// test that the request is retried after the credentials are expired. func TestRequestRecoverExpiredCreds(t *testing.T) { reqNum := 0 reqs := []http.Response{ http.Response{StatusCode: 400, Body: body(`{"__type":"ExpiredTokenException","message":"expired token"}`)}, http.Response{StatusCode: 200, Body: body(`{"data":"valid"}`)}, } s := NewService(&Config{MaxRetries: 10, Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "")}) s.Handlers.Validate.Clear() s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.UnmarshalError.PushBack(unmarshalError) credExpiredBeforeRetry := false credExpiredAfterRetry := false s.Handlers.Retry.PushBack(func(r *Request) { if err := Error(r.Error); err != nil && err.Code == "ExpiredTokenException" { credExpiredBeforeRetry = r.Config.Credentials.IsExpired() } }) s.Handlers.AfterRetry.PushBack(func(r *Request) { credExpiredAfterRetry = r.Config.Credentials.IsExpired() }) s.Handlers.Sign.Clear() s.Handlers.Sign.PushBack(func(r *Request) { r.Config.Credentials.Get() }) s.Handlers.Send.Clear() // mock sending s.Handlers.Send.PushBack(func(r *Request) { r.HTTPResponse = &reqs[reqNum] reqNum++ }) out := &testData{} r := NewRequest(s, &Operation{Name: "Operation"}, nil, out) err := r.Send() assert.Nil(t, err) assert.False(t, credExpiredBeforeRetry, "Expect valid creds before retry check") assert.True(t, credExpiredAfterRetry, "Expect expired creds after retry check") assert.False(t, s.Config.Credentials.IsExpired(), "Expect valid creds after cred expired recovery") assert.Equal(t, 1, int(r.RetryCount)) assert.Equal(t, "valid", out.Data) }
// NewDynamoDBClient returns an *dynamodb.Client with a connection to the region // configured via the AWS_REGION environment variable. // It returns an error if the connection cannot be made or the table does not exist. func NewDynamoDBClient(table string) (*Client, error) { creds := credentials.NewStaticCredentials("", "", "") _, err := creds.Get() if err != nil { return nil, err } var c *aws.Config if os.Getenv("DYNAMODB_LOCAL") != "" { log.Debug("DYNAMODB_LOCAL is set") c = &aws.Config{Endpoint: "http://localhost:8000"} } else { c = nil } d := dynamodb.New(c) // Check if the table exists _, err = d.DescribeTable(&dynamodb.DescribeTableInput{TableName: &table}) if err != nil { return nil, err } return &Client{d, table}, nil }
func TestNewAWSCloud(t *testing.T) { fakeAuthFunc := func() (creds *credentials.Credentials) { return credentials.NewStaticCredentials("", "", "") } tests := []struct { name string reader io.Reader authFunc AuthFunc metadata AWSMetadata expectError bool zone string }{ { "No config reader", nil, fakeAuthFunc, &FakeMetadata{}, true, "", }, { "Config specified invalid zone", strings.NewReader("[global]\nzone = blahonga"), fakeAuthFunc, &FakeMetadata{}, true, "", }, { "Config specifies valid zone", strings.NewReader("[global]\nzone = eu-west-1a"), fakeAuthFunc, &FakeMetadata{}, false, "eu-west-1a", }, { "Gets zone from metadata when not in config", strings.NewReader("[global]\n"), fakeAuthFunc, &FakeMetadata{availabilityZone: "us-east-1a"}, false, "us-east-1a", }, { "No zone in config or metadata", strings.NewReader("[global]\n"), fakeAuthFunc, &FakeMetadata{}, true, "", }, } for _, test := range tests { t.Logf("Running test case %s", test.name) c, err := newAWSCloud(test.reader, test.authFunc, test.metadata) if test.expectError { if err == nil { t.Errorf("Should error for case %s", test.name) } } else { if err != nil { t.Errorf("Should succeed for case: %s", test.name) } if c.availabilityZone != test.zone { t.Errorf("Incorrect zone value (%s vs %s) for case: %s", c.availabilityZone, test.zone, test.name) } } } }
func init() { // mock region and credentials aws.DefaultConfig.Credentials = credentials.NewStaticCredentials("AKID", "SECRET", "SESSION") aws.DefaultConfig.Region = "mock-region" }