github.com/akamai/AkamaiOPEN-edgegrid-golang/v8@v8.1.0/pkg/edgeworkers/secure_tokens_test.go (about) 1 package edgeworkers 2 3 import ( 4 "context" 5 "errors" 6 "io/ioutil" 7 "net/http" 8 "net/http/httptest" 9 "testing" 10 11 "github.com/stretchr/testify/assert" 12 "github.com/stretchr/testify/require" 13 ) 14 15 func TestCreateSecureToken(t *testing.T) { 16 tests := map[string]struct { 17 params CreateSecureTokenRequest 18 expectedRequestBody string 19 responseStatus int 20 responseBody string 21 expectedPath string 22 expectedResponse *CreateSecureTokenResponse 23 withError error 24 }{ 25 "201 Created - create secure token": { 26 params: CreateSecureTokenRequest{ 27 ACL: "/*", 28 Expiry: 15, 29 Hostname: "test.devexp.akamai.com", 30 }, 31 expectedRequestBody: `{"acl":"/*","expiry":15,"hostname":"test.devexp.akamai.com"}`, 32 responseStatus: http.StatusCreated, 33 responseBody: ` 34 { 35 "akamaiEwTrace": "st=1641295764~exp=1641296664~acl=/*~hmac=f6d18857a6c738664b65a59036ac6f8348abe6b34a9503ec1262f18f114ed43f" 36 }`, 37 expectedPath: "/edgeworkers/v1/secure-token", 38 expectedResponse: &CreateSecureTokenResponse{ 39 AkamaiEWTrace: "st=1641295764~exp=1641296664~acl=/*~hmac=f6d18857a6c738664b65a59036ac6f8348abe6b34a9503ec1262f18f114ed43f", 40 }, 41 }, 42 "201 Created - create secure token with hostname only": { 43 params: CreateSecureTokenRequest{ 44 Hostname: "test.devexp.akamai.com", 45 }, 46 expectedRequestBody: `{"hostname":"test.devexp.akamai.com"}`, 47 responseStatus: http.StatusCreated, 48 responseBody: ` 49 { 50 "akamaiEwTrace": "st=1641295764~exp=1641296664~acl=/*~hmac=f6d18857a6c738664b65a59036ac6f8348abe6b34a9503ec1262f18f114ed43f" 51 }`, 52 expectedPath: "/edgeworkers/v1/secure-token", 53 expectedResponse: &CreateSecureTokenResponse{ 54 AkamaiEWTrace: "st=1641295764~exp=1641296664~acl=/*~hmac=f6d18857a6c738664b65a59036ac6f8348abe6b34a9503ec1262f18f114ed43f", 55 }, 56 }, 57 "201 Created - create secure token with hostname and propertyId": { 58 params: CreateSecureTokenRequest{ 59 Hostname: "test.devexp.akamai.com", 60 PropertyID: "200153206", 61 }, 62 expectedRequestBody: `{"hostname":"test.devexp.akamai.com","propertyId":"200153206"}`, 63 responseStatus: http.StatusCreated, 64 responseBody: ` 65 { 66 "akamaiEwTrace": "st=1641295764~exp=1641296664~acl=/*~hmac=f6d18857a6c738664b65a59036ac6f8348abe6b34a9503ec1262f18f114ed43f" 67 }`, 68 expectedPath: "/edgeworkers/v1/secure-token", 69 expectedResponse: &CreateSecureTokenResponse{ 70 AkamaiEWTrace: "st=1641295764~exp=1641296664~acl=/*~hmac=f6d18857a6c738664b65a59036ac6f8348abe6b34a9503ec1262f18f114ed43f", 71 }, 72 }, 73 "validation error - empty request": { 74 params: CreateSecureTokenRequest{}, 75 withError: ErrStructValidation, 76 }, 77 "validation error - both ALC and URL": { 78 params: CreateSecureTokenRequest{ 79 ACL: "/*", 80 Expiry: 15, 81 Hostname: "test.devexp.akamai.com", 82 URL: "/", 83 }, 84 withError: ErrStructValidation, 85 }, 86 "validation error - invalid expiry": { 87 params: CreateSecureTokenRequest{ 88 ACL: "/*", 89 Expiry: 1440, 90 Hostname: "test.devexp.akamai.com", 91 }, 92 withError: ErrStructValidation, 93 }, 94 "401 unauthorized": { 95 params: CreateSecureTokenRequest{ 96 ACL: "/*", 97 Expiry: 15, 98 Hostname: "test.devexp.akamai.com", 99 Network: "STAGING", 100 }, 101 responseStatus: http.StatusUnauthorized, 102 responseBody: ` 103 { 104 "type": "https://problems.luna-dev.akamaiapis.net/-/pep-authn/deny", 105 "title": "Not authorized", 106 "status": 401, 107 "detail": "Inactive client token", 108 "instance": "https://akaa-mgfkwp3rw4k2whym-eyn4wdjeur5lz37d.luna-dev.akamaiapis.net/edgeworkers/v1/secure-token", 109 "method": "POST", 110 "serverIp": "104.81.220.242", 111 "clientIp": "22.22.22.22", 112 "requestId": "17f6b2bc", 113 "requestTime": "2022-01-04T10:31:23Z" 114 }`, 115 expectedPath: "/edgeworkers/v1/secure-token", 116 withError: &Error{ 117 Type: "https://problems.luna-dev.akamaiapis.net/-/pep-authn/deny", 118 Title: "Not authorized", 119 Status: 401, 120 Detail: "Inactive client token", 121 Instance: "https://akaa-mgfkwp3rw4k2whym-eyn4wdjeur5lz37d.luna-dev.akamaiapis.net/edgeworkers/v1/secure-token", 122 Method: "POST", 123 ServerIP: "104.81.220.242", 