storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/licverifier/verifier_test.go

storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/pkg/licverifier/verifier_test.go (about)

     1  /*
     2   * MinIO Cloud Storage, (C) 2020 MinIO, Inc.
     3   *
     4   * Licensed under the Apache License, Version 2.0 (the "License");
     5   * you may not use this file except in compliance with the License.
     6   * You may obtain a copy of the License at
     7   *
     8   *     http://www.apache.org/licenses/LICENSE-2.0
     9   *
    10   * Unless required by applicable law or agreed to in writing, software
    11   * distributed under the License is distributed on an "AS IS" BASIS,
    12   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13   * See the License for the specific language governing permissions and
    14   * limitations under the License.
    15   */
    16  
    17  package licverifier
    18  
    19  import (
    20  	"fmt"
    21  	"testing"
    22  	"time"
    23  
    24  	"github.com/dgrijalva/jwt-go"
    25  )
    26  
    27  // at fixes the jwt.TimeFunc at t and calls f in that context.
    28  func at(t time.Time, f func()) {
    29  	jwt.TimeFunc = func() time.Time { return t }
    30  	f()
    31  	jwt.TimeFunc = time.Now
    32  }
    33  
    34  func areEqLicenseInfo(a, b LicenseInfo) bool {
    35  	if a.Email == b.Email && a.Organization == b.Organization && a.AccountID == b.AccountID && a.Plan == b.Plan && a.StorageCapacity == b.StorageCapacity && a.ExpiresAt.Equal(b.ExpiresAt) {
    36  		return true
    37  	}
    38  	return false
    39  }
    40  
    41  // TestLicenseVerify tests the license key verification process with a valid and
    42  // an invalid key.
    43  func TestLicenseVerify(t *testing.T) {
    44  	pemBytes := []byte(`-----BEGIN PUBLIC KEY-----
    45  MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEbo+e1wpBY4tBq9AONKww3Kq7m6QP/TBQ
    46  mr/cKCUyBL7rcAvg0zNq1vcSrUSGlAmY3SEDCu3GOKnjG/U4E7+p957ocWSV+mQU
    47  9NKlTdQFGF3+aO6jbQ4hX/S5qPyF+a3z
    48  -----END PUBLIC KEY-----`)
    49  	lv, err := NewLicenseVerifier(pemBytes)
    50  	if err != nil {
    51  		t.Fatalf("Failed to create license verifier: %s", err)
    52  	}
    53  	testCases := []struct {
    54  		lic             string
    55  		expectedLicInfo LicenseInfo
    56  		shouldPass      bool
    57  	}{{"", LicenseInfo{}, false},
    58  		{"eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJrYW5hZ2FyYWorYzFAbWluaW8uaW8iLCJjYXAiOjUwLCJvcmciOiJHcmluZ290dHMgSW5jLiIsImV4cCI6MS42NDE0NDYxNjkwMDExOTg4OTRlOSwicGxhbiI6IlNUQU5EQVJEIiwiaXNzIjoic3VibmV0QG1pbi5pbyIsImFpZCI6MSwiaWF0IjoxLjYwOTkxMDE2OTAwMTE5ODg5NGU5fQ.EhTL2xwMHnUoLQF4UR-5bjUCja3whseLU5mb9XEj7PvAae6HEIDCOMEF8Hhh20DN_v_LRE283j2ZlA5zulcXSZXS0CLcrKqbVy6QLvZfvvLuerOjJI-NBa9dSJWJ0WoN", LicenseInfo{
    59  			Email:           "kanagaraj+c1@minio.io",
    60  			Organization:    "Gringotts Inc.",
    61  			AccountID:       1,
    62  			StorageCapacity: 50,
    63  			Plan:            "STANDARD",
    64  			ExpiresAt:       time.Date(2022, time.January, 6, 5, 16, 9, 0, time.UTC),
    65  		}, true},
    66  	}
    67  
    68  	for i, tc := range testCases {
    69  		// Fixing the jwt.TimeFunc at 2021-01-06 05:16:09 +0000 UTC to
    70  		// ensure that the license JWT doesn't expire ever.
    71  		at(time.Unix(int64(1609910169), 0), func() {
    72  			licInfo, err := lv.Verify(tc.lic)
    73  			if err != nil && tc.shouldPass {
    74  				t.Fatalf("%d: Expected license to pass verification but failed with %s", i+1, err)
    75  			}
    76  			if err == nil {
    77  				if !tc.shouldPass {
    78  					t.Fatalf("%d: Expected license to fail verification but passed", i+1)
    79  				}
    80  				if !areEqLicenseInfo(tc.expectedLicInfo, licInfo) {
    81  					t.Fatalf("%d: Expected license info %v but got %v", i+1, tc.expectedLicInfo, licInfo)
    82  				}
    83  			}
    84  		})
    85  	}
    86  }
    87  
    88  // Example creates a LicenseVerifier using the ECDSA public key in pemBytes. It
    89  // uses the Verify method of the LicenseVerifier to verify and extract the
    90  // claims present in the license key.
    91  func Example() {
    92  	pemBytes := []byte(`-----BEGIN PUBLIC KEY-----
    93  MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEbo+e1wpBY4tBq9AONKww3Kq7m6QP/TBQ
    94  mr/cKCUyBL7rcAvg0zNq1vcSrUSGlAmY3SEDCu3GOKnjG/U4E7+p957ocWSV+mQU
    95  9NKlTdQFGF3+aO6jbQ4hX/S5qPyF+a3z
    96  -----END PUBLIC KEY-----`)
    97  
    98  	lv, err := NewLicenseVerifier(pemBytes)
    99  	if err != nil {
   100  		fmt.Println("Failed to create license verifier", err)
   101  	}
   102  
   103  	licenseKey := "eyJhbGciOiJFUzM4NCIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJrYW5hZ2FyYWorYzFAbWluaW8uaW8iLCJjYXAiOjUwLCJvcmciOiJHcmluZ290dHMgSW5jLiIsImV4cCI6MS42NDE0NDYxNjkwMDExOTg4OTRlOSwicGxhbiI6IlNUQU5EQVJEIiwiaXNzIjoic3VibmV0QG1pbi5pbyIsImFpZCI6MSwiaWF0IjoxLjYwOTkxMDE2OTAwMTE5ODg5NGU5fQ.EhTL2xwMHnUoLQF4UR-5bjUCja3whseLU5mb9XEj7PvAae6HEIDCOMEF8Hhh20DN_v_LRE283j2ZlA5zulcXSZXS0CLcrKqbVy6QLvZfvvLuerOjJI-NBa9dSJWJ0WoN"
   104  	licInfo, err := lv.Verify(licenseKey)
   105  	if err != nil {
   106  		fmt.Println("Failed to verify license key", err)
   107  	}
   108  
   109  	fmt.Println("License metadata", licInfo)
   110  }