From 228495c35c575798fbfa7cd14c3386b8f80b33db Mon Sep 17 00:00:00 2001 From: Waqar Ahmed Khan Date: Wed, 1 May 2024 11:51:26 -0700 Subject: [PATCH] Adds full uri vs relative uri test --- tests/CMakeLists.txt | 1 + tests/credentials_provider_ecs_tests.c | 219 +++++++++++++++++-------- 2 files changed, 153 insertions(+), 67 deletions(-) diff --git a/tests/CMakeLists.txt b/tests/CMakeLists.txt index 0b1ddc42..7cd69004 100644 --- a/tests/CMakeLists.txt +++ b/tests/CMakeLists.txt @@ -51,6 +51,7 @@ add_test_case(credentials_provider_ecs_request_failure) add_test_case(credentials_provider_ecs_bad_document_failure) add_test_case(credentials_provider_ecs_basic_success) add_test_case(credentials_provider_ecs_basic_success_token_file) +add_test_case(credentials_provider_ecs_basic_success_uri_env) #add_test_case(credentials_provider_ecs_basic_success_token_env) #add_test_case(credentials_provider_ecs_basic_success_token_env_with_parameter_token) add_test_case(credentials_provider_ecs_no_auth_token_success) diff --git a/tests/credentials_provider_ecs_tests.c b/tests/credentials_provider_ecs_tests.c index 3574aab0..8b4f7a5d 100644 --- a/tests/credentials_provider_ecs_tests.c +++ b/tests/credentials_provider_ecs_tests.c @@ -22,6 +22,7 @@ #include #include #include +#include AWS_STATIC_STRING_FROM_LITERAL(s_ecs_creds_env_relative_uri, "AWS_CONTAINER_CREDENTIALS_RELATIVE_URI"); AWS_STATIC_STRING_FROM_LITERAL(s_ecs_creds_env_full_uri, "AWS_CONTAINER_CREDENTIALS_FULL_URI"); @@ -533,84 +534,73 @@ static int s_do_ecs_success_test( return AWS_OP_SUCCESS; } -// static int s_setup_ecs_env_variables( -// struct aws_allocator *allocator, -// char *relative_uri, -// char *full_uri, -// char *auth_token, -// char *auth_token_file) { - -// /* ensure pre-existing environment doesn't interfere */ -// aws_unset_environment_value(s_ecs_creds_env_relative_uri); -// aws_unset_environment_value(s_ecs_creds_env_full_uri); -// aws_unset_environment_value(s_ecs_creds_env_token_file); -// aws_unset_environment_value(s_ecs_creds_env_token); - -// struct aws_string *relative_uri_str = aws_string_new_from_c_str(allocator, relative_uri); -// struct aws_string *full_uri_str = aws_string_new_from_c_str(allocator, full_uri); -// struct aws_string *auth_token_str = aws_string_new_from_c_str(allocator, auth_token); -// struct aws_string *auth_token_file_str = aws_string_new_from_c_str(allocator, auth_token_file); - -// if (relative_uri_str != NULL) { -// ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_relative_uri, relative_uri_str)); -// } -// if (full_uri_str != NULL) { -// ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_full_uri, full_uri_str)); -// } -// if (auth_token_str != NULL) { -// ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_token, auth_token_str)); -// } -// if (auth_token_file_str != NULL) { -// ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_token_file, auth_token_file_str)); -// } - -// aws_string_destroy(relative_uri_str); -// aws_string_destroy(full_uri_str); -// aws_string_destroy(auth_token_str); -// aws_string_destroy(auth_token_file_str); -// } +static int s_do_ecs_env_success_test( + struct aws_allocator *allocator, + struct aws_credentials_provider_ecs_environment_options *options, + const char *relative_uri, + const char *full_uri, + const char *auth_token, + const char *auth_token_file, + const char *expected_uri, + const char *expected_token) { -// static int s_do_ecs_env_success_test( -// struct aws_allocator *allocator, -// struct aws_credentials_provider_ecs_environment_options *options) { + struct aws_string *relative_uri_str = NULL; + if (relative_uri != NULL) { + relative_uri_str = aws_string_new_from_c_str(allocator, relative_uri); + ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_relative_uri, relative_uri_str)); + } + struct aws_string *full_uri_str = NULL; + if (full_uri != NULL) { + full_uri_str = aws_string_new_from_c_str(allocator, full_uri); + ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_full_uri, full_uri_str)); + } + struct aws_string *auth_token_str = NULL; + if (auth_token != NULL) { + auth_token_str = aws_string_new_from_c_str(allocator, auth_token); + ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_token, auth_token_str)); + } + struct aws_string *auth_token_file_str = NULL; + if (auth_token_file != NULL) { + auth_token_file_str = aws_string_new_from_c_str(allocator, auth_token_file); + ASSERT_SUCCESS(aws_set_environment_value(s_ecs_creds_env_token_file, auth_token_file_str)); + } -// struct aws_credentials_provider *provider = aws_credentials_provider_new_ecs_from_environment(allocator, -// options); + struct aws_credentials_provider *provider = aws_credentials_provider_new_ecs_from_environment(allocator, options); -// aws_credentials_provider_get_credentials(provider, s_get_credentials_callback, NULL); + aws_credentials_provider_get_credentials(provider, s_get_credentials_callback, NULL); -// s_aws_wait_for_credentials_result(); + s_aws_wait_for_credentials_result(); -// aws_mutex_lock(&s_tester.lock); -// ASSERT_BIN_ARRAYS_EQUALS( -// s_tester.request_uri.buffer, -// s_tester.request_uri.len, -// s_expected_ecs_relative_uri->bytes, -// s_expected_ecs_relative_uri->len); + aws_mutex_lock(&s_tester.lock); + ASSERT_SUCCESS(s_check_ecs_tester_request(expected_uri, expected_token)); -// ASSERT_TRUE(s_tester.has_received_credentials_callback == true); -// ASSERT_TRUE(s_tester.credentials != NULL); -// ASSERT_CURSOR_VALUE_STRING_EQUALS(aws_credentials_get_access_key_id(s_tester.credentials), s_good_access_key_id); -// ASSERT_CURSOR_VALUE_STRING_EQUALS( -// aws_credentials_get_secret_access_key(s_tester.credentials), s_good_secret_access_key); -// ASSERT_CURSOR_VALUE_STRING_EQUALS(aws_credentials_get_session_token(s_tester.credentials), s_good_session_token); + ASSERT_TRUE(s_tester.has_received_credentials_callback == true); + ASSERT_TRUE(s_tester.credentials != NULL); + ASSERT_CURSOR_VALUE_STRING_EQUALS(aws_credentials_get_access_key_id(s_tester.credentials), s_good_access_key_id); + ASSERT_CURSOR_VALUE_STRING_EQUALS( + aws_credentials_get_secret_access_key(s_tester.credentials), s_good_secret_access_key); + ASSERT_CURSOR_VALUE_STRING_EQUALS(aws_credentials_get_session_token(s_tester.credentials), s_good_session_token); -// struct aws_date_time expiration; -// struct aws_byte_cursor date_cursor = aws_byte_cursor_from_string(s_good_response_expiration); -// aws_date_time_init_from_str_cursor(&expiration, &date_cursor, AWS_DATE_FORMAT_ISO_8601); -// ASSERT_TRUE( -// aws_credentials_get_expiration_timepoint_seconds(s_tester.credentials) == (uint64_t)expiration.timestamp); -// aws_mutex_unlock(&s_tester.lock); + struct aws_date_time expiration; + struct aws_byte_cursor date_cursor = aws_byte_cursor_from_string(s_good_response_expiration); + aws_date_time_init_from_str_cursor(&expiration, &date_cursor, AWS_DATE_FORMAT_ISO_8601); + ASSERT_TRUE( + aws_credentials_get_expiration_timepoint_seconds(s_tester.credentials) == (uint64_t)expiration.timestamp); + aws_mutex_unlock(&s_tester.lock); -// aws_credentials_provider_release(provider); + aws_credentials_provider_release(provider); -// s_aws_wait_for_provider_shutdown_callback(); + s_aws_wait_for_provider_shutdown_callback(); -// /* Because we mock the http connection manager, we never get a callback back from it */ -// aws_mem_release(provider->allocator, provider); + /* Because we mock the http connection manager, we never get