1 files changed, 34 insertions, 12 deletions

diff --git a/server/auth/github/github_test.go b/server/auth/github/github_test.go
index b0c97d2..8c51f4f 100644
--- a/server/auth/github/github_test.go
+++ b/server/auth/github/github_test.go
@@ -4,7 +4,6 @@ import (
 	"fmt"
 	"testing"
 
-	"github.com/nsheridan/cashier/server/auth"
 	"github.com/nsheridan/cashier/server/config"
 	"github.com/stretchr/testify/assert"
 )
@@ -14,25 +13,48 @@ var (
 	oauthClientSecret = "secret"
 	oauthCallbackURL  = "url"
 	organization      = "exampleorg"
+	users             = []string{"user"}
 )
 
 func TestNew(t *testing.T) {
 	a := assert.New(t)
 
-	p, _ := newGithub()
-	g := p.(*Config)
-	a.Equal(g.config.ClientID, oauthClientID)
-	a.Equal(g.config.ClientSecret, oauthClientSecret)
-	a.Equal(g.config.RedirectURL, oauthCallbackURL)
-	a.Equal(g.organization, organization)
+	p, _ := New(&config.Auth{
+		OauthClientID:     oauthClientID,
+		OauthClientSecret: oauthClientSecret,
+		OauthCallbackURL:  oauthCallbackURL,
+		ProviderOpts:      map[string]string{"organization": organization},
+		UsersWhitelist:    users,
+	})
+	a.Equal(p.config.ClientID, oauthClientID)
+	a.Equal(p.config.ClientSecret, oauthClientSecret)
+	a.Equal(p.config.RedirectURL, oauthCallbackURL)
+	a.Equal(p.organization, organization)
+	a.Equal(p.whitelist, map[string]bool{"user": true})
 }
 
-func TestNewEmptyOrganization(t *testing.T) {
-	organization = ""
-	if _, err := newGithub(); err == nil {
+func TestWhitelist(t *testing.T) {
+	c := &config.Auth{
+		OauthClientID:     oauthClientID,
+		OauthClientSecret: oauthClientSecret,
+		OauthCallbackURL:  oauthCallbackURL,
+		ProviderOpts:      map[string]string{"organization": ""},
+		UsersWhitelist:    []string{},
+	}
+	if _, err := New(c); err == nil {
 		t.Error("creating a provider without an organization set should return an error")
 	}
-	organization = "exampleorg"
+	// Set a user whitelist but no domain
+	c.UsersWhitelist = users
+	if _, err := New(c); err != nil {
+		t.Error("creating a provider with users but no organization should not return an error")
+	}
+	// Unset the user whitelist and set a domain
+	c.UsersWhitelist = []string{}
+	c.ProviderOpts = map[string]string{"organization": organization}
+	if _, err := New(c); err != nil {
+		t.Error("creating a provider with an organization set but without a user whitelist should not return an error")
+	}
 }
 
 func TestStartSession(t *testing.T) {
@@ -45,7 +67,7 @@ func TestStartSession(t *testing.T) {
 	a.Contains(s.AuthURL, fmt.Sprintf("client_id=%s", oauthClientID))
 }
 
-func newGithub() (auth.Provider, error) {
+func newGithub() (*Config, error) {
 	c := &config.Auth{
 		OauthClientID:     oauthClientID,
 		OauthClientSecret: oauthClientSecret,