github.com/unigraph-dev/dgraph@v1.1.1-0.20200923154953-8b52b426f765/tlstest/certrequest/certrequest_test.go

github.com/unigraph-dev/dgraph@v1.1.1-0.20200923154953-8b52b426f765/tlstest/certrequest/certrequest_test.go (about)

     1  package certrequest
     2  
     3  import (
     4  	"context"
     5  	"testing"
     6  
     7  	"github.com/dgraph-io/dgo/protos/api"
     8  	"github.com/dgraph-io/dgraph/testutil"
     9  	"github.com/spf13/viper"
    10  	"github.com/stretchr/testify/require"
    11  )
    12  
    13  func TestAccessOverPlaintext(t *testing.T) {
    14  	dg := testutil.DgraphClient(testutil.SockAddr)
    15  	err := dg.Alter(context.Background(), &api.Operation{DropAll: true})
    16  	require.Error(t, err, "The authentication handshake should have failed")
    17  }
    18  
    19  func TestAccessWithCaCert(t *testing.T) {
    20  	conf := viper.New()
    21  	conf.Set("tls_cacert", "../tls/ca.crt")
    22  	conf.Set("tls_server_name", "node")
    23  
    24  	dg, err := testutil.DgraphClientWithCerts(testutil.SockAddr, conf)
    25  	require.NoError(t, err, "Unable to get dgraph client: %v", err)
    26  	err = dg.Alter(context.Background(), &api.Operation{DropAll: true})
    27  	require.NoError(t, err, "Unable to perform dropall: %v", err)
    28  }
    29  
    30  func TestCurlAccessWithCaCert(t *testing.T) {
    31  	// curl over plaintext should fail
    32  	curlPlainTextArgs := []string{
    33  		"https://localhost:8180/alter",
    34  		"-d", "name: string @index(exact) .",
    35  	}
    36  	testutil.VerifyCurlCmd(t, curlPlainTextArgs, &testutil.CurlFailureConfig{
    37  		ShouldFail: true,
    38  		CurlErrMsg: "SSL certificate problem",
    39  	})
    40  
    41  	curlArgs := []string{
    42  		"--cacert", "../tls/ca.crt", "https://localhost:8180/alter",
    43  		"-d", "name: string @index(exact) .",
    44  	}
    45  	testutil.VerifyCurlCmd(t, curlArgs, &testutil.CurlFailureConfig{
    46  		ShouldFail: false,
    47  	})
    48  }