github.com/aavshr/aws-sdk-go@v1.41.3/aws/credentials/endpointcreds/provider_test.go

github.com/aavshr/aws-sdk-go@v1.41.3/aws/credentials/endpointcreds/provider_test.go (about)

     1  package endpointcreds_test
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  	"net/http"
     7  	"net/http/httptest"
     8  	"testing"
     9  	"time"
    10  
    11  	"github.com/aavshr/aws-sdk-go/aws/awserr"
    12  	"github.com/aavshr/aws-sdk-go/aws/credentials/endpointcreds"
    13  	"github.com/aavshr/aws-sdk-go/awstesting/unit"
    14  )
    15  
    16  func TestRetrieveRefreshableCredentials(t *testing.T) {
    17  	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    18  		if e, a := "/path/to/endpoint", r.URL.Path; e != a {
    19  			t.Errorf("expect %v, got %v", e, a)
    20  		}
    21  		if e, a := "application/json", r.Header.Get("Accept"); e != a {
    22  			t.Errorf("expect %v, got %v", e, a)
    23  		}
    24  		if e, a := "else", r.URL.Query().Get("something"); e != a {
    25  			t.Errorf("expect %v, got %v", e, a)
    26  		}
    27  
    28  		encoder := json.NewEncoder(w)
    29  		err := encoder.Encode(map[string]interface{}{
    30  			"AccessKeyID":     "AKID",
    31  			"SecretAccessKey": "SECRET",
    32  			"Token":           "TOKEN",
    33  			"Expiration":      time.Now().Add(1 * time.Hour),
    34  		})
    35  
    36  		if err != nil {
    37  			fmt.Println("failed to write out creds", err)
    38  		}
    39  	}))
    40  	defer server.Close()
    41  
    42  	client := endpointcreds.NewProviderClient(*unit.Session.Config,
    43  		unit.Session.Handlers,
    44  		server.URL+"/path/to/endpoint?something=else",
    45  	)
    46  	creds, err := client.Retrieve()
    47  
    48  	if err != nil {
    49  		t.Errorf("expect no error, got %v", err)
    50  	}
    51  
    52  	if e, a := "AKID", creds.AccessKeyID; e != a {
    53  		t.Errorf("expect %v, got %v", e, a)
    54  	}
    55  	if e, a := "SECRET", creds.SecretAccessKey; e != a {
    56  		t.Errorf("expect %v, got %v", e, a)
    57  	}
    58  	if e, a := "TOKEN", creds.SessionToken; e != a {
    59  		t.Errorf("expect %v, got %v", e, a)
    60  	}
    61  	if client.IsExpired() {
    62  		t.Errorf("expect not expired, was")
    63  	}
    64  
    65  	client.(*endpointcreds.Provider).CurrentTime = func() time.Time {
    66  		return time.Now().Add(2 * time.Hour)
    67  	}
    68  
    69  	if !client.IsExpired() {
    70  		t.Errorf("expect expired, wasn't")
    71  	}
    72  }
    73  
    74  func TestRetrieveStaticCredentials(t *testing.T) {
    75  	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
    76  		encoder := json.NewEncoder(w)
    77  		err := encoder.Encode(map[string]interface{}{
    78  			"AccessKeyID":     "AKID",
    79  			"SecretAccessKey": "SECRET",
    80  		})
    81  
    82  		if err != nil {
    83  			fmt.Println("failed to write out creds", err)
    84  		}
    85  	}))
    86  	defer server.Close()
    87  
    88  	client := endpointcreds.NewProviderClient(*unit.Session.Config, unit.Session.Handlers, server.URL)
    89  	creds, err := client.Retrieve()
    90  
    91  	if err != nil {
    92  		t.Errorf("expect no error, got %v", err)
    93  	}
    94  
    95  	if e, a := "AKID", creds.AccessKeyID; e != a {
    96  		t.Errorf("expect %v, got %v", e, a)
    97  	}
    98  	if e, a := "SECRET", creds.SecretAccessKey; e != a {
    99  		t.Errorf("expect %v, got %v", e, a)
   100  	}
   101  	if v := creds.SessionToken; len(v) != 0 {
   102  		t.Errorf("Expect no SessionToken, got %#v", v)
   103  	}
   104  	if client.IsExpired() {
   105  		t.Errorf("expect not expired, was")
   106  	}
   107  }
   108  
   109  func TestFailedRetrieveCredentials(t *testing.T) {
