diff options
Diffstat (limited to 'grpc/test/core/security/evaluate_args_test.cc')
-rw-r--r-- | grpc/test/core/security/evaluate_args_test.cc | 259 |
1 files changed, 99 insertions, 160 deletions
diff --git a/grpc/test/core/security/evaluate_args_test.cc b/grpc/test/core/security/evaluate_args_test.cc index aa1b4361..de98537d 100644 --- a/grpc/test/core/security/evaluate_args_test.cc +++ b/grpc/test/core/security/evaluate_args_test.cc @@ -1,4 +1,4 @@ -// Copyright 2020 gRPC authors. +// Copyright 2021 gRPC authors. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -17,203 +17,139 @@ #include <gmock/gmock.h> #include <gtest/gtest.h> -#include "absl/strings/string_view.h" - #include "src/core/lib/security/authorization/evaluate_args.h" -#include "test/core/util/eval_args_mock_endpoint.h" +#include "test/core/util/evaluate_args_test_util.h" #include "test/core/util/test_config.h" namespace grpc_core { class EvaluateArgsTest : public ::testing::Test { protected: - void SetUp() override { - local_address_ = "255.255.255.255"; - peer_address_ = "128.128.128.128"; - local_port_ = 413; - peer_port_ = 314; - endpoint_ = CreateEvalArgsMockEndpoint(local_address_.c_str(), local_port_, - peer_address_.c_str(), peer_port_); - evaluate_args_ = - absl::make_unique<EvaluateArgs>(nullptr, nullptr, endpoint_); - } - void TearDown() override { grpc_endpoint_destroy(endpoint_); } - grpc_endpoint* endpoint_; - std::unique_ptr<EvaluateArgs> evaluate_args_; - std::string local_address_; - std::string peer_address_; - int local_port_; - int peer_port_; + EvaluateArgsTestUtil util_; }; -TEST_F(EvaluateArgsTest, TestEvaluateArgsLocalAddress) { - absl::string_view src_address = evaluate_args_->GetLocalAddress(); - EXPECT_EQ(src_address, local_address_); +TEST_F(EvaluateArgsTest, EmptyMetadata) { + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetPath(), nullptr); + EXPECT_EQ(args.GetMethod(), nullptr); + EXPECT_EQ(args.GetHost(), nullptr); + EXPECT_THAT(args.GetHeaders(), ::testing::ElementsAre()); + EXPECT_EQ(args.GetHeaderValue("some_key", nullptr), absl::nullopt); } -TEST_F(EvaluateArgsTest, TestEvaluateArgsLocalPort) { - int src_port = evaluate_args_->GetLocalPort(); - EXPECT_EQ(src_port, local_port_); +TEST_F(EvaluateArgsTest, GetPathSuccess) { + util_.AddPairToMetadata(":path", "/expected/path"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetPath(), "/expected/path"); } -TEST_F(EvaluateArgsTest, TestEvaluateArgsPeerAddress) { - absl::string_view dest_address = evaluate_args_->GetPeerAddress(); - EXPECT_EQ(dest_address, peer_address_); +TEST_F(EvaluateArgsTest, GetHostSuccess) { + util_.AddPairToMetadata("host", "host123"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetHost(), "host123"); } -TEST_F(EvaluateArgsTest, TestEvaluateArgsPeerPort) { - int dest_port = evaluate_args_->GetPeerPort(); - EXPECT_EQ(dest_port, peer_port_); +TEST_F(EvaluateArgsTest, GetMethodSuccess) { + util_.AddPairToMetadata(":method", "GET"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetMethod(), "GET"); } -TEST(EvaluateArgsMetadataTest, HandlesNullMetadata) { - EvaluateArgs