github.com/kunnos/engine@v1.13.1/cliconfig/credentials/native_store_test.go (about)

     1  package credentials
     2  
     3  import (
     4  	"encoding/json"
     5  	"fmt"
     6  	"io"
     7  	"io/ioutil"
     8  	"strings"
     9  	"testing"
    10  
    11  	"github.com/docker/docker-credential-helpers/client"
    12  	"github.com/docker/docker-credential-helpers/credentials"
    13  	"github.com/docker/docker/api/types"
    14  )
    15  
    16  const (
    17  	validServerAddress   = "https://index.docker.io/v1"
    18  	validServerAddress2  = "https://example.com:5002"
    19  	invalidServerAddress = "https://foobar.example.com"
    20  	missingCredsAddress  = "https://missing.docker.io/v1"
    21  )
    22  
    23  var errCommandExited = fmt.Errorf("exited 1")
    24  
    25  // mockCommand simulates interactions between the docker client and a remote
    26  // credentials helper.
    27  // Unit tests inject this mocked command into the remote to control execution.
    28  type mockCommand struct {
    29  	arg   string
    30  	input io.Reader
    31  }
    32  
    33  // Output returns responses from the remote credentials helper.
    34  // It mocks those responses based in the input in the mock.
    35  func (m *mockCommand) Output() ([]byte, error) {
    36  	in, err := ioutil.ReadAll(m.input)
    37  	if err != nil {
    38  		return nil, err
    39  	}
    40  	inS := string(in)
    41  
    42  	switch m.arg {
    43  	case "erase":
    44  		switch inS {
    45  		case validServerAddress:
    46  			return nil, nil
    47  		default:
    48  			return []byte("program failed"), errCommandExited
    49  		}
    50  	case "get":
    51  		switch inS {
    52  		case validServerAddress:
    53  			return []byte(`{"Username": "foo", "Secret": "bar"}`), nil
    54  		case validServerAddress2:
    55  			return []byte(`{"Username": "<token>", "Secret": "abcd1234"}`), nil
    56  		case missingCredsAddress:
    57  			return []byte(credentials.NewErrCredentialsNotFound().Error()), errCommandExited
    58  		case invalidServerAddress:
    59  			return []byte("program failed"), errCommandExited
    60  		}
    61  	case "store":
    62  		var c credentials.Credentials
    63  		err := json.NewDecoder(strings.NewReader(inS)).Decode(&c)
    64  		if err != nil {
    65  			return []byte("program failed"), errCommandExited
    66  		}
    67  		switch c.ServerURL {
    68  		case validServerAddress:
    69  			return nil, nil
    70  		default:
    71  			return []byte("program failed"), errCommandExited
    72  		}
    73  	case "list":
    74  		return []byte(fmt.Sprintf(`{"%s": "%s", "%s": "%s"}`, validServerAddress, "foo", validServerAddress2, "<token>")), nil
    75  	}
    76  
    77  	return []byte(fmt.Sprintf("unknown argument %q with %q", m.arg, inS)), errCommandExited
    78  }
    79  
    80  // Input sets the input to send to a remote credentials helper.
    81  func (m *mockCommand) Input(in io.Reader) {
    82  	m.input = in
    83  }
    84  
    85  func mockCommandFn(args ...string) client.Program {
    86  	return &mockCommand{
    87  		arg: args[0],
    88  	}
    89  }
    90  
    91  func TestNativeStoreAddCredentials(t *testing.T) {
    92  	f := newConfigFile(make(map[string]types.AuthConfig))
    93  	f.CredentialsStore = "mock"
    94  
    95  	s := &nativeStore{
    96  		programFunc: mockCommandFn,
    97  		fileStore:   NewFileStore(f),
    98  	}
    99  	err := s.Store(types.AuthConfig{
   100  		Username:      "foo",
   101  		Password:      "bar",
   102  		Email:         "foo@example.com",
   103  		ServerAddress: validServerAddress,
   104  	})
   105  
   106  	if err != nil {
   107  		t.Fatal(err)
   108  	}
   109  
   110  	if len(f.AuthConfigs) != 1 {
   111  		t.Fatalf("expected 1 auth config, got %d", len(f.AuthConfigs))
   112  	}
   113  
   114  	a, ok := f.AuthConfigs[validServerAddress]
   115  	if !ok {
   116  		t.Fatalf("expected auth for %s, got %v", validServerAddress, f.AuthConfigs)
