github.com/thiagoyeds/go-cloud@v0.26.0/blob/gcsblob/iam_test.go (about) 1 // Copyright 2020 The Go Cloud Development Kit Authors 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // https://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package gcsblob 16 17 import ( 18 "context" 19 "errors" 20 "testing" 21 22 gax "github.com/googleapis/gax-go/v2" 23 credentialspb "google.golang.org/genproto/googleapis/iam/credentials/v1" 24 ) 25 26 const ( 27 mockKey = "key0000" 28 mockSignature = "signature" 29 ) 30 31 type mockIAMClient struct { 32 requestErr error 33 } 34 35 func (m mockIAMClient) SignBlob(context.Context, *credentialspb.SignBlobRequest, ...gax.CallOption) (*credentialspb.SignBlobResponse, error) { 36 if m.requestErr != nil { 37 return nil, m.requestErr 38 } 39 return &credentialspb.SignBlobResponse{KeyId: mockKey, SignedBlob: []byte(mockSignature)}, nil 40 } 41 42 func TestIAMCredentialsClient(t *testing.T) { 43 tests := []struct { 44 name string 45 connectErr error 46 mockClient interface { 47 SignBlob(context.Context, *credentialspb.SignBlobRequest, ...gax.CallOption) (*credentialspb.SignBlobResponse, error) 48 } 49 50 // These are for the produced SignBytesFunc 51 input []byte 52 wantOutput []byte 53 requestErr error 54 }{ 55 {"happy path: signing", nil, 56 mockIAMClient{}, 57 []byte("payload"), []byte(mockSignature), nil, 58 }, 59 {"won't connect", errors.New("Missing role: serviceAccountTokenCreator"), 60 mockIAMClient{}, 61 []byte("payload"), nil, nil, 62 }, 63 {"request fails", nil, 64 mockIAMClient{requestErr: context.Canceled}, 65 []byte("payload"), nil, context.Canceled, 66 }, 67 } 68 69 for _, test := range tests { 70 t.Run(test.name, func(t *testing.T) { 71 c := credentialsClient{err: test.connectErr, client: test.mockClient} 72 makeSignBytesFn := c.CreateMakeSignBytesWith(nil, serviceAccountID) 73 74 signBytesFn := makeSignBytesFn(nil) // Our mocks don't read any context. 75 haveOutput, haveErr := signBytesFn(test.input) 76 77 if len(test.wantOutput) > 0 && string(haveOutput) != string(test.wantOutput) { 78 t.Errorf("Unexpected output:\n -- have: %v\n -- want: %v", 79 string(haveOutput), string(test.wantOutput)) 80 return 81 } 82 83 if test.connectErr == nil && test.requestErr == nil { 84 return 85 } 86 if test.connectErr != nil && haveErr != test.connectErr { 87 t.Error("The connection error, a permanent error, has not been returned but should.") 88 } 89 if test.requestErr != nil && haveErr != test.requestErr { 90 t.Error("The per-request error has not been returned but should.") 91 } 92 }) 93 } 94 }