test: add Tokenserver integration tests to CI

Closes #1174
mozilla-services · Nov 29, 2021 · f75ea51 · f75ea51
1 parent 89e98df
commit f75ea51
Show file tree

Hide file tree

Showing 6 changed files with 35 additions and 14 deletions.
diff --git a/docker-compose.e2e.mysql.yaml b/docker-compose.e2e.mysql.yaml
@@ -25,7 +25,12 @@ services:
           SYNC_HOST: 0.0.0.0
           SYNC_MASTER_SECRET: secret0
           SYNC_DATABASE_URL: mysql://test:test@sync-db:3306/syncstorage
-          SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3307/tokenserver
+          SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3306/tokenserver
+          SYNC_TOKENSERVER__ENABLED: true
+          SYNC_TOKENSERVER__FXA_EMAIL_DOMAIN: api-accounts.stage.mozaws.net
+          SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET: secret0
+          SYNC_TOKENSERVER__FXA_OAUTH_SERVER_URL: https://oauth.stage.mozaws.net
+          TOKENSERVER_HOST: http://localhost:8000
         entrypoint: >
           /bin/sh -c "
             sleep 28; pip3 install -r /app/tools/integration_tests/requirements.txt && python3 /app/tools/integration_tests/run.py 'http://localhost:8000#secret0'

diff --git a/docker-compose.e2e.spanner.yaml b/docker-compose.e2e.spanner.yaml
@@ -25,8 +25,13 @@ services:
           SYNC_HOST: 0.0.0.0
           SYNC_MASTER_SECRET: secret0
           SYNC_DATABASE_URL: spanner://projects/test-project/instances/test-instance/databases/test-database
-          SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3306/tokenserver
           SYNC_SPANNER_EMULATOR_HOST: sync-db:9010
+          SYNC_TOKENSERVER__DATABASE_URL: mysql://test:test@tokenserver-db:3306/tokenserver
+          SYNC_TOKENSERVER__ENABLED: true
+          SYNC_TOKENSERVER__FXA_EMAIL_DOMAIN: api-accounts.stage.mozaws.net
+          SYNC_TOKENSERVER__FXA_METRICS_HASH_SECRET: secret0
+          SYNC_TOKENSERVER__FXA_OAUTH_SERVER_URL: https://oauth.stage.mozaws.net
+          TOKENSERVER_HOST: http://localhost:8000
         entrypoint: >
           /bin/sh -c "
             sleep 28; pip3 install -r /app/tools/integration_tests/requirements.txt && python3 /app/tools/integration_tests/run.py 'http://localhost:8000#secret0'

diff --git a/src/server/mod.rs b/src/server/mod.rs
@@ -132,12 +132,11 @@ macro_rules! build_app {
                     .route(web::get().to(handlers::get_bso))
                     .route(web::put().to(handlers::put_bso)),
             )
-            // XXX: This route will be enabled when we are ready to roll out Tokenserver
             // Tokenserver
-            // .service(
-            //     web::resource("/1.0/{application}/{version}")
-            //         .route(web::get().to(tokenserver::handlers::get_tokenserver_result)),
-            // )
+            .service(
+                web::resource("/1.0/{application}/{version}")
+                    .route(web::get().to(tokenserver::handlers::get_tokenserver_result)),
+            )
             // Dockerflow
             // Remember to update .::web::middleware::DOCKER_FLOW_ENDPOINTS
             // when applying changes to endpoint names.

diff --git a/tools/integration_tests/run.py b/tools/integration_tests/run.py
@@ -9,6 +9,7 @@
 from test_storage import TestStorage
 from test_support import run_live_functional_tests
 import time
+from tokenserver.run import run_end_to_end_tests, run_local_tests
 
 DEBUG_BUILD = "target/debug/syncstorage"
 RELEASE_BUILD = "/app/bin/syncstorage"
@@ -48,8 +49,20 @@ def start_server():
         return the_server_subprocess
 
     os.environ.setdefault('SYNC_MASTER_SECRET', 'secret0')
+    os.environ['SYNC_TOKENSERVER__TEST_MODE_ENABLED'] = 'true'
     the_server_subprocess = start_server()
-    atexit.register(lambda: terminate_process(the_server_subprocess))
-    res = run_live_functional_tests(TestStorage, sys.argv)
+    try:
+        res = 0
+        res |= run_live_functional_tests(TestStorage, sys.argv)
+        res |= run_local_tests()
+    finally:
+        terminate_process(the_server_subprocess)
+
+    os.environ['SYNC_TOKENSERVER__TEST_MODE_ENABLED'] = 'false'
+    the_server_subprocess = start_server()
+    try:
+        res |= run_end_to_end_tests()
+    finally:
+        terminate_process(the_server_subprocess)
 
     sys.exit(res)
diff --git a/tools/integration_tests/tokenserver/test_e2e.py b/tools/integration_tests/tokenserver/test_e2e.py
@@ -124,7 +124,7 @@ def _fxa_metrics_hash(self, value):
         hasher.update(value.encode('utf-8'))
         return hasher.hexdigest()
 
-    def _derive_secret(self, master_secret, node):
+    def _derive_secret(self, master_secret):
         info = "services.mozilla.com/mozsvc/v1/node_secret/%s" % self.NODE_URL
         hkdf_params = {
             "salt": None,
@@ -205,8 +205,7 @@ def test_valid_request(self):
 
         signing_secret = binascii.b2a_hex(
             self.TOKEN_SIGNING_SECRET.encode("utf-8")).decode()
-        node_specific_secret = self._derive_secret(signing_secret,
-                                                   self.NODE_URL)
+        node_specific_secret = self._derive_secret(signing_secret)
         expected_token = tokenlib.make_token(payload_dict,
                                              secret=node_specific_secret)
         expected_signature = urlsafe_b64decode(expected_token)[-32:]

diff --git a/tools/integration_tests/tokenserver/test_support.py b/tools/integration_tests/tokenserver/test_support.py
@@ -15,13 +15,13 @@
 
 class TestCase:
     FXA_EMAIL_DOMAIN = 'api-accounts.stage.mozaws.net'
-    FXA_METRICS_HASH_SECRET = 'secret'
+    FXA_METRICS_HASH_SECRET = 'secret0'
     NODE_ID = 800
     NODE_URL = 'https://example.com'
     SYNC_1_1_SERVICE_ID = 1
     SYNC_1_5_SERVICE_ID = 2
     SYNC_1_5_SERVICE_NAME = 'sync-1.5'
-    TOKEN_SIGNING_SECRET = 'secret'
+    TOKEN_SIGNING_SECRET = 'secret0'
     TOKENSERVER_HOST = os.environ['TOKENSERVER_HOST']
 
     def setUp(self):