frostfs-node/pkg/services/session/storage/persistent/executor_test.go

package persistent

import (
	"bytes"
	"context"
	"crypto/ecdsa"
	"crypto/elliptic"
	"path/filepath"
	"testing"

	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"
	"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"
	usertest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user/test"
	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
	"github.com/stretchr/testify/require"
	"go.etcd.io/bbolt"
)

func TestTokenStore(t *testing.T) {
	ts, err := NewTokenStore(filepath.Join(t.TempDir(), ".storage"))
	require.NoError(t, err)

	defer ts.Close()

	owner := usertest.ID()

	var ownerV2 refs.OwnerID
	owner.WriteToV2(&ownerV2)

	req := new(session.CreateRequestBody)
	req.SetOwnerID(&ownerV2)

	const tokenNumber = 5

	type tok struct {
		id  []byte
		key []byte
	}

	tokens := make([]tok, 0, tokenNumber)

	for i := range tokenNumber {
		req.SetExpiration(uint64(i))

		res, err := ts.Create(context.Background(), req)
		require.NoError(t, err)

		tokens = append(tokens, tok{
			id:  res.GetID(),
			key: res.GetSessionKey(),
		})
	}

	for i, token := range tokens {
		savedToken := ts.Get(owner, token.id)

		require.Equal(t, uint64(i), savedToken.ExpiredAt())

		equalKeys(t, token.key, savedToken.SessionKey())
	}
}

func TestTokenStore_Persistent(t *testing.T) {
	path := filepath.Join(t.TempDir(), ".storage")

	ts, err := NewTokenStore(path)
	require.NoError(t, err)

	idOwner := usertest.ID()

	var idOwnerV2 refs.OwnerID
	idOwner.WriteToV2(&idOwnerV2)

	const exp = 12345

	req := new(session.CreateRequestBody)
	req.SetOwnerID(&idOwnerV2)
	req.SetExpiration(exp)

	res, err := ts.Create(context.Background(), req)
	require.NoError(t, err)

	id := res.GetID()
	pubKey := res.GetSessionKey()

	// close db (stop the node)
	require.NoError(t, ts.Close())

	// open persistent storage again
	ts, err = NewTokenStore(path)
	require.NoError(t, err)

	defer ts.Close()

	savedToken := ts.Get(idOwner, id)

	equalKeys(t, pubKey, savedToken.SessionKey())
}

func TestTokenStore_RemoveOld(t *testing.T) {
	tests := []*struct {
		epoch   uint64
		id, key []byte
	}{
		{
			epoch: 1,
		},
		{
			epoch: 2,
		},
		{
			epoch: 3,
		},
		{
			epoch: 4,
		},
		{
			epoch: 5,
		},
		{
			epoch: 6,
		},
	}

	ts, err := NewTokenStore(filepath.Join(t.TempDir(), ".storage"))
	require.NoError(t, err)

	defer ts.Close()

	owner := usertest.ID()

	var ownerV2 refs.OwnerID
	owner.WriteToV2(&ownerV2)

	req := new(session.CreateRequestBody)
	req.SetOwnerID(&ownerV2)

	for _, test := range tests {
		req.SetExpiration(test.epoch)

		res, err := ts.Create(context.Background(), req)
		require.NoError(t, err)

		test.id = res.GetID()
		test.key = res.GetSessionKey()
	}

	const currEpoch = 3

	ts.RemoveOld(currEpoch)

	for _, test := range tests {
		token := ts.Get(owner, test.id)

		if test.epoch <= currEpoch {
			require.Nil(t, token)
		} else {
			equalKeys(t, test.key, token.SessionKey())
		}
	}
}

// This test was added to fix bolt's behaviour since the persistent
// storage uses cursor and there is an issue about `cursor.Delete`
// method: https://github.com/etcd-io/bbolt/issues/146.
//
// If this test is passing, TokenStore works correctly.
func TestBolt_Cursor(t *testing.T) {
	db, err := bbolt.Open(filepath.Join(t.TempDir(), ".storage"), 0o666, nil)
	require.NoError(t, err)

	defer db.Close()

	cursorKeys := make(map[string]struct{})

	bucketName := []byte("bucket")

	err = db.Update(func(tx *bbolt.Tx) (err error) {
		b, err := tx.CreateBucket(bucketName)
		if err != nil {
			return err
		}

		put := func(s []byte) {
			if err == nil {
				err = b.Put(s, s)
			}
		}

		put([]byte("1"))
		put([]byte("2"))
		put([]byte("3"))
		put([]byte("4"))

		return
	})

	err = db.Update(func(tx *bbolt.Tx) error {
		b := tx.Bucket(bucketName)
		c := b.Cursor()

		for k, _ := c.First(); k != nil; k, _ = c.Next() {
			// fill key that was viewed
			cursorKeys[string(k)] = struct{}{}

			if bytes.Equal(k, []byte("1")) {
				// delete the first one
				err = c.Delete()
				if err != nil {
					return err
				}
			}
		}

		return nil
	})
	require.NoError(t, err)

