Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adjust core module auth integration tests to meet checkstyle requirements. #12368

Merged
merged 1 commit into from
Jul 18, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,9 @@

import static org.junit.jupiter.api.Assertions.assertTrue;


/**
* Base class for authentication tests in Nacos.`
*
* @author nkorange
* @since 1.2.0
*/
Expand Down Expand Up @@ -62,10 +63,18 @@ public class AuthBase extends HttpClient4Test {

protected String namespace1 = "namespace1";

/**
* Logs in a user with the provided username and password, then returns the access token.
*
* @param username the username of the user
* @param password the password of the user
* @return the access token (accessToken) as a String
* @throws AssertionError if the response status is not 2xx or the accessToken is missing
*/
public String login(String username, String password) {
ResponseEntity<String> response = request("/nacos/v1/auth/users/login",
Params.newParams().appendParam("username", username).appendParam("password", password).done(), String.class,
HttpMethod.POST);
Params.newParams().appendParam("username", username).appendParam("password", password).done(),
String.class, HttpMethod.POST);

assertTrue(response.getStatusCode().is2xxSuccessful());
JsonNode json = JacksonUtils.toObj(response.getBody());
Expand Down Expand Up @@ -93,59 +102,64 @@ protected void init(int port) throws Exception {
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);

System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);

System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role1).appendParam("username", username1).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role1).appendParam("username", username1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);

System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role2).appendParam("username", username2).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role2).appendParam("username", username2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role3).appendParam("username", username3).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role3).appendParam("username", username3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Add read permission of namespace1 to role1:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*").appendParam("action", "r")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Add write permission of namespace1 to role2:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*").appendParam("action", "w")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Add read/write permission of namespace1 to role3:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*").appendParam("action", "rw")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

Expand All @@ -159,61 +173,67 @@ protected void destroy() {

// Delete permission:
ResponseEntity<String> response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*").appendParam("action", "r")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete permission:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*").appendParam("action", "w")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete permission:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*").appendParam("action", "rw")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role1).appendParam("username", username1).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role1).appendParam("username", username1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role2).appendParam("username", username2).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role2).appendParam("username", username2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role3).appendParam("username", username3).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role3).appendParam("username", username3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username1).appendParam("password", password1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username1).appendParam("password", password1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,20 +33,22 @@

import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;

import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;

/**
* Integration tests for Nacos configuration with authentication.
*
* @author nkorange
* @since 1.2.0
*/
@SuppressWarnings("checkstyle:AbbreviationAsWordInName")
@SpringBootTest(classes = Nacos.class, properties = {
"server.servlet.contextPath=/nacos"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
public class ConfigAuth_ITCase extends AuthBase {
public class ConfigAuthCoreITCase extends AuthBase {

public static final long TIME_OUT = 2000;

Expand All @@ -55,15 +57,18 @@ public class ConfigAuth_ITCase extends AuthBase {
@LocalServerPort
private int port;

private String dataId = "yanlin";
private final String dataId = "yanlin";

private String group = "yanlin";
private final String group = "yanlin";

@BeforeEach
void init() throws Exception {
super.init(port);
}

/**
* Cleans up resources after each test execution.
*/
@AfterEach
public void destroy() {
super.destroy();
Expand All @@ -72,11 +77,10 @@ public void destroy() {
iconfig.shutDown();
}
} catch (NacosException ex) {

// Ignored exception during shutdown
}
}


@Test
void writeWithReadPermission() throws Exception {

Expand All @@ -93,17 +97,14 @@ void writeWithReadPermission() throws Exception {

@Test
void readWithReadPermission() throws Exception {

CountDownLatch latch = new CountDownLatch(1);
AtomicInteger ai = new AtomicInteger(0);

properties.put(PropertyKeyConst.USERNAME, username1);
properties.put(PropertyKeyConst.PASSWORD, password1);
iconfig = NacosFactory.createConfigService(properties);

final String content = "test" + System.currentTimeMillis();
System.out.println(content);

