Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(58)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: server/auth/delegation_test.go

Issue 2646733008: server/auth: Add in-process LRU-based cache. (Closed)
Patch Set: Rename GlobalCache => Cache, ProcCache => MemoryCache. Created 3 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « server/auth/config.go ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The LUCI Authors. All rights reserved. 1 // Copyright 2016 The LUCI Authors. All rights reserved.
2 // Use of this source code is governed under the Apache License, Version 2.0 2 // Use of this source code is governed under the Apache License, Version 2.0
3 // that can be found in the LICENSE file. 3 // that can be found in the LICENSE file.
4 4
5 package auth 5 package auth
6 6
7 import ( 7 import (
8 "fmt" 8 "fmt"
9 "math/rand" 9 "math/rand"
10 "net/http" 10 "net/http"
(...skipping 12 matching lines...) Expand all
23 ) 23 )
24 24
25 func TestMintDelegationToken(t *testing.T) { 25 func TestMintDelegationToken(t *testing.T) {
26 t.Parallel() 26 t.Parallel()
27 27
28 Convey("MintDelegationToken works", t, func() { 28 Convey("MintDelegationToken works", t, func() {
29 ctx := context.Background() 29 ctx := context.Background()
30 ctx, _ = testclock.UseTime(ctx, testclock.TestRecentTimeUTC) 30 ctx, _ = testclock.UseTime(ctx, testclock.TestRecentTimeUTC)
31 ctx = mathrand.Set(ctx, rand.New(rand.NewSource(12345))) 31 ctx = mathrand.Set(ctx, rand.New(rand.NewSource(12345)))
32 32
33 » » tokenCache := &mockedCache{} 33 » » // Create an LRU large enough that it will never cycle during te st.
34 » » tokenCache := MemoryCache(1024)
34 35
35 subtokenID := "123" 36 subtokenID := "123"
36 mintingReq := "" 37 mintingReq := ""
37 transport := &clientRPCTransportMock{ 38 transport := &clientRPCTransportMock{
38 cb: func(r *http.Request, body string) string { 39 cb: func(r *http.Request, body string) string {
39 if r.URL.String() == "https://hostname.example.c om/auth/api/v1/server/info" { 40 if r.URL.String() == "https://hostname.example.c om/auth/api/v1/server/info" {
40 return `{"app_id":"hostname"}` 41 return `{"app_id":"hostname"}`
41 } 42 }
42 if r.URL.String() == "https://auth.example.com/a uth_service/api/v1/delegation/token/create" { 43 if r.URL.String() == "https://auth.example.com/a uth_service/api/v1/delegation/token/create" {
43 mintingReq = body 44 mintingReq = body
44 return fmt.Sprintf(`{ 45 return fmt.Sprintf(`{
45 "delegation_token": "tok", 46 "delegation_token": "tok",
46 "validity_duration": 43200, 47 "validity_duration": 43200,
47 "subtoken_id": "%s" 48 "subtoken_id": "%s"
48 }`, subtokenID) 49 }`, subtokenID)
49 } 50 }
50 return "unknown URL" 51 return "unknown URL"
51 }, 52 },
52 } 53 }
53 54
54 ctx = ModifyConfig(ctx, func(cfg *Config) { 55 ctx = ModifyConfig(ctx, func(cfg *Config) {
55 cfg.AccessTokenProvider = transport.getAccessToken 56 cfg.AccessTokenProvider = transport.getAccessToken
56 cfg.AnonymousTransport = transport.getTransport 57 cfg.AnonymousTransport = transport.getTransport
57 » » » cfg.GlobalCache = tokenCache 58 » » » cfg.Cache = tokenCache
58 cfg.Signer = signingtest.NewSigner(0, &signing.ServiceIn fo{ 59 cfg.Signer = signingtest.NewSigner(0, &signing.ServiceIn fo{
59 ServiceAccountName: "service@example.com", 60 ServiceAccountName: "service@example.com",
60 }) 61 })
61 }) 62 })
62 63
63 ctx = WithState(ctx, &state{ 64 ctx = WithState(ctx, &state{
64 user: &User{Identity: "user:abc@example.com"}, 65 user: &User{Identity: "user:abc@example.com"},
