func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), ExpiryWindow: time.Hour * 1, } p.CurrentTime = func() time.Time { return time.Date(2014, 12, 15, 0, 51, 37, 0, time.UTC) } assert.True(t, p.IsExpired(), "Expect creds to be expired before retrieve.") _, err := p.Retrieve() assert.Nil(t, err, "Expect no error, %v", err) assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.") p.CurrentTime = func() time.Time { return time.Date(2014, 12, 16, 0, 55, 37, 0, time.UTC) } assert.True(t, p.IsExpired(), "Expect creds to be expired.") }
func TestAfterRetryRefreshCreds(t *testing.T) { os.Clearenv() credProvider := &mockCredsProvider{} svc := awstesting.NewClient(&aws.Config{ Credentials: credentials.NewCredentials(credProvider), MaxRetries: aws.Int(1), }) svc.Handlers.Clear() svc.Handlers.ValidateResponse.PushBack(func(r *request.Request) { r.Error = awserr.New("UnknownError", "", nil) r.HTTPResponse = &http.Response{StatusCode: 400} }) svc.Handlers.UnmarshalError.PushBack(func(r *request.Request) { r.Error = awserr.New("ExpiredTokenException", "", nil) }) svc.Handlers.AfterRetry.PushBackNamed(corehandlers.AfterRetryHandler) assert.True(t, svc.Config.Credentials.IsExpired(), "Expect to start out expired") assert.False(t, credProvider.retrieveCalled) req := svc.NewRequest(&request.Operation{Name: "Operation"}, nil, nil) req.Send() assert.True(t, svc.Config.Credentials.IsExpired()) assert.False(t, credProvider.retrieveCalled) _, err := svc.Config.Credentials.Get() assert.NoError(t, err) assert.True(t, credProvider.retrieveCalled) }
func TestIsFalseJSONTypes(t *testing.T) { assert := assert.New(t) assert.True(isFalse(false)) assert.True(isFalse("")) var empty []interface{} assert.True(isFalse(empty)) m := make(map[string]interface{}) assert.True(isFalse(m)) assert.True(isFalse(nil)) }
func TestCredentialsExpire(t *testing.T) { stub := &stubProvider{} c := NewCredentials(stub) stub.expired = false assert.True(t, c.IsExpired(), "Expected to start out expired") c.Expire() assert.True(t, c.IsExpired(), "Expected to be expired") c.forceRefresh = false assert.False(t, c.IsExpired(), "Expected not to be expired") stub.expired = true assert.True(t, c.IsExpired(), "Expected to be expired") }
func TestIsFalseWithNilInterface(t *testing.T) { assert := assert.New(t) var a *int = nil var nilInterface interface{} nilInterface = a assert.True(isFalse(nilInterface)) }
func TestIsFalseWithMapOfUserStructs(t *testing.T) { assert := assert.New(t) type foo struct { Bar string Baz string } m := make(map[int]foo) assert.True(isFalse(m)) }
func TestChainProviderIsExpired(t *testing.T) { stubProvider := &stubProvider{expired: true} p := &ChainProvider{ Providers: []Provider{ stubProvider, }, } assert.True(t, p.IsExpired(), "Expect expired to be true before any Retrieve") _, err := p.Retrieve() assert.Nil(t, err, "Expect no error") assert.False(t, p.IsExpired(), "Expect not expired after retrieve") stubProvider.expired = true assert.True(t, p.IsExpired(), "Expect return of expired provider") _, err = p.Retrieve() assert.False(t, p.IsExpired(), "Expect not expired after retrieve") }
func TestObjsEqual(t *testing.T) { assert := assert.New(t) assert.True(objsEqual("foo", "foo")) assert.True(objsEqual(20, 20)) assert.True(objsEqual([]int{1, 2, 3}, []int{1, 2, 3})) assert.True(objsEqual(nil, nil)) assert.True(!objsEqual(nil, "foo")) assert.True(objsEqual([]int{}, []int{})) assert.True(!objsEqual([]int{}, nil)) }