124 ClientIP: "22.22.22.22", 125 RequestID: "17f6b2bc", 126 RequestTime: "2022-01-04T10:31:23Z", 127 }, 128 }, 129 "403 Forbidden - incorrect credentials": { 130 params: CreateSecureTokenRequest{ 131 ACL: "/*", 132 Expiry: 15, 133 Hostname: "test.devexp.akamai.com", 134 Network: "STAGING", 135 }, 136 responseStatus: http.StatusForbidden, 137 responseBody: ` 138 { 139 "type": "https://problems.luna-dev.akamaiapis.net/-/pep-authz/deny", 140 "title": "Forbidden", 141 "status": 403, 142 "detail": "The client does not have the grant needed for the request", 143 "instance": "https://akaa-xfaqsq2csihdccx5-4osos3xx73uxd2if.luna-dev.akamaiapis.net/edgeworkers/v1/secure-token", 144 "authzRealm": "b7iuwfuwdvstkoil.dhxzzfwdsq2jgp7w", 145 "method": "POST", 146 "serverIp": "104.81.220.242", 147 "clientIp": "22.22.22.22", 148 "requestId": "1801a12b", 149 "requestTime": "2022-01-04T10:36:06Z" 150 }`, 151 expectedPath: "/edgeworkers/v1/secure-token", 152 withError: &Error{ 153 Type: "https://problems.luna-dev.akamaiapis.net/-/pep-authz/deny", 154 Title: "Forbidden", 155 Status: 403, 156 Detail: "The client does not have the grant needed for the request", 157 Instance: "https://akaa-xfaqsq2csihdccx5-4osos3xx73uxd2if.luna-dev.akamaiapis.net/edgeworkers/v1/secure-token", 158 AuthzRealm: "b7iuwfuwdvstkoil.dhxzzfwdsq2jgp7w", 159 Method: "POST", 160 ServerIP: "104.81.220.242", 161 ClientIP: "22.22.22.22", 162 RequestID: "1801a12b", 163 RequestTime: "2022-01-04T10:36:06Z", 164 }, 165 }, 166 "404 Not found": { 167 params: CreateSecureTokenRequest{ 168 ACL: "/*", 169 Expiry: 15, 170 Hostname: "some1.test", 171 Network: "STAGING", 172 }, 173 responseStatus: http.StatusNotFound, 174 responseBody: ` 175 { 176 "type": "/edgeworkers/error-types/secret-key-not-found", 177 "title": "Rest API Error", 178 "instance": "eb764a5e-f375-4959-9e4d-b3a70d28721d", 179 "status": 404, 180 "detail": "Secret key could not be found.", 181 "errorCode": "EW2301" 182 }`, 183 expectedPath: "/edgeworkers/v1/secure-token", 184 withError: &Error{ 185 Type: "/edgeworkers/error-types/secret-key-not-found", 186 Title: "Rest API Error", 187 Instance: "eb764a5e-f375-4959-9e4d-b3a70d28721d", 188 Status: 404, 189 Detail: "Secret key could not be found.", 190 ErrorCode: "EW2301", 191 }, 192 }, 193 "500 internal server error": { 194 params: CreateSecureTokenRequest{ 195 ACL: "/*", 196 Expiry: 15, 197 Hostname: "test.devexp.akamai.com", 198 }, 199 responseStatus: http.StatusInternalServerError, 200 responseBody: ` 201 { 202 "type": "https://problems.luna-dev.akamaiapis.net/-/resource-impl/forward-origin-error", 203 "title": "Server Error", 204 "status": 500, 205 "instance": "host_name/edgeworkers/v1/secure-token", 206 "method": "POST", 207 "serverIp": "104.81.220.111", 208 "clientIp": "89.64.55.111", 209 "requestId": "a73affa111", 210 "requestTime": "2021-12-13T13:32:37Z" 211 }`, 212 expectedPath: "/edgeworkers/v1/secure-token", 213 withError: &Error{ 214 Type: "https://problems.luna-dev.akamaiapis.net/-/resource-impl/forward-origin-error", 215 Title: "Server Error", 216 Status: 500, 217 Instance: "host_name/edgeworkers/v1/secure-token", 218 Method: "POST", 219 ServerIP: "104.81.220.111", 220 ClientIP: "89.64.55.111", 221 RequestID: "a73affa111", 222 RequestTime: "2021-12-13T13:32:37Z", 223 }, 224 }, 225 } 226 for name, test := range tests { 227 t.Run(name, func(t *testing.T) { 228 mockServer := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { 229 assert.Equal(t, test.expectedPath, r.URL.String()) 230 assert.Equal(t, http.MethodPost, r.Method) 231 w.WriteHeader(test.responseStatus) 232 _, err := w.Write([]byte(test.responseBody)) 233 assert.NoError(t, err) 234 235 if len(test.expectedRequestBody) > 0 { 236 body, err := ioutil.ReadAll(r.Body) 237 require.NoError(t, err) 238 assert.Equal(t, test.expectedRequestBody, string(body)) 239 } 240 })) 241 client := mockAPIClient(t, mockServer) 242 result, err := client.CreateSecureToken(context.Background(), test.params) 243 if test.withError != nil { 244 assert.True(t, errors.Is(err, test.withError), "want: %s; got: %s", test.withError, err) 245 return 246 } 247 require.NoError(t, err) 248 assert.Equal(t, test.expectedResponse, result) 249 }) 250 } 251 }