Skip to content

Commit

Permalink
[IT]Adjust core module auth integration tests to meet checkstyle requ…
Browse files Browse the repository at this point in the history
…irements. (#12368)
  • Loading branch information
stone-98 authored Jul 18, 2024
1 parent 6c05ad5 commit 9d0a48d
Show file tree
Hide file tree
Showing 7 changed files with 173 additions and 134 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,9 @@

import static org.junit.jupiter.api.Assertions.assertTrue;


/**
* Base class for authentication tests in Nacos.`
*
* @author nkorange
* @since 1.2.0
*/
Expand Down Expand Up @@ -62,10 +63,18 @@ public class AuthBase extends HttpClient4Test {

protected String namespace1 = "namespace1";

/**
* Logs in a user with the provided username and password, then returns the access token.
*
* @param username the username of the user
* @param password the password of the user
* @return the access token (accessToken) as a String
* @throws AssertionError if the response status is not 2xx or the accessToken is missing
*/
public String login(String username, String password) {
ResponseEntity<String> response = request("/nacos/v1/auth/users/login",
Params.newParams().appendParam("username", username).appendParam("password", password).done(), String.class,
HttpMethod.POST);
Params.newParams().appendParam("username", username).appendParam("password", password).done(),
String.class, HttpMethod.POST);

assertTrue(response.getStatusCode().is2xxSuccessful());
JsonNode json = JacksonUtils.toObj(response.getBody());
Expand Down Expand Up @@ -93,59 +102,64 @@ protected void init(int port) throws Exception {
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);

System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);

System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role1).appendParam("username", username1).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role1).appendParam("username", username1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);

System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role2).appendParam("username", username2).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role2).appendParam("username", username2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Create a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role3).appendParam("username", username3).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role3).appendParam("username", username3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Add read permission of namespace1 to role1:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*").appendParam("action", "r")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Add write permission of namespace1 to role2:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*").appendParam("action", "w")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

// Add read/write permission of namespace1 to role3:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*").appendParam("action", "rw")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.POST);
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.POST);
System.out.println(response);
assertTrue(response.getStatusCode().is2xxSuccessful());

Expand All @@ -159,61 +173,67 @@ protected void destroy() {

// Delete permission:
ResponseEntity<String> response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*").appendParam("action", "r")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role1).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "r").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete permission:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*").appendParam("action", "w")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role2).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "w").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete permission:
response = request("/nacos/v1/auth/permissions",
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*").appendParam("action", "rw")
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role3).appendParam("resource", namespace1 + ":*:*")
.appendParam("action", "rw").appendParam("accessToken", accessToken).done(), String.class,
HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role1).appendParam("username", username1).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role1).appendParam("username", username1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role2).appendParam("username", username2).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role2).appendParam("username", username2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a role:
response = request("/nacos/v1/auth/roles",
Params.newParams().appendParam("role", role3).appendParam("username", username3).appendParam("accessToken", accessToken)
.done(), String.class, HttpMethod.DELETE);
Params.newParams().appendParam("role", role3).appendParam("username", username3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username1).appendParam("password", password1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username1).appendParam("password", password1)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username2).appendParam("password", password2)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

// Delete a user:
response = request("/nacos/v1/auth/users", Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);
response = request("/nacos/v1/auth/users",
Params.newParams().appendParam("username", username3).appendParam("password", password3)
.appendParam("accessToken", accessToken).done(), String.class, HttpMethod.DELETE);

assertTrue(response.getStatusCode().is2xxSuccessful());

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,20 +33,22 @@

import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;

import static org.junit.jupiter.api.Assertions.assertEquals;
import static org.junit.jupiter.api.Assertions.assertFalse;
import static org.junit.jupiter.api.Assertions.assertTrue;
import static org.junit.jupiter.api.Assertions.fail;

/**
* Integration tests for Nacos configuration with authentication.
*
* @author nkorange
* @since 1.2.0
*/
@SuppressWarnings("checkstyle:AbbreviationAsWordInName")
@SpringBootTest(classes = Nacos.class, properties = {
"server.servlet.contextPath=/nacos"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
public class ConfigAuth_ITCase extends AuthBase {
public class ConfigAuthCoreITCase extends AuthBase {

public static final long TIME_OUT = 2000;

Expand All @@ -55,15 +57,18 @@ public class ConfigAuth_ITCase extends AuthBase {
@LocalServerPort
private int port;

private String dataId = "yanlin";
private final String dataId = "yanlin";

private String group = "yanlin";
private final String group = "yanlin";

@BeforeEach
void init() throws Exception {
super.init(port);
}

/**
* Cleans up resources after each test execution.
*/
@AfterEach
public void destroy() {
super.destroy();
Expand All @@ -72,11 +77,10 @@ public void destroy() {
iconfig.shutDown();
}
} catch (NacosException ex) {

