github.com/google/cloudprober@v0.11.3/common/oauth/oauth_test.go

github.com/google/cloudprober@v0.11.3/common/oauth/oauth_test.go (about)

     1  // Copyright 2019 The Cloudprober Authors.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //      http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package oauth
    16  
    17  import (
    18  	"fmt"
    19  	"io/ioutil"
    20  	"strings"
    21  	"testing"
    22  
    23  	"github.com/golang/protobuf/proto"
    24  	configpb "github.com/google/cloudprober/common/oauth/proto"
    25  )
    26  
    27  func createTempFile(t *testing.T, b []byte) string {
    28  	tmpfile, err := ioutil.TempFile("", "")
    29  	if err != nil {
    30  		t.Fatal(err)
    31  		return ""
    32  	}
    33  
    34  	defer tmpfile.Close()
    35  	if _, err := tmpfile.Write(b); err != nil {
    36  		t.Fatal(err)
    37  	}
    38  
    39  	return tmpfile.Name()
    40  }
    41  
    42  var testPrivateKey = `-----BEGIN RSA PRIVATE KEY-----
    43  MIIBPAIBAAJBAN6ErRPkzBWt+R+kMtbbAgmFal+ZbVoWSJDzsLFwdzfy0QaI6Svq
    44  g4zpfn/H7lXi5MPJ+OWWhFy2DRD0L01PF8kCAwEAAQJBAM59MF+Vog08NEI4jTT0
    45  Zx+OvveX2PIQW6anfQAr7XXsEo910bPjb9YdfFaHyQCS8aIYeQ7vXD8tV6Vlu93B
    46  LkECIQD77dd8JWEZp2ZCt0SpN6mPcNOvVoXhvdKp9SiqMorn0wIhAOIdK5hbx/d+
    47  rextXrNWAeT2PrWxYN7FX1neuAzebrxzAiEA9b9vuQlZa8XwqdnOX2cNvv+nbt1u
    48  4eLiMaoVDdkZyMMCIQDRXslbTsEevsI1RiCGVoFyjUEL5K8aGBBumvg5kk1fWQIg
    49  X5mM0KsPPfa9wLSGj6CPt2c3skhQu/k2FjMASmaQbZw=
    50  -----END RSA PRIVATE KEY-----`
    51  
    52  func testJSONKey() string {
    53  	keyTmpl := `{
    54    "type": "service_account",
    55    "project_id": "cloud-nat-prober",
    56    "private_key_id": "testprivateid",
    57    "private_key": "%s",
    58    "client_email": "test-consumer@test-project.iam.gserviceaccount.com",
    59    "client_id": "testclientid",
    60    "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    61    "token_uri": "https://oauth2.googleapis.com/token",
    62    "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    63    "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/test-consumer%%40test-project.iam.gserviceaccount.com"
    64  }
    65  `
    66  	return fmt.Sprintf(keyTmpl, strings.Replace(testPrivateKey, "\n", "\\n", -1))
    67  }
    68  
    69  func TestGoogleCredentials(t *testing.T) {
    70  	jsonF := createTempFile(t, []byte(testJSONKey()))
    71  
    72  	googleC := &configpb.GoogleCredentials{
    73  		JsonFile: proto.String(jsonF),
    74  	}
    75  
    76  	c := &configpb.Config{
    77  		Type: &configpb.Config_GoogleCredentials{
    78  			GoogleCredentials: googleC,
    79  		},
    80  	}
    81  
    82  	_, err := TokenSourceFromConfig(c, nil)
    83  	if err != nil {
    84  		t.Errorf("Config: %v, Unexpected error: %v", c, err)
    85  	}
    86  
    87  	// Set audience, it should fail as jwt_as_access_token is not set.
    88  	googleC.Audience = proto.String("test-audience")
    89  
    90  	_, err = TokenSourceFromConfig(c, nil)
    91  	if err == nil {
    92  		t.Errorf("Config: %v, Expected error, but got none.", c)
    93  	}
    94  
    95  	// Set jwt_as_access_token, no errors now.
    96  	googleC.JwtAsAccessToken = proto.Bool(true)
    97  
    98  	_, err = TokenSourceFromConfig(c, nil)
    99  	if err != nil {
   100  		t.Errorf("Config: %v, Unexpected error: %v", c, err)
   101  	}
   102  }