   117  	}
   118  	if a.Auth != "" {
   119  		t.Fatalf("expected auth to be empty, got %s", a.Auth)
   120  	}
   121  	if a.Username != "" {
   122  		t.Fatalf("expected username to be empty, got %s", a.Username)
   123  	}
   124  	if a.Password != "" {
   125  		t.Fatalf("expected password to be empty, got %s", a.Password)
   126  	}
   127  	if a.IdentityToken != "" {
   128  		t.Fatalf("expected identity token to be empty, got %s", a.IdentityToken)
   129  	}
   130  	if a.Email != "foo@example.com" {
   131  		t.Fatalf("expected email `foo@example.com`, got %s", a.Email)
   132  	}
   133  }
   134  
   135  func TestNativeStoreAddInvalidCredentials(t *testing.T) {
   136  	f := newConfigFile(make(map[string]types.AuthConfig))
   137  	f.CredentialsStore = "mock"
   138  
   139  	s := &nativeStore{
   140  		programFunc: mockCommandFn,
   141  		fileStore:   NewFileStore(f),
   142  	}
   143  	err := s.Store(types.AuthConfig{
   144  		Username:      "foo",
   145  		Password:      "bar",
   146  		Email:         "foo@example.com",
   147  		ServerAddress: invalidServerAddress,
   148  	})
   149  
   150  	if err == nil {
   151  		t.Fatal("expected error, got nil")
   152  	}
   153  
   154  	if !strings.Contains(err.Error(), "program failed") {
   155  		t.Fatalf("expected `program failed`, got %v", err)
   156  	}
   157  
   158  	if len(f.AuthConfigs) != 0 {
   159  		t.Fatalf("expected 0 auth config, got %d", len(f.AuthConfigs))
   160  	}
   161  }
   162  
   163  func TestNativeStoreGet(t *testing.T) {
   164  	f := newConfigFile(map[string]types.AuthConfig{
   165  		validServerAddress: {
   166  			Email: "foo@example.com",
   167  		},
   168  	})
   169  	f.CredentialsStore = "mock"
   170  
   171  	s := &nativeStore{
   172  		programFunc: mockCommandFn,
   173  		fileStore:   NewFileStore(f),
   174  	}
   175  	a, err := s.Get(validServerAddress)
   176  	if err != nil {
   177  		t.Fatal(err)
   178  	}
   179  
   180  	if a.Username != "foo" {
   181  		t.Fatalf("expected username `foo`, got %s", a.Username)
   182  	}
   183  	if a.Password != "bar" {
   184  		t.Fatalf("expected password `bar`, got %s", a.Password)
   185  	}
   186  	if a.IdentityToken != "" {
   187  		t.Fatalf("expected identity token to be empty, got %s", a.IdentityToken)
   188  	}
   189  	if a.Email != "foo@example.com" {
   190  		t.Fatalf("expected email `foo@example.com`, got %s", a.Email)
   191  	}
   192  }
   193  
   194  func TestNativeStoreGetIdentityToken(t *testing.T) {
   195  	f := newConfigFile(map[string]types.AuthConfig{
   196  		validServerAddress2: {
   197  			Email: "foo@example2.com",
   198  		},
   199  	})
   200  	f.CredentialsStore = "mock"
   201  
   202  	s := &nativeStore{
   203  		programFunc: mockCommandFn,
   204  		fileStore:   NewFileStore(f),
   205  	}
   206  	a, err := s.Get(validServerAddress2)
   207  	if err != nil {
   208  		t.Fatal(err)
   209  	}
   210  
   211  	if a.Username != "" {
   212  		t.Fatalf("expected username to be empty, got %s", a.Username)
   213  	}
   214  	if a.Password != "" {
   215  		t.Fatalf("expected password to be empty, got %s", a.Password)
   216  	}
   217  	if a.IdentityToken != "abcd1234" {
   218  		t.Fatalf("expected identity token `abcd1234`, got %s", a.IdentityToken)
   219  	}
   220  	if a.Email != "foo@example2.com" {
   221  		t.Fatalf("expected email `foo@example2.com`, got %s", a.Email)
   222  	}
   223  }
   224  
   225  func TestNativeStoreGetAll(t *testing.T) {
   226  	f := newConfigFile(map[string]types.AuthConfig{
   227  		validServerAddress: {
   228  			Email: "foo@example.com",
   229  		},
   230  	})
   231  	f.CredentialsStore = "mock"
   232  
   233  	s := &nativeStore{
   234  		programFunc: mockCommandFn,
   235  		fileStore:   NewFileStore(f),
   236  	}
   237  	as, err := s.GetAll()
   238  	if err != nil {
   239  		t.Fatal(err)
   240  	}
   241  
   242  	if len(as) != 2 {
   243  		t.Fatalf("wanted 2, got %d", len(as))
   244  	}
