下载校验key，增加ut

tencentyun · May 14, 2024 · 7af5453 · 7af5453
1 parent c6db7fe
commit 7af5453
Show file tree

Hide file tree

Showing 24 changed files with 1,270 additions and 104 deletions.
diff --git a/auth.go b/auth.go
@@ -161,7 +161,7 @@ type AuthTime struct {
 
 // NewAuthTime 生成 AuthTime 的便捷函数
 //
-//   expire: 从现在开始多久过期.
+//	expire: 从现在开始多久过期.
 func NewAuthTime(expire time.Duration) *AuthTime {
 	signStartTime := time.Now()
 	keyStartTime := signStartTime
@@ -414,7 +414,7 @@ func (t *CVMCredentialTransport) GetRoles() ([]string, error) {
 		return nil, err
 	}
 	roles := strings.Split(strings.TrimSpace(string(bs)), "\n")
-	if len(roles) == 0 {
+	if string(bs) == "" || len(roles) == 0 {
 		return nil, fmt.Errorf("get cvm security-credentials role failed, No valid cam role was found")
 	}
 	return roles, nil

diff --git a/auth_test.go b/auth_test.go
@@ -60,6 +60,40 @@ func TestAuthorizationTransport(t *testing.T) {
 	client.GetCredential()
 }
 
