func TestLeaderLeaseSwapWhileWaiting(t *testing.T) {
testutil.RequireEtcd(t)
defer testutil.DumpEtcdOnFailure(t)
c, err := testutil.MakeNewEtcdClient()
if err != nil {
t.Fatal(err)
}
client := etcdclient.NewKeysAPI(c)
key := "/random/key"
if _, err := client.Set(context.Background(), key, "holder", &etcdclient.SetOptions{TTL: 10 * time.Second, PrevExist: etcdclient.PrevNoExist}); err != nil {
t.Fatal(err)
}
go func() {
time.Sleep(time.Second)
if _, err := client.Set(context.Background(), key, "other", &etcdclient.SetOptions{TTL: 10 * time.Second}); err != nil {
t.Fatal(err)
}
glog.Infof("Changed key ownership")
}()
lease := leaderlease.NewEtcd(c, key, "other", 10)
ch := make(chan error, 1)
go lease.AcquireAndHold(ch)
<-ch
glog.Infof("Lease acquired")
lease.Release()
if err, ok := <-ch; err == nil || !ok || !strings.Contains(err.Error(), "the lease has been lost") {
t.Errorf("Expected error and open channel when lease was swapped: %v %t", err, ok)
}
<-ch
glog.Infof("Lease gone")
}
func TestLeaderLeaseWait(t *testing.T) {
testutil.RequireEtcd(t)
defer testutil.DumpEtcdOnFailure(t)
c, err := testutil.MakeNewEtcdClient()
if err != nil {
t.Fatal(err)
}
client := etcdclient.NewKeysAPI(c)
key := "/random/key"
if _, err := client.Set(context.Background(), key, "other", &etcdclient.SetOptions{TTL: time.Second, PrevExist: etcdclient.PrevNoExist}); err != nil {
t.Fatal(err)
}
held := make(chan struct{})
go func() {
<-held
if _, err := client.Delete(context.Background(), key, nil); err != nil {
t.Fatal(err)
}
glog.Infof("Deleted key")
}()
lease := leaderlease.NewEtcd(c, key, "holder", 10)
ch := make(chan error, 1)
go lease.AcquireAndHold(ch)
<-ch
glog.Infof("Lease acquired")
close(held)
if err, ok := <-ch; err == nil || !ok || !strings.Contains(err.Error(), "the lease has been lost") {
t.Errorf("Expected error and open channel when lease was swapped: %v %t", err, ok)
}
<-ch
glog.Infof("Lease lost")
select {
case _, ok := <-held:
if ok {
t.Error("did not acquire the lease")
}
default:
t.Error("lease is still open")
}
}
func TestLeaderLeaseReacquire(t *testing.T) {
testutil.RequireEtcd(t)
defer testutil.DumpEtcdOnFailure(t)
c, err := testutil.MakeNewEtcdClient()
if err != nil {
t.Fatal(err)
}
client := etcdclient.NewKeysAPI(c)
key := "/random/key"
if _, err := client.Set(context.Background(), key, "holder", &etcdclient.SetOptions{TTL: time.Second, PrevExist: etcdclient.PrevNoExist}); err != nil {
t.Fatal(err)
}
held := make(chan struct{})
go func() {
<-held
if _, err := client.Delete(context.Background(), key, nil); err != nil {
t.Fatal(err)
}
glog.Infof("Deleted key")
}()
lease := leaderlease.NewEtcd(c, key, "holder", 1)
ch := make(chan error, 1)
go lease.AcquireAndHold(ch)
<-ch
glog.Infof("Lease acquired")
time.Sleep(2 * time.Second)
close(held)
<-ch
glog.Infof("Lease lost")
select {
case _, ok := <-held:
if ok {
t.Error("did not acquire the lease")
}
default:
t.Error("lease is still open")
}
}
func TestOAuthStorage(t *testing.T) {
testutil.DeleteAllEtcdKeys()
groupMeta := registered.GroupOrDie(api.GroupName)
etcdClient, err := testutil.MakeNewEtcdClient()
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
etcdHelper := etcdstorage.NewEtcdStorage(etcdClient, kapi.Codecs.LegacyCodec(groupMeta.GroupVersions...), etcdtest.PathPrefix())
