-
Notifications
You must be signed in to change notification settings - Fork 905
/
authenticator_test.go
131 lines (117 loc) · 5.1 KB
/
authenticator_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
package auth
import (
"context"
"fmt"
"net/url"
"strconv"
"testing"
"time"
)
import (
"github.com/stretchr/testify/assert"
)
import (
"github.com/apache/dubbo-go/common"
"github.com/apache/dubbo-go/common/constant"
"github.com/apache/dubbo-go/protocol/invocation"
)
func TestDefaultAuthenticator_Authenticate(t *testing.T) {
secret := "dubbo-sk"
access := "dubbo-ak"
testurl, _ := common.NewURL(context.TODO(), "dubbo://127.0.0.1:20000/com.ikurento.user.UserProvider?interface=com.ikurento.user.UserProvider&group=gg&version=2.6.0")
testurl.SetParam(constant.PARAMTER_SIGNATURE_ENABLE_KEY, "true")
testurl.SetParam(constant.ACCESS_KEY_ID_KEY, access)
testurl.SetParam(constant.SECRET_ACCESS_KEY_KEY, secret)
parmas := []interface{}{"OK", struct {
Name string
Id int64
}{"YUYU", 1}}
inv := invocation.NewRPCInvocation("test", parmas, nil)
requestTime := strconv.Itoa(int(time.Now().Unix() * 1000))
signature, _ := getSignature(&testurl, inv, secret, requestTime)
var authenticator = &DefaultAuthenticator{}
invcation := invocation.NewRPCInvocation("test", parmas, map[string]string{
constant.REQUEST_SIGNATURE_KEY: signature,
constant.CONSUMER: "test",
constant.REQUEST_TIMESTAMP_KEY: requestTime,
constant.AK_KEY: access,
})
err := authenticator.Authenticate(invcation, &testurl)
assert.Nil(t, err)
// modify the params
invcation = invocation.NewRPCInvocation("test", parmas[:1], map[string]string{
constant.REQUEST_SIGNATURE_KEY: signature,
constant.CONSUMER: "test",
constant.REQUEST_TIMESTAMP_KEY: requestTime,
constant.AK_KEY: access,
})
err = authenticator.Authenticate(invcation, &testurl)
assert.NotNil(t, err)
}
func TestDefaultAuthenticator_Sign(t *testing.T) {
authenticator := &DefaultAuthenticator{}
testurl, _ := common.NewURL(context.TODO(), "dubbo://127.0.0.1:20000/com.ikurento.user.UserProvider?application=test&interface=com.ikurento.user.UserProvider&group=gg&version=2.6.0")
testurl.SetParam(constant.ACCESS_KEY_ID_KEY, "akey")
testurl.SetParam(constant.SECRET_ACCESS_KEY_KEY, "skey")
testurl.SetParam(constant.PARAMTER_SIGNATURE_ENABLE_KEY, "false")
inv := invocation.NewRPCInvocation("test", []interface{}{"OK"}, nil)
_ = authenticator.Sign(inv, &testurl)
assert.NotEqual(t, inv.AttachmentsByKey(constant.REQUEST_SIGNATURE_KEY, ""), "")
assert.NotEqual(t, inv.AttachmentsByKey(constant.CONSUMER, ""), "")
assert.NotEqual(t, inv.AttachmentsByKey(constant.REQUEST_TIMESTAMP_KEY, ""), "")
assert.Equal(t, inv.AttachmentsByKey(constant.AK_KEY, ""), "akey")
}
func Test_getAccessKeyPairSuccess(t *testing.T) {
testurl := common.NewURLWithOptions(
common.WithParams(url.Values{}),
common.WithParamsValue(constant.SECRET_ACCESS_KEY_KEY, "skey"),
common.WithParamsValue(constant.ACCESS_KEY_ID_KEY, "akey"))
invcation := invocation.NewRPCInvocation("MethodName", []interface{}{"OK"}, nil)
_, e := getAccessKeyPair(invcation, testurl)
assert.Nil(t, e)
}
func Test_getAccessKeyPairFailed(t *testing.T) {
defer func() {
e := recover()
assert.NotNil(t, e)
}()
testurl := common.NewURLWithOptions(
common.WithParams(url.Values{}),
common.WithParamsValue(constant.ACCESS_KEY_ID_KEY, "akey"))
invcation := invocation.NewRPCInvocation("MethodName", []interface{}{"OK"}, nil)
_, e := getAccessKeyPair(invcation, testurl)
assert.NotNil(t, e)
testurl = common.NewURLWithOptions(
common.WithParams(url.Values{}),
common.WithParamsValue(constant.SECRET_ACCESS_KEY_KEY, "skey"),
common.WithParamsValue(constant.ACCESS_KEY_ID_KEY, "akey"), common.WithParamsValue(constant.ACCESS_KEY_STORAGE_KEY, "dubbo"))
_, e = getAccessKeyPair(invcation, testurl)
}
func Test_getSignatureWithinParams(t *testing.T) {
testurl, _ := common.NewURL(context.TODO(), "dubbo://127.0.0.1:20000/com.ikurento.user.UserProvider?interface=com.ikurento.user.UserProvider&group=gg&version=2.6.0")
testurl.SetParam(constant.PARAMTER_SIGNATURE_ENABLE_KEY, "true")
inv := invocation.NewRPCInvocation("test", []interface{}{"OK"}, map[string]string{
"": "",
})
secret := "dubbo"
current := strconv.Itoa(int(time.Now().Unix() * 1000))
signature, _ := getSignature(&testurl, inv, secret, current)
requestString := fmt.Sprintf(constant.SIGNATURE_STRING_FORMAT,
testurl.ColonSeparatedKey(), inv.MethodName(), secret, current)
s, _ := SignWithParams(inv.Arguments(), requestString, secret)
assert.False(t, IsEmpty(signature, false))
assert.Equal(t, s, signature)
}
func Test_getSignature(t *testing.T) {
testurl, _ := common.NewURL(context.TODO(), "dubbo://127.0.0.1:20000/com.ikurento.user.UserProvider?interface=com.ikurento.user.UserProvider&group=gg&version=2.6.0")
testurl.SetParam(constant.PARAMTER_SIGNATURE_ENABLE_KEY, "false")
inv := invocation.NewRPCInvocation("test", []interface{}{"OK"}, nil)
secret := "dubbo"
current := strconv.Itoa(int(time.Now().Unix() * 1000))
signature, _ := getSignature(&testurl, inv, secret, current)
requestString := fmt.Sprintf(constant.SIGNATURE_STRING_FORMAT,
testurl.ColonSeparatedKey(), inv.MethodName(), secret, current)
s := Sign(requestString, secret)
assert.False(t, IsEmpty(signature, false))
assert.Equal(t, s, signature)
}