go.etcd.io/etcd@v3.3.27+incompatible/auth/simple_token_test.go

go.etcd.io/etcd@v3.3.27+incompatible/auth/simple_token_test.go (about)

     1  // Copyright 2017 The etcd Authors
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package auth
    16  
    17  import (
    18  	"context"
    19  	"testing"
    20  )
    21  
    22  // TestSimpleTokenDisabled ensures that TokenProviderSimple behaves correctly when
    23  // disabled.
    24  func TestSimpleTokenDisabled(t *testing.T) {
    25  	initialState := newTokenProviderSimple(dummyIndexWaiter, simpleTokenTTLDefault)
    26  
    27  	explicitlyDisabled := newTokenProviderSimple(dummyIndexWaiter, simpleTokenTTLDefault)
    28  	explicitlyDisabled.enable()
    29  	explicitlyDisabled.disable()
    30  
    31  	for _, tp := range []*tokenSimple{initialState, explicitlyDisabled} {
    32  		ctx := context.WithValue(context.WithValue(context.TODO(), AuthenticateParamIndex{}, uint64(1)), AuthenticateParamSimpleTokenPrefix{}, "dummy")
    33  		token, err := tp.assign(ctx, "user1", 0)
    34  		if err != nil {
    35  			t.Fatal(err)
    36  		}
    37  		authInfo, ok := tp.info(ctx, token, 0)
    38  		if ok {
    39  			t.Errorf("expected (true, \"user1\") got (%t, %s)", ok, authInfo.Username)
    40  		}
    41  
    42  		tp.invalidateUser("user1") // should be no-op
    43  	}
    44  }
    45  
    46  // TestSimpleTokenAssign ensures that TokenProviderSimple can correctly assign a
    47  // token, look it up with info, and invalidate it by user.
    48  func TestSimpleTokenAssign(t *testing.T) {
    49  	tp := newTokenProviderSimple(dummyIndexWaiter, simpleTokenTTLDefault)
    50  	tp.enable()
    51  	ctx := context.WithValue(context.WithValue(context.TODO(), AuthenticateParamIndex{}, uint64(1)), AuthenticateParamSimpleTokenPrefix{}, "dummy")
    52  	token, err := tp.assign(ctx, "user1", 0)
    53  	if err != nil {
    54  		t.Fatal(err)
    55  	}
    56  	authInfo, ok := tp.info(ctx, token, 0)
    57  	if !ok || authInfo.Username != "user1" {
    58  		t.Errorf("expected (true, \"token2\") got (%t, %s)", ok, authInfo.Username)
    59  	}
    60  
    61  	tp.invalidateUser("user1")
    62  
    63  	_, ok = tp.info(context.TODO(), token, 0)
    64  	if ok {
    65  		t.Errorf("expected ok == false after user is invalidated")
    66  	}
    67  }