-
Notifications
You must be signed in to change notification settings - Fork 4.7k
/
04-hybrid_mode_spec.lua
123 lines (104 loc) 路 3.32 KB
/
04-hybrid_mode_spec.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
local helpers = require "spec.helpers"
for _, strategy in helpers.each_strategy({"postgres"}) do
describe("Plugin: key-auth (access) [#" .. strategy .. "] auto-expiring keys", function()
-- Give a bit of time to reduce test flakyness on slow setups
local ttl = 10
local inserted_at
local proxy_client
lazy_setup(function()
local bp = helpers.get_db_utils(strategy, {
"routes",
"services",
"plugins",
"consumers",
"keyauth_credentials",
})
local r = bp.routes:insert {
hosts = { "key-ttl-hybrid.com" },
}
bp.plugins:insert {
name = "key-auth",
route = { id = r.id },
}
bp.consumers:insert {
username = "Jafar",
}
assert(helpers.start_kong({
role = "control_plane",
database = strategy,
cluster_cert = "spec/fixtures/kong_clustering.crt",
cluster_cert_key = "spec/fixtures/kong_clustering.key",
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt",
cluster_listen = "127.0.0.1:9005",
cluster_telemetry_listen = "127.0.0.1:9006",
nginx_conf = "spec/fixtures/custom_nginx.template",
}))
assert(helpers.start_kong({
role = "data_plane",
database = "off",
prefix = "servroot2",
cluster_cert = "spec/fixtures/kong_clustering.crt",
cluster_cert_key = "spec/fixtures/kong_clustering.key",
lua_ssl_trusted_certificate = "spec/fixtures/kong_clustering.crt",
cluster_control_plane = "127.0.0.1:9005",
cluster_telemetry_endpoint = "127.0.0.1:9006",
proxy_listen = "0.0.0.0:9002",
}))
end)
lazy_teardown(function()
if proxy_client then
proxy_client:close()
end
helpers.stop_kong("servroot2")
helpers.stop_kong()
end)
it("authenticate for up to 'ttl'", function()
-- add credentials after nginx has started to avoid TTL expiration
local admin_client = helpers.admin_client()
local res = assert(admin_client:send {
method = "POST",
path = "/consumers/Jafar/key-auth",
headers = {
["Content-Type"] = "application/json",
},
body = {
key = "kong",
ttl = 10,
},
})
assert.res_status(201, res)
admin_client:close()
ngx.update_time()
inserted_at = ngx.now()
helpers.wait_until(function()
proxy_client = helpers.http_client("127.0.0.1", 9002)
res = assert(proxy_client:send {
method = "GET",
path = "/status/200",
headers = {
["Host"] = "key-ttl-hybrid.com",
["apikey"] = "kong",
}
})
proxy_client:close()
return res and res.status == 200
end, 5)
ngx.update_time()
local elapsed = ngx.now() - inserted_at
ngx.sleep(ttl - elapsed)
helpers.wait_until(function()
proxy_client = helpers.http_client("127.0.0.1", 9002)
res = assert(proxy_client:send {
method = "GET",
path = "/status/200",
headers = {
["Host"] = "key-ttl-hybrid.com",
["apikey"] = "kong",
}
})
proxy_client:close()
return res and res.status == 401
end, 5)
end)
end)
end