1 package integeration
2
3 import (
4 "os"
5 "strconv"
6 "testing"
7
8 "github.com/alibabacloud-go/tea/tea"
9 "github.com/aliyun/credentials-go/credentials"
10 "github.com/stretchr/testify/assert"
11 )
12
13 const (
14 EnvVarSubAccessKeyId = "SUB_ALICLOUD_ACCESS_KEY"
15 EnvVarSubAccessKeySecret = "SUB_ALICLOUD_SECRET_KEY"
16 EnvVarRoleArn = "ALICLOUD_ROLE_ARN"
17 EnvVarRoleSessionName = "ALICLOUD_ROLE_SESSION_NAME"
18 EnvVarRoleSessionExpiration = "ALICLOUD_ROLE_SESSION_EXPIRATION"
19 )
20
21 func Test_Arn(t *testing.T) {
22 rawexpiration := os.Getenv(EnvVarRoleSessionExpiration)
23 expiration := 0
24 if rawexpiration != "" {
25 expiration, _ = strconv.Atoi(rawexpiration)
26 }
27 config := &credentials.Config{
28 Type: tea.String("ram_role_arn"),
29 AccessKeyId: tea.String(os.Getenv(EnvVarSubAccessKeyId)),
30 AccessKeySecret: tea.String(os.Getenv(EnvVarSubAccessKeySecret)),
31 RoleArn: tea.String(os.Getenv(EnvVarRoleArn)),
32 RoleSessionName: tea.String(os.Getenv(EnvVarRoleSessionName)),
33 RoleSessionExpiration: tea.Int(expiration),
34 }
35 cred, err := credentials.NewCredential(config)
36 assert.Nil(t, err)
37 assert.NotNil(t, cred)
38 accesskey, err := cred.GetAccessKeyId()
39 assert.Nil(t, err)
40 assert.NotNil(t, accesskey)
41 }
42
43 func Test_Oidc(t *testing.T) {
44 path, _ := os.Getwd()
45 oidcTokenFilePath := path + "../credentials/oidc_token"
46 config := &credentials.Config{
47 Type: tea.String("oidc_role_arn"),
48 RoleArn: tea.String("acs:ram::roleArn:role/roleArn"),
49 OIDCProviderArn: tea.String("acs:ram::roleArn"),
50 OIDCTokenFilePath: tea.String(oidcTokenFilePath),
51 }
52 cred, err := credentials.NewCredential(config)
53 assert.Nil(t, err)
54 assert.NotNil(t, cred)
55 _, err = cred.GetAccessKeyId()
56 assert.NotNil(t, err)
57 assert.Contains(t, err.Error(), "AuthenticationFail.OIDCToken.Invalid")
58 }
59
View as plain text