go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/tokenserver/appengine/impl/utils/rpc_utils_test.go (about) 1 // Copyright 2019 The LUCI Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package utils 16 17 import ( 18 "context" 19 "testing" 20 21 "go.chromium.org/luci/appengine/gaetesting" 22 "go.chromium.org/luci/common/testing/assertions" 23 "go.chromium.org/luci/tokenserver/api/minter/v1" 24 25 . "github.com/smartystreets/goconvey/convey" 26 ) 27 28 func performValidation(ctx context.Context, req *minter.MintProjectTokenRequest) error { 29 if err := ValidateProject(ctx, req.LuciProject); err != nil { 30 return err 31 } 32 if err := ValidateAndNormalizeRequest(ctx, req.OauthScope, &req.MinValidityDuration, req.AuditTags); err != nil { 33 return err 34 } 35 return nil 36 } 37 38 func TestRpcUtils(t *testing.T) { 39 ctx := gaetesting.TestingContext() 40 41 Convey("validateRequest works", t, func() { 42 43 Convey("empty fields", func() { 44 req := &minter.MintProjectTokenRequest{ 45 LuciProject: "", 46 OauthScope: []string{}, 47 MinValidityDuration: 7200, 48 } 49 50 err := performValidation(ctx, req) 51 So(err, ShouldNotBeNil) 52 }) 53 54 Convey("empty project", func() { 55 req := &minter.MintProjectTokenRequest{ 56 LuciProject: "", 57 OauthScope: []string{"https://www.googleapis.com/auth/cloud-platform"}, 58 MinValidityDuration: 1800, 59 } 60 err := performValidation(ctx, req) 61 So(err, assertions.ShouldErrLike, `luci_project is empty`) 62 }) 63 64 Convey("negative validity", func() { 65 req := &minter.MintProjectTokenRequest{ 66 LuciProject: "foo-project", 67 OauthScope: []string{"https://www.googleapis.com/auth/cloud-platform"}, 68 MinValidityDuration: -1800, 69 } 70 err := performValidation(ctx, req) 71 So(err, assertions.ShouldErrLike, `min_validity_duration must be positive`) 72 }) 73 74 Convey("normalize validity", func() { 75 req := &minter.MintProjectTokenRequest{ 76 LuciProject: "foo-project", 77 OauthScope: []string{"https://www.googleapis.com/auth/cloud-platform"}, 78 MinValidityDuration: 0, 79 } 80 err := performValidation(ctx, req) 81 So(err, ShouldBeNil) 82 So(req.MinValidityDuration, ShouldNotEqual, 0) 83 }) 84 85 Convey("malformed tags", func() { 86 req := &minter.MintProjectTokenRequest{ 87 LuciProject: "foo-project", 88 OauthScope: []string{"https://www.googleapis.com/auth/cloud-platform"}, 89 MinValidityDuration: 0, 90 AuditTags: []string{"malformed"}, 91 } 92 err := performValidation(ctx, req) 93 So(err, ShouldNotBeNil) 94 }) 95 96 Convey("empty scopes", func() { 97 98 req := &minter.MintProjectTokenRequest{ 99 LuciProject: "foo-project", 100 OauthScope: []string{}, 101 MinValidityDuration: 1800, 102 } 103 104 err := performValidation(ctx, req) 105 So(err, assertions.ShouldErrLike, `oauth_scope is required`) 106 }) 107 108 Convey("returns nil for valid request", func() { 109 req := &minter.MintProjectTokenRequest{ 110 LuciProject: "test-project", 111 OauthScope: []string{"https://www.googleapis.com/auth/cloud-platform"}, 112 MinValidityDuration: 3600, 113 } 114 err := performValidation(ctx, req) 115 So(err, assertions.ShouldErrLike, "min_validity_duration must not exceed 1800") 116 }) 117 }) 118 }