From 78e8fb731db1d1f488cb4b5c32c26d229713d38a Mon Sep 17 00:00:00 2001 From: Matthew Stevenson Date: Tue, 20 Aug 2019 13:42:53 -0700 Subject: [PATCH] Restored credentials_test.cc --- test/cpp/client/credentials_test.cc | 230 +++++++++++++++++++--------- 1 file changed, 154 insertions(+), 76 deletions(-) diff --git a/test/cpp/client/credentials_test.cc b/test/cpp/client/credentials_test.cc index de195ff4e7c..e2342552d46 100644 --- a/test/cpp/client/credentials_test.cc +++ b/test/cpp/client/credentials_test.cc @@ -30,6 +30,58 @@ #include "src/core/lib/security/credentials/tls/grpc_tls_credentials_options.h" #include "src/cpp/client/secure_credentials.h" +namespace { + +typedef class ::grpc_impl::experimental::TlsKeyMaterialsConfig + TlsKeyMaterialsConfig; +typedef class ::grpc_impl::experimental::TlsCredentialReloadArg + TlsCredentialReloadArg; +typedef class ::grpc_impl::experimental::TlsCredentialReloadConfig + TlsCredentialReloadConfig; + +static void tls_credential_reload_callback( + grpc_tls_credential_reload_arg* arg) { + GPR_ASSERT(arg != nullptr); + arg->status = GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED; +} + +static int tls_credential_reload_sync(void* config_user_data, + TlsCredentialReloadArg* arg) { + GPR_ASSERT(arg != nullptr); + struct TlsKeyMaterialsConfig::PemKeyCertPair pair3 = {"private_key3", + "cert_chain3"}; + ::std::shared_ptr key_materials_config = + arg->key_materials_config(); + ::std::vector pair_list = + key_materials_config->pem_key_cert_pair_list(); + pair_list.push_back(pair3); + key_materials_config->set_key_materials("new_pem_root_certs", pair_list); + arg->set_key_materials_config(key_materials_config); + arg->set_status(GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); + return 0; +} + +static void tls_credential_reload_cancel(void* config_user_data, + TlsCredentialReloadArg* arg) { + GPR_ASSERT(arg != nullptr); + arg->set_status(GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL); + arg->set_error_details("cancelled"); +} + +static void tls_server_authorization_check_callback( + grpc_tls_server_authorization_check_arg* arg) { + GPR_ASSERT(arg != nullptr); + char* cb_user_data = "cb_user_data"; + arg->set_cb_user_data(static_cast(gpr_strdup(cb_user_data))); + arg->set_success(1); + arg->set_target_name("callback_target_name"); + arg->set_peer_cert("callback_peer_cert"); + arg->set_status(GRPC_STATUS_OK); + arg->set_error_details("callback_error_details"); +} + +} // namespace + namespace grpc { namespace testing { @@ -198,7 +250,6 @@ TEST_F(CredentialsTest, StsCredentialsOptionsFromEnv) { gpr_unsetenv("STS_CREDENTIALS"); } -/** typedef class ::grpc_impl::experimental::TlsKeyMaterialsConfig TlsKeyMaterialsConfig; @@ -217,13 +268,18 @@ TEST_F(CredentialsTest, TlsKeyMaterialsConfigCppToC) { c_config->pem_key_cert_pair_list()[0].cert_chain()); gpr_free(c_config); } -**/ -/** TEST_F(CredentialsTest, TlsKeyMaterialsCtoCpp) { grpc_tls_key_materials_config c_config; + grpc::string test_private_key = "private_key"; + grpc::string test_cert_chain = "cert_chain"; + grpc_ssl_pem_key_cert_pair* ssl_pair = + (grpc_ssl_pem_key_cert_pair*)gpr_malloc( + sizeof(grpc_ssl_pem_key_cert_pair)); + ssl_pair->private_key = gpr_strdup(test_private_key.c_str()); + ssl_pair->cert_chain = gpr_strdup(test_cert_chain.c_str()); ::grpc_core::PemKeyCertPair pem_key_cert_pair = - ::grpc_core::PemKeyCertPair("private_key", "cert_chain"); + ::grpc_core::PemKeyCertPair(ssl_pair); ::grpc_core::InlinedVector<::grpc_core::PemKeyCertPair, 1> pem_key_cert_pair_list; pem_key_cert_pair_list.push_back(pem_key_cert_pair); @@ -239,20 +295,26 @@ TEST_F(CredentialsTest, TlsKeyMaterialsCtoCpp) { EXPECT_STREQ("private_key", cpp_pair_list[0].private_key.c_str()); EXPECT_STREQ("cert_chain", cpp_pair_list[0].cert_chain.c_str()); } -**/ -//typedef class ::grpc_impl::experimental::TlsCredentialReloadArg -// TlsCredentialReloadArg; -//typedef class ::grpc_impl::experimental::TlsCredentialReloadConfig -// TlsCredentialReloadConfig; -//typedef void (*grpcpp_tls_on_credential_reload_done_cb)( -// TlsCredentialReloadArg* arg); +typedef class ::grpc_impl::experimental::TlsCredentialReloadArg TlsCredentialReloadArg; +typedef class ::grpc_impl::experimental::TlsCredentialReloadConfig TlsCredentialReloadConfig; -/** -TEST_F(CredentialsTest, TlsCredentialReloadArgCppToC) { +TEST_F(CredentialsTest, TlsCredentialReloadArgCallback) { + grpc_tls_credential_reload_arg c_arg; + c_arg.cb = tls_credential_reload_callback; + TlsCredentialReloadArg arg = TlsCredentialReloadArg(c_arg); + arg.set_status(GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); + arg.callback(); + EXPECT_EQ(arg.status(), GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED); +} + +TEST_F(CredentialsTest, TlsCredentialReloadConfigSchedule) { + TlsCredentialReloadConfig config(nullptr, &tls_credential_reload_sync, + nullptr, nullptr); TlsCredentialReloadArg arg; - arg.set_cb_user_data(nullptr); - ::std::shared_ptr key_materials_config; + arg.set_cb_user_data(static_cast(nullptr)); + ::std::shared_ptr key_materials_config( + new TlsKeyMaterialsConfig()); struct TlsKeyMaterialsConfig::PemKeyCertPair pair1 = {"private_key1", "cert_chain1"}; struct TlsKeyMaterialsConfig::PemKeyCertPair pair2 = {"private_key2", @@ -263,37 +325,71 @@ TEST_F(CredentialsTest, TlsCredentialReloadArgCppToC) { arg.set_key_materials_config(key_materials_config); arg.set_status(GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); arg.set_error_details("error_details"); - grpc_tls_credential_reload_arg* c_arg = arg.c_credential_reload_arg(); - EXPECT_EQ(c_arg->cb, - static_cast(nullptr)); - EXPECT_EQ(c_arg->cb_user_data, nullptr); - EXPECT_EQ(c_arg->key_materials_config->pem_root_certs(), "pem_root_certs"); - EXPECT_EQ( - c_arg->key_materials_config->pem_key_cert_pair_list()[0].private_key(), - "private_key1"); - EXPECT_EQ( - c_arg->key_materials_config->pem_key_cert_pair_list()[1].private_key(), - "private_key2"); - EXPECT_EQ( - c_arg->key_materials_config->pem_key_cert_pair_list()[0].cert_chain(), - "cert_chain1"); - EXPECT_EQ( - c_arg->key_materials_config->pem_key_cert_pair_list()[1].cert_chain(), - "cert_chain2"); - EXPECT_EQ(c_arg->status, GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); - EXPECT_STREQ(c_arg->error_details, "error_details"); + int schedule_output = config.Schedule(&arg); + EXPECT_EQ(schedule_output, 