   110  	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
   111  		w.WriteHeader(400)
   112  		encoder := json.NewEncoder(w)
   113  		err := encoder.Encode(map[string]interface{}{
   114  			"Code":    "Error",
   115  			"Message": "Message",
   116  		})
   117  
   118  		if err != nil {
   119  			fmt.Println("failed to write error", err)
   120  		}
   121  	}))
   122  	defer server.Close()
   123  
   124  	client := endpointcreds.NewProviderClient(*unit.Session.Config, unit.Session.Handlers, server.URL)
   125  	creds, err := client.Retrieve()
   126  
   127  	if err == nil {
   128  		t.Errorf("expect error, got none")
   129  	}
   130  	aerr := err.(awserr.Error)
   131  
   132  	if e, a := "CredentialsEndpointError", aerr.Code(); e != a {
   133  		t.Errorf("expect %v, got %v", e, a)
   134  	}
   135  	if e, a := "failed to load credentials", aerr.Message(); e != a {
   136  		t.Errorf("expect %v, got %v", e, a)
   137  	}
   138  
   139  	aerr = aerr.OrigErr().(awserr.Error)
   140  	if e, a := "Error", aerr.Code(); e != a {
   141  		t.Errorf("expect %v, got %v", e, a)
   142  	}
   143  	if e, a := "Message", aerr.Message(); e != a {
   144  		t.Errorf("expect %v, got %v", e, a)
   145  	}
   146  
   147  	if v := creds.AccessKeyID; len(v) != 0 {
   148  		t.Errorf("expect empty, got %#v", v)
   149  	}
   150  	if v := creds.SecretAccessKey; len(v) != 0 {
   151  		t.Errorf("expect empty, got %#v", v)
   152  	}
   153  	if v := creds.SessionToken; len(v) != 0 {
   154  		t.Errorf("expect empty, got %#v", v)
   155  	}
   156  	if !client.IsExpired() {
   157  		t.Errorf("expect expired, wasn't")
   158  	}
   159  }
   160  
   161  func TestAuthorizationToken(t *testing.T) {
   162  	const expectAuthToken = "Basic abc123"
   163  
   164  	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
   165  		if e, a := "/path/to/endpoint", r.URL.Path; e != a {
   166  			t.Errorf("expect %v, got %v", e, a)
   167  		}
   168  		if e, a := "application/json", r.Header.Get("Accept"); e != a {
   169  			t.Errorf("expect %v, got %v", e, a)
   170  		}
   171  		if e, a := expectAuthToken, r.Header.Get("Authorization"); e != a {
   172  			t.Fatalf("expect %v, got %v", e, a)
   173  		}
   174  
   175  		encoder := json.NewEncoder(w)
   176  		err := encoder.Encode(map[string]interface{}{
   177  			"AccessKeyID":     "AKID",
   178  			"SecretAccessKey": "SECRET",
   179  			"Token":           "TOKEN",
   180  			"Expiration":      time.Now().Add(1 * time.Hour),
   181  		})
   182  
   183  		if err != nil {
   184  			fmt.Println("failed to write out creds", err)
   185  		}
   186  	}))
   187  	defer server.Close()
   188  
   189  	client := endpointcreds.NewProviderClient(*unit.Session.Config,
   190  		unit.Session.Handlers,
   191  		server.URL+"/path/to/endpoint?something=else",
   192  		func(p *endpointcreds.Provider) {
   193  			p.AuthorizationToken = expectAuthToken
   194  		},
   195  	)
   196  	creds, err := client.Retrieve()
   197  
   198  	if err != nil {
   199  		t.Errorf("expect no error, got %v", err)
   200  	}
   201  
   202  	if e, a := "AKID", creds.AccessKeyID; e != a {
   203  		t.Errorf("expect %v, got %v", e, a)
   204  	}
   205  	if e, a := "SECRET", creds.SecretAccessKey; e != a {
   206  		t.Errorf("expect %v, got %v", e, a)
   207  	}
   208  	if e, a := "TOKEN", creds.SessionToken; e != a {
   209  		t.Errorf("expect %v, got %v", e, a)
   210  	}
   211  	if client.IsExpired() {
   212  		t.Errorf("expect not expired, was")
   213  	}
   214  
   215  	client.(*endpointcreds.Provider).CurrentTime = func() time.Time {
   216  		return time.Now().Add(2 * time.Hour)
   217  	}
   218  
   219  	if !client.IsExpired() {
   220  		t.Errorf("expect expired, wasn't")
   221  	}
   222  }