1 package credentials
2
3 import (
4 "errors"
5 "net/http"
6 "testing"
7
8 "github.com/aliyun/credentials-go/credentials/utils"
9
10 "github.com/stretchr/testify/assert"
11 )
12
13 func Test_KeyPairCredential(t *testing.T) {
14 privatekey := `
15 MIICeQIBADANBgkqhkiG9w0BAQEFAASCAmMwggJfAgEAAoGBAOJC+2WXtkXZ+6sa
16 3+qJp4mDOsiZb3BghHT9nVbjTeaw4hsZWHYxQ6l6XDmTg4twPB59LOGAlAjYrT31
17 3pdwEawnmdf6zyF93Zvxxpy7lO2HoxYKSjbtXO4I0pcq3WTnw2xlbhqHvrcuWwt+
18 FqH9akzcnwHjc03siZBzt/dwDL3vAgMBAAECgYEAzwgZPqFuUEYgaTVDFDl2ynYA
19 kNMMzBgUu3Pgx0Nf4amSitdLQYLcdbQXtTtMT4eYCxHgwkpDqkCRbLOQRKNwFo0I
20 oaCuhjZlxWcKil4z4Zb/zB7gkeuXPOVUjFSS3FogsRWMtnNAMgR/yJRlbcg/Puqk
21 Magt/yDk+7cJCe6H96ECQQDxMT4S+tVP9nOw//QT39Dk+kWe/YVEhnWnCMZmGlEq
22 1gnN6qpUi68ts6b3BVgrDPrPN6wm/Z9vpcKNeWpIvxXRAkEA8CcT2UEUwDGRKAUu
23 WVPJqdAJjpjc072eRF5g792NyO+TAF6thBlDKNslRvFQDB6ymLsjfy8JYCnGbbSb
24 WqbHvwJBAIs7KeI6+jiWxGJA3t06LpSABQCqyOut0u0Bm8YFGyXnOPGtrXXwzMdN
25 Fe0zIJp5e69zK+W2Mvt4bL7OgBROeoECQQDsE+4uLw0gFln0tosmovhmp60NcfX7
26 bLbtzL2MbwbXlbOztF7ssgzUWAHgKI6hK3g0LhsqBuo3jzmSVO43giZvAkEA08Nm
27 2TI9EvX6DfCVfPOiKZM+Pijh0xLN4Dn8qUgt3Tcew/vfj4WA2ZV6qiJqL01vMsHc
28 vftlY0Hs1vNXcaBgEA==`
29 auth := newRsaKeyPairCredential(privatekey, "publicKeyId", 100, &utils.Runtime{Host: "www.aliyun.com", Proxy: "www.aliyuncs.com"})
30 origTestHookDo := hookDo
31 defer func() { hookDo = origTestHookDo }()
32 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
33 return func(req *http.Request) (*http.Response, error) {
34 return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, errors.New("Internal error"))
35 }
36 }
37 accesskeyId, err := auth.GetAccessKeyId()
38 assert.NotNil(t, err)
39 assert.Equal(t, "[InvalidParam]:Key Pair session duration should be in the range of 15min - 1Hr", err.Error())
40 assert.Equal(t, "", *accesskeyId)
41
42 accesskeySecret, err := auth.GetAccessKeySecret()
43 assert.NotNil(t, err)
44 assert.Equal(t, "[InvalidParam]:Key Pair session duration should be in the range of 15min - 1Hr", err.Error())
45 assert.Equal(t, "", *accesskeySecret)
46
47 ststoken, err := auth.GetSecurityToken()
48 assert.Nil(t, err)
49 assert.Equal(t, "", *ststoken)
50
51 assert.Equal(t, "", *auth.GetBearerToken())
52 assert.Equal(t, "rsa_key_pair", *auth.GetType())
53
54 auth.SessionExpiration = 1000
55 accesskeyId, err = auth.GetAccessKeyId()
56 assert.NotNil(t, err)
57 assert.Equal(t, "refresh KeyPair err: Internal error", err.Error())
58 assert.Equal(t, "", *accesskeyId)
59
60 auth.SessionExpiration = 0
61 accesskeyId, err = auth.GetAccessKeyId()
62 assert.NotNil(t, err)
63 assert.Equal(t, "refresh KeyPair err: Internal error", err.Error())
64 assert.Equal(t, "", *accesskeyId)
65
66 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
67 return func(req *http.Request) (*http.Response, error) {
68 return mockResponse(300, ``, nil)
69 }
70 }
71 accesskeyId, err = auth.GetAccessKeyId()
72 assert.NotNil(t, err)
73 assert.Equal(t, "refresh KeyPair err: httpStatus: 300, message = ", err.Error())
74 assert.Equal(t, "", *accesskeyId)