+func TestAuthorizationTransportErr(t *testing.T) {
+	setup()
+	defer teardown()
+
+	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
+		auth := r.Header.Get("Authorization")
+		if auth == "" {
+			t.Error("AuthorizationTransport didn't add Authorization header")
+		}
+	})
+
+	auth := &AuthorizationTransport{
+		SecretID:  "test ", //存在空格
+		SecretKey: "test",
+	}
+	client.client.Transport = auth
+	req, _ := http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
+	_, err := client.doAPI(context.Background(), req, nil, true)
+	if err == nil || strings.Index(err.Error(), "SecretID is invalid") < 0 {
+		t.Errorf("AuthorizationTransport RoundTrip expect error: %v", err)
+	}
+	auth = &AuthorizationTransport{
+		SecretID:  "test",
+		SecretKey: "test ", // 存在空格
+	}
+	client.client.Transport = auth
+	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
+	_, err = client.doAPI(context.Background(), req, nil, true)
+	if err == nil || strings.Index(err.Error(), "SecretKey is invalid") < 0 {
+		t.Errorf("AuthorizationTransport RoundTrip expect error: %v", err)
+	}
+
+}
+
 func TestCVMCredentialTransport(t *testing.T) {
 	setup()
 	defer teardown()
@@ -126,6 +160,113 @@ func TestCVMCredentialTransport(t *testing.T) {
 	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
 	client.GetCredential()
+
+	client.client.Transport = &CVMCredentialTransport{
+		Transport: http.DefaultTransport,
+	}
+	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
+	client.doAPI(context.Background(), req, nil, true)
+	client.GetCredential()
+}
+
+func TestCVMCredentialTransportErr(t *testing.T) {
+	setup()
+	defer teardown()
+
+	// CVM http server
+	cvm_mux := http.NewServeMux()
+	cvm_server := httptest.NewServer(cvm_mux)
+	defer cvm_server.Close()
+	// 将默认 CVM Host 修改成测试IP:PORT
+	defaultCVMMetaHost = strings.TrimLeft(cvm_server.URL, "http://")
+
+	var statusCodeErr, bodyErr bool
+	cvm_mux.HandleFunc("/"+defaultCVMCredURI, func(w http.ResponseWriter, r *http.Request) {
+		if statusCodeErr {
+			w.WriteHeader(http.StatusNotFound)
+			return
+		}
+		if bodyErr {
+			fmt.Fprint(w, "")
+			return
+		}
+		fmt.Fprint(w, "cvm_read_cos_only")
+	})
+
+	transport := &CVMCredentialTransport{}
+
+	statusCodeErr = true
+	_, err := transport.GetRoles()
+	if err == nil || err.Error() != "get cvm security-credentials role failed, StatusCode: 404, Body: " {
+		t.Errorf("CVMCredentialTransport GetRoles expect err: %v", err)
+	}
+
+	statusCodeErr = false
+	bodyErr = true
+	_, err = transport.GetRoles()
+	if err == nil || err.Error() != "get cvm security-credentials role failed, No valid cam role was found" {
+		t.Errorf("CVMCredentialTransport GetRoles expect err: %v", err)
+	}
+
+	var tokenErr, tokenJsonErr, tokenCodeErr bool
+	cvm_mux.HandleFunc("/"+defaultCVMCredURI+"/cvm_read_cos_only", func(w http.ResponseWriter, r *http.Request) {
+		if tokenErr {
+			w.WriteHeader(http.StatusNotFound)
+			return
+		}
+		if tokenJsonErr {
+			fmt.Fprint(w, fmt.Sprintf(`
+                "ExpiredTime": %v,
+                "Expiration": "now",
+                "Code": "Success"
+            `, time.Now().Unix()+3600))
+		}
+		if tokenCodeErr {
+			fmt.Fprint(w, fmt.Sprintf(`{
+                "ExpiredTime": %v,
+                "Expiration": "now",
+                "Code": "Failed"
+            }`, time.Now().Unix()+3600))
+		}
+	})
+
+	nt := time.Now().Unix()
+	transport = &CVMCredentialTransport{
+		secretID:     "ak",
+		secretKey:    "sk",
+		sessionToken: "token",
+		expiredTime:  nt + defaultCVMAuthExpire + 1,
+	}
+	// 密钥未超时
+	ak, sk, token, err := transport.UpdateCredential(nt)
+	if ak != transport.secretID || sk != transport.secretKey || token != transport.sessionToken {
+		t.Errorf("UpdateCredential failed, return: %v, %v, %v, want: %v", ak, sk, token, *transport)
+	}
+	// 密钥超时，GetRoles返回错误
+	transport.expiredTime = nt + defaultCVMAuthExpire - 1
+	ak, sk, token, err = transport.UpdateCredential(nt)
+	if ak != transport.secretID || sk != transport.secretKey || token != transport.sessionToken || err == nil {
+		t.Errorf("UpdateCredential failed, return: %v, %v, %v, want: %v", ak, sk, token, *transport)
+	}
+	// 密钥超时，GetRoles返回正常, 获取临时密钥返回错误
+	statusCodeErr, bodyErr = false, false
+	tokenErr = true
+	ak, sk, token, err = transport.UpdateCredential(nt)
+	if ak != transport.secretID || sk != transport.secretKey || token != transport.sessionToken || err == nil {
+		t.Errorf("UpdateCredential failed, return: %v, %v, %v, want: %v", ak, sk, token, *transport)
+	}
+	// 密钥超时，GetRoles返回正常, 获取临时密钥返回body解析错误
+	tokenErr, tokenJsonErr = false, true
+	ak, sk, token, err = transport.UpdateCredential(nt)
+	if ak != transport.secretID || sk != transport.secretKey || token != transport.sessionToken || err == nil {
+		t.Errorf("UpdateCredential failed, return: %v, %v, %v, want: %v", ak, sk, token, *transport)
+	}
+	// 密钥超时，GetRoles返回正常, 获取临时密钥返回Code != Success
+	tokenErr, tokenJsonErr, tokenCodeErr = false, false, true
+	ak, sk, token, err = transport.UpdateCredential(nt)
+	if ak != transport.secretID || sk != transport.secretKey || token != transport.sessionToken || err == nil {
+		t.Errorf("UpdateCredential failed, return: %v, %v, %v, want: %v", ak, sk, token, *transport)
+	}
 }
 