accessTokenStorage := accesstokenetcd.NewREST(etcdHelper)
accessTokenRegistry := accesstokenregistry.NewRegistry(accessTokenStorage)
authorizeTokenStorage := authorizetokenetcd.NewREST(etcdHelper)
authorizeTokenRegistry := authorizetokenregistry.NewRegistry(authorizeTokenStorage)
clientStorage := clientetcd.NewREST(etcdHelper)
clientRegistry := clientregistry.NewRegistry(clientStorage)
user := &testUser{UserName: "******", UserUID: "1"}
storage := registrystorage.New(accessTokenRegistry, authorizeTokenRegistry, clientRegistry, user)
oauthServer := osinserver.New(
osinserver.NewDefaultServerConfig(),
storage,
osinserver.AuthorizeHandlerFunc(func(ar *osin.AuthorizeRequest, w http.ResponseWriter) (bool, error) {
ar.UserData = "test"
ar.Authorized = true
return false, nil
}),
osinserver.AccessHandlerFunc(func(ar *osin.AccessRequest, w http.ResponseWriter) error {
ar.UserData = "test"
ar.Authorized = true
ar.GenerateRefresh = false
return nil
}),
osinserver.NewDefaultErrorHandler(),
)
mux := http.NewServeMux()
oauthServer.Install(mux, "")
server := httptest.NewServer(mux)
defer server.Close()
ch := make(chan *osincli.AccessData, 1)
var oaclient *osincli.Client
var authReq *osincli.AuthorizeRequest
assertServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
data, err := authReq.HandleRequest(r)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
tokenReq := oaclient.NewAccessRequest(osincli.AUTHORIZATION_CODE, data)
token, err := tokenReq.GetToken()
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
ch <- token
}))
clientRegistry.CreateClient(kapi.NewContext(), &api.OAuthClient{
ObjectMeta: kapi.ObjectMeta{Name: "test"},
Secret: "secret",
RedirectURIs: []string{assertServer.URL + "/assert"},
})
storedClient, err := storage.GetClient("test")
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if storedClient.GetSecret() != "secret" {
t.Fatalf("unexpected stored client: %#v", storedClient)
}
oaclientConfig := &osincli.ClientConfig{
ClientId: "test",
ClientSecret: "secret",
RedirectUrl: assertServer.URL + "/assert",
AuthorizeUrl: server.URL + "/authorize",
TokenUrl: server.URL + "/token",
}
osinclient, err := osincli.NewClient(oaclientConfig)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
oaclient = osinclient // initialize the assert server client as well
authReq = oaclient.NewAuthorizeRequest(osincli.CODE)
config := &oauth2.Config{
ClientID: "test",
ClientSecret: "",
Scopes: []string{"a_scope"},
RedirectURL: assertServer.URL + "/assert",
Endpoint: oauth2.Endpoint{
AuthURL: server.URL + "/authorize",
TokenURL: server.URL + "/token",
},
}
url := config.AuthCodeURL("")
client := http.Client{ /*CheckRedirect: func(req *http.Request, via []*http.Request) error {
t.Logf("redirect (%d): to %s, %#v", len(via), req.URL, req)
return nil
}*/}
resp, err := client.Get(url)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if resp.StatusCode != http.StatusOK {
t.Fatalf("unexpected response: %#v", resp)
}
token := <-ch
if token.AccessToken == "" {
t.Errorf("unexpected access token: %#v", token)
}
actualToken, err := accessTokenRegistry.GetAccessToken(kapi.NewContext(), token.AccessToken)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
if actualToken.UserUID != "1" || actualToken.UserName != "test" {
t.Errorf("unexpected stored token: %#v", actualToken)
}
}
