use Test::Nginx::Socket 'no_plan';

run_tests();

__DATA__

=== TEST 1: https with x509 client authentication, verification of valid VOMS attributes extracted by ngx_http_voms_module 
--- main_config
    env OPENSSL_ALLOW_PROXY_CERTS=1;
    env X509_VOMS_DIR=t/vomsdir;
    env X509_CERT_DIR=t/trust-anchors;
--- http_config
    server {
        error_log logs/error.log debug;
        listen 8443 ssl;
        ssl_certificate ../../certs/nginx_voms_example.cert.pem;
        ssl_certificate_key ../../certs/nginx_voms_example.key.pem;
        ssl_client_certificate ../../trust-anchors/igi-test-ca.pem;
        ssl_verify_depth 10;
        ssl_verify_client on;
	location = / {
            default_type text/plain;
            echo $voms_user; 
            echo $voms_user_ca;
            echo $voms_fqans;
            echo $voms_server; 
            echo $voms_server_ca;
            echo $voms_vo; 
            echo $voms_server_uri;
            echo $voms_not_before;
            echo $voms_not_after;
            echo $voms_generic_attributes;
            echo $voms_serial;
        }
    }
--- config
    location = / {
        proxy_pass https://localhost:8443/;
        proxy_ssl_certificate ../../certs/4.cert.pem;
        proxy_ssl_certificate_key ../../certs/4.key.pem;
    }
--- request
GET / 
--- response_body
/C=IT/O=IGI/CN=test0
/C=IT/O=IGI/CN=Test CA
/test/exp1,/test/exp2,/test/exp3/Role=PIPPO
/C=IT/O=IGI/CN=nginx-voms.example
/C=IT/O=IGI/CN=Test CA
test.vo
2018-01-01T00:00:00
2030-01-01T00:00:00
nickname = newland (test.vo),nickname = giaco (test.vo)
1644758975
--- error_code: 200