 func TestDNSScatterTransport(t *testing.T) {
@@ -166,4 +307,13 @@ func TestCredentialTransport(t *testing.T) {
 	req, _ := http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
 	client.doAPI(context.Background(), req, nil, true)
 	client.GetCredential()
+
+	client.client.Transport = &CredentialTransport{
+		Credential: NewTokenCredential("test", "test", ""),
+		Transport:  http.DefaultTransport,
+	}
+	req, _ = http.NewRequest("GET", client.BaseURL.BucketURL.String(), nil)
+	client.doAPI(context.Background(), req, nil, true)
+	client.GetCredential()
+
 }
diff --git a/batch_test.go b/batch_test.go
@@ -403,4 +403,9 @@ func TestBatchService_DeleteJob(t *testing.T) {
 	if err != nil {
 		t.Fatalf("Batch.DescribeJob returned error: %v", err)
 	}
+	_, err = client.Batch.DeleteJob(context.Background(), "", headers)
+	if err == nil || err.Error() != "Id is invalid" {
+		t.Fatalf("Batch.DescribeJob returned error: %v", err)
+	}
+
 }
diff --git a/bucket_acl.go b/bucket_acl.go
@@ -39,12 +39,12 @@ type BucketPutACLOptions struct {
 //
 // Put Bucket ACL是一个覆盖操作，传入新的ACL将覆盖原有ACL。只有所有者有权操作。
 //
-//   "x-cos-acl"：枚举值为public-read，private；public-read意味这个Bucket有公有读私有写的权限，
-//   private意味这个Bucket有私有读写的权限。
+//	"x-cos-acl"：枚举值为public-read，private；public-read意味这个Bucket有公有读私有写的权限，
+//	private意味这个Bucket有私有读写的权限。
 //
-//   "x-cos-grant-read"：意味被赋予权限的用户拥有该Bucket的读权限
-//   "x-cos-grant-write"：意味被赋予权限的用户拥有该Bucket的写权限
-//   "x-cos-grant-full-control"：意味被赋予权限的用户拥有该Bucket的读写权限
+//	"x-cos-grant-read"：意味被赋予权限的用户拥有该Bucket的读权限
+//	"x-cos-grant-write"：意味被赋予权限的用户拥有该Bucket的写权限
+//	"x-cos-grant-full-control"：意味被赋予权限的用户拥有该Bucket的读写权限
 //
 // https://www.qcloud.com/document/product/436/7737
 func (s *BucketService) PutACL(ctx context.Context, opt *BucketPutACLOptions) (*Response, error) {

diff --git a/bucket_encryption.go b/bucket_encryption.go
@@ -7,7 +7,7 @@ import (
 )
 
 type BucketEncryptionConfiguration struct {
-	SSEAlgorithm string `xml:"SSEAlgorithm"`
+	SSEAlgorithm   string `xml:"SSEAlgorithm"`
 	KMSMasterKeyID string `xml:"KMSMasterKeyID,omitempty"`
 }
 

diff --git a/bucket_intelligenttiering_test.go b/bucket_intelligenttiering_test.go
@@ -50,6 +50,7 @@ func TestBucketService_GetIntelligentTiering(t *testing.T) {
 			"intelligenttiering": "",
 		}
 		testFormValues(t, r, vs)
+		testHeader(t, r, "x-cos-meta-test", "test")
 
 		fmt.Fprint(w, `<IntelligentTieringConfiguration>
             <Status>Enabled</Status>
@@ -58,7 +59,11 @@ func TestBucketService_GetIntelligentTiering(t *testing.T) {
             </Transition>
         </IntelligentTieringConfiguration>`)
 	})
-	res, _, err := client.Bucket.GetIntelligentTiering(context.Background())
+	opt := &BucketGetIntelligentTieringOptions{
+		XOptionHeader: &http.Header{},
+	}
+	opt.XOptionHeader.Add("x-cos-meta-test", "test")
+	res, _, err := client.Bucket.GetIntelligentTiering(context.Background(), opt)
 	if err != nil {
 		t.Fatalf("Bucket.GetIntelligentTiering failed, error: %v", err)
 	}

diff --git a/bucket_inventory_test.go b/bucket_inventory_test.go
@@ -17,11 +17,11 @@ func TestBucketService_PutInventory(t *testing.T) {
 		ID:                     "list1",
 		IsEnabled:              "True",
 		IncludedObjectVersions: "All",
-		Filter:                 &BucketInventoryFilter{
+		Filter: &BucketInventoryFilter{
 			Prefix: "myPrefix",
 			Period: nil,
 		},
-		Schedule:               &BucketInventorySchedule{"Daily"},
+		Schedule: &BucketInventorySchedule{"Daily"},
 		Destination: &BucketInventoryDestination{
 			Bucket:     "qcs::cos:ap-guangzhou::examplebucket-1250000000",
 			AccountId:  "100000000001",
@@ -113,11 +113,11 @@ func TestBucketService_GetInventory(t *testing.T) {
 		ID:                     "list1",
 		IsEnabled:              "True",
 		IncludedObjectVersions: "All",
-		Filter:                 &BucketInventoryFilter{
+		Filter: &BucketInventoryFilter{
 			Prefix: "myPrefix",
 			Period: nil,
 		},
-		Schedule:               &BucketInventorySchedule{"Daily"},
+		Schedule: &BucketInventorySchedule{"Daily"},
 		Destination: &BucketInventoryDestination{
 			Bucket:    "qcs::cos:ap-guangzhou::examplebucket-1250000000",
 			AccountId: "100000000001",
@@ -145,11 +145,16 @@ func TestBucketService_ListInventory(t *testing.T) {
 	setup()
 	defer teardown()
 