eval_args(nullptr, nullptr, nullptr); - EXPECT_EQ(eval_args.GetPath(), nullptr); - EXPECT_EQ(eval_args.GetMethod(), nullptr); - EXPECT_EQ(eval_args.GetHost(), nullptr); - EXPECT_THAT(eval_args.GetHeaders(), ::testing::ElementsAre()); +TEST_F(EvaluateArgsTest, GetHeadersSuccess) { + util_.AddPairToMetadata("host", "host123"); + util_.AddPairToMetadata(":path", "/expected/path"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_THAT(args.GetHeaders(), + ::testing::UnorderedElementsAre( + ::testing::Pair("host", "host123"), + ::testing::Pair(":path", "/expected/path"))); } -TEST(EvaluateArgsMetadataTest, HandlesEmptyMetadata) { - grpc_metadata_batch metadata; - grpc_metadata_batch_init(&metadata); - EvaluateArgs eval_args(&metadata, nullptr, nullptr); - EXPECT_EQ(eval_args.GetPath(), nullptr); - EXPECT_EQ(eval_args.GetMethod(), nullptr); - EXPECT_EQ(eval_args.GetHost(), nullptr); - EXPECT_THAT(eval_args.GetHeaders(), ::testing::ElementsAre()); - grpc_metadata_batch_destroy(&metadata); +TEST_F(EvaluateArgsTest, GetHeaderValueSuccess) { + util_.AddPairToMetadata("key123", "value123"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + std::string concatenated_value; + absl::optional<absl::string_view> value = + args.GetHeaderValue("key123", &concatenated_value); + ASSERT_TRUE(value.has_value()); + EXPECT_EQ(value.value(), "value123"); } -TEST(EvaluateArgsMetadataTest, GetPathSuccess) { - grpc_init(); - const char* kPath = "/some/path"; - grpc_metadata_batch metadata; - grpc_metadata_batch_init(&metadata); - grpc_slice fake_val = grpc_slice_intern(grpc_slice_from_static_string(kPath)); - grpc_mdelem fake_val_md = grpc_mdelem_from_slices(GRPC_MDSTR_PATH, fake_val); - grpc_linked_mdelem storage; - storage.md = fake_val_md; - ASSERT_EQ(grpc_metadata_batch_link_head(&metadata, &storage), - GRPC_ERROR_NONE); - EvaluateArgs eval_args(&metadata, nullptr, nullptr); - EXPECT_EQ(eval_args.GetPath(), kPath); - grpc_metadata_batch_destroy(&metadata); - grpc_shutdown(); +TEST_F(EvaluateArgsTest, TestIpv4LocalAddressAndPort) { + util_.SetLocalEndpoint("ipv4:255.255.255.255:123"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetLocalAddress(), "255.255.255.255"); + EXPECT_EQ(args.GetLocalPort(), 123); } -TEST(EvaluateArgsMetadataTest, GetHostSuccess) { - grpc_init(); - const char* kHost = "host"; - grpc_metadata_batch metadata; - grpc_metadata_batch_init(&metadata); - grpc_slice fake_val = grpc_slice_intern(grpc_slice_from_static_string(kHost)); - grpc_mdelem fake_val_md = grpc_mdelem_from_slices(GRPC_MDSTR_HOST, fake_val); - grpc_linked_mdelem storage; - storage.md = fake_val_md; - ASSERT_EQ(grpc_metadata_batch_link_head(&metadata, &storage), - GRPC_ERROR_NONE); - EvaluateArgs eval_args(&metadata, nullptr, nullptr); - EXPECT_EQ(eval_args.GetHost(), kHost); - grpc_metadata_batch_destroy(&metadata); - grpc_shutdown(); +TEST_F(EvaluateArgsTest, TestIpv4PeerAddressAndPort) { + util_.SetPeerEndpoint("ipv4:128.128.128.128:321"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetPeerAddress(), "128.128.128.128"); + EXPECT_EQ(args.GetPeerPort(), 321); } -TEST(EvaluateArgsMetadataTest, GetMethodSuccess) { - grpc_init(); - const char* kMethod = "GET"; - grpc_metadata_batch metadata; - grpc_metadata_batch_init(&metadata); - grpc_slice