...

Source file src/github.com/aws/aws-sdk-go-v2/config/resolve_bearer_token_test.go

Documentation: github.com/aws/aws-sdk-go-v2/config

     1  package config
     2  
     3  import (
     4  	"context"
     5  	"path/filepath"
     6  	"testing"
     7  	"time"
     8  
     9  	"github.com/aws/aws-sdk-go-v2/aws"
    10  	"github.com/aws/aws-sdk-go-v2/credentials/ssocreds"
    11  	"github.com/aws/aws-sdk-go-v2/internal/sdk"
    12  	smithybearer "github.com/aws/smithy-go/auth/bearer"
    13  )
    14  
    15  func TestResolveBearerAuthToken(t *testing.T) {
    16  	cases := map[string]struct {
    17  		setNowTime     func() func()
    18  		configs        configs
    19  		expectProvider bool
    20  		expectToken    smithybearer.Token
    21  	}{
    22  		"no provider": {},
    23  		"config source provider": {
    24  			configs: configs{
    25  				LoadOptions{
    26  					BearerAuthTokenProvider: smithybearer.StaticTokenProvider{
    27  						Token: smithybearer.Token{Value: "abc123"},
    28  					},
    29  				},
    30  			},
    31  			expectProvider: true,
    32  			expectToken:    smithybearer.Token{Value: "abc123"},
    33  		},
    34  		"sso session legacy": {
    35  			setNowTime: func() func() {
    36  				return sdk.TestingUseReferenceTime(time.Date(2044, 4, 4, 0, 0, 0, 0, time.UTC))
    37  			},
    38  			configs: configs{
    39  				LoadOptions{
    40  					SSOTokenProviderOptions: func(o *ssocreds.SSOTokenProviderOptions) {
    41  						expectPath, _ := ssocreds.StandardCachedTokenFilepath("https://example.aws/start")
    42  						if e, a := expectPath, o.CachedTokenFilepath; e != a {
    43  							t.Errorf("expect %v cache file path, got %v", e, a)
    44  						}
    45  
    46  						o.CachedTokenFilepath = filepath.Join("testdata", "cached_sso_token.json")
    47  					},
    48  				},
    49  				SharedConfig{
    50  					SSORegion:   "us-west-2",
    51  					SSOStartURL: "https://example.aws/start",
    52  				},
    53  			},
    54  			expectProvider: false,
    55  			expectToken: smithybearer.Token{
    56  				Value:     "access token",
    57  				CanExpire: true,
    58  				Expires:   time.Date(2044, 4, 4, 7, 0, 1, 0, time.UTC),
    59  			},
    60  		},
    61  		"sso session named": {
    62  			setNowTime: func() func() {
    63  				return sdk.TestingUseReferenceTime(time.Date(2044, 4, 4, 0, 0, 0, 0, time.UTC))
    64  			},
    65  			configs: configs{
    66  				LoadOptions{
    67  					SSOTokenProviderOptions: func(o *ssocreds.SSOTokenProviderOptions) {
    68  						expectPath, _ := ssocreds.StandardCachedTokenFilepath("test-session")
    69  						if e, a := expectPath, o.CachedTokenFilepath; e != a {
    70  							t.Errorf("expect %v cache file path, got %v", e, a)
    71  						}
    72  
    73  						o.CachedTokenFilepath = filepath.Join("testdata", "cached_sso_token.json")
    74  					},
    75  				},
    76  				SharedConfig{
    77  					SSOSessionName: "test-session",
    78  					SSOSession: &SSOSession{
    79  						Name:        "test-session",
    80  						SSORegion:   "us-west-2",
    81  						SSOStartURL: "https://example.aws/start",
    82  					},
    83  				},
    84  			},
    85  			expectProvider: true,
    86  			expectToken: smithybearer.Token{
    87  				Value:     "access token",
    88  				CanExpire: true,
    89  				Expires:   time.Date(2044, 4, 4, 7, 0, 1, 0, time.UTC),
    90  			},
    91  		},
    92  	}
    93  
    94  	for name, c := range cases {
    95  		t.Run(name, func(t *testing.T) {
    96  			if c.setNowTime != nil {
    97  				restoreTime := c.setNowTime()
    98  				defer restoreTime()
    99  			}
   100  
   101  			var cfg aws.Config
   102  			err := resolveBearerAuthToken(context.Background(), &cfg, c.configs)
   103  			if err != nil {
   104  				t.Fatalf("expect no error, got %v", err)
   105  			}
   106  
   107  			if !c.expectProvider {
   108  				if v := cfg.BearerAuthTokenProvider; v != nil {
   109  					t.Errorf("expect no provider, got %T, %v", v, v)
   110  				}
   111  				return
   112  			}
   113  
   114  			token, err := cfg.BearerAuthTokenProvider.RetrieveBearerToken(context.Background())
   115  			if err != nil {
   116  				t.Fatalf("expect no error, got %v", err)
   117  			}
   118  
   119  			if diff := cmpDiff(c.expectToken, token); diff != "" {
   120  				t.Errorf("expect token match\n%s", diff)
   121  			}
   122  		})
   123  	}
   124  }
   125  
   126  func TestWrapWithBearerAuthTokenProvider(t *testing.T) {
   127  	cases := map[string]struct {
   128  		configs         configs
   129  		provider        smithybearer.TokenProvider
   130  		optFns          []func(*smithybearer.TokenCacheOptions)
   131  		compareProvider bool
   132  		expectToken     smithybearer.Token
   133  	}{
   134  		"already wrapped": {
   135  			provider: smithybearer.NewTokenCache(smithybearer.StaticTokenProvider{
   136  				Token: smithybearer.Token{Value: "abc123"},
   137  			}),
   138  			compareProvider: true,
   139  			expectToken:     smithybearer.Token{Value: "abc123"},
   140  		},
   141  		"to be wrapped": {
   142  			provider: smithybearer.StaticTokenProvider{
   143  				Token: smithybearer.Token{Value: "abc123"},
   144  			},
   145  			expectToken: smithybearer.Token{Value: "abc123"},
   146  		},
   147  	}
   148  
   149  	for name, c := range cases {
   150  		t.Run(name, func(t *testing.T) {
   151  			provider, err := wrapWithBearerAuthTokenCache(context.Background(),
   152  				c.configs, c.provider, c.optFns...)
   153  			if err != nil {
   154  				t.Fatalf("expect no error, got %v", err)
   155  			}
   156  
   157  			if p, ok := provider.(*smithybearer.TokenCache); !ok {
   158  				t.Fatalf("expect provider wrapped in %T, got %T", p, provider)
   159  			}
   160  
   161  			if c.compareProvider && provider != c.provider {
   162  				t.Errorf("expect same provider, was not")
   163  			}
   164  
   165  			token, err := provider.RetrieveBearerToken(context.Background())
   166  			if err != nil {
   167  				t.Fatalf("expect no error, got %v", err)
   168  			}
   169  
   170  			if diff := cmpDiff(c.expectToken, token); diff != "" {
   171  				t.Errorf("expect token match\n%s", diff)
   172  			}
   173  		})
   174  	}
   175  }
   176  

View as plain text