0); + EXPECT_EQ(arg.cb_user_data(), nullptr); + EXPECT_STREQ(arg.key_materials_config()->pem_root_certs().c_str(), + "new_pem_root_certs"); + pair_list = arg.key_materials_config()->pem_key_cert_pair_list(); + EXPECT_EQ(static_cast(pair_list.size()), 3); + EXPECT_STREQ(pair_list[0].private_key.c_str(), "private_key1"); + EXPECT_STREQ(pair_list[0].cert_chain.c_str(), "cert_chain1"); + EXPECT_STREQ(pair_list[1].private_key.c_str(), "private_key2"); + EXPECT_STREQ(pair_list[1].cert_chain.c_str(), "cert_chain2"); + EXPECT_STREQ(pair_list[2].private_key.c_str(), "private_key3"); + EXPECT_STREQ(pair_list[2].cert_chain.c_str(), "cert_chain3"); + EXPECT_EQ(arg.status(), GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); + EXPECT_STREQ(arg.error_details()->c_str(), "error_details"); } -**/ - -/** TEST_F(CredentialsTest, TlsCredentialReloadConfigCppToC) { TlsCredentialReloadConfig config = - TlsCredentialReloadConfig(nullptr, nullptr, nullptr, nullptr); + TlsCredentialReloadConfig(nullptr, &tls_credential_reload_sync, + &tls_credential_reload_cancel, nullptr); + grpc_tls_credential_reload_arg c_arg; + c_arg.cb_user_data = static_cast(nullptr); + grpc_tls_key_materials_config c_key_materials; + grpc::string test_private_key = "private_key"; + grpc::string test_cert_chain = "cert_chain"; + grpc_ssl_pem_key_cert_pair* ssl_pair = + (grpc_ssl_pem_key_cert_pair*)gpr_malloc( + sizeof(grpc_ssl_pem_key_cert_pair)); + ssl_pair->private_key = gpr_strdup(test_private_key.c_str()); + ssl_pair->cert_chain = gpr_strdup(test_cert_chain.c_str()); + ::grpc_core::PemKeyCertPair pem_key_cert_pair = + ::grpc_core::PemKeyCertPair(ssl_pair); + ::grpc_core::InlinedVector<::grpc_core::PemKeyCertPair, 1> + pem_key_cert_pair_list; + pem_key_cert_pair_list.push_back(pem_key_cert_pair); + grpc::string test_pem_root_certs = "pem_root_certs"; + c_key_materials.set_key_materials( + ::grpc_core::UniquePtr(gpr_strdup(test_pem_root_certs.c_str())), + pem_key_cert_pair_list); + c_arg.key_materials_config = &c_key_materials; + c_arg.status = GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_UNCHANGED; + grpc::string test_error_details = "error_details"; + c_arg.error_details = test_error_details.c_str(); + grpc_tls_credential_reload_config* c_config = config.c_credential_reload(); - EXPECT_EQ(c_config, nullptr); - // EXPECT_NE(c_config, nullptr); - // TODO: add tests to compare schedule, cancel, destruct fields. + c_arg.config = c_config; + int c_schedule_output = c_config->Schedule(&c_arg); + EXPECT_EQ(c_schedule_output, 0); + EXPECT_EQ(c_arg.cb_user_data, nullptr); + EXPECT_STREQ(c_arg.key_materials_config->pem_root_certs(), + "new_pem_root_certs"); + ::grpc_core::InlinedVector<::grpc_core::PemKeyCertPair, 1> pair_list = + c_arg.key_materials_config->pem_key_cert_pair_list(); + EXPECT_EQ(static_cast(pair_list.size()), 2); + EXPECT_STREQ(pair_list[0].private_key(), "private_key"); + EXPECT_STREQ(pair_list[0].cert_chain(), "cert_chain"); + EXPECT_STREQ(pair_list[1].private_key(), "private_key3"); + EXPECT_STREQ(pair_list[1].cert_chain(), "cert_chain3"); + EXPECT_EQ(c_arg.status, GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_NEW); + EXPECT_STREQ(c_arg.error_details, test_error_details.c_str()); + + c_config->(&c_arg); + EXPECT_EQ(c_arg.status, GRPC_SSL_CERTIFICATE_CONFIG_RELOAD_FAIL); + EXPECT_STREQ(c_arg.error_details, "cancelled"); } typedef