CountDownLatch latch = new CountDownLatch(1);
iconfig.addListener(dataId, group, new AbstractConfigChangeListener() {
@Override
public void receiveConfigChange(ConfigChangeEvent event) {
Expand Down Expand Up @@ -151,16 +152,14 @@ void writeWithWritePermission() throws Exception {

@Test
void readWithWritePermission() throws Exception {

CountDownLatch latch = new CountDownLatch(1);

properties.put(PropertyKeyConst.NAMESPACE, namespace1);
properties.put(PropertyKeyConst.USERNAME, username2);
properties.put(PropertyKeyConst.PASSWORD, password2);
iconfig = NacosFactory.createConfigService(properties);

final String content = "test" + System.currentTimeMillis();

CountDownLatch latch = new CountDownLatch(1);
iconfig.addListener(dataId, group, new AbstractConfigChangeListener() {
@Override
public void receiveConfigChange(ConfigChangeEvent event) {
Expand All @@ -182,28 +181,24 @@ public void receiveConfigChange(ConfigChangeEvent event) {
try {
iconfig.getConfig(dataId, group, TIME_OUT);
fail();
} catch (NacosException ne) {
assertEquals(HttpStatus.SC_FORBIDDEN, ne.getErrCode());
} catch (NacosException e) {
assertEquals(HttpStatus.SC_FORBIDDEN, e.getErrCode());
}

latch.await(5L, TimeUnit.SECONDS);

assertTrue(latch.getCount() > 0);
}


@Test
void ReadWriteWithFullPermission() throws Exception {

CountDownLatch latch = new CountDownLatch(1);
AtomicInteger ai = new AtomicInteger(0);

void readWriteWithFullPermission() throws Exception {
properties.put(PropertyKeyConst.USERNAME, username3);
properties.put(PropertyKeyConst.PASSWORD, password3);
iconfig = NacosFactory.createConfigService(properties);

final String content = "test" + System.currentTimeMillis();

CountDownLatch latch = new CountDownLatch(1);
iconfig.addListener(dataId, group, new AbstractConfigChangeListener() {
@Override
public void receiveConfigChange(ConfigChangeEvent event) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,16 @@
import java.net.URL;
import java.util.concurrent.TimeUnit;


@SuppressWarnings("checkstyle:AbbreviationAsWordInName")
@Suite
@SelectClasses({LdapAuth_ITCase.NonTlsTest.class, LdapAuth_ITCase.TlsTest.class})
class LdapAuth_ITCase {
@SelectClasses({LdapAuthCoreITCase.NonTlsTest.class, LdapAuthCoreITCase.TlsTest.class})
class LdapAuthCoreITCase {

@Test
void empty() {

}

abstract class LdapBase extends AuthBase {
abstract static class LdapBase extends AuthBase {

@LocalServerPort
private int port;
Expand All @@ -55,7 +54,8 @@ abstract class LdapBase extends AuthBase {

@BeforeEach
void init() throws Exception {
Mockito.when(ldapTemplate.authenticate("", "(" + filterPrefix + "=" + "karson" + ")", "karson")).thenReturn(true);
Mockito.when(ldapTemplate.authenticate("", "(" + filterPrefix + "=" + "karson" + ")", "karson"))
.thenReturn(true);
AuthConfigs.setCachingEnabled(false);
TimeUnit.SECONDS.sleep(5L);
String url = String.format("http://localhost:%d/", port);
Expand All @@ -78,7 +78,8 @@ void testLdapAuth() throws Exception {

@Nested
@DirtiesContext
@SpringBootTest(classes = Nacos.class, properties = {"server.servlet.context-path=/nacos", "nacos.core.auth.system.type=ldap",
@SpringBootTest(classes = Nacos.class, properties = {"server.servlet.context-path=/nacos",
"nacos.core.auth.system.type=ldap",
"nacos.core.auth.ldap.url=ldaps://localhost:636"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
class TlsTest extends LdapBase {

Expand All @@ -87,6 +88,4 @@ void testLdapAuth() throws Exception {
super.login("karson", "karson");
}
}


}
Loading
Loading