github.com/gophercloud/gophercloud@v1.11.0/openstack/identity/v3/extensions/ec2tokens/testing/requests_test.go (about) 1 package testing 2 3 import ( 4 "encoding/hex" 5 "fmt" 6 "net/http" 7 "testing" 8 "time" 9 10 "github.com/gophercloud/gophercloud" 11 "github.com/gophercloud/gophercloud/openstack/identity/v3/extensions/ec2tokens" 12 "github.com/gophercloud/gophercloud/openstack/identity/v3/tokens" 13 tokens_testing "github.com/gophercloud/gophercloud/openstack/identity/v3/tokens/testing" 14 "github.com/gophercloud/gophercloud/testhelper" 15 ) 16 17 // authTokenPost verifies that providing certain AuthOptions and Scope results in an expected JSON structure. 18 func authTokenPost(t *testing.T, options ec2tokens.AuthOptions, requestJSON string) { 19 testhelper.SetupHTTP() 20 defer testhelper.TeardownHTTP() 21 22 client := gophercloud.ServiceClient{ 23 ProviderClient: &gophercloud.ProviderClient{}, 24 Endpoint: testhelper.Endpoint(), 25 } 26 27 testhelper.Mux.HandleFunc("/ec2tokens", func(w http.ResponseWriter, r *http.Request) { 28 testhelper.TestMethod(t, r, "POST") 29 testhelper.TestHeader(t, r, "Content-Type", "application/json") 30 testhelper.TestHeader(t, r, "Accept", "application/json") 31 testhelper.TestJSONRequest(t, r, requestJSON) 32 33 w.WriteHeader(http.StatusOK) 34 fmt.Fprintf(w, tokens_testing.TokenOutput) 35 }) 36 37 expected := &tokens.Token{ 38 ExpiresAt: time.Date(2017, 6, 3, 2, 19, 49, 0, time.UTC), 39 } 40 41 actual, err := ec2tokens.Create(&client, &options).Extract() 42 testhelper.AssertNoErr(t, err) 43 testhelper.CheckDeepEquals(t, expected, actual) 44 } 45 46 func TestCreateV2(t *testing.T) { 47 credentials := ec2tokens.AuthOptions{ 48 Access: "a7f1e798b7c2417cba4a02de97dc3cdc", 49 Host: "localhost", 50 Path: "/", 51 Secret: "18f4f6761ada4e3795fa5273c30349b9", 52 Verb: "GET", 53 // this should be removed from JSON request 54 BodyHash: new(string), 55 // this should be removed from JSON request 56 Headers: map[string]string{ 57 "Foo": "Bar", 58 }, 59 Params: map[string]string{ 60 "Action": "Test", 61 "SignatureMethod": "HmacSHA256", 62 "SignatureVersion": "2", 63 }, 64 } 65 authTokenPost(t, credentials, `{ 66 "credentials": { 67 "access": "a7f1e798b7c2417cba4a02de97dc3cdc", 68 "host": "localhost", 69 "params": { 70 "Action": "Test", 71 "SignatureMethod": "HmacSHA256", 72 "SignatureVersion": "2" 73 }, 74 "path": "/", 75 "signature": "Up+MbVbbrvdR5FRkUz+n3nc+VW6xieuN50wh6ONEJ4w=", 76 "verb": "GET" 77 } 78 }`) 79 } 80 81 func TestCreateV4(t *testing.T) { 82 bodyHash := "foo" 83 credentials := ec2tokens.AuthOptions{ 84 Access: "a7f1e798b7c2417cba4a02de97dc3cdc", 85 BodyHash: &bodyHash, 86 Timestamp: new(time.Time), 87 Region: "region1", 88 Service: "ec2", 89 Path: "/", 90 Secret: "18f4f6761ada4e3795fa5273c30349b9", 91 Verb: "GET", 92 Headers: map[string]string{ 93 "Host": "localhost", 94 }, 95 Params: map[string]string{ 96 "Action": "Test", 97 }, 98 } 99 authTokenPost(t, credentials, `{ 100 "credentials": { 101 "access": "a7f1e798b7c2417cba4a02de97dc3cdc", 102 "body_hash": "foo", 103 "host": "", 104 "headers": { 105 "Host": "localhost", 106 "Authorization": "AWS4-HMAC-SHA256 Credential=a7f1e798b7c2417cba4a02de97dc3cdc/00010101/region1/ec2/aws4_request, SignedHeaders=, Signature=f36f79118f75d7d6ec86ead9a61679cbdcf94c0cbfe5e9cf2407e8406aa82028", 107 "X-Amz-Date": "00010101T000000Z" 108 }, 109 "params": { 110 "Action": "Test" 111 }, 112 "path": "/", 113 "signature": "f36f79118f75d7d6ec86ead9a61679cbdcf94c0cbfe5e9cf2407e8406aa82028", 114 "verb": "GET" 115 } 116 }`) 117 } 118 119 func TestCreateV4Empty(t *testing.T) { 120 credentials := ec2tokens.AuthOptions{ 121 Access: "a7f1e798b7c2417cba4a02de97dc3cdc", 122 Secret: "18f4f6761ada4e3795fa5273c30349b9", 123 BodyHash: new(string), 124 Timestamp: new(time.Time), 125 } 126 authTokenPost(t, credentials, `{ 127 "credentials": { 128 "access": "a7f1e798b7c2417cba4a02de97dc3cdc", 129 "body_hash": "", 130 "host": "", 131 "headers": { 132 "Authorization": "AWS4-HMAC-SHA256 Credential=a7f1e798b7c2417cba4a02de97dc3cdc/00010101///aws4_request, SignedHeaders=, Signature=140a31abf1efe93a607dcac6cd8f66887b86d2bc8f712c290d9aa06edf428608", 133 "X-Amz-Date": "00010101T000000Z" 134 }, 135 "params": {}, 136 "path": "", 137 "signature": "140a31abf1efe93a607dcac6cd8f66887b86d2bc8f712c290d9aa06edf428608", 138 "verb": "" 139 } 140 }`) 141 } 142 143 func TestCreateV4Headers(t *testing.T) { 144 credentials := ec2tokens.AuthOptions{ 145 Access: "a7f1e798b7c2417cba4a02de97dc3cdc", 146 BodyHash: new(string), 147 Timestamp: new(time.Time), 148 Region: "region1", 149 Service: "ec2", 150 Path: "/", 151 Secret: "18f4f6761ada4e3795fa5273c30349b9", 152 Verb: "GET", 153 Headers: map[string]string{ 154 "Foo": "Bar", 155 "Host": "localhost", 156 }, 157 Params: map[string]string{ 158 "Action": "Test", 159 }, 160 } 161 authTokenPost(t, credentials, `{ 162 "credentials": { 163 "access": "a7f1e798b7c2417cba4a02de97dc3cdc", 164 "body_hash": "", 165 "host": "", 166 "headers": { 167 "Foo": "Bar", 168 "Host": "localhost", 169 "Authorization": "AWS4-HMAC-SHA256 Credential=a7f1e798b7c2417cba4a02de97dc3cdc/00010101/region1/ec2/aws4_request, SignedHeaders=, Signature=f5cd6995be98e5576a130b30cca277375f10439217ea82169aa8386e83965611", 170 "X-Amz-Date": "00010101T000000Z" 171 }, 172 "params": { 173 "Action": "Test" 174 }, 175 "path": "/", 176 "signature": "f5cd6995be98e5576a130b30cca277375f10439217ea82169aa8386e83965611", 177 "verb": "GET" 178 } 179 }`) 180 } 181 182 func TestCreateV4WithSignature(t *testing.T) { 183 credentials := ec2tokens.AuthOptions{ 184 Access: "a7f1e798b7c2417cba4a02de97dc3cdc", 185 BodyHash: new(string), 186 Path: "/", 187 Signature: "f5cd6995be98e5576a130b30cca277375f10439217ea82169aa8386e83965611", 188 Verb: "GET", 189 Headers: map[string]string{ 190 "Foo": "Bar", 191 "Host": "localhost", 192 "Authorization": "AWS4-HMAC-SHA256 Credential=a7f1e798b7c2417cba4a02de97dc3cdc/00010101/region1/ec2/aws4_request, SignedHeaders=, Signature=f5cd6995be98e5576a130b30cca277375f10439217ea82169aa8386e83965611", 193 "X-Amz-Date": "00010101T000000Z", 194 }, 195 Params: map[string]string{ 196 "Action": "Test", 