+	var useToken bool
+	continueToken := "continueToken"
 	mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
 		testMethod(t, r, http.MethodGet)
 		vs := values{
 			"inventory": "",
 		}
+		if useToken {
+			vs["continuation-token"] = encodeURIComponent(continueToken)
+		}
 		testFormValues(t, r, vs)
 		fmt.Fprint(w, `<ListInventoryConfigurationResult>
     <InventoryConfiguration>
@@ -216,10 +221,6 @@ func TestBucketService_ListInventory(t *testing.T) {
 </ListInventoryConfigurationResult>`)
 	})
 
-	res, _, err := client.Bucket.ListInventoryConfigurations(context.Background(), "")
-	if err != nil {
-		t.Fatalf("Bucket.ListInventory failed, error: %v", err)
-	}
 	want := &ListBucketInventoryConfigResult{
 		XMLName:               xml.Name{Local: "ListInventoryConfigurationResult"},
 		IsTruncated:           true,
@@ -231,11 +232,11 @@ func TestBucketService_ListInventory(t *testing.T) {
 				ID:                     "list1",
 				IsEnabled:              "True",
 				IncludedObjectVersions: "All",
-				Filter:                 &BucketInventoryFilter{
+				Filter: &BucketInventoryFilter{
 					Prefix: "myPrefix",
 					Period: nil,
 				},
-				Schedule:               &BucketInventorySchedule{"Daily"},
+				Schedule: &BucketInventorySchedule{"Daily"},
 				Destination: &BucketInventoryDestination{
 					Bucket:     "qcs::cos:ap-beijing::examplebucket-1250000000",
 					AccountId:  "1250000000",
@@ -259,11 +260,11 @@ func TestBucketService_ListInventory(t *testing.T) {
 				ID:                     "list2",
 				IsEnabled:              "True",
 				IncludedObjectVersions: "All",
-				Filter:                 &BucketInventoryFilter{
-					Prefix:"myPrefix2",
+				Filter: &BucketInventoryFilter{
+					Prefix: "myPrefix2",
 					Period: nil,
 				},
-				Schedule:               &BucketInventorySchedule{"Weekly"},
+				Schedule: &BucketInventorySchedule{"Weekly"},
 				Destination: &BucketInventoryDestination{
 					Bucket:    "qcs::cos:ap-beijing::examplebucket-1250000000",
 					AccountId: "1250000000",
@@ -281,9 +282,26 @@ func TestBucketService_ListInventory(t *testing.T) {
 			},
 		},
 	}
+
+	res, _, err := client.Bucket.ListInventoryConfigurations(context.Background(), "")
+	if err != nil {
+		t.Fatalf("Bucket.ListInventory failed, error: %v", err)
+	}
+
+	if !reflect.DeepEqual(res, want) {
+		t.Fatalf("Bucket.ListInventory failed, \nwant: %+v\nres: %+v", want, res)
+	}
+
+	useToken = true
+	res, _, err = client.Bucket.ListInventoryConfigurations(context.Background(), continueToken)
+	if err != nil {
+		t.Fatalf("Bucket.ListInventory failed, error: %v", err)
+	}
+
 	if !reflect.DeepEqual(res, want) {
 		t.Fatalf("Bucket.ListInventory failed, \nwant: %+v\nres: %+v", want, res)
 	}
+
 }
 
 func TestBucketService_DeleteInventory(t *testing.T) {
@@ -314,7 +332,7 @@ func TestBucketService_PostInventory(t *testing.T) {
 		XMLName:                xml.Name{Local: "InventoryConfiguration"},
 		ID:                     "list1",
 		IncludedObjectVersions: "All",
-		Filter:                 &BucketInventoryFilter{
+		Filter: &BucketInventoryFilter{
 			Prefix: "myPrefix",
 			Period: nil,
 		},
@@ -357,5 +375,3 @@ func TestBucketService_PostInventory(t *testing.T) {
 		t.Fatalf("Bucket.PostInventory failed, error: %v", err)
 	}
 }
-
-