From 4a3987579207bd4a6f3707e3d17f17eef0f96ba2 Mon Sep 17 00:00:00 2001 From: Adam Kolodziejczyk Date: Mon, 2 Dec 2024 14:25:40 +0100 Subject: [PATCH] add tests for keypair auth --- .../parameters_aws_auth_tests.json.gpg | Bin 518 -> 550 bytes .../rsa_keys/rsa_encrypted_key.p8.gpg | Bin 0 -> 1511 bytes .github/workflows/rsa_keys/rsa_key.p8.gpg | Bin 0 -> 1401 bytes .../workflows/rsa_keys/rsa_key_invalid.p8.gpg | Bin 0 -> 1409 bytes .gitignore | 1 + ci/container/test_authentication.sh | 4 + ci/test_authentication.sh | 3 + test/authentication/connectionParameters.js | 34 ++++++ test/authentication/testKeyPair.js | 93 +++++++++++++++ test/integration/connectionOptions.js | 58 ---------- test/integration/testManualConnection.js | 107 ------------------ 11 files changed, 135 insertions(+), 165 deletions(-) create mode 100644 .github/workflows/rsa_keys/rsa_encrypted_key.p8.gpg create mode 100644 .github/workflows/rsa_keys/rsa_key.p8.gpg create mode 100644 .github/workflows/rsa_keys/rsa_key_invalid.p8.gpg create mode 100644 test/authentication/testKeyPair.js diff --git a/.github/workflows/parameters_aws_auth_tests.json.gpg b/.github/workflows/parameters_aws_auth_tests.json.gpg index 0d3d4ce5b86757a76c442f77b0a902cfae0fc84c..bea557c1340e79134e2fef7d057b0a4b5367351a 100644 GIT binary patch literal 550 zcmV+>0@?kH4Fm}T2-FugK{~32dH>Ss0b<`~^&DSip?`>%SG9?1!L0F6kN1 z1H(=yjN#Jcj%jjXe7rfzTZFwPJqWmp*qI5X)Wgv`-d`hhNAO*&z|GapXV!+t zL|fp@LZ-!r4BnA8i%`3Sc4Y=W)iU_fkFGJ8a#`P1$!%jom$X*pILH?B4fHk*>=7=#r2C$b3G}%VOrukil0Q- zw9J>$9+(182dZSa5Df=^_IQ35Xq$9*Wmd2{{A*&y(si z&;_vnF>5&Cf{ z-_9dwr0LtnPD$f;lRf^RA7*qOmE{qXqIJtcm_uD_uxxsUC@&C{0h=N{R-B|-Xf}5!OevAR9@G^i8q~o; z0X4$?(>5bw)A5;1WF&!MfWpEAqK7Gb7M+cqUtTkrS3T7a3>#+(UDF+v41{eydu>}#sRlg_39!z^cU^wThxCAwyhi|SMI?bi$g6Tp&wd9pf|ZFgP-#5Ifkz2edc-|=ePdnXYY?rC zQxtdiZ}`MN1O?pVh(q>P6C9$OnZ(b`&?~0jcxn1VE=(*%cnkkE(hR85zvjnif&{X( zAcMPUPuqKt82c}i&=)#~xpj7uIDVgaj~L>f7fT(0!3~8NnA}{Q@LC)qJEFL2)IdRl(?c5?7!6sim~b zTtmYA+#E#8SN?M%gCgqSpPgCPXI!aac-eC&u(Hir5NvEYuyH8U0CmJf?3u#JT%1%x zQJ~Xl479lGY=#;4&l}LTP+tJ&0jlUilf5D;v{ zbV^#uovkM~Lj$$5t}_Urx^QASz|U4408`QPFII+=yI8s~5h4!yM>EXJqub%ttx#jp z6-wk~Ok6zaoZz6m5QZ!?Ro z{U)&PEn(U@7Y6yX0pwk)y8^i+UKJ+S&$L-PQ!*9^PC*Up-`)`Wgq#9tp!fhDPojyv zZ_i+pXlh46@p(T*tOM8#rmY1a-a<`2L9ga6vV`eVY5c*d`q-Y}!(ur+Mi@KE$Rj4V z6KKkW@`@(bin(;OuuQ^&Mvkzt=a}bQ&4j|BTc>^X`#}8tr1%i86ErJU?=O>fDEDyU ztYNh66{@-TWVz^JJ$!rby5wq_Ld6fPe1BP!hsQlm@TeK%V7=HId}jNX4M8R-vd|+P z<2V9V`ng<#2j|9iLR{Z8?|S)TjA$-0_7O`ay2-6w1~+;~@vv|QI+Q@J{(sa+Tk?nt z_W$V`_Ucu#4!(%a=VC?dBE)fH0u=K*REbYS@IZEq;u$=~fTi}G=T4`((SNyfp`Ulu z#o6U)zr_HJokG4BDzwZL=#t+i$l!rJyR-E=WzxqSTX-Fjby&*J?}wh7J2j~_=ZVy_Sed3dn_4kYnpse`Izc&S) zPGozs>L&V^PJjM$rco_=3W^wu)FHjHSab@k3@8;D6!1ao4>5(FOB~_sK0O}}yC+?X zCpn|_Lns4~AE3NI7}qJ6B9j~w!v?