// Ignored exception during shutdown
}
}


@Test
void writeWithReadPermission() throws Exception {

Expand All @@ -93,17 +97,14 @@ void writeWithReadPermission() throws Exception {

@Test
void readWithReadPermission() throws Exception {

CountDownLatch latch = new CountDownLatch(1);
AtomicInteger ai = new AtomicInteger(0);

properties.put(PropertyKeyConst.USERNAME, username1);
properties.put(PropertyKeyConst.PASSWORD, password1);
iconfig = NacosFactory.createConfigService(properties);

final String content = "test" + System.currentTimeMillis();
System.out.println(content);

CountDownLatch latch = new CountDownLatch(1);
iconfig.addListener(dataId, group, new AbstractConfigChangeListener() {
@Override
public void receiveConfigChange(ConfigChangeEvent event) {
Expand Down Expand Up @@ -151,16 +152,14 @@ void writeWithWritePermission() throws Exception {

@Test
void readWithWritePermission() throws Exception {

CountDownLatch latch = new CountDownLatch(1);

properties.put(PropertyKeyConst.NAMESPACE, namespace1);
properties.put(PropertyKeyConst.USERNAME, username2);
properties.put(PropertyKeyConst.PASSWORD, password2);
iconfig = NacosFactory.createConfigService(properties);

final String content = "test" + System.currentTimeMillis();

CountDownLatch latch = new CountDownLatch(1);
iconfig.addListener(dataId, group, new AbstractConfigChangeListener() {
@Override
public void receiveConfigChange(ConfigChangeEvent event) {
Expand All @@ -182,28 +181,24 @@ public void receiveConfigChange(ConfigChangeEvent event) {
try {
iconfig.getConfig(dataId, group, TIME_OUT);
fail();
} catch (NacosException ne) {
assertEquals(HttpStatus.SC_FORBIDDEN, ne.getErrCode());
} catch (NacosException e) {
assertEquals(HttpStatus.SC_FORBIDDEN, e.getErrCode());
}

latch.await(5L, TimeUnit.SECONDS);

assertTrue(latch.getCount() > 0);
}


@Test
void ReadWriteWithFullPermission() throws Exception {

CountDownLatch latch = new CountDownLatch(1);
AtomicInteger ai = new AtomicInteger(0);

void readWriteWithFullPermission() throws Exception {
properties.put(PropertyKeyConst.USERNAME, username3);
properties.put(PropertyKeyConst.PASSWORD, password3);
iconfig = NacosFactory.createConfigService(properties);

final String content = "test" + System.currentTimeMillis();

CountDownLatch latch = new CountDownLatch(1);
iconfig.addListener(dataId, group, new AbstractConfigChangeListener() {
@Override
public void receiveConfigChange(ConfigChangeEvent event) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -33,17 +33,16 @@
import java.net.URL;
import java.util.concurrent.TimeUnit;


@SuppressWarnings("checkstyle:AbbreviationAsWordInName")
@Suite
@SelectClasses({LdapAuth_ITCase.NonTlsTest.class, LdapAuth_ITCase.TlsTest.class})
class LdapAuth_ITCase {
@SelectClasses({LdapAuthCoreITCase.NonTlsTest.class, LdapAuthCoreITCase.TlsTest.class})
class LdapAuthCoreITCase {

@Test
void empty() {

}

abstract class LdapBase extends AuthBase {
abstract static class LdapBase extends AuthBase {

@LocalServerPort
private int port;
Expand All @@ -55,7 +54,8 @@ abstract class LdapBase extends AuthBase {

@BeforeEach
void init() throws Exception {
Mockito.when(ldapTemplate.authenticate("", "(" + filterPrefix + "=" + "karson" + ")", "karson")).thenReturn(true);
Mockito.when(ldapTemplate.authenticate("", "(" + filterPrefix + "=" + "karson" + ")", "karson"))
.thenReturn(true);
AuthConfigs.setCachingEnabled(false);
TimeUnit.SECONDS.sleep(5L);
String url = String.format("http://localhost:%d/", port);
Expand All @@ -78,7 +78,8 @@ void testLdapAuth() throws Exception {

@Nested
@DirtiesContext
@SpringBootTest(classes = Nacos.class, properties = {"server.servlet.context-path=/nacos", "nacos.core.auth.system.type=ldap",
@SpringBootTest(classes = Nacos.class, properties = {"server.servlet.context-path=/nacos",
"nacos.core.auth.system.type=ldap",
"nacos.core.auth.ldap.url=ldaps://localhost:636"}, webEnvironment = SpringBootTest.WebEnvironment.DEFINED_PORT)
class TlsTest extends LdapBase {

Expand All @@ -87,6 +88,4 @@ void testLdapAuth() throws Exception {
super.login("karson", "karson");
}
}


}
Loading

0 comments on commit 9d0a48d

Please sign in to comment.