65 db: &fakeDB{authServiceURL: "https://auth.example.com" }, 66 db: &fakeDB{authServiceURL: "https://auth.example.com" },
66 }) 67 })
67 68
68 Convey("Works (including caching)", func(c C) { 69 Convey("Works (including caching)", func(c C) {
69 tok, err := MintDelegationToken(ctx, DelegationTokenPara ms{ 70 tok, err := MintDelegationToken(ctx, DelegationTokenPara ms{
70 TargetHost: "hostname.example.com", 71 TargetHost: "hostname.example.com",
71 MinTTL: time.Hour, 72 MinTTL: time.Hour,
72 Intent: "intent", 73 Intent: "intent",
73 }) 74 })
74 So(err, ShouldBeNil) 75 So(err, ShouldBeNil)
75 So(tok, ShouldResemble, &delegation.Token{ 76 So(tok, ShouldResemble, &delegation.Token{
76 Token: "tok", 77 Token: "tok",
77 SubtokenID: "123", 78 SubtokenID: "123",
78 Expiry: testclock.TestRecentTimeUTC.Add(MaxD elegationTokenTTL), 79 Expiry: testclock.TestRecentTimeUTC.Add(MaxD elegationTokenTTL),
79 }) 80 })
80 So(mintingReq, ShouldEqual, 81 So(mintingReq, ShouldEqual,
81 `{"audience":["user:service@example.com"],`+ 82 `{"audience":["user:service@example.com"],`+
82 `"services":["service:hostname"],"validi ty_duration":43200,`+ 83 `"services":["service:hostname"],"validi ty_duration":43200,`+
83 `"impersonate":"user:abc@example.com","i ntent":"intent"}`) 84 `"impersonate":"user:abc@example.com","i ntent":"intent"}`)
84 85
85 // Cached now. 86 // Cached now.
86 » » » So(len(tokenCache.data), ShouldEqual, 1) 87 » » » So(tokenCache.(memoryCache).cache.Len(), ShouldEqual, 1)
87 » » » for k := range tokenCache.data { 88 » » » v, _ := tokenCache.Get(ctx, "delegation/2/R5RJ9yppAB8IK0 GNB-UyjVrYoBw")
88 » » » » So(k, ShouldEqual, "delegation/2/R5RJ9yppAB8IK0G NB-UyjVrYoBw") 89 » » » So(v, ShouldNotBeNil)
89 » » » }
90 90
91 // On subsequence request the cached token is used. 91 // On subsequence request the cached token is used.
92 subtokenID = "456" 92 subtokenID = "456"
93 tok, err = MintDelegationToken(ctx, DelegationTokenParam s{ 93 tok, err = MintDelegationToken(ctx, DelegationTokenParam s{
94 TargetHost: "hostname.example.com", 94 TargetHost: "hostname.example.com",
95 MinTTL: time.Hour, 95 MinTTL: time.Hour,
96 Intent: "intent", 96 Intent: "intent",
97 }) 97 })
98 So(err, ShouldBeNil) 98 So(err, ShouldBeNil)
99 So(tok.SubtokenID, ShouldResemble, "123") // old one 99 So(tok.SubtokenID, ShouldResemble, "123") // old one
(...skipping 20 matching lines...) Expand all
120 Token: "tok", 120 Token: "tok",
121 SubtokenID: "123", 121 SubtokenID: "123",
122 Expiry: testclock.TestRecentTimeUTC.Add(MaxD elegationTokenTTL), 122 Expiry: testclock.TestRecentTimeUTC.Add(MaxD elegationTokenTTL),
123 }) 123 })
124 So(mintingReq, ShouldEqual, 124 So(mintingReq, ShouldEqual,
125 `{"audience":["user:service@example.com"],`+ 125 `{"audience":["user:service@example.com"],`+
126 `"services":["*"],"validity_duration":43 200,`+ 126 `"services":["*"],"validity_duration":43 200,`+
127 `"impersonate":"user:abc@example.com","i ntent":"intent"}`) 127 `"impersonate":"user:abc@example.com","i ntent":"intent"}`)
128 128
129 // Cached now. 129 // Cached now.
130 » » » So(len(tokenCache.data), ShouldEqual, 1) 130 » » » So(tokenCache.(memoryCache).cache.Len(), ShouldEqual, 1)
131 » » » for k := range tokenCache.data { 131 » » » v, _ := tokenCache.Get(ctx, "delegation/2/tjYIGNrwFvKa0F T5juu7ThjpxBo")
132 » » » » So(k, ShouldEqual, "delegation/2/tjYIGNrwFvKa0FT 5juu7ThjpxBo") 132 » » » So(v, ShouldNotBeNil)
133 » » » }
134 }) 133 })
135 }) 134 })
136 } 135 }
OLDNEW
« no previous file with comments | « server/auth/config.go ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698