~|0Q2e5%;mt_4H-UtSAH%5-;3K`?brIv7# zCe7#J3{n$#f!Oc)5te?PLGsSUWGE#V(HTdCeA+Oz;b26dRH|poL+S#yF0~*~BZ+J? zj2S>Td&^Z@VrV;)d!UB%t>@l5Y>FO7;yfO14$ej&6w+gShCxg);Z(JBf{D5d(a*xu zboJ&Yizdy1O*oFtelf~hs;s=?CBV4~vJ6f}z3{aYcR4isTu`_Xemgi+6E>hi;Eq?H z^||4dCNSih&^yuvBVXwGST2SFa$9x;yByBonOslj_R3kyt7e0-YDf7fXwv5#8&Kr$ N4pJ4Fm}T2sW}O5FyLDc>mJs0h2d8Frh+x^{u3Pa0SMoLHH6?e=*-mjvgH> z2vLe85YdPlUO(Q!9!pSB6A>H&jweedm{s1V#ne)B?*Ew@rwU_b#TnM9;UhFx3To6t z_P6?=sU*gyF;QLA_#Mo$(kPi1(JXYTssT|^+$&x*L$Eevm!oS`|43p5;KmqU%^l%$ zf+r)?+eT*09Xu(o5iEK_joJ$}Dsa`pjGsmZ`mI2lp`mFRNV1sTd0Ci*okFH%AmE-; zd+4|J!QjPk6^BSXKqE0mf|TlZ2zaMlTbpXsC}8o<%fLM^&iVvao*?ml+)$0U$bpAs zLH3TUT={fDCfq?VMddD_#HP=Ix7ckQ9C~_R0%&T!)P+`x2!}dM`3Kl20N3Op6C{~Z zk%{y}8JDX^xOP(EJHGc%(w2EuKHp1HMsLfzY%s9N>vQ-ncyy|Qjq?>IM#&zzy$VRR zr%PD_0L5TZ=Fq+8=!nISW!w4d)Xi~Qk&z;<)M=*IY0|V2k9kxLJ6xnHG=GW{Bg392 zo?6Jztg?5>fX#J^fhUfm$i9b1;ZAon)7!0dn2$1FkNQp#N_7b@%US|Ee+O>>6c8F4 z8a;2=rr9|#bXujzitOi+FSk`y)kNpN4i;$@tv4=b7o%a>uN;EdP^E?n_Q-{wPYw~N z|47S7IEO?Ln4ASaGSR=-{Pc#}G1?1n7$VDvPU~-ssYO&VbeM{lQ6Tp~cqGaD@u7^Q zI=D!g8j<4D=f7>QH~i4K*5V~kiz6_G@_&}0$@Ie*VgJ|q0mU-bVrDgK z_UU*pcX31M|Du$yhr*09q5N?I+Obt52dlq~F=T{M%>_PfJG&tD;yh$2qBNa0W78(P z7EH4YTCLzV3LEsaoI0=+vSlhsLYl05tRpzAMgiTn$G;mh*}Oz(beRb=+xUafENnD=V(wydV*G}ytLhk*&7QzvwqgUs=o-nJZ-IS zyIN22BCd+3IHMThQ_=?Ln=Z32HzU$-b^bf9-<7+E^Oe1i{7Dw>UUYPFfpKM zSJm^uuFIae{#^76r5G*dmsT@A!OKNo+nngu#=P3_}|z{JF#59A&4vatGc8TE>m`%l%m`jfVV^uj=t}2 zJrjj9LIj(iz@|1G{v+ne-Lu2Ma4?|)pY)`d7DVN&Mdu+ns=?BFgXcUpL>bfKjT)e^ z5#Oe^lh5|RCake@4!5fn+xoS3alDz$xCmS=-X%uTwpF6O@}3q#d~ql~M| z{kB*tpL=a+_a;5=UL!Dn=AI8#{FjG}b6lG2D_3jMpT61#hB#NJmASwqAG~!GxUJKz z4_kZU4Uh;r7}q4lRX{b!1gC|6Hy!yLx=(TabS-?4vr6ah6S(+)C!Sa9Ta?{g4vRQ{ zO8cfZ?^Cr!d+yUXE#jo78AFzI7^KK>Q|5XOhg20-DxIyW%1Va#`!v#!;>>o_8w@+y@ HBt6`SeZ8+W literal 0 HcmV?d00001 diff --git a/.github/workflows/rsa_keys/rsa_key_invalid.p8.gpg b/.github/workflows/rsa_keys/rsa_key_invalid.p8.gpg new file mode 100644 index 0000000000000000000000000000000000000000..3d2442a7c8c319f53ac8d6af8b12bcff78a364da GIT binary patch literal 1409 zcmV-{1%CRB4Fm}T2oOE^p^$#mNB`350dCH$DrP24&;&c@7=1}8SgJ`t2Jhbld~Tl6 z0G^#)CvI%Mkv<0lD%2OXL2~H0fW4z>z(2$S(~kytf&DxtVS*9dICkcS+ffG~Z})uY zB`zl9fytg}f2tY#aS$7$`dU!eSG^#6UQrisepTgBF1~k(CjXE)AYQUTzEc--YbK}u zfsLh_J)DoV(9go0v$9Lt*l~ZQa4WUnT`63VpmmGnc8nyJjA-hQ*mB*#+OG1a7ASWB ze9Raxfi?A`6~)p!PMM?gM{9IagV-L({Z#oVi}JuWJi|)kx!>=yOrS9Gq5B-*7@l)) z{1{^`_X~Fv&Doaj))DjJ-L^W*9SS1i*gV(ca; zCE#)|nKO-5uH?~G%8AdGged-2(o6$lg?(fJ4+X01x(E6BVUjyzwz#mG9;gAgohtx= z+&#TCKz~*>R9}QeY_}#N+573zc^{U_Y4gN;>sP>M4jpt_~jH>I~>|f z@HAD^fpJJ@X(hwEc(W@+EO*05}n$URL!)yDLn$0&x z^Y^TAlbtX(ef+HM*}-W=_w*kkq{JQnh7gX=9dA%?Uj;erdH&Br>=oUw^F_@8# zLANF=N8ti7r*?em#%jnoCdOAhX5?oaWg<8t>FGIOrHxIeM@3$j&RnDKL$ZO^m($@tnS=DJfQX8u0o%kqgA|Ez(3Xdev20sf`K49<(%)+s=$Lqn7cLK zcYr+C2QO{oaBUN&oPOqMtoXcn*^>5AfVW*-OjbrWWwCs<;gyMKQ_0~e9`Pd2^zd>R zPX&|_DioP6LIMMh`;dZ*njth+Ku%Gg29O|p4;>}oQFCY>4qILxtFqk;)Bc%ZF3f)+`?qFwQwiKph#32+tK`; z=hK)V8LHpTW2$|D8@l``@kxvrP5`g*-?MM*%hfFnknxU z8cM#TPhCW@difY~FYFCSv86g8s5|^8##L%J7Ja|v+O~qJJ-y}x5Zh}k_BaO;v=2G` z+ny&dA%H9;I6Ct#0(NHo*n(D4L>KHT*TeodHh;rXV#}gki)mI%l-}(jmh@%C=yj&+ zS&Cj=Jp0|>K~z)V(Z4UOueoNTy4huPrFV~!yPZp;MUU5kNFE>N@{W&7(!v#LnSkIr