func TestIsFalseWithUserDefinedStructs(t *testing.T) { assert := assert.New(t) type nilStructType struct { SliceOfPointers []*string } nilStruct := nilStructType{SliceOfPointers: nil} assert.True(isFalse(nilStruct.SliceOfPointers)) // A user defined struct will never be false though, // even if it's fields are the zero type. assert.False(isFalse(nilStruct)) }
func TestSharedCredentialsProviderIsExpired(t *testing.T) { os.Clearenv() p := SharedCredentialsProvider{Filename: "example.ini", Profile: ""} assert.True(t, p.IsExpired(), "Expect creds to be expired before retrieve") _, err := p.Retrieve() assert.Nil(t, err, "Expect no error") assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve") }
func TestMetadataAvailable(t *testing.T) { server := initTestServer( "/latest/meta-data/instance-id", "instance-id", ) defer server.Close() c := ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}) available := c.Available() assert.True(t, available) }
func TestChainProviderWithNoProvider(t *testing.T) { p := &ChainProvider{ Providers: []Provider{}, } assert.True(t, p.IsExpired(), "Expect expired with no providers") _, err := p.Retrieve() assert.Equal(t, ErrNoValidProvidersFoundInChain, err, "Expect no providers error returned") }
// Use DynamoDB methods for simplicity func TestPaginationEachPage(t *testing.T) { db := dynamodb.New(unit.Session) tokens, pages, numPages, gotToEnd := []string{}, []string{}, 0, false reqNum := 0 resps := []*dynamodb.ListTablesOutput{ {TableNames: []*string{aws.String("Table1"), aws.String("Table2")}, LastEvaluatedTableName: aws.String("Table2")}, {TableNames: []*string{aws.String("Table3"), aws.String("Table4")}, LastEvaluatedTableName: aws.String("Table4")}, {TableNames: []*string{aws.String("Table5")}}, } db.Handlers.Send.Clear() // mock sending db.Handlers.Unmarshal.Clear() db.Handlers.UnmarshalMeta.Clear() db.Handlers.ValidateResponse.Clear() db.Handlers.Build.PushBack(func(r *request.Request) { in := r.Params.(*dynamodb.ListTablesInput) if in == nil { tokens = append(tokens, "") } else if in.ExclusiveStartTableName != nil { tokens = append(tokens, *in.ExclusiveStartTableName) } }) db.Handlers.Unmarshal.PushBack(func(r *request.Request) { r.Data = resps[reqNum] reqNum++ }) params := &dynamodb.ListTablesInput{Limit: aws.Int64(2)} req, _ := db.ListTablesRequest(params) err := req.EachPage(func(p interface{}, last bool) bool { numPages++ for _, t := range p.(*dynamodb.ListTablesOutput).TableNames { pages = append(pages, *t) } if last { if gotToEnd { assert.Fail(t, "last=true happened twice") } gotToEnd = true } return true }) assert.Equal(t, []string{"Table2", "Table4"}, tokens) assert.Equal(t, []string{"Table1", "Table2", "Table3", "Table4", "Table5"}, pages) assert.Equal(t, 3, numPages) assert.True(t, gotToEnd) assert.Nil(t, err) }
func TestEnvProviderIsExpired(t *testing.T) { os.Clearenv() os.Setenv("AWS_ACCESS_KEY_ID", "access") os.Setenv("AWS_SECRET_ACCESS_KEY", "secret") os.Setenv("AWS_SESSION_TOKEN", "token") e := EnvProvider{} assert.True(t, e.IsExpired(), "Expect creds to be expired before retrieve.") _, err := e.Retrieve() assert.Nil(t, err, "Expect no error") assert.False(t, e.IsExpired(), "Expect creds to not be expired after retrieve.") }
