1 package credentials
2
3 import (
4 "os"
5 "testing"
6
7 "github.com/alibabacloud-go/tea/tea"
8 "github.com/aliyun/credentials-go/credentials/request"
9 "github.com/aliyun/credentials-go/credentials/utils"
10 "github.com/stretchr/testify/assert"
11 )
12
13 var privatekey = `----
14 this is privatekey`
15
16 func Test_NewCredential(t *testing.T) {
17 originAccessKey := os.Getenv(EnvVarAccessKeyId)
18 originAccessSecret := os.Getenv(EnvVarAccessKeySecret)
19 os.Setenv(EnvVarAccessKeyId, "accesskey")
20 os.Setenv(EnvVarAccessKeySecret, "accesssecret")
21 defer func() {
22 os.Setenv(EnvVarAccessKeyId, originAccessKey)
23 os.Setenv(EnvVarAccessKeySecret, originAccessSecret)
24 }()
25 cred, err := NewCredential(nil)
26 assert.Nil(t, err)
27 assert.NotNil(t, cred)
28 os.Unsetenv(EnvVarAccessKeyId)
29 os.Unsetenv(EnvVarAccessKeySecret)
30 cred, err = NewCredential(nil)
31 assert.NotNil(t, err)
32 assert.Equal(t, "No credential found", err.Error())
33 assert.Nil(t, cred)
34
35 config := new(Config)
36 assert.NotNil(t, config.String())
37 assert.NotNil(t, config.GoString())
38
39 config.SetType("access_key")
40 cred, err = NewCredential(config)
41 assert.NotNil(t, err)
42 assert.Equal(t, "AccessKeyId cannot be empty", err.Error())
43 assert.Nil(t, cred)
44
45 config.SetAccessKeyId("AccessKeyId")
46 cred, err = NewCredential(config)
47 assert.NotNil(t, err)
48 assert.Equal(t, "AccessKeySecret cannot be empty", err.Error())
49 assert.Nil(t, cred)
50
51 config.SetType("sts")
52 cred, err = NewCredential(config)
53 assert.NotNil(t, err)
54 assert.Equal(t, "AccessKeySecret cannot be empty", err.Error())
55 assert.Nil(t, cred)
56
57 config.SetAccessKeySecret("AccessKeySecret")
58 cred, err = NewCredential(config)
59 assert.NotNil(t, err)
60 assert.Equal(t, "SecurityToken cannot be empty", err.Error())
61 assert.Nil(t, cred)
62
63 config.SetAccessKeyId("")
64 cred, err = NewCredential(config)
65 assert.NotNil(t, err)
66 assert.Equal(t, "AccessKeyId cannot be empty", err.Error())
67 assert.Nil(t, cred)
68
69 config.SetType("ecs_ram_role")
70 cred, err = NewCredential(config)
71 assert.Nil(t, err)
72 assert.NotNil(t, cred)
73
74 config.SetType("rsa_key_pair")
75 cred, err = NewCredential(config)
76 assert.NotNil(t, err)
77 assert.Equal(t, "PrivateKeyFile cannot be empty", err.Error())
78 assert.Nil(t, cred)
79
80 config.SetPrivateKeyFile("test")
81 cred, err = NewCredential(config)
82 assert.NotNil(t, err)
83 assert.Equal(t, "PublicKeyId cannot be empty", err.Error())
84 assert.Nil(t, cred)
85
86 config.SetType("ram_role_arn")
87 config.SetAccessKeySecret("")
88 cred, err = NewCredential(config)
89 assert.NotNil(t, err)
90 assert.Equal(t, "AccessKeySecret cannot be empty", err.Error())
91 assert.Nil(t, cred)
92
93 config.SetAccessKeySecret("AccessKeySecret")
94 cred, err = NewCredential(config)
95 assert.NotNil(t, err)
96 assert.Equal(t, "RoleArn cannot be empty", err.Error())
97 assert.Nil(t, cred)
98
99 config.RoleArn = tea.String("RoleArn")
100 cred, err = NewCredential(config)
101 assert.NotNil(t, err)
102 assert.Equal(t, "RoleSessionName cannot be empty", err.Error())
103 assert.Nil(t, cred)
104
105 config.SetRoleSessionName("RoleSessionName")
106 config.SetAccessKeyId("")
107 cred, err = NewCredential(config)
108 assert.NotNil(t, err)
109 assert.Equal(t, "AccessKeyId cannot be empty", err.Error())
110 assert.Nil(t, cred)
111
112 config.SetType("bearer")
113 cred, err = NewCredential(config)
114 assert.NotNil(t, err)
115 assert.Equal(t, "BearerToken cannot be empty", err.Error())
116 assert.Nil(t, cred)
117
118 config.SetType("sdk")
119 cred, err = NewCredential(config)
120 assert.NotNil(t, err)
121 assert.Equal(t, "Invalid type option, support: access_key, sts, ecs_ram_role, ram_role_arn, rsa_key_pair", err.Error())
122 assert.Nil(t, cred)
123
124 config.SetType("sts").
