Skip to content

Commit

Permalink
Add tests for mocks and to show lack of retries
Browse files Browse the repository at this point in the history
  • Loading branch information
YakDriver committed Feb 17, 2023
1 parent fb34edb commit c4d0ab0
Show file tree
Hide file tree
Showing 3 changed files with 148 additions and 3 deletions.
2 changes: 1 addition & 1 deletion aws_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ func GetAwsConfig(ctx context.Context, c *Config) (context.Context, aws.Config,

if !c.SkipCredsValidation {
if _, _, err := getAccountIDAndPartitionFromSTSGetCallerIdentity(baseCtx, stsClient(baseCtx, awsConfig, c)); err != nil {
return ctx, awsConfig, fmt.Errorf("error validating provider credentials: %w", err)
return ctx, awsConfig, fmt.Errorf("validating provider credentials: %w", err)
}
}

Expand Down
117 changes: 117 additions & 0 deletions aws_config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@ import (
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
"github.com/aws/aws-sdk-go-v2/service/sts"
"github.com/aws/smithy-go"
"github.com/aws/smithy-go/middleware"
smithyhttp "github.com/aws/smithy-go/transport/http"
"github.com/google/go-cmp/cmp"
Expand Down Expand Up @@ -94,6 +95,52 @@ func TestGetAwsConfig(t *testing.T) {
servicemocks.MockStsGetCallerIdentityValidEndpoint,
},
},
{
Config: &Config{
AccessKey: servicemocks.MockStaticAccessKey,
Region: "us-east-1",
SecretKey: servicemocks.MockStaticSecretKey,
MaxRetries: 100,
},
Description: "ExpiredToken",
ExpectedRegion: "us-east-1",
ExpectedError: func(err error) bool {
return strings.Contains(err.Error(), "ExpiredToken")
},
MockStsEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityInvalidBodyExpiredToken,
},
},
{
Config: &Config{
AccessKey: servicemocks.MockStaticAccessKey,
Region: "us-east-1",
SecretKey: servicemocks.MockStaticSecretKey,
},
Description: "ExpiredTokenException",
ExpectedRegion: "us-east-1",
ExpectedError: func(err error) bool {
return strings.Contains(err.Error(), "ExpiredTokenException")
},
MockStsEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityInvalidBodyExpiredTokenException,
},
},
{
Config: &Config{
AccessKey: servicemocks.MockStaticAccessKey,
Region: "us-east-1",
SecretKey: servicemocks.MockStaticSecretKey,
},
Description: "RequestExpired",
ExpectedRegion: "us-east-1",
ExpectedError: func(err error) bool {
return strings.Contains(err.Error(), "RequestExpired")
},
MockStsEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityInvalidBodyRequestExpired,
},
},
{
Config: &Config{
AccessKey: servicemocks.MockStaticAccessKey,
Expand Down Expand Up @@ -3043,6 +3090,76 @@ func TestRetryHandlers(t *testing.T) {
return results
}(),
},
"no retries for ExpiredToken": {
NextHandler: func() middleware.FinalizeHandler {
num := 0
reqsErrs := make([]error, 2)
for i := 0; i < 2; i++ {
reqsErrs[i] = &smithy.OperationError{
ServiceID: "STS",
OperationName: "GetCallerIdentity",
Err: &smithyhttp.ResponseError{
Response: &smithyhttp.Response{
Response: &http.Response{
StatusCode: 403,
},
},
Err: &smithy.GenericAPIError{
Code: "ExpiredToken",
Message: "The security token included in the request is expired",
},
},
}
}
return middleware.FinalizeHandlerFunc(func(ctx context.Context, in middleware.FinalizeInput) (out middleware.FinalizeOutput, metadata middleware.Metadata, err error) {
if num >= len(reqsErrs) {
err = fmt.Errorf("more requests than expected")
} else {
err = reqsErrs[num]
num++
}
return out, metadata, err
})
},
Err: &smithy.OperationError{
ServiceID: "STS",
OperationName: "GetCallerIdentity",
Err: &smithyhttp.ResponseError{
Response: &smithyhttp.Response{
Response: &http.Response{
StatusCode: 403,
},
},
Err: &smithy.GenericAPIError{
Code: "ExpiredToken",
Message: "The security token included in the request is expired",
},
},
},
ExpectResults: func() retry.AttemptResults {
results := retry.AttemptResults{
Results: make([]retry.AttemptResult, 1),
}
results.Results[0] = retry.AttemptResult{
Err: &smithy.OperationError{
ServiceID: "STS",
OperationName: "GetCallerIdentity",
Err: &smithyhttp.ResponseError{
Response: &smithyhttp.Response{
Response: &http.Response{
StatusCode: 403,
},
},
Err: &smithy.GenericAPIError{
Code: "ExpiredToken",
Message: "The security token included in the request is expired",
},
},
},
}
return results
}(),
},
"stops at maxRetries for other network errors": {
NextHandler: func() middleware.FinalizeHandler {
num := 0
Expand Down
32 changes: 30 additions & 2 deletions awsauth_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -321,19 +321,47 @@ func TestGetAccountIDAndPartitionFromSTSGetCallerIdentity(t *testing.T) {
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity expired token with invalid response",
Description: "sts:GetCallerIdentity ExpiredToken with invalid JSON response",
MockEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityInvalidBodyExpiredToken,
},
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity expired token with valid response",
Description: "sts:GetCallerIdentity ExpiredToken with valid JSON response",
MockEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityValidBodyExpiredToken,
},
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity ExpiredTokenException with invalid JSON response",
MockEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityInvalidBodyExpiredTokenException,
},
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity ExpiredTokenException with valid JSON response",
MockEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityValidBodyExpiredTokenException,
},
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity RequestExpired with invalid JSON response",
MockEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityInvalidBodyRequestExpired,
},
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity RequestExpired with valid JSON response",
MockEndpoints: []*servicemocks.MockEndpoint{
servicemocks.MockStsGetCallerIdentityValidBodyRequestExpired,
},
ErrCount: 1,
},
{
Description: "sts:GetCallerIdentity success",
MockEndpoints: []*servicemocks.MockEndpoint{
Expand Down

0 comments on commit c4d0ab0

Please sign in to comment.