frostfs-node/pkg/services/object/util/key_test.go

96 lines
2.5 KiB
Go
Raw Normal View History

package util_test
import (
"context"
"crypto/elliptic"
"testing"
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/util"
tokenStorage "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/session/storage/temporary"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/refs"
sessionV2 "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/session"
frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
usertest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user/test"
"github.com/google/uuid"
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
"github.com/stretchr/testify/require"
)
func TestNewKeyStorage(t *testing.T) {
nodeKey, err := keys.NewPrivateKey()
require.NoError(t, err)
tokenStor := tokenStorage.NewTokenStore()
stor := util.NewKeyStorage(&nodeKey.PrivateKey, tokenStor, mockedNetworkState{42})
owner := usertest.ID()
t.Run("node key", func(t *testing.T) {
key, err := stor.GetKey(nil)
require.NoError(t, err)
require.Equal(t, nodeKey.PrivateKey, *key)
})
t.Run("unknown token", func(t *testing.T) {
_, err = stor.GetKey(&util.SessionInfo{
ID: uuid.New(),
Owner: usertest.ID(),
})
require.Error(t, err)
})
t.Run("known token", func(t *testing.T) {
tok := createToken(t, tokenStor, owner, 100)
key, err := stor.GetKey(&util.SessionInfo{
ID: tok.ID(),
Owner: owner,
})
require.NoError(t, err)
require.True(t, tok.AssertAuthKey((*frostfsecdsa.PublicKey)(&key.PublicKey)))
})
t.Run("expired token", func(t *testing.T) {
tok := createToken(t, tokenStor, owner, 30)
_, err := stor.GetKey(&util.SessionInfo{
ID: tok.ID(),
Owner: owner,
})
require.Error(t, err)
})
}
func createToken(t *testing.T, store *tokenStorage.TokenStore, owner user.ID, exp uint64) session.Object {
var ownerV2 refs.OwnerID
owner.WriteToV2(&ownerV2)
req := new(sessionV2.CreateRequestBody)
req.SetOwnerID(&ownerV2)
req.SetExpiration(exp)
resp, err := store.Create(context.Background(), req)
require.NoError(t, err)
pub, err := keys.NewPublicKeyFromBytes(resp.GetSessionKey(), elliptic.P256())
require.NoError(t, err)
var id uuid.UUID
require.NoError(t, id.UnmarshalBinary(resp.GetID()))
var tok session.Object
tok.SetAuthKey((*frostfsecdsa.PublicKey)(pub))
tok.SetID(id)
return tok
}
type mockedNetworkState struct {
value uint64
}
func (m mockedNetworkState) CurrentEpoch() uint64 {
return m.value
}