func TestClientNotOverrideDefaultHTTPClientTimeout(t *testing.T) { origClient := *http.DefaultClient http.DefaultClient.Transport = &http.Transport{} defer func() { http.DefaultClient = &origClient }() svc := ec2metadata.New(session.New()) assert.Equal(t, http.DefaultClient, svc.Config.HTTPClient) tr, ok := svc.Config.HTTPClient.Transport.(*http.Transport) assert.True(t, ok) assert.NotNil(t, tr) assert.Nil(t, tr.Dial) }
func TestRequestExhaustRetries(t *testing.T) { delays := []time.Duration{} sleepDelay := func(delay time.Duration) { delays = append(delays, delay) } reqNum := 0 reqs := []http.Response{ {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, {StatusCode: 500, Body: body(`{"__type":"UnknownError","message":"An error occurred."}`)}, } s := awstesting.NewClient(aws.NewConfig().WithSleepDelay(sleepDelay)) s.Handlers.Validate.Clear() s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.UnmarshalError.PushBack(unmarshalError) s.Handlers.Send.Clear() // mock sending s.Handlers.Send.PushBack(func(r *request.Request) { r.HTTPResponse = &reqs[reqNum] reqNum++ }) r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, nil) err := r.Send() assert.NotNil(t, err) if e, ok := err.(awserr.RequestFailure); ok { assert.Equal(t, 500, e.StatusCode()) } else { assert.Fail(t, "Expected error to be a service failure") } assert.Equal(t, "UnknownError", err.(awserr.Error).Code()) assert.Equal(t, "An error occurred.", err.(awserr.Error).Message()) assert.Equal(t, 3, int(r.RetryCount)) expectDelays := []struct{ min, max time.Duration }{{30, 59}, {60, 118}, {120, 236}} for i, v := range delays { min := expectDelays[i].min * time.Millisecond max := expectDelays[i].max * time.Millisecond assert.True(t, min <= v && v <= max, "Expect delay to be within range, i:%d, v:%s, min:%s, max:%s", i, v, min, max) } }
func TestChainProviderWithNoValidProvider(t *testing.T) { errs := []error{ awserr.New("FirstError", "first provider error", nil), awserr.New("SecondError", "second provider error", nil), } p := &ChainProvider{ Providers: []Provider{ &stubProvider{err: errs[0]}, &stubProvider{err: errs[1]}, }, } assert.True(t, p.IsExpired(), "Expect expired with no providers") _, err := p.Retrieve() assert.Equal(t, ErrNoValidProvidersFoundInChain, err, "Expect no providers error returned") }
func TestChainProviderWithNoValidProviderWithVerboseEnabled(t *testing.T) { errs := []error{ awserr.New("FirstError", "first provider error", nil), awserr.New("SecondError", "second provider error", nil), } p := &ChainProvider{ VerboseErrors: true, Providers: []Provider{ &stubProvider{err: errs[0]}, &stubProvider{err: errs[1]}, }, } assert.True(t, p.IsExpired(), "Expect expired with no providers") _, err := p.Retrieve() assert.Equal(t, awserr.NewBatchError("NoCredentialProviders", "no valid providers in chain", errs), err, "Expect no providers error returned") }
// test that the request is retried after the credentials are expired. func TestRequestRecoverExpiredCreds(t *testing.T) { reqNum := 0 reqs := []http.Response{ {StatusCode: 400, Body: body(`{"__type":"ExpiredTokenException","message":"expired token"}`)}, {StatusCode: 200, Body: body(`{"data":"valid"}`)}, } s := awstesting.NewClient(&aws.Config{MaxRetries: aws.Int(10), Credentials: credentials.NewStaticCredentials("AKID", "SECRET", "")}) s.Handlers.Validate.Clear() s.Handlers.Unmarshal.PushBack(unmarshal) s.Handlers.UnmarshalError.PushBack(unmarshalError) credExpiredBeforeRetry := false credExpiredAfterRetry := false s.Handlers.AfterRetry.PushBack(func(r *request.Request) { credExpiredAfterRetry = r.Config.Credentials.IsExpired() }) s.Handlers.Sign.Clear() s.Handlers.Sign.PushBack(func(r *request.Request) { r.Config.Credentials.Get() }) s.Handlers.Send.Clear() // mock sending s.Handlers.Send.PushBack(func(r *request.Request) { r.HTTPResponse = &reqs[reqNum] reqNum++ }) out := &testData{} r := s.NewRequest(&request.Operation{Name: "Operation"}, nil, out) err := r.Send() assert.Nil(t, err) assert.False(t, credExpiredBeforeRetry, "Expect valid creds before retry check") assert.True(t, credExpiredAfterRetry, "Expect expired creds after retry check") assert.False(t, s.Config.Credentials.IsExpired(), "Expect valid creds after cred expired recovery") assert.Equal(t, 1, int(r.RetryCount)) assert.Equal(t, "valid", out.Data) }
func TestSkipPagination(t *testing.T) { client := s3.New(unit.Session) client.Handlers.Send.Clear() // mock sending client.Handlers.Unmarshal.Clear() client.Handlers.UnmarshalMeta.Clear() client.Handlers.ValidateResponse.Clear() client.Handlers.Unmarshal.PushBack(func(r *request.Request) { r.Data = &s3.HeadBucketOutput{} }) req, _ := client.HeadBucketRequest(&s3.HeadBucketInput{Bucket: aws.String("bucket")}) numPages, gotToEnd := 0, false req.EachPage(func(p interface{}, last bool) bool { numPages++ if last { gotToEnd = true } return true }) assert.Equal(t, 1, numPages) assert.True(t, gotToEnd) }
// Use DynamoDB methods for simplicity func TestPaginationQueryPage(t *testing.T) { db := dynamodb.New(unit.Session) tokens, pages, numPages, gotToEnd := []map[string]*dynamodb.AttributeValue{}, []map[string]*dynamodb.AttributeValue{}, 0, false reqNum := 0 resps := []*dynamodb.QueryOutput{ { LastEvaluatedKey: map[string]*dynamodb.AttributeValue{"key": {S: aws.String("key1")}}, Count: aws.Int64(1), Items: []map[string]*dynamodb.AttributeValue{ { "key": {S: aws.String("key1")}, }, }, }, { LastEvaluatedKey: map[string]*dynamodb.AttributeValue{"key": {S: aws.String("key2")}}, Count: aws.Int64(1), Items: []map[string]*dynamodb.AttributeValue{ { "key": {S: aws.String("key2")}, }, }, }, { LastEvaluatedKey: map[string]*dynamodb.AttributeValue{}, Count: aws.Int64(1), Items: []map[string]*dynamodb.AttributeValue{ { "key": {S: aws.String("key3")}, }, }, }, } db.Handlers.Send.Clear() // mock sending db.Handlers.Unmarshal.Clear() db.Handlers.UnmarshalMeta.Clear() db.Handlers.ValidateResponse.Clear() db.Handlers.Build.PushBack(func(r *request.Request) { in := r.Params.(*dynamodb.QueryInput) if in == nil { tokens = append(tokens, nil) } else if len(in.ExclusiveStartKey) != 0 { tokens = append(tokens, in.ExclusiveStartKey) } }) db.Handlers.Unmarshal.PushBack(func(r *request.Request) { r.Data = resps[reqNum] reqNum++ }) params := &dynamodb.QueryInput{ Limit: aws.Int64(2), TableName: aws.String("tablename"), } err := db.QueryPages(params, func(p *dynamodb.QueryOutput, last bool) bool { numPages++ for _, item := range p.Items { pages = append(pages, item) } if last { if gotToEnd { assert.Fail(t, "last=true happened twice") } gotToEnd = true } return true }) assert.Nil(t, err) assert.Equal(t, []map[string]*dynamodb.AttributeValue{ {"key": {S: aws.String("key1")}}, {"key": {S: aws.String("key2")}}, }, tokens) assert.Equal(t, []map[string]*dynamodb.AttributeValue{ {"key": {S: aws.String("key1")}}, {"key": {S: aws.String("key2")}}, {"key": {S: aws.String("key3")}}, }, pages) assert.Equal(t, 3, numPages) assert.True(t, gotToEnd) assert.Nil(t, params.ExclusiveStartKey) }