Merge pull request #3854 from stanley-cheung/php_add_auth_interop_tests

PHP: add remaining auth interop tests
pull/3861/head
Michael Lumish 9 years ago
commit 5e75116b9f
  1. 157
      src/php/tests/interop/interop_client.php
  2. 18
      tools/run_tests/run_interop_tests.py

@ -36,6 +36,9 @@ require 'empty.php';
require 'message_set.php';
require 'messages.php';
require 'test.php';
use Google\Auth\CredentialsLoader;
use Google\Auth\ApplicationDefaultCredentials;
use GuzzleHttp\ClientInterface;
/**
* Assertion function that always exits with an error code if the assertion is
@ -52,7 +55,6 @@ function hardAssert($value, $error_message) {
/**
* Run the empty_unary test.
* Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods
*/
function emptyUnary($stub) {
@ -63,7 +65,6 @@ function emptyUnary($stub) {
/**
* Run the large_unary test.
* Passes when run against the C++/Node server as of 2015-04-30
* @param $stub Stub object that has service methods
*/
function largeUnary($stub) {
@ -76,7 +77,8 @@ function largeUnary($stub) {
* @param $fillUsername boolean whether to fill result with username
* @param $fillOauthScope boolean whether to fill result with oauth scope
*/
function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false) {
function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false,
$metadata = array()) {
$request_len = 271828;
$response_len = 314159;
@ -90,7 +92,7 @@ function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false
$request->setFillUsername($fillUsername);
$request->setFillOauthScope($fillOauthScope);
list($result, $status) = $stub->UnaryCall($request)->wait();
list($result, $status) = $stub->UnaryCall($request, $metadata)->wait();
hardAssert($status->code === Grpc\STATUS_OK, 'Call did not complete successfully');
hardAssert($result !== null, 'Call returned a null response');
$payload = $result->getPayload();
@ -105,7 +107,6 @@ function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false
/**
* Run the service account credentials auth test.
* Passes when run against the cloud server as of 2015-04-30
* @param $stub Stub object that has service methods
* @param $args array command line args
*/
@ -114,7 +115,7 @@ function serviceAccountCreds($stub, $args) {
throw new Exception('Missing oauth scope');
}
$jsonKey = json_decode(
file_get_contents(getenv(Google\Auth\CredentialsLoader::ENV_VAR)),
file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
true);
$result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true);
hardAssert($result->getUsername() == $jsonKey['client_email'],
@ -143,22 +144,57 @@ function computeEngineCreds($stub, $args) {
/**
* Run the jwt token credentials auth test.
* Passes when run against the cloud server as of 2015-05-12
* @param $stub Stub object that has service methods
* @param $args array command line args
*/
function jwtTokenCreds($stub, $args) {
$jsonKey = json_decode(
file_get_contents(getenv(Google\Auth\CredentialsLoader::ENV_VAR)),
file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
true);
$result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true);
hardAssert($result->getUsername() == $jsonKey['client_email'],
'invalid email returned');
}
/**
* Run the oauth2_auth_token auth test.
* @param $stub Stub object that has service methods
* @param $args array command line args
*/
function oauth2AuthToken($stub, $args) {
$jsonKey = json_decode(
file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
true);
$result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true);
hardAssert($result->getUsername() == $jsonKey['client_email'],
'invalid email returned');
}
/**
* Run the per_rpc_creds auth test.
* @param $stub Stub object that has service methods
* @param $args array command line args
*/
function perRpcCreds($stub, $args) {
$jsonKey = json_decode(
file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
true);
$auth_credentials = ApplicationDefaultCredentials::getCredentials(
$args['oauth_scope']
);
$token = $auth_credentials->fetchAuthToken();
$metadata = array(CredentialsLoader::AUTH_METADATA_KEY =>
array(sprintf("%s %s",
$token['token_type'],
$token['access_token'])));
$result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true,
$metadata);
hardAssert($result->getUsername() == $jsonKey['client_email'],
'invalid email returned');
}
/**
* Run the client_streaming test.
* Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods
*/
function clientStreaming($stub) {
@ -185,7 +221,6 @@ function clientStreaming($stub) {
/**
* Run the server_streaming test.
* Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods.
*/
function serverStreaming($stub) {
@ -216,7 +251,6 @@ function serverStreaming($stub) {
/**
* Run the ping_pong test.
* Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods.
*/
function pingPong($stub) {
@ -252,7 +286,6 @@ function pingPong($stub) {
/**
* Run the empty_stream test.
* Passes when run against the Node server as of 2015-10-09
* @param $stub Stub object that has service methods.
*/
function emptyStream($stub) {
@ -265,7 +298,6 @@ function emptyStream($stub) {
/**
* Run the cancel_after_begin test.
* Passes when run against the Node server as of 2015-08-28
* @param $stub Stub object that has service methods.
*/
function cancelAfterBegin($stub) {
@ -278,7 +310,6 @@ function cancelAfterBegin($stub) {
/**
* Run the cancel_after_first_response test.
* Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods.
*/
function cancelAfterFirstResponse($stub) {
@ -319,12 +350,17 @@ function timeoutOnSleepingServer($stub) {
}
$args = getopt('', array('server_host:', 'server_port:', 'test_case:',
'use_tls::', 'use_test_ca::',
'server_host_override:', 'oauth_scope:',
'default_service_account:'));
if (!array_key_exists('server_host', $args) ||
!array_key_exists('server_port', $args) ||
!array_key_exists('test_case', $args)) {
throw new Exception('Missing argument');
if (!array_key_exists('server_host', $args)) {
throw new Exception('Missing argument: --server_host is required');
}
if (!array_key_exists('server_port', $args)) {
throw new Exception('Missing argument: --server_port is required');
}
if (!array_key_exists('test_case', $args)) {
throw new Exception('Missing argument: --test_case is required');
}
if ($args['server_port'] == 443) {
@ -333,41 +369,76 @@ if ($args['server_port'] == 443) {
$server_address = $args['server_host'] . ':' . $args['server_port'];
}
if (!array_key_exists('server_host_override', $args)) {
$args['server_host_override'] = 'foo.test.google.fr';
$test_case = $args['test_case'];
$host_override = 'foo.test.google.fr';
if (array_key_exists('server_host_override', $args)) {
$host_override = $args['server_host_override'];
}
$ssl_cert_file = getenv('SSL_CERT_FILE');
if (!$ssl_cert_file) {
$ssl_cert_file = dirname(__FILE__) . '/../data/ca.pem';
$use_tls = false;
if (array_key_exists('use_tls', $args) &&
$args['use_tls'] != 'false') {
$use_tls = true;
}
$credentials = Grpc\Credentials::createSsl(file_get_contents($ssl_cert_file));
$use_test_ca = false;
if (array_key_exists('use_test_ca', $args) &&
$args['use_test_ca'] != 'false') {
$use_test_ca = true;
}
$opts = [
'grpc.ssl_target_name_override' => $args['server_host_override'],
'credentials' => $credentials,
];
$opts = [];
if (in_array($args['test_case'], array(
'service_account_creds',
'compute_engine_creds',
'jwt_token_creds'))) {
if ($args['test_case'] == 'jwt_token_creds') {
$auth = Google\Auth\ApplicationDefaultCredentials::getCredentials();
if ($use_tls) {
if ($use_test_ca) {
$ssl_cert_file = dirname(__FILE__) . '/../data/ca.pem';
} else {
$auth = Google\Auth\ApplicationDefaultCredentials::getCredentials(
$args['oauth_scope']);
$ssl_cert_file = getenv('SSL_CERT_FILE');
}
$opts['update_metadata'] = $auth->getUpdateMetadataFunc();
$ssl_credentials = Grpc\Credentials::createSsl(
file_get_contents($ssl_cert_file));
$opts['credentials'] = $ssl_credentials;
$opts['grpc.ssl_target_name_override'] = $host_override;
}
if (in_array($test_case, array('service_account_creds',
'compute_engine_creds', 'jwt_token_creds'))) {
if ($test_case == 'jwt_token_creds') {
$auth_credentials = ApplicationDefaultCredentials::getCredentials();
} else {
$auth_credentials = ApplicationDefaultCredentials::getCredentials(
$args['oauth_scope']
);
}
$opts['update_metadata'] = $auth_credentials->getUpdateMetadataFunc();
}
if ($test_case == 'oauth2_auth_token') {
$auth_credentials = ApplicationDefaultCredentials::getCredentials(
$args['oauth_scope']
);
$token = $auth_credentials->fetchAuthToken();
$update_metadata =
function($metadata,
$authUri = null,
ClientInterface $client = null) use ($token) {
$metadata_copy = $metadata;
$metadata_copy[CredentialsLoader::AUTH_METADATA_KEY] =
array(sprintf("%s %s",
$token['token_type'],
$token['access_token']));
return $metadata_copy;
};
$opts['update_metadata'] = $update_metadata;
}
$stub = new grpc\testing\TestServiceClient($server_address, $opts);
echo "Connecting to $server_address\n";
echo "Running test case $args[test_case]\n";
echo "Running test case $test_case\n";
switch ($args['test_case']) {
switch ($test_case) {
case 'empty_unary':
emptyUnary($stub);
break;
@ -404,7 +475,13 @@ switch ($args['test_case']) {
case 'jwt_token_creds':
jwtTokenCreds($stub, $args);
break;
case 'oauth2_auth_token':
oauth2AuthToken($stub, $args);
break;
case 'per_rpc_creds':
perRpcCreds($stub, $args);
break;
default:
echo "Unsupported test case $args[test_case]\n";
echo "Unsupported test case $test_case\n";
exit(1);
}

