Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
publics
/
etcd-io__etcd
0
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Drzewo: 6c91766490
Gałęzie Tagi
etcd-io__etcd
/
internal
/
auth
/
jwt_test.go

jwt_test.go 2.5 KB
Historia Czysty

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394 
  1. // Copyright 2017 The etcd Authors
    2. 

  2. //
    3. 

  3. // Licensed under the Apache License, Version 2.0 (the "License");
    4. 

  4. // you may not use this file except in compliance with the License.
    5. 

  5. // You may obtain a copy of the License at
    6. 

  6. //
    7. 

  7. //     http://www.apache.org/licenses/LICENSE-2.0
    8. 

  8. //
    9. 

  9. // Unless required by applicable law or agreed to in writing, software
    10. 

  10. // distributed under the License is distributed on an "AS IS" BASIS,
    11. 

  11. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12. 

  12. // See the License for the specific language governing permissions and
    13. 

  13. // limitations under the License.
    14. 

  14. 

  15. package auth
    16. 

  16. 

  17. import (
    18. 

  18. 	"context"
    19. 

  19. 	"testing"
    20. 

  20. )
    21. 

  21. 

  22. const (
    23. 

  23. 	jwtPubKey  = "../../integration/fixtures/server.crt"
    24. 

  24. 	jwtPrivKey = "../../integration/fixtures/server.key.insecure"
    25. 

  25. )
    26. 

  26. 

  27. func TestJWTInfo(t *testing.T) {
    28. 

  28. 	opts := map[string]string{
    29. 

  29. 		"pub-key":     jwtPubKey,
    30. 

  30. 		"priv-key":    jwtPrivKey,
    31. 

  31. 		"sign-method": "RS256",
    32. 

  32. 	}
    33. 

  33. 	jwt, err := newTokenProviderJWT(opts)
    34. 

  34. 	if err != nil {
    35. 

  35. 		t.Fatal(err)
    36. 

  36. 	}
    37. 

  37. 	token, aerr := jwt.assign(context.TODO(), "abc", 123)
    38. 

  38. 	if aerr != nil {
    39. 

  39. 		t.Fatal(err)
    40. 

  40. 	}
    41. 

  41. 	ai, ok := jwt.info(context.TODO(), token, 123)
    42. 

  42. 	if !ok {
    43. 

  43. 		t.Fatalf("failed to authenticate with token %s", token)
    44. 

  44. 	}
    45. 

  45. 	if ai.Revision != 123 {
    46. 

  46. 		t.Fatalf("expected revision 123, got %d", ai.Revision)
    47. 

  47. 	}
    48. 

  48. 	ai, ok = jwt.info(context.TODO(), "aaa", 120)
    49. 

  49. 	if ok || ai != nil {
    50. 

  50. 		t.Fatalf("expected aaa to fail to authenticate, got %+v", ai)
    51. 

  51. 	}
    52. 

  52. }
    53. 

  53. 

  54. func TestJWTBad(t *testing.T) {
    55. 

  55. 	opts := map[string]string{
    56. 

  56. 		"pub-key":     jwtPubKey,
    57. 

  57. 		"priv-key":    jwtPrivKey,
    58. 

  58. 		"sign-method": "RS256",
    59. 

  59. 	}
    60. 

  60. 	// private key instead of public key
    61. 

  61. 	opts["pub-key"] = jwtPrivKey
    62. 

  62. 	if _, err := newTokenProviderJWT(opts); err == nil {
    63. 

  63. 		t.Fatalf("expected failure on missing public key")
    64. 

  64. 	}
    65. 

  65. 	opts["pub-key"] = jwtPubKey
    66. 

  66. 

  67. 	// public key instead of private key
    68. 

  68. 	opts["priv-key"] = jwtPubKey
    69. 

  69. 	if _, err := newTokenProviderJWT(opts); err == nil {
    70. 

  70. 		t.Fatalf("expected failure on missing public key")
    71. 

  71. 	}
    72. 

  72. 	opts["priv-key"] = jwtPrivKey
    73. 

  73. 

  74. 	// missing signing option
    75. 

  75. 	delete(opts, "sign-method")
    76. 

  76. 	if _, err := newTokenProviderJWT(opts); err == nil {
    77. 

  77. 		t.Fatal("expected error on missing option")
    78. 

  78. 	}
    79. 

  79. 	opts["sign-method"] = "RS256"
    80. 

  80. 

  81. 	// bad file for pubkey
    82. 

  82. 	opts["pub-key"] = "whatever"
    83. 

  83. 	if _, err := newTokenProviderJWT(opts); err == nil {
    84. 

  84. 		t.Fatalf("expected failure on missing public key")
    85. 

  85. 	}
    86. 

  86. 	opts["pub-key"] = jwtPubKey
    87. 

  87. 

  88. 	// bad file for private key
    89. 

  89. 	opts["priv-key"] = "whatever"
    90. 

  90. 	if _, err := newTokenProviderJWT(opts); err == nil {
    91. 

  91. 		t.Fatalf("expeceted failure on missing private key")
    92. 

  92. 	}
    93. 

  93. 	opts["priv-key"] = jwtPrivKey
    94. 

  94. }
    95.