a callback back from it */ + aws_mem_release(provider->allocator, provider); -// return AWS_OP_SUCCESS; -// } + aws_string_destroy(relative_uri_str); + aws_string_destroy(full_uri_str); + aws_string_destroy(auth_token_str); + aws_string_destroy(auth_token_file_str); + return AWS_OP_SUCCESS; +} static int s_credentials_provider_ecs_basic_success(struct aws_allocator *allocator, void *ctx) { (void)ctx; @@ -706,6 +696,101 @@ static int s_credentials_provider_ecs_basic_success_token_file(struct aws_alloca } AWS_TEST_CASE(credentials_provider_ecs_basic_success_token_file, s_credentials_provider_ecs_basic_success_token_file); +static int s_credentials_provider_ecs_basic_success_uri_env(struct aws_allocator *allocator, void *ctx) { + (void)ctx; + + const struct test_case { + const char *relative_uri; + const char *full_uri; + const char *expected_uri; + const char *auth_token; + const char *auth_token_file; + const char *expected_auth_token; + } test_cases[] = { + /* simple full uri*/ + { + .full_uri = "http://127.0.0.1/credentials", + .expected_uri = "http://127.0.0.1:80/credentials", + }, + /* explicit port */ + { + .full_uri = "http://127.0.0.1:8080/credentials", + .expected_uri = "http://127.0.0.1:8080/credentials", + }, + /* https */ + { + .full_uri = "https://www.xxx123321testmocknonexsitingawsservice.com/credentials", + .expected_uri = "https://www.xxx123321testmocknonexsitingawsservice.com:443/credentials", + }, + /* path and query */ + { + .full_uri = "http://127.0.0.1/path/to/resource/?a=b&c=d", + .expected_uri = "http://127.0.0.1:80/path/to/resource/?a=b&c=d", + }, + /* relative URI */ + { + .relative_uri = "/path/to/resource/?a=b&c=d", + .expected_uri = "http://169.254.170.2:80/path/to/resource/?a=b&c=d", + }, + /* relative URI takes priority, when both RELATIVE and FULL are set */ + { + .relative_uri = "/from-relative-uri", + .full_uri = "http://127.0.0.1/from-full-uri", + .expected_uri = "http://169.254.170.2:80/from-relative-uri", + }, + }; + + /* Provide tls_ctx, in case FULL_URI scheme is "https://" */ + struct aws_tls_ctx_options tls_options; + aws_tls_ctx_options_init_default_client(&tls_options, allocator); + struct aws_tls_ctx *tls_ctx = aws_tls_client_ctx_new(allocator, &tls_options); + ASSERT_NOT_NULL(tls_ctx); + + for (size_t case_idx = 0; case_idx < AWS_ARRAY_SIZE(test_cases); ++case_idx) { + struct test_case case_i = test_cases[case_idx]; + printf( + "CASE[%zu]: AWS_CONTAINER_CREDENTIALS_RELATIVE_URI=%s AWS_CONTAINER_CREDENTIALS_FULL_URI=%s\n", + case_idx, + case_i.relative_uri ? case_i.relative_uri : "", + case_i.full_uri ? case_i.full_uri : ""); + + /* This unsets previous env vars */ + ASSERT_SUCCESS(s_aws_ecs_tester_init(allocator)); + + struct aws_byte_cursor good_response_cursor = aws_byte_cursor_from_string(s_good_response); + aws_array_list_push_back(&s_tester.response_data_callbacks, &good_response_cursor); + + struct aws_credentials_provider_ecs_environment_options options = { + .bootstrap = NULL, + .function_table = &s_mock_function_table, + .shutdown_options = + { + .shutdown_callback = s_on_shutdown_complete, + .shutdown_user_data = NULL, + }, + .tls_ctx = tls_ctx, + }; + + ASSERT_SUCCESS(s_do_ecs_env_success_test( + allocator, + &options, + case_i.relative_uri, + case_i.full_uri, + case_i.auth_token, + case_i.auth_token_file, + case_i.expected_uri, + NULL)); + + s_aws_ecs_tester_cleanup(); + } + + aws_tls_ctx_release(tls_ctx); + aws_tls_ctx_options_clean_up(&tls_options); + + return 0; +} +AWS_TEST_CASE(credentials_provider_ecs_basic_success_uri_env, s_credentials_provider_ecs_basic_success_uri_env); + // static int s_credentials_provider_ecs_basic_success_token_env(struct aws_allocator *allocator, void *ctx) { // (void)ctx;