fake_val = - grpc_slice_intern(grpc_slice_from_static_string(kMethod)); - grpc_mdelem fake_val_md = - grpc_mdelem_from_slices(GRPC_MDSTR_METHOD, fake_val); - grpc_linked_mdelem storage; - storage.md = fake_val_md; - ASSERT_EQ(grpc_metadata_batch_link_head(&metadata, &storage), - GRPC_ERROR_NONE); - EvaluateArgs eval_args(&metadata, nullptr, nullptr); - EXPECT_EQ(eval_args.GetMethod(), kMethod); - grpc_metadata_batch_destroy(&metadata); - grpc_shutdown(); +TEST_F(EvaluateArgsTest, TestIpv6LocalAddressAndPort) { + util_.SetLocalEndpoint("ipv6:[2001:0db8:85a3:0000:0000:8a2e:0370:7334]:456"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetLocalAddress(), "2001:0db8:85a3:0000:0000:8a2e:0370:7334"); + EXPECT_EQ(args.GetLocalPort(), 456); } -TEST(EvaluateArgsMetadataTest, GetHeadersSuccess) { - grpc_init(); - const char* kPath = "/some/path"; - const char* kHost = "host"; - grpc_metadata_batch metadata; - grpc_metadata_batch_init(&metadata); - grpc_slice fake_path = - grpc_slice_intern(grpc_slice_from_static_string(kPath)); - grpc_mdelem fake_path_md = - grpc_mdelem_from_slices(GRPC_MDSTR_PATH, fake_path); - grpc_linked_mdelem storage; - storage.md = fake_path_md; - ASSERT_EQ(grpc_metadata_batch_link_head(&metadata, &storage, GRPC_BATCH_PATH), - GRPC_ERROR_NONE); - grpc_slice fake_host = - grpc_slice_intern(grpc_slice_from_static_string(kHost)); - grpc_mdelem fake_host_md = - grpc_mdelem_from_slices(GRPC_MDSTR_HOST, fake_host); - grpc_linked_mdelem storage2; - storage2.md = fake_host_md; - ASSERT_EQ( - grpc_metadata_batch_link_tail(&metadata, &storage2, GRPC_BATCH_HOST), - GRPC_ERROR_NONE); - EvaluateArgs eval_args(&metadata, nullptr, nullptr); - EXPECT_THAT( - eval_args.GetHeaders(), - ::testing::UnorderedElementsAre( - ::testing::Pair(StringViewFromSlice(GRPC_MDSTR_HOST), kHost), - ::testing::Pair(StringViewFromSlice(GRPC_MDSTR_PATH), kPath))); - grpc_metadata_batch_destroy(&metadata); - grpc_shutdown(); +TEST_F(EvaluateArgsTest, TestIpv6PeerAddressAndPort) { + util_.SetPeerEndpoint("ipv6:[2001:db8::1]:654"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetPeerAddress(), "2001:db8::1"); + EXPECT_EQ(args.GetPeerPort(), 654); +} + +TEST_F(EvaluateArgsTest, EmptyAuthContext) { + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_TRUE(args.GetTransportSecurityType().empty()); + EXPECT_TRUE(args.GetSpiffeId().empty()); + EXPECT_TRUE(args.GetCommonName().empty()); } -TEST(EvaluateArgsAuthContextTest, HandlesNullAuthContext) { - EvaluateArgs eval_args(nullptr, nullptr, nullptr); - EXPECT_EQ(eval_args.GetSpiffeId(), nullptr); - EXPECT_EQ(eval_args.GetCertServerName(), nullptr); +TEST_F(EvaluateArgsTest, GetTransportSecurityTypeSuccessOneProperty) { + util_.AddPropertyToAuthContext(GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME, + "ssl"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetTransportSecurityType(), "ssl"); } -TEST(EvaluateArgsAuthContextTest, HandlesEmptyAuthCtx) { - grpc_auth_context auth_context(nullptr); - EvaluateArgs