125 SetAccessKeyId("AccessKeyId").
126 SetAccessKeySecret("AccessKeySecret").
127 SetSecurityToken("SecurityToken")
128 cred, err = NewCredential(config)
129 assert.Nil(t, err)
130 assert.NotNil(t, cred)
131
132 config.SetType("ecs_ram_role").
133 SetRoleName("AccessKeyId")
134 cred, err = NewCredential(config)
135 assert.Nil(t, err)
136 assert.NotNil(t, cred)
137
138 config.SetType("ram_role_arn").
139 SetRoleArn("roleArn").
140 SetRoleSessionName("RoleSessionName")
141 cred, err = NewCredential(config)
142 assert.Nil(t, err)
143 assert.NotNil(t, cred)
144
145 config.SetType("bearer").
146 SetBearerToken("BearerToken")
147 cred, err = NewCredential(config)
148 assert.Nil(t, err)
149 assert.NotNil(t, cred)
150
151 config.SetType("rsa_key_pair").
152 SetPublicKeyId("resource").
153 SetPrivateKeyFile("nofile").
154 SetSessionExpiration(10).
155 SetRoleSessionExpiration(10).
156 SetPolicy("").
157 SetHost("").
158 SetTimeout(10).
159 SetConnectTimeout(10).
160 SetProxy("")
161 cred, err = NewCredential(config)
162 assert.NotNil(t, err)
163 assert.Contains(t, err.Error(), "InvalidPath: Can not open PrivateKeyFile, err is open nofile:")
164 assert.Nil(t, cred)
165
166 file, err := os.Create("./pk.pem")
167 assert.Nil(t, err)
168 file.WriteString(privatekey)
169 file.Close()
170
171 config.SetType("rsa_key_pair").
172 SetPublicKeyId("resource").
173 SetPrivateKeyFile("./pk.pem")
174 cred, err = NewCredential(config)
175 assert.Nil(t, err)
176 assert.NotNil(t, cred)
177
178 config.SetType("oidc_role_arn").
179 SetOIDCProviderArn("oidc_provider_arn_test").
180 SetOIDCTokenFilePath("oidc_token_file_path_test").
181 SetRoleArn("role_arn_test")
182 cred, err = NewCredential(config)
183 assert.Nil(t, err)
184 assert.NotNil(t, cred)
185 assert.Equal(t, "oidc_provider_arn_test", tea.StringValue(config.OIDCProviderArn))
186 assert.Equal(t, "oidc_token_file_path_test", tea.StringValue(config.OIDCTokenFilePath))
187 assert.Equal(t, "role_arn_test", tea.StringValue(config.RoleArn))
188 }
189
190 func Test_doaction(t *testing.T) {
191 request := request.NewCommonRequest()
192 request.Method = "credential test"
193 content, err := doAction(request, nil)
194 assert.NotNil(t, err)
195 assert.Equal(t, `net/http: invalid method "credential test"`, err.Error())
196 assert.Nil(t, content)
197 request.Method = "GET"
198 request.URL = "http://www.aliyun.com"
199 runtime := &utils.Runtime{
200 Proxy: "# #%gfdf",
201 }
202 content, err = doAction(request, runtime)
203 assert.Contains(t, err.Error(), `invalid URL escape`)
204 assert.NotNil(t, err)
205 assert.Nil(t, content)
206 }
207
View as plain text