zRv~<=iZTb7zF~)46dwn2zL%K#j?aMpW8ffUfnkv<{;fKOMqmyh5>jTxsWit;I&THD zL{Eh#W~~%SQQ8F3URzklBVsset&u0^faeR4!Z66t3mnorN#pDIQGk~3E%IowD9NC0 Plk!d)KNyEuj^Ur;bOOha literal 0 HcmV?d00001 diff --git a/.gitignore b/.gitignore index 785a1a3c7..5c1e6c21c 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ wss-*-agent.config wss-unified-agent.jar whitesource/ .nyc_output +rsa_*.p8 diff --git a/ci/container/test_authentication.sh b/ci/container/test_authentication.sh index cffe7336e..31e18dde5 100755 --- a/ci/container/test_authentication.sh +++ b/ci/container/test_authentication.sh @@ -5,4 +5,8 @@ set -o pipefail AUTH_PARAMETER_FILE=./.github/workflows/parameters_aws_auth_tests.json eval $(jq -r '.authtestparams | to_entries | map("export \(.key)=\(.value|tostring)")|.[]' $AUTH_PARAMETER_FILE) +export SNOWFLAKE_AUTH_TEST_PRIVATE_KEY_PATH=./.github/workflows/rsa_keys/rsa_key.p8 +export SNOWFLAKE_AUTH_TEST_ENCRYPTED_PRIVATE_KEY_PATH=./.github/workflows/rsa_keys/rsa_encrypted_key.p8 +export SNOWFLAKE_AUTH_TEST_INVALID_PRIVATE_KEY_PATH=./.github/workflows/rsa_keys/rsa_key_invalid.p8 + npm run test:authentication diff --git a/ci/test_authentication.sh b/ci/test_authentication.sh index 725520798..02baada7f 100755 --- a/ci/test_authentication.sh +++ b/ci/test_authentication.sh @@ -5,6 +5,9 @@ THIS_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" export WORKSPACE=${WORKSPACE:-/tmp} gpg --quiet --batch --yes --decrypt --passphrase="$PARAMETERS_SECRET" --output $THIS_DIR/../.github/workflows/parameters_aws_auth_tests.json "$THIS_DIR/../.github/workflows/parameters_aws_auth_tests.json.gpg" +gpg --quiet --batch --yes --decrypt --passphrase="$PARAMETERS_SECRET" --output $THIS_DIR/../.github/workflows/rsa_keys/rsa_encrypted_key.p8 "$THIS_DIR/../.github/workflows/rsa_keys/rsa_encrypted_key.p8.gpg" +gpg --quiet --batch --yes --decrypt --passphrase="$PARAMETERS_SECRET" --output $THIS_DIR/../.github/workflows/rsa_keys/rsa_key.p8 "$THIS_DIR/../.github/workflows/rsa_keys/rsa_key.p8.gpg" +gpg --quiet --batch --yes --decrypt --passphrase="$PARAMETERS_SECRET" --output $THIS_DIR/../.github/workflows/rsa_keys/rsa_key_invalid.p8 "$THIS_DIR/../.github/workflows/rsa_keys/rsa_key_invalid.p8.gpg" docker run \ -v $(cd $THIS_DIR/.. && pwd):/mnt/host \ diff --git a/test/authentication/connectionParameters.js b/test/authentication/connectionParameters.js index 9204f6941..6b98ea5c5 100644 --- a/test/authentication/connectionParameters.js +++ b/test/authentication/connectionParameters.js @@ -1,3 +1,4 @@ +const path = require('path'); const snowflakeAuthTestProtocol = process.env.SNOWFLAKE_AUTH_TEST_PROTOCOL; const snowflakeAuthTestHost = process.env.SNOWFLAKE_AUTH_TEST_HOST; const snowflakeAuthTestPort = process.env.SNOWFLAKE_AUTH_TEST_PORT; @@ -13,6 +14,10 @@ const snowflakeAuthTestOauthClientSecret = process.env.SNOWFLAKE_AUTH_TEST_OAUTH const snowflakeAuthTestDatabase = process.env.SNOWFLAKE_AUTH_TEST_DATABASE; const snowflakeAuthTestWarehouse = process.env.SNOWFLAKE_AUTH_TEST_WAREHOUSE; const snowflakeAuthTestSchema = process.env.SNOWFLAKE_AUTH_TEST_SCHEMA; +const snowflakeAuthTestPrivateKeyPath = process.env.SNOWFLAKE_AUTH_TEST_PRIVATE_KEY_PATH; +const snowflakeAuthTestInvalidPrivateKeyPath = process.env.SNOWFLAKE_AUTH_TEST_INVALID_PRIVATE_KEY_PATH; +const snowflakeAuthTestPrivateKeyPassword = process.env.SNOWFLAKE_AUTH_TEST_PRIVATE_KEY_PASSWORD; +const snowflakeAuthTestEncryptedPrivateKeyPath = process.env.SNOWFLAKE_AUTH_TEST_ENCRYPTED_PRIVATE_KEY_PATH; const accessUrlAuthTests = snowflakeAuthTestProtocol + '://' + snowflakeAuthTestHost + ':' + snowflakeAuthTestPort; @@ -50,9 +55,36 @@ const oauth = authenticator: 'OAUTH' }; +const keypairPrivateKey = + { + ...baseParameters, + username: snowflakeAuthTestOktaUser, + authenticator: 'SNOWFLAKE_JWT' + }; + +const keypairPrivateKeyPath = + { + ...baseParameters, + username: snowflakeAuthTestOktaUser, + privateKeyPath: snowflakeAuthTestPrivateKeyPath, + authenticator: 'SNOWFLAKE_JWT' + }; + +const keypairEncryptedPrivateKeyPath = + { + ...baseParameters, + username: snowflakeAuthTestOktaUser, + privateKeyPass: snowflakeAuthTestPrivateKeyPassword, + privateKeyPath: snowflakeAuthTestEncryptedPrivateKeyPath, + authenticator: 'SNOWFLAKE_JWT' + }; + exports.externalBrowser = externalBrowser; exports.okta = okta; exports.oauth = oauth; +exports.keypairPrivateKey = keypairPrivateKey; +exports.keypairPrivateKeyPath = keypairPrivateKeyPath; +exports.keypairEncryptedPrivateKeyPath = keypairEncryptedPrivateKeyPath; exports.snowflakeTestBrowserUser = snowflakeAuthTestBrowserUser; exports.snowflakeAuthTestOktaUser = snowflakeAuthTestOktaUser; exports.snowflakeAuthTestOktaPass = snowflakeAuthTestOktaPass; @@ -60,3 +92,5 @@ exports.snowflakeAuthTestRole = snowflakeAuthTestRole; exports.snowflakeAuthTestOauthClientId = snowflakeAuthTestOauthClientId; exports.snowflakeAuthTestOauthClientSecret = snowflakeAuthTestOauthClientSecret; exports.snowflakeAuthTestOauthUrl = snowflakeAuthTestOauthUrl; +exports.snowflakeAuthTestPrivateKeyPath = snowflakeAuthTestPrivateKeyPath; +exports.snowflakeAuthTestInvalidPrivateKeyPath = snowflakeAuthTestInvalidPrivateKeyPath; diff --git a/test/authentication/testKeyPair.js b/test/authentication/testKeyPair.js new file mode 100644 index 000000000..a85a1513d --- /dev/null +++ b/test/authentication/testKeyPair.js @@ -0,0 +1,93 @@ +const AuthTest = require('./authTestsBaseClass'); +const connParameters = require('./connectionParameters'); +const snowflake = require('../../lib/snowflake'); +const path = require('path'); +const assert = require('node:assert'); +const fs = require('fs').promises; + + +describe('Key-pair authentication', function () { + let authTest; + + beforeEach(async () => { + authTest = new AuthTest(); + }); + + afterEach(async () => { + await