forked from TrueCloudLab/frostfs-node
Airat Arifullin
9b13a18aac
* Update version within go.mod; * Fix deprecated frostfs-api-go/v2 package and use frostfs-sdk-go/api instead. Signed-off-by: Airat Arifullin <a.arifullin@yadro.com>
95 lines
2.5 KiB
Go
95 lines
2.5 KiB
Go
package util_test
|
|
|
|
import (
|
|
"context"
|
|
"crypto/elliptic"
|
|
"testing"
|
|
|
|
"git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/object/util"
|
|
tokenStorage "git.frostfs.info/TrueCloudLab/frostfs-node/pkg/services/session/storage/temporary"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/refs"
|
|
sessionV2 "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/api/session"
|
|
frostfsecdsa "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/crypto/ecdsa"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/session"
|
|
"git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user"
|
|
usertest "git.frostfs.info/TrueCloudLab/frostfs-sdk-go/user/test"
|
|
"github.com/google/uuid"
|
|
"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestNewKeyStorage(t *testing.T) {
|
|
nodeKey, err := keys.NewPrivateKey()
|
|
require.NoError(t, err)
|
|
|
|
tokenStor := tokenStorage.NewTokenStore()
|
|
stor := util.NewKeyStorage(&nodeKey.PrivateKey, tokenStor, mockedNetworkState{42})
|
|
|
|
owner := usertest.ID()
|
|
|
|
t.Run("node key", func(t *testing.T) {
|
|
key, err := stor.GetKey(nil)
|
|
require.NoError(t, err)
|
|
require.Equal(t, nodeKey.PrivateKey, *key)
|
|
})
|
|
|
|
t.Run("unknown token", func(t *testing.T) {
|
|
_, err = stor.GetKey(&util.SessionInfo{
|
|
ID: uuid.New(),
|
|
Owner: usertest.ID(),
|
|
})
|
|
require.Error(t, err)
|
|
})
|
|
|
|
t.Run("known token", func(t *testing.T) {
|
|
tok := createToken(t, tokenStor, owner, 100)
|
|
|
|
key, err := stor.GetKey(&util.SessionInfo{
|
|
ID: tok.ID(),
|
|
Owner: owner,
|
|
})
|
|
require.NoError(t, err)
|
|
require.True(t, tok.AssertAuthKey((*frostfsecdsa.PublicKey)(&key.PublicKey)))
|
|
})
|
|
|
|
t.Run("expired token", func(t *testing.T) {
|
|
tok := createToken(t, tokenStor, owner, 30)
|
|
_, err := stor.GetKey(&util.SessionInfo{
|
|
ID: tok.ID(),
|
|
Owner: owner,
|
|
})
|
|
require.Error(t, err)
|
|
})
|
|
}
|
|
|
|
func createToken(t *testing.T, store *tokenStorage.TokenStore, owner user.ID, exp uint64) session.Object {
|
|
var ownerV2 refs.OwnerID
|
|
owner.WriteToV2(&ownerV2)
|
|
|
|
req := new(sessionV2.CreateRequestBody)
|
|
req.SetOwnerID(&ownerV2)
|
|
req.SetExpiration(exp)
|
|
|
|
resp, err := store.Create(context.Background(), req)
|
|
require.NoError(t, err)
|
|
|
|
pub, err := keys.NewPublicKeyFromBytes(resp.GetSessionKey(), elliptic.P256())
|
|
require.NoError(t, err)
|
|
|
|
var id uuid.UUID
|
|
require.NoError(t, id.UnmarshalBinary(resp.GetID()))
|
|
|
|
var tok session.Object
|
|
tok.SetAuthKey((*frostfsecdsa.PublicKey)(pub))
|
|
tok.SetID(id)
|
|
|
|
return tok
|
|
}
|
|
|
|
type mockedNetworkState struct {
|
|
value uint64
|
|
}
|
|
|
|
func (m mockedNetworkState) CurrentEpoch() uint64 {
|
|
return m.value
|
|
}
|