fix(kuma-cp): validation error with user tokens (#4507)

Signed-off-by: Jakub Dyszkiewicz <jakub.dyszkiewicz@gmail.com> (cherry picked from commit 80b560b)
kumahq · Jun 27, 2022 · 17d653b · 17d653b
1 parent b935a0f
commit 17d653b
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 2 deletions.
diff --git a/pkg/plugins/authn/api-server/tokens/ws/server/webservice.go b/pkg/plugins/authn/api-server/tokens/ws/server/webservice.go
@@ -59,7 +59,7 @@ func (d *userTokenWebService) handleIdentityRequest(request *restful.Request, re
 
 	var validFor time.Duration
 	if idReq.ValidFor == "" {
-		verr.AddViolation("name", "cannot be empty")
+		verr.AddViolation("validFor", "cannot be empty")
 	} else {
 		dur, err := time.ParseDuration(idReq.ValidFor)
 		if err != nil {

diff --git a/pkg/plugins/authn/api-server/tokens/ws/ws_test.go b/pkg/plugins/authn/api-server/tokens/ws/ws_test.go
@@ -2,9 +2,12 @@ package ws_test
 
 import (
 	"context"
+	"encoding/json"
+	"io"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
+	"strings"
 	"time"
 
 	"github.com/emicklei/go-restful"
@@ -34,6 +37,7 @@ var _ = Describe("Auth Tokens WS", func() {
 
 	var userTokenClient client.UserTokenClient
 	var userTokenValidator issuer.UserTokenValidator
+	var httpClient util_http.Client
 
 	BeforeEach(func() {
 		resManager := manager.NewResourceManager(memory.NewStore())
@@ -56,7 +60,8 @@ var _ = Describe("Auth Tokens WS", func() {
 
 		baseURL, err := url.Parse(srv.URL)
 		Expect(err).ToNot(HaveOccurred())
-		userTokenClient = client.NewHTTPUserTokenClient(util_http.ClientWithBaseURL(http.DefaultClient, baseURL, nil))
+		httpClient = util_http.ClientWithBaseURL(http.DefaultClient, baseURL, nil)
+		userTokenClient = client.NewHTTPUserTokenClient(httpClient)
 
 		// wait for the server
 		Eventually(func() error {
@@ -93,4 +98,33 @@ var _ = Describe("Auth Tokens WS", func() {
 			},
 		}))
 	})
+
+	It("should throw an validFor is not present", func() {
+		// given invalid request (cannot be implemented using UserTokenClient)
+		req, err := http.NewRequest("POST", "/tokens/user", strings.NewReader(`{"name": "xyz"}`))
+		req.Header.Add("content-type", "application/json")
+		Expect(err).ToNot(HaveOccurred())
+
+		// when
+		resp, err := httpClient.Do(req)
+		defer resp.Body.Close()
+		Expect(err).ToNot(HaveOccurred())
+
+		// then
+		respBytes, err := io.ReadAll(resp.Body)
+		Expect(err).ToNot(HaveOccurred())
+		respErr := &error_types.Error{}
+		Expect(json.Unmarshal(respBytes, respErr)).To(Succeed())
+
+		Expect(respErr).To(Equal(&error_types.Error{
+			Title:   "Invalid request",
+			Details: "Resource is not valid",
+			Causes: []error_types.Cause{
+				{
+					Field:   "validFor",
+					Message: "cannot be empty",
+				},
+			},
+		}))
+	})
 })