`func (ts *WithServer) DoJSON(verb, path string, params interface{}, expectedStatusCode int, v interface{}, queryParams ...string) {`
			`resp := ts.Do(verb, path, params, expectedStatusCode, queryParams...)`
			`err := json.UnmarshalRead(resp.Body, v)`
			`require.NoError(ts.T(), err)`
			`if e, ok := v.(fleet.Errorer); ok {`
			`require.NoError(ts.T(), e.Error())`
			`}`
			`}`

			`func (ts WithServer) Do(verb, path string, params interface{}, expectedStatusCode int, queryParams ...string) http.Response {`
			`j, err := json.Marshal(params)`
			`require.NoError(ts.T(), err)`

			`resp := ts.DoRaw(verb, path, j, expectedStatusCode, queryParams...)`

			`ts.T().Cleanup(func() {`
			`resp.Body.Close()`
			`})`
			`return resp`
			`}`

			`func (ts WithServer) DoRaw(verb string, path string, rawBytes []byte, expectedStatusCode int, queryParams ...string) http.Response {`
			`return ts.DoRawWithHeaders(verb, path, rawBytes, expectedStatusCode, map[string]string{`
			`"Authorization": fmt.Sprintf("Bearer %s", ts.Token),`
			`}, queryParams...)`
			`}`

			`func (ts *WithServer) DoRawWithHeaders(`
			`verb string, path string, rawBytes []byte, expectedStatusCode int, headers map[string]string, queryParams ...string,`
			`) *http.Response {`
Replace home-made SAML implementation with https://github.com/crewjam/saml (#28486) For https://github.com/fleetdm/confidential/issues/9931. [Here](https://github.com/fleetdm/fleet/blob/ec3e8edbdc3f1b4220ada22c8290dbf0237ce1ba/docs/Contributing/Testing-and-local-development.md?plain=1#L339)'s how to test SAML locally with SimpleSAML. - [X] Changes file added for user-visible changes in `changes/`, `orbit/changes/` or `ee/fleetd-chrome/changes`. See [Changes files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files) for more information. - [x] Added/updated automated tests - [x] A detailed QA plan exists on the associated ticket (if it isn't there, work with the product group's QA engineer to add it) - [x] Manual QA for all new/changed functionality <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * New Features * Improved SSO and SAML integration with enhanced session management using secure cookies. * Added support for IdP-initiated login flows. * Introduced new tests covering SSO login flows, metadata handling, and error scenarios. * Bug Fixes * Enhanced validation and error handling for invalid or tampered SAML responses. * Fixed session cookie handling during SSO and Apple MDM SSO flows. * Refactor * Replaced custom SAML implementation with the crewjam/saml library for improved reliability. * Simplified SAML metadata parsing and session store management. * Streamlined SSO authorization request and response processing. * Removed deprecated fields and redundant code related to SSO. * Documentation * Updated testing and local development docs with clearer instructions for SSO and IdP-initiated login. * Chores * Upgraded dependencies including crewjam/saml and related packages. * Cleaned up tests and configuration by removing deprecated fields and unused imports. <!-- end of auto-generated comment: release notes by coderabbit.ai --> 2025-07-07 18:13:46 +00:00			`opts := []fleethttp.ClientOpt{}`
			`if expectedStatusCode >= 300 && expectedStatusCode <= 399 {`
			`opts = append(opts, fleethttp.WithFollowRedir(false))`
			`}`
			`client := fleethttp.NewClient(opts...)`
			`return httptest.DoHTTPReq(ts.T(), client, decodeJSON, verb, rawBytes, ts.Server.URL+path, headers, expectedStatusCode, queryParams...)`
Added GET enterprise API endpoint. (#26555) For #26218 - Added `GET /api/_version_/fleet/android_enterprise` andpoint and tests - Set up some testing infrastructure for Android service tests -- see new README.md # Checklist for submitter - [x] Added/updated automated tests - [x] Manual QA for all new/changed functionality 2025-02-26 16:47:05 +00:00			`}`

			`func decodeJSON(r io.Reader, v interface{}) error {`
			`return json.UnmarshalRead(r, v)`
			`}`