	_, ok := cursorKeys["2"]
	if !ok {
		t.Fatal("unexpectedly skipped '2' value")
	}
}

func equalKeys(t *testing.T, sessionKey []byte, savedPrivateKey *ecdsa.PrivateKey) {
	returnedPubKey, err := keys.NewPublicKeyFromBytes(sessionKey, elliptic.P256())
	require.NoError(t, err)

	savedPubKey := (keys.PublicKey)(savedPrivateKey.PublicKey)

	require.Equal(t, true, returnedPubKey.Equal(&savedPubKey))
}
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00			`package persistent`

			`import (`
			`"bytes"`
			`"context"`
			`"crypto/ecdsa"`
			`"crypto/elliptic"`
			`"path/filepath"`
			`"testing"`

Rename package name Due to source code relocation from GitHub. Signed-off-by: Alex Vanin <a.vanin@yadro.com> 2023-03-07 13:38:26 +00:00			`"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/refs"`
			`"git.frostfs.info/TrueCloudLab/frostfs-api-go/v2/session"`
			`usertest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user/test"`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00			`"github.com/nspcc-dev/neo-go/pkg/crypto/keys"`
			`"github.com/stretchr/testify/require"`
			`"go.etcd.io/bbolt"`
			`)`

			`func TestTokenStore(t *testing.T) {`
			`ts, err := NewTokenStore(filepath.Join(t.TempDir(), ".storage"))`
			`require.NoError(t, err)`

			`defer ts.Close()`

[#821] node: Pass user.ID by value Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com> 2023-11-21 08:42:30 +00:00			`owner := usertest.ID()`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00
			`var ownerV2 refs.OwnerID`
			`owner.WriteToV2(&ownerV2)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`req := new(session.CreateRequestBody)`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00			`req.SetOwnerID(&ownerV2)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`const tokenNumber = 5`

			`type tok struct {`
			`id []byte`
			`key []byte`
			`}`

			`tokens := make([]tok, 0, tokenNumber)`

[#1317] go.mod: Use range over int Since Go 1.22 a "for" statement with a "range" clause is able to iterate through integer values from zero to an upper limit. gopatch script: @@ var i, e expression @@ -for i := 0; i <= e - 1; i++ { +for i := range e { ... } @@ var i, e expression @@ -for i := 0; i <= e; i++ { +for i := range e + 1 { ... } @@ var i, e expression @@ -for i := 0; i < e; i++ { +for i := range e { ... } Signed-off-by: Ekaterina Lebedeva <ekaterina.lebedeva@yadro.com> 2024-08-30 16:20:55 +00:00			`for i := range tokenNumber {`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00			`req.SetExpiration(uint64(i))`

			`res, err := ts.Create(context.Background(), req)`
			`require.NoError(t, err)`

			`tokens = append(tokens, tok{`
			`id: res.GetID(),`
			`key: res.GetSessionKey(),`
			`})`
			`}`

			`for i, token := range tokens {`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00			`savedToken := ts.Get(owner, token.id)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`require.Equal(t, uint64(i), savedToken.ExpiredAt())`

			`equalKeys(t, token.key, savedToken.SessionKey())`
			`}`
			`}`

			`func TestTokenStore_Persistent(t *testing.T) {`
			`path := filepath.Join(t.TempDir(), ".storage")`

			`ts, err := NewTokenStore(path)`
			`require.NoError(t, err)`

[#821] node: Pass user.ID by value Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com> 2023-11-21 08:42:30 +00:00			`idOwner := usertest.ID()`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00
			`var idOwnerV2 refs.OwnerID`
			`idOwner.WriteToV2(&idOwnerV2)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`const exp = 12345`

			`req := new(session.CreateRequestBody)`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00			`req.SetOwnerID(&idOwnerV2)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00			`req.SetExpiration(exp)`

			`res, err := ts.Create(context.Background(), req)`
			`require.NoError(t, err)`

			`id := res.GetID()`
			`pubKey := res.GetSessionKey()`

			`// close db (stop the node)`
			`require.NoError(t, ts.Close())`

			`// open persistent storage again`
			`ts, err = NewTokenStore(path)`
			`require.NoError(t, err)`