class ::grpc_impl::experimental::TlsServerAuthorizationCheckArg @@ -301,40 +397,23 @@ typedef class ::grpc_impl::experimental::TlsServerAuthorizationCheckArg typedef class ::grpc_impl::experimental::TlsServerAuthorizationCheckConfig TlsServerAuthorizationCheckConfig; -TEST_F(CredentialsTest, TlsServerAuthorizationCheckArgCppToC) { - TlsServerAuthorizationCheckArg arg; - // Only sync server authorization check supported currently, - // so we use a nullptr call back function. - arg.set_cb(nullptr); - arg.set_cb_user_data(nullptr); - arg.set_success(1); - arg.set_peer_cert("peer_cert"); - arg.set_status(GRPC_STATUS_OK); - arg.set_target_name("target_name"); - arg.set_error_details("error_details"); - grpc_tls_server_authorization_check_arg* c_arg = - arg.c_server_authorization_check_arg(); - // EXPECT_NE(c_arg, nullptr); - EXPECT_EQ(c_arg->cb, nullptr); - EXPECT_EQ(c_arg->cb_user_data, nullptr); - RecordProperty("TlsServerAuthorizationCheckArgCppToC::c_arg->success", -c_arg->success); EXPECT_EQ(c_arg->success, 1); - RecordProperty("TlsServerAuthorizationCheckArgCppToC::c_arg->peer_cert", -c_arg->peer_cert); EXPECT_STREQ(c_arg->peer_cert, "peer_cert"); - RecordProperty("TlsServerAuthorizationCheckArgCppToC::c_arg->target_name", -c_arg->target_name); EXPECT_STREQ(c_arg->target_name, "target_name"); - EXPECT_EQ(c_arg->status, GRPC_STATUS_OK); - RecordProperty("TlsServerAuthorizationCheckArgCppToC::c_arg->error_details", -c_arg->error_details); EXPECT_STREQ(c_arg->error_details, "error_details"); -} - -TEST_F(CredentialsTest, TlsServerAuthorizationCheckCppToC) { - TlsServerAuthorizationCheckConfig config = - TlsServerAuthorizationCheckConfig(nullptr, nullptr, nullptr, nullptr); - grpc_tls_server_authorization_check_config* c_config = - config.c_server_authorization_check(); - EXPECT_EQ(c_config, nullptr); // Because c_server_authn_check not implemented - // TODO: add tests to compare schedule, cancel, destruct fields. +TEST_F(CredentialsTest, TlsServerAuthorizationCheckArgCallback) { + grpc_tls_server_authorization_check_arg c_arg; + c_arg.cb = tls_server_authorization_check_callback; + c_arg.cb_user_data = nullptr; + c_arg.success = 0; + c_arg.target_name = "target_name"; + c_arg.peer_cert = "peer_cert"; + c_arg.status = GRPC_STATUS_UNAUTHENTICATED; + c_arg.error_details = "error_details"; + TlsServerAuthorizationCheckArg arg(c_arg); + arg.callback(); + EXPECT_STREQ(static_cast(arg.cb_user_data()), "cb_user_data"); + EXPECT_EQ(arg.success(), 1); + EXPECT_STREQ(arg.target_name()->c_str(), "callback_target_name"); + EXPECT_STREQ(arg.peer_cert()->c_str(), "callback_peer_cert"); + EXPECT_EQ(arg.status(), GRPC_STATUS_OK); + EXPECT_STREQ(arg.error_details()->c_str(), "callback_error_details"); } typedef class ::grpc_impl::experimental::TlsCredentialsOptions @@ -359,7 +438,6 @@ TEST_F(CredentialsTest, TlsCredentialsOptionsCppToC) { key_materials_config->c_key_materials()); gpr_free(c_options); } -**/ } // namespace testing } // namespace grpc