authTest.destroyConnection(); + }); + + describe('Private key', function () { + it('Successful connection', async function () { + const privateKey = await getFileContent(connParameters.snowflakeAuthTestPrivateKeyPath); + const connectionOption = { ... connParameters.keypairPrivateKey, privateKey: privateKey }; + authTest.createConnection(connectionOption); + await authTest.connectAsync(); + authTest.verifyNoErrorWasThrown(); + await authTest.verifyConnectionIsUp(); + }); + + it('Invalid private key format', async function () { + const invalidPrivateKeyFormat = 'invalidKey'; + const connectionOption = { ... connParameters.keypairPrivateKey, privateKey: invalidPrivateKeyFormat }; + try { + snowflake.createConnection(connectionOption); + assert.fail('Expected error was not thrown'); + } catch (err) { + assert.strictEqual(err.message, 'Invalid private key. The specified value must be a string in pem format of type pkcs8'); + } + }); + + it('Invalid private key', async function () { + const privateKey = await getFileContent(connParameters.snowflakeAuthTestInvalidPrivateKeyPath); + const connectionOption = { ... connParameters.keypairPrivateKey, privateKey: privateKey }; + authTest.createConnection(connectionOption); + await authTest.connectAsync(); + assert.match(authTest.error?.message, /JWT token is invalid./); + await authTest.verifyConnectionIsNotUp('Unable to perform operation using terminated connection.'); + }); + }); + + describe('Private key path', function () { + it('Successful connection', async function () { + const connectionOption = connParameters.keypairPrivateKeyPath; + authTest.createConnection(connectionOption); + await authTest.connectAsync(); + authTest.verifyNoErrorWasThrown(); + await authTest.verifyConnectionIsUp(); + }); + + it('Invalid private key', async function () { + const connectionOption = { ...connParameters.keypairPrivateKeyPath, privateKeyPath: connParameters.snowflakeAuthTestInvalidPrivateKeyPath }; + authTest.createConnection(connectionOption); + await authTest.connectAsync(); + assert.match(authTest.error?.message, /JWT token is invalid./); + await authTest.verifyConnectionIsNotUp('Unable to perform operation using terminated connection.'); + }); + + it('Successful connection using encrypted private key', async function () { + const connectionOption = connParameters.keypairEncryptedPrivateKeyPath; + authTest.createConnection(connectionOption); + await authTest.connectAsync(); + authTest.verifyNoErrorWasThrown(); + await authTest.verifyConnectionIsUp(); + }); + + it('Invalid private key password', async function () { + const connectionOption = { ...connParameters.keypairEncryptedPrivateKeyPath, privateKeyPass: 'invalid' }; + authTest.createConnection(connectionOption); + await authTest.connectAsync(); + assert.match(authTest.error?.message, /bad decrypt/); + await authTest.verifyConnectionIsNotUp(); + }); + }); +}); + +async function