			`defer ts.Close()`

[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00			`savedToken := ts.Get(idOwner, id)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`equalKeys(t, pubKey, savedToken.SessionKey())`
			`}`

			`func TestTokenStore_RemoveOld(t *testing.T) {`
			`tests := []*struct {`
			`epoch uint64`
			`id, key []byte`
			`}{`
			`{`
			`epoch: 1,`
			`},`
			`{`
			`epoch: 2,`
			`},`
			`{`
			`epoch: 3,`
			`},`
			`{`
			`epoch: 4,`
			`},`
			`{`
			`epoch: 5,`
			`},`
			`{`
			`epoch: 6,`
			`},`
			`}`

			`ts, err := NewTokenStore(filepath.Join(t.TempDir(), ".storage"))`
			`require.NoError(t, err)`

			`defer ts.Close()`

[#821] node: Pass user.ID by value Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com> 2023-11-21 08:42:30 +00:00			`owner := usertest.ID()`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00
			`var ownerV2 refs.OwnerID`
			`owner.WriteToV2(&ownerV2)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`req := new(session.CreateRequestBody)`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00			`req.SetOwnerID(&ownerV2)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`for _, test := range tests {`
			`req.SetExpiration(test.epoch)`

			`res, err := ts.Create(context.Background(), req)`
			`require.NoError(t, err)`

			`test.id = res.GetID()`
			`test.key = res.GetSessionKey()`
			`}`

			`const currEpoch = 3`

			`ts.RemoveOld(currEpoch)`

			`for _, test := range tests {`
[#1400] owner: Upgrade SDK package Signed-off-by: Leonard Lyubich <leonard@nspcc.ru> 2022-05-17 13:59:46 +00:00			`token := ts.Get(owner, test.id)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`if test.epoch <= currEpoch {`
			`require.Nil(t, token)`
			`} else {`
			`equalKeys(t, test.key, token.SessionKey())`
			`}`
			`}`
			`}`

			`// This test was added to fix bolt's behaviour since the persistent`
			// storage uses cursor and there is an issue about `cursor.Delete`
			`// method: https://github.com/etcd-io/bbolt/issues/146.`
			`//`
			`// If this test is passing, TokenStore works correctly.`
			`func TestBolt_Cursor(t *testing.T) {`
[#772] node: Apply gofumpt Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com> 2023-10-31 11:56:55 +00:00			`db, err := bbolt.Open(filepath.Join(t.TempDir(), ".storage"), 0o666, nil)`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00			`require.NoError(t, err)`

			`defer db.Close()`

			`cursorKeys := make(map[string]struct{})`

[#772] node: Apply gofumpt Signed-off-by: Dmitrii Stepanov <d.stepanov@yadro.com> 2023-10-31 11:56:55 +00:00			`bucketName := []byte("bucket")`
[#1255] node/session: Add persistent tests Signed-off-by: Pavel Karpy <carpawell@nspcc.ru> 2022-03-20 19:55:58 +00:00
			`err = db.Update(func(tx *bbolt.Tx) (err error) {`
			`b, err := tx.CreateBucket(bucketName)`
			`if err != nil {`
			`return err`
			`}`

			`put := func(s []byte) {`
			`if err == nil {`
			`err = b.Put(s, s)`
			`}`
			`}`

			`put([]byte("1"))`
			`put([]byte("2"))`
			`put([]byte("3"))`
			`put([]byte("4"))`

			`return`
			`})`

			`err = db.Update(func(tx *bbolt.Tx) error {`
			`b := tx.Bucket(bucketName)`
			`c := b.Cursor()`

			`for k, _ := c.First(); k != nil; k, _ = c.Next() {`
			`// fill key that was viewed`
			`cursorKeys[string(k)] = struct{}{}`

			`if bytes.Equal(k, []byte("1")) {`
			`// delete the first one`
			`err = c.Delete()`
			`if err != nil {`
			`return err`
			`}`
			`}`
			`}`

			`return nil`
			`})`
			`require.NoError(t, err)`

			`_, ok := cursorKeys["2"]`
			`if !ok {`
			`t.Fatal("unexpectedly skipped '2' value")`
			`}`
			`}`

			`func equalKeys(t testing.T, sessionKey []byte, savedPrivateKey ecdsa.PrivateKey) {`
			`returnedPubKey, err := keys.NewPublicKeyFromBytes(sessionKey, elliptic.P256())`
			`require.NoError(t, err)`

			`savedPubKey := (keys.PublicKey)(savedPrivateKey.PublicKey)`

			`require.Equal(t, true, returnedPubKey.Equal(&savedPubKey))`
			`}`