197 }, 198 } 199 authTokenPost(t, credentials, `{ 200 "credentials": { 201 "access": "a7f1e798b7c2417cba4a02de97dc3cdc", 202 "body_hash": "", 203 "host": "", 204 "headers": { 205 "Foo": "Bar", 206 "Host": "localhost", 207 "Authorization": "AWS4-HMAC-SHA256 Credential=a7f1e798b7c2417cba4a02de97dc3cdc/00010101/region1/ec2/aws4_request, SignedHeaders=, Signature=f5cd6995be98e5576a130b30cca277375f10439217ea82169aa8386e83965611", 208 "X-Amz-Date": "00010101T000000Z" 209 }, 210 "params": { 211 "Action": "Test" 212 }, 213 "path": "/", 214 "signature": "f5cd6995be98e5576a130b30cca277375f10439217ea82169aa8386e83965611", 215 "verb": "GET" 216 } 217 }`) 218 } 219 220 func TestEC2CredentialsBuildCanonicalQueryStringV2(t *testing.T) { 221 params := map[string]string{ 222 "Action": "foo", 223 "Value": "bar", 224 } 225 expected := "Action=foo&Value=bar" 226 testhelper.CheckEquals(t, expected, ec2tokens.EC2CredentialsBuildCanonicalQueryStringV2(params)) 227 } 228 229 func TestEC2CredentialsBuildStringToSignV2(t *testing.T) { 230 opts := ec2tokens.AuthOptions{ 231 Verb: "GET", 232 Host: "localhost", 233 Path: "/", 234 Params: map[string]string{ 235 "Action": "foo", 236 "Value": "bar", 237 }, 238 } 239 expected := []byte("GET\nlocalhost\n/\nAction=foo&Value=bar") 240 testhelper.CheckDeepEquals(t, expected, ec2tokens.EC2CredentialsBuildStringToSignV2(opts)) 241 } 242 243 func TestEC2CredentialsBuildCanonicalQueryStringV4(t *testing.T) { 244 params := map[string]string{ 245 "Action": "foo", 246 "Value": "bar", 247 } 248 expected := "Action=foo&Value=bar" 249 testhelper.CheckEquals(t, expected, ec2tokens.EC2CredentialsBuildCanonicalQueryStringV4("foo", params)) 250 testhelper.CheckEquals(t, "", ec2tokens.EC2CredentialsBuildCanonicalQueryStringV4("POST", params)) 251 } 252 253 func TestEC2CredentialsBuildCanonicalHeadersV4(t *testing.T) { 254 headers := map[string]string{ 255 "Foo": "bar", 256 "Baz": "qux", 257 } 258 signedHeaders := "foo;baz" 259 expected := "foo:bar\nbaz:qux\n" 260 testhelper.CheckEquals(t, expected, ec2tokens.EC2CredentialsBuildCanonicalHeadersV4(headers, signedHeaders)) 261 } 262 263 func TestEC2CredentialsBuildSignatureKeyV4(t *testing.T) { 264 expected := "246626bd815b0a0cae4bedc3f4e124ca25e208cd75fd812d836aeae184de038a" 265 testhelper.CheckEquals(t, expected, hex.EncodeToString((ec2tokens.EC2CredentialsBuildSignatureKeyV4("foo", "bar", "baz", time.Time{})))) 266 } 267 268 func TestEC2CredentialsBuildSignatureV4(t *testing.T) { 269 opts := ec2tokens.AuthOptions{ 270 Verb: "GET", 271 Path: "/", 272 Headers: map[string]string{ 273 "Host": "localhost", 274 }, 275 Params: map[string]string{ 276 "Action": "foo", 277 "Value": "bar", 278 }, 279 } 280 expected := "6a5febe41427bf601f0ae7c34dbb0fd67094776138b03fb8e65783d733d302a5" 281 282 date := time.Time{} 283 stringToSign := ec2tokens.EC2CredentialsBuildStringToSignV4(opts, "host", "foo", date) 284 key := ec2tokens.EC2CredentialsBuildSignatureKeyV4("", "", "", date) 285 286 testhelper.CheckEquals(t, expected, ec2tokens.EC2CredentialsBuildSignatureV4(key, stringToSign)) 287 }