@ -220,17 +220,20 @@ class PHPLanguage:
def cloud_to_prod_args(self):
return (self.client_cmdline_base + _CLOUD_TO_PROD_BASE_ARGS +
['--use_tls'])
['--use_tls=true'])
def cloud_to_cloud_args(self):
return (self.client_cmdline_base + _CLOUD_TO_CLOUD_BASE_ARGS +
['--use_tls', '--use_test_ca'])
['--use_tls=true', '--use_test_ca=true'])
def cloud_to_prod_env(self):
return _SSL_CERT_ENV
def global_env(self):
return {}
# need to manually copy to each jenkins machine if we run into github
# rate limit when running `composer install`
return {"BUILD_INTEROP_DOCKER_EXTRA_ARGS":
"-v /var/local/.composer/auth.json:/root/.composer/auth.json:ro"}
def __str__(self):
return 'php'
@ -472,15 +475,16 @@ def server_jobspec(language, docker_image):
def build_interop_image_jobspec(language, tag=None):
"""Creates jobspec for building interop docker image for a language"""
environ = language.global_env()
if not tag:
tag = 'grpc_interop_%s:%s' % (language.safename, uuid.uuid4())
env = {'INTEROP_IMAGE': tag,
'BASE_NAME': 'grpc_interop_%s' % language.safename}
environ['INTEROP_IMAGE'] = tag
environ['BASE_NAME'] = 'grpc_interop_%s' % language.safename
if not args.travis:
env['TTY_FLAG'] = '-t'
environ['TTY_FLAG'] = '-t'
build_job = jobset.JobSpec(
cmdline=['tools/jenkins/build_interop_image.sh'],
environ=env,
environ=environ,
shortname="build_docker_%s" % (language),
timeout_seconds=30*60)
build_job.tag = tag

Loading…
Cancel
Save