eval_args(nullptr, &auth_context, nullptr); - EXPECT_EQ(eval_args.GetSpiffeId(), nullptr); - EXPECT_EQ(eval_args.GetCertServerName(), nullptr); +TEST_F(EvaluateArgsTest, GetTransportSecurityTypeFailDuplicateProperty) { + util_.AddPropertyToAuthContext(GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME, + "type1"); + util_.AddPropertyToAuthContext(GRPC_TRANSPORT_SECURITY_TYPE_PROPERTY_NAME, + "type2"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_TRUE(args.GetTransportSecurityType().empty()); } -TEST(EvaluateArgsAuthContextTest, GetSpiffeIdSuccessOneProperty) { - grpc_auth_context auth_context(nullptr); - const char* kId = "spiffeid"; - auth_context.add_cstring_property(GRPC_PEER_SPIFFE_ID_PROPERTY_NAME, kId); - EvaluateArgs eval_args(nullptr, &auth_context, nullptr); - EXPECT_EQ(eval_args.GetSpiffeId(), kId); +TEST_F(EvaluateArgsTest, GetSpiffeIdSuccessOneProperty) { + util_.AddPropertyToAuthContext(GRPC_PEER_SPIFFE_ID_PROPERTY_NAME, "id123"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetSpiffeId(), "id123"); } -TEST(EvaluateArgsAuthContextTest, GetSpiffeIdFailDuplicateProperty) { - grpc_auth_context auth_context(nullptr); - auth_context.add_cstring_property(GRPC_PEER_SPIFFE_ID_PROPERTY_NAME, "id1"); - auth_context.add_cstring_property(GRPC_PEER_SPIFFE_ID_PROPERTY_NAME, "id2"); - EvaluateArgs eval_args(nullptr, &auth_context, nullptr); - EXPECT_EQ(eval_args.GetSpiffeId(), nullptr); +TEST_F(EvaluateArgsTest, GetSpiffeIdFailDuplicateProperty) { + util_.AddPropertyToAuthContext(GRPC_PEER_SPIFFE_ID_PROPERTY_NAME, "id123"); + util_.AddPropertyToAuthContext(GRPC_PEER_SPIFFE_ID_PROPERTY_NAME, "id456"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_TRUE(args.GetSpiffeId().empty()); } -TEST(EvaluateArgsAuthContextTest, GetCertServerNameSuccessOneProperty) { - grpc_auth_context auth_context(nullptr); - const char* kServer = "server"; - auth_context.add_cstring_property(GRPC_X509_CN_PROPERTY_NAME, kServer); - EvaluateArgs eval_args(nullptr, &auth_context, nullptr); - EXPECT_EQ(eval_args.GetCertServerName(), kServer); +TEST_F(EvaluateArgsTest, GetCommonNameSuccessOneProperty) { + util_.AddPropertyToAuthContext(GRPC_X509_CN_PROPERTY_NAME, "server123"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_EQ(args.GetCommonName(), "server123"); } -TEST(EvaluateArgsAuthContextTest, GetCertServerNameFailDuplicateProperty) { - grpc_auth_context auth_context(nullptr); - auth_context.add_cstring_property(GRPC_X509_CN_PROPERTY_NAME, "server1"); - auth_context.add_cstring_property(GRPC_X509_CN_PROPERTY_NAME, "server2"); - EvaluateArgs eval_args(nullptr, &auth_context, nullptr); - EXPECT_EQ(eval_args.GetCertServerName(), nullptr); +TEST_F(EvaluateArgsTest, GetCommonNameFailDuplicateProperty) { + util_.AddPropertyToAuthContext(GRPC_X509_CN_PROPERTY_NAME, "server123"); + util_.AddPropertyToAuthContext(GRPC_X509_CN_PROPERTY_NAME, "server456"); + EvaluateArgs args = util_.MakeEvaluateArgs(); + EXPECT_TRUE(args.GetCommonName().empty()); } } // namespace grpc_core @@ -221,5 +157,8 @@ TEST(EvaluateArgsAuthContextTest, GetCertServerNameFailDuplicateProperty) { int main(int argc, char** argv) { grpc::testing::TestEnvironment env(argc, argv); ::testing::InitGoogleTest(&argc, argv); - return RUN_ALL_TESTS(); + grpc_init(); + int ret = RUN_ALL_TESTS(); + grpc_shutdown(); + return ret; } |