102 lines
3.2 KiB
Go
102 lines
3.2 KiB
Go
|
// Copyright (C) 2020 Storj Labs, Inc.
|
||
|
// See LICENSE for copying information.
|
||
|
|
||
|
package accountmanagementapikeys_test
|
||
|
|
||
|
import (
|
||
|
"database/sql"
|
||
|
"testing"
|
||
|
"time"
|
||
|
|
||
|
"github.com/stretchr/testify/require"
|
||
|
|
||
|
"storj.io/common/testcontext"
|
||
|
"storj.io/common/testrand"
|
||
|
"storj.io/storj/private/testplanet"
|
||
|
"storj.io/storj/satellite/console/accountmanagementapikeys"
|
||
|
"storj.io/storj/satellite/oidc"
|
||
|
)
|
||
|
|
||
|
func TestAccountManagementAPIKeys(t *testing.T) {
|
||
|
testplanet.Run(t, testplanet.Config{
|
||
|
SatelliteCount: 1, StorageNodeCount: 0, UplinkCount: 1,
|
||
|
}, func(t *testing.T, ctx *testcontext.Context, planet *testplanet.Planet) {
|
||
|
sat := planet.Satellites[0]
|
||
|
service := sat.API.AccountManagementAPIKeys.Service
|
||
|
|
||
|
id := testrand.UUID()
|
||
|
expires := time.Hour
|
||
|
apiKey, _, err := service.Create(ctx, id, expires)
|
||
|
require.NoError(t, err)
|
||
|
|
||
|
// test GetUserFromKey
|
||
|
userID, err := service.GetUserFromKey(ctx, apiKey)
|
||
|
require.NoError(t, err)
|
||
|
require.Equal(t, id, userID)
|
||
|
|
||
|
// make sure an error is returned from duplicate apikey
|
||
|
now := time.Now()
|
||
|
hash, err := service.HashKey(ctx, apiKey)
|
||
|
require.NoError(t, err)
|
||
|
_, err = service.InsertIntoDB(ctx, oidc.OAuthToken{
|
||
|
UserID: id,
|
||
|
Kind: oidc.KindAccountManagementTokenV0,
|
||
|
Token: hash,
|
||
|
}, now, expires)
|
||
|
require.True(t, accountmanagementapikeys.ErrDuplicateKey.Has(err))
|
||
|
|
||
|
// test revocation
|
||
|
require.NoError(t, service.Revoke(ctx, apiKey))
|
||
|
token, err := sat.DB.OIDC().OAuthTokens().Get(ctx, oidc.KindAccountManagementTokenV0, hash)
|
||
|
require.Equal(t, sql.ErrNoRows, err)
|
||
|
require.True(t, token.ExpiresAt.IsZero())
|
||
|
|
||
|
// test revoke non existent key
|
||
|
nonexistent := testrand.UUID().String()
|
||
|
err = service.Revoke(ctx, nonexistent)
|
||
|
require.Error(t, err)
|
||
|
|
||
|
// test GetUserFromKey non existent key
|
||
|
_, err = service.GetUserFromKey(ctx, nonexistent)
|
||
|
require.True(t, accountmanagementapikeys.ErrInvalidKey.Has(err))
|
||
|
})
|
||
|
}
|
||
|
|
||
|
func TestAccountManagementAPIKeysExpiration(t *testing.T) {
|
||
|
testplanet.Run(t, testplanet.Config{
|
||
|
SatelliteCount: 1, StorageNodeCount: 0, UplinkCount: 1,
|
||
|
}, func(t *testing.T, ctx *testcontext.Context, planet *testplanet.Planet) {
|
||
|
sat := planet.Satellites[0]
|
||
|
service := sat.API.AccountManagementAPIKeys.Service
|
||
|
now := time.Now()
|
||
|
|
||
|
// test no expiration uses default
|
||
|
expiresAt, err := service.InsertIntoDB(ctx, oidc.OAuthToken{
|
||
|
UserID: testrand.UUID(),
|
||
|
Kind: oidc.KindAccountManagementTokenV0,
|
||
|
Token: "testhash0",
|
||
|
}, now, 0)
|
||
|
require.NoError(t, err)
|
||
|
require.Equal(t, now.Add(sat.Config.AccountManagementAPIKeys.DefaultExpiration), expiresAt)
|
||
|
|
||
|
// test negative expiration uses default
|
||
|
expiresAt, err = service.InsertIntoDB(ctx, oidc.OAuthToken{
|
||
|
UserID: testrand.UUID(),
|
||
|
Kind: oidc.KindAccountManagementTokenV0,
|
||
|
Token: "testhash1",
|
||
|
}, now, -10000)
|
||
|
require.NoError(t, err)
|
||
|
require.Equal(t, now.Add(sat.Config.AccountManagementAPIKeys.DefaultExpiration), expiresAt)
|
||
|
|
||
|
// test regular expiration
|
||
|
expiration := 14 * time.Hour
|
||
|
expiresAt, err = service.InsertIntoDB(ctx, oidc.OAuthToken{
|
||
|
UserID: testrand.UUID(),
|
||
|
Kind: oidc.KindAccountManagementTokenV0,
|
||
|
Token: "testhash2",
|
||
|
}, now, expiration)
|
||
|
require.NoError(t, err)
|
||
|
require.Equal(t, now.Add(expiration), expiresAt)
|
||
|
})
|
||
|
}
|