getFileContent(filePath) { + try { + const absolutePath = path.resolve(filePath); + return await fs.readFile(absolutePath, 'utf8'); + } catch (err) { + throw new Error(`Error reading file: ${err.message}`); + } +} diff --git a/test/integration/connectionOptions.js b/test/integration/connectionOptions.js index 2809dc595..88c56e344 100644 --- a/test/integration/connectionOptions.js +++ b/test/integration/connectionOptions.js @@ -16,11 +16,6 @@ const snowflakeTestRole = process.env.SNOWFLAKE_TEST_ROLE; const snowflakeTestPassword = process.env.SNOWFLAKE_TEST_PASSWORD; const snowflakeTestAdminUser = process.env.SNOWFLAKE_TEST_ADMIN_USER; const snowflakeTestAdminPassword = process.env.SNOWFLAKE_TEST_ADMIN_PASSWORD; -const snowflakeTestPrivateKeyUser = process.env.SNOWFLAKE_JWT_TEST_USER; -const snowflakeTestPrivateKey = process.env.SNOWFLAKE_TEST_PRIVATE_KEY; -const snowflakeTestPrivateKeyPath = process.env.SNOWFLAKE_TEST_PRIVATE_KEY_PATH; -const snowflakeTestPrivateKeyPass = process.env.SNOWFLAKE_TEST_PRIVATE_KEY_PASS; -const snowflakeTestPrivateKeyPathUnencrypted = process.env.SNOWFLAKE_TEST_PRIVATE_KEY_PATH_UNENCRYPTED; const snowflakeTestPasscode = process.env.SNOWFLAKE_TEST_PASSCODE; if (snowflakeTestProtocol === undefined) { @@ -83,55 +78,6 @@ const wrongPwd = account: snowflakeTestAccount }; -const keypairPrivateKey = -{ - accessUrl: accessUrl, - username: snowflakeTestPrivateKeyUser, - account: snowflakeTestAccount, - warehouse: snowflakeTestWarehouse, - database: snowflakeTestDatabase, - schema: snowflakeTestSchema, - role: snowflakeTestRole, - privateKey: snowflakeTestPrivateKey, - authenticator: 'SNOWFLAKE_JWT' -}; - -const keypairPathEncrypted = -{ - accessUrl: accessUrl, - username: snowflakeTestPrivateKeyUser, - account: snowflakeTestAccount, - warehouse: snowflakeTestWarehouse, - database: snowflakeTestDatabase, - schema: snowflakeTestSchema, - role: snowflakeTestRole, - privateKeyPath: snowflakeTestPrivateKeyPath, - privateKeyPass: snowflakeTestPrivateKeyPass, - authenticator: 'SNOWFLAKE_JWT' -}; - -const keypairPathUnencrypted = -{ - accessUrl: accessUrl, - username: snowflakeTestPrivateKeyUser, - account: snowflakeTestAccount, - warehouse: snowflakeTestWarehouse, - database: snowflakeTestDatabase, - schema: snowflakeTestSchema, - role: snowflakeTestRole, - privateKeyPath: snowflakeTestPrivateKeyPathUnencrypted, - authenticator: 'SNOWFLAKE_JWT' -}; - -const keypairWrongToken = -{ - accessUrl: accessUrl, - username: 'node', - account: snowflakeTestAccount, - privateKey: snowflakeTestPrivateKey, - authenticator: 'SNOWFLAKE_JWT' -}; - const MFA = { ...valid, authenticator: 'USER_PWD_MFA_AUTHENTICATOR', @@ -166,10 +112,6 @@ exports.wrongUserName = wrongUserName; exports.wrongPwd = wrongPwd; exports.accessUrl = accessUrl; exports.account = snowflakeTestAccount; -exports.keypairPrivateKey = keypairPrivateKey; -exports.keypairPathEncrypted = keypairPathEncrypted; -exports.keypairPathUnencrypted = keypairPathUnencrypted; -exports.keypairWrongToken = keypairWrongToken; exports.privatelink = privatelink; exports.connectionWithProxy = connectionWithProxy; exports.MFA = MFA; diff --git a/test/integration/testManualConnection.js b/test/integration/testManualConnection.js index 45fa3bbe8..5ae0eb5cc 100644 --- a/test/integration/testManualConnection.js +++ b/test/integration/testManualConnection.js @@ -101,113 +101,6 @@ if (process.env.RUN_MANUAL_TESTS_ONLY === 'true') { }); }); }); - - describe('Connection test - keypair', function () { - it('Simple Connect - specify private key', function (done) { - const connection = snowflake.createConnection( - connOption.keypairPrivateKey - ); - - async.series([ - function (callback) { - connection.connect(function (err) { - done(err); - assert.ok(!err, JSON.stringify(err)); - callback(); - }); - }, - function (callback) { - assert.ok(connection.isUp(), 'not active'); - callback(); - }, - function (callback) { - connection.destroy(function (err) { - assert.ok(!err, JSON.stringify(err)); - callback(); - }); - }, - function (callback) { - assert.ok(!connection.isUp(), 'still active'); - callback(); - }, - ]); - }); - - it('Simple Connect - specify encrypted private key path and passphrase', function (done) { - const connection = snowflake.createConnection( - connOption.keypairPathEncrypted - ); - - async.series([ - function (callback) { - connection.connect(function (err) { - done(err); - assert.ok(!err, JSON.stringify(err)); - callback(); - }); - }, - function (callback) { - assert.ok(connection.isUp(), 'not active'); - callback(); - }, - function (callback) { - connection.destroy(function (err) { - assert.ok(!err, JSON.stringify(err)); - callback(); - }); - }, - function (callback) { - assert.ok(!connection.isUp(), 'still active'); - callback(); - }, - ]); - }); - - it('Simple Connect - specify unencrypted private key path without passphrase', function (done) { - const connection = snowflake.createConnection( - connOption.keypairPathEncrypted - ); - - async.series([ - function (callback) { - connection.connect(function (err) { - done(err); - assert.ok(!err, JSON.stringify(err)); - callback(); - }); - }, - function (callback) { - assert.ok(connection.isUp(), 'not active'); - callback(); - }, - function (callback) { - connection.destroy(function (err) { - assert.ok(!err, JSON.stringify(err)); - callback(); - }); - }, - function (callback) { - assert.ok(!connection.isUp(), 'still active'); - callback(); - }, - ]); - }); - - it('Wrong JWT token', function (done) { - const connection = snowflake.createConnection( - connOption.keypairWrongToken - ); - connection.connect(function (err) { - try { - assert.ok(err, 'Incorrect JWT token is passed.'); - assert.equal('JWT token is invalid.', err['message']); - done(); - } catch (err) { - done(err); - } - }); - }); - }); }); describe('keepAlive test', function () {