github.com/argoproj/argo-cd@v1.8.7/util/session/sessionmanager_norace_test.go

github.com/argoproj/argo-cd@v1.8.7/util/session/sessionmanager_norace_test.go (about)

     1  // +build !race
     2  
     3  package session
     4  
     5  import (
     6  	"context"
     7  	"testing"
     8  	"time"
     9  
    10  	"github.com/stretchr/testify/assert"
    11  
    12  	"github.com/argoproj/argo-cd/util/settings"
    13  )
    14  
    15  func TestRandomPasswordVerificationDelay(t *testing.T) {
    16  
    17  	// !race:
    18  	//`SessionManager.VerifyUsernamePassword` uses bcrypt to prevent against time-based attacks
    19  	// and verify the hashed password; however this is a CPU intensive algorithm that is made
    20  	// significantly slower due to data race detection being enabled, which breaks through
    21  	// the maximum time limit required by `TestRandomPasswordVerificationDelay`.
    22  
    23  	var sleptFor time.Duration
    24  	settingsMgr := settings.NewSettingsManager(context.Background(), getKubeClient("password", true), "argocd")
    25  	mgr := newSessionManager(settingsMgr, getProjLister(), NewInMemoryUserStateStorage())
    26  	mgr.verificationDelayNoiseEnabled = true
    27  	mgr.sleep = func(d time.Duration) {
    28  		sleptFor = d
    29  	}
    30  	for i := 0; i < 10; i++ {
    31  		sleptFor = 0
    32  		start := time.Now()
    33  		if !assert.NoError(t, mgr.VerifyUsernamePassword("admin", "password")) {
    34  			return
    35  		}
    36  		totalDuration := time.Since(start) + sleptFor
    37  		assert.GreaterOrEqual(t, totalDuration.Nanoseconds(), verificationDelayNoiseMin.Nanoseconds())
    38  		assert.LessOrEqual(t, totalDuration.Nanoseconds(), verificationDelayNoiseMax.Nanoseconds())
    39  	}
    40  }