   245  
   246  	if as[validServerAddress].Username != "foo" {
   247  		t.Fatalf("expected username `foo` for %s, got %s", validServerAddress, as[validServerAddress].Username)
   248  	}
   249  	if as[validServerAddress].Password != "bar" {
   250  		t.Fatalf("expected password `bar` for %s, got %s", validServerAddress, as[validServerAddress].Password)
   251  	}
   252  	if as[validServerAddress].IdentityToken != "" {
   253  		t.Fatalf("expected identity to be empty for %s, got %s", validServerAddress, as[validServerAddress].IdentityToken)
   254  	}
   255  	if as[validServerAddress].Email != "foo@example.com" {
   256  		t.Fatalf("expected email `foo@example.com` for %s, got %s", validServerAddress, as[validServerAddress].Email)
   257  	}
   258  	if as[validServerAddress2].Username != "" {
   259  		t.Fatalf("expected username to be empty for %s, got %s", validServerAddress2, as[validServerAddress2].Username)
   260  	}
   261  	if as[validServerAddress2].Password != "" {
   262  		t.Fatalf("expected password to be empty for %s, got %s", validServerAddress2, as[validServerAddress2].Password)
   263  	}
   264  	if as[validServerAddress2].IdentityToken != "abcd1234" {
   265  		t.Fatalf("expected identity token `abcd1324` for %s, got %s", validServerAddress2, as[validServerAddress2].IdentityToken)
   266  	}
   267  	if as[validServerAddress2].Email != "" {
   268  		t.Fatalf("expected no email for %s, got %s", validServerAddress2, as[validServerAddress2].Email)
   269  	}
   270  }
   271  
   272  func TestNativeStoreGetMissingCredentials(t *testing.T) {
   273  	f := newConfigFile(map[string]types.AuthConfig{
   274  		validServerAddress: {
   275  			Email: "foo@example.com",
   276  		},
   277  	})
   278  	f.CredentialsStore = "mock"
   279  
   280  	s := &nativeStore{
   281  		programFunc: mockCommandFn,
   282  		fileStore:   NewFileStore(f),
   283  	}
   284  	_, err := s.Get(missingCredsAddress)
   285  	if err != nil {
   286  		// missing credentials do not produce an error
   287  		t.Fatal(err)
   288  	}
   289  }
   290  
   291  func TestNativeStoreGetInvalidAddress(t *testing.T) {
   292  	f := newConfigFile(map[string]types.AuthConfig{
   293  		validServerAddress: {
   294  			Email: "foo@example.com",
   295  		},
   296  	})
   297  	f.CredentialsStore = "mock"
   298  
   299  	s := &nativeStore{
   300  		programFunc: mockCommandFn,
   301  		fileStore:   NewFileStore(f),
   302  	}
   303  	_, err := s.Get(invalidServerAddress)
   304  	if err == nil {
   305  		t.Fatal("expected error, got nil")
   306  	}
   307  
   308  	if !strings.Contains(err.Error(), "program failed") {
   309  		t.Fatalf("expected `program failed`, got %v", err)
   310  	}
   311  }
   312  
   313  func TestNativeStoreErase(t *testing.T) {
   314  	f := newConfigFile(map[string]types.AuthConfig{
   315  		validServerAddress: {
   316  			Email: "foo@example.com",
   317  		},
   318  	})
   319  	f.CredentialsStore = "mock"
   320  
   321  	s := &nativeStore{
   322  		programFunc: mockCommandFn,
   323  		fileStore:   NewFileStore(f),
   324  	}
   325  	err := s.Erase(validServerAddress)
   326  	if err != nil {
   327  		t.Fatal(err)
   328  	}
   329  
   330  	if len(f.AuthConfigs) != 0 {
   331  		t.Fatalf("expected 0 auth configs, got %d", len(f.AuthConfigs))
   332  	}
   333  }
   334  
   335  func TestNativeStoreEraseInvalidAddress(t *testing.T) {
   336  	f := newConfigFile(map[string]types.AuthConfig{
   337  		validServerAddress: {
   338  			Email: "foo@example.com",
   339  		},
   340  	})
   341  	f.CredentialsStore = "mock"
   342  
   343  	s := &nativeStore{
   344  		programFunc: mockCommandFn,
   345  		fileStore:   NewFileStore(f),
   346  	}
   347  	err := s.Erase(invalidServerAddress)
   348  	if err == nil {
   349  		t.Fatal("expected error, got nil")
   350  	}
   351  
   352  	if !strings.Contains(err.Error(), "program failed") {
   353  		t.Fatalf("expected `program failed`, got %v", err)
   354  	}
   355  }