75
76 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
77 return func(req *http.Request) (*http.Response, error) {
78 return mockResponse(200, `"SessionAccessKey":{"SessionAccessKeyId":"accessKeyId","SessionAccessKeySecret":"accessKeySecret","Expiration":"expiration"}}`, nil)
79 }
80 }
81 accesskeyId, err = auth.GetAccessKeyId()
82 assert.NotNil(t, err)
83 assert.Equal(t, "refresh KeyPair err: Json Unmarshal fail: invalid character ':' after top-level value", err.Error())
84 assert.Equal(t, "", *accesskeyId)
85
86 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
87 return func(req *http.Request) (*http.Response, error) {
88 return mockResponse(200, `{"SessionAccessKey":{"SessionAccessKeySecret":"accessKeySecret","Expiration":"expiration"}}`, nil)
89 }
90 }
91 accesskeyId, err = auth.GetAccessKeyId()
92 assert.NotNil(t, err)
93 assert.Equal(t, "refresh KeyPair err: SessionAccessKeyId: , SessionAccessKeySecret: accessKeySecret, Expiration: expiration", err.Error())
94 assert.Equal(t, "", *accesskeyId)
95
96 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
97 return func(req *http.Request) (*http.Response, error) {
98 return mockResponse(200, `{}`, nil)
99 }
100 }
101 accesskeyId, err = auth.GetAccessKeyId()
102 assert.NotNil(t, err)
103 assert.Equal(t, "refresh KeyPair err: SessionAccessKey is empty", err.Error())
104 assert.Equal(t, "", *accesskeyId)
105
106 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
107 return func(req *http.Request) (*http.Response, error) {
108 return mockResponse(200, `{"SessionAccessKey":{"SessionAccessKeyId":"accessKeyId","SessionAccessKeySecret":"accessKeySecret","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
109 }
110 }
111 accesskeyId, err = auth.GetAccessKeyId()
112 assert.Nil(t, err)
113 assert.Equal(t, "accessKeyId", *accesskeyId)
114
115 accesskeySecret, err = auth.GetAccessKeySecret()
116 assert.Nil(t, err)
117 assert.Equal(t, "accessKeySecret", *accesskeySecret)
118
119 cred, err := auth.GetCredential()
120 assert.Nil(t, err)
121 assert.Equal(t, "accessKeyId", *cred.AccessKeyId)
122 assert.Equal(t, "accessKeySecret", *cred.AccessKeySecret)
123 assert.Equal(t, "", *cred.SecurityToken)
124 assert.Nil(t, cred.BearerToken)
125 assert.Equal(t, "rsa_key_pair", *cred.Type)
126
127 auth.runtime = nil
128 auth.lastUpdateTimestamp = 0
129 accesskeyId, err = auth.GetAccessKeyId()
130 assert.Nil(t, err)
131 assert.Equal(t, "accessKeyId", *accesskeyId)
132
133 auth = newRsaKeyPairCredential(privatekey, "publicKeyId", 3600, &utils.Runtime{STSEndpoint: "www.aliyun.com"})
134 hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
135 return func(req *http.Request) (*http.Response, error) {
136 assert.Equal(t, "www.aliyun.com", req.Host)
137 return mockResponse(200, `{}`, nil)
138 }
139 }
140 accesskeyId, err = auth.GetAccessKeyId()
141 assert.NotNil(t, err)
142 assert.Equal(t, "refresh KeyPair err: SessionAccessKey is empty", err.Error())
143 assert.Equal(t, "", *accesskeyId)
144 }
145
View as plain text