func TestLeaderLeaseSwapWhileWaiting(t *testing.T) { testutil.RequireEtcd(t) defer testutil.DumpEtcdOnFailure(t) c, err := testutil.MakeNewEtcdClient() if err != nil { t.Fatal(err) } client := etcdclient.NewKeysAPI(c) key := "/random/key" if _, err := client.Set(context.Background(), key, "holder", &etcdclient.SetOptions{TTL: 10 * time.Second, PrevExist: etcdclient.PrevNoExist}); err != nil { t.Fatal(err) } go func() { time.Sleep(time.Second) if _, err := client.Set(context.Background(), key, "other", &etcdclient.SetOptions{TTL: 10 * time.Second}); err != nil { t.Fatal(err) } glog.Infof("Changed key ownership") }() lease := leaderlease.NewEtcd(c, key, "other", 10) ch := make(chan error, 1) go lease.AcquireAndHold(ch) <-ch glog.Infof("Lease acquired") lease.Release() if err, ok := <-ch; err == nil || !ok || !strings.Contains(err.Error(), "the lease has been lost") { t.Errorf("Expected error and open channel when lease was swapped: %v %t", err, ok) } <-ch glog.Infof("Lease gone") }
func TestLeaderLeaseWait(t *testing.T) { testutil.RequireEtcd(t) defer testutil.DumpEtcdOnFailure(t) c, err := testutil.MakeNewEtcdClient() if err != nil { t.Fatal(err) } client := etcdclient.NewKeysAPI(c) key := "/random/key" if _, err := client.Set(context.Background(), key, "other", &etcdclient.SetOptions{TTL: time.Second, PrevExist: etcdclient.PrevNoExist}); err != nil { t.Fatal(err) } held := make(chan struct{}) go func() { <-held if _, err := client.Delete(context.Background(), key, nil); err != nil { t.Fatal(err) } glog.Infof("Deleted key") }() lease := leaderlease.NewEtcd(c, key, "holder", 10) ch := make(chan error, 1) go lease.AcquireAndHold(ch) <-ch glog.Infof("Lease acquired") close(held) if err, ok := <-ch; err == nil || !ok || !strings.Contains(err.Error(), "the lease has been lost") { t.Errorf("Expected error and open channel when lease was swapped: %v %t", err, ok) } <-ch glog.Infof("Lease lost") select { case _, ok := <-held: if ok { t.Error("did not acquire the lease") } default: t.Error("lease is still open") } }
func TestLeaderLeaseReacquire(t *testing.T) { testutil.RequireEtcd(t) defer testutil.DumpEtcdOnFailure(t) c, err := testutil.MakeNewEtcdClient() if err != nil { t.Fatal(err) } client := etcdclient.NewKeysAPI(c) key := "/random/key" if _, err := client.Set(context.Background(), key, "holder", &etcdclient.SetOptions{TTL: time.Second, PrevExist: etcdclient.PrevNoExist}); err != nil { t.Fatal(err) } held := make(chan struct{}) go func() { <-held if _, err := client.Delete(context.Background(), key, nil); err != nil { t.Fatal(err) } glog.Infof("Deleted key") }() lease := leaderlease.NewEtcd(c, key, "holder", 1) ch := make(chan error, 1) go lease.AcquireAndHold(ch) <-ch glog.Infof("Lease acquired") time.Sleep(2 * time.Second) close(held) <-ch glog.Infof("Lease lost") select { case _, ok := <-held: if ok { t.Error("did not acquire the lease") } default: t.Error("lease is still open") } }
func TestOAuthStorage(t *testing.T) { testutil.DeleteAllEtcdKeys() groupMeta := registered.GroupOrDie(api.GroupName) etcdClient, err := testutil.MakeNewEtcdClient() if err != nil { t.Fatalf("unexpected error: %v", err) } etcdHelper := etcdstorage.NewEtcdStorage(etcdClient, kapi.Codecs.LegacyCodec(groupMeta.GroupVersions...), etcdtest.PathPrefix()) accessTokenStorage := accesstokenetcd.NewREST(etcdHelper) accessTokenRegistry := accesstokenregistry.NewRegistry(accessTokenStorage) authorizeTokenStorage := authorizetokenetcd.NewREST(etcdHelper) authorizeTokenRegistry := authorizetokenregistry.NewRegistry(authorizeTokenStorage) clientStorage := clientetcd.NewREST(etcdHelper) clientRegistry := clientregistry.NewRegistry(clientStorage) user := &testUser{UserName: "******", UserUID: "1"} storage := registrystorage.New(accessTokenRegistry, authorizeTokenRegistry, clientRegistry, user) oauthServer := osinserver.New( osinserver.NewDefaultServerConfig(), storage, osinserver.AuthorizeHandlerFunc(func(ar *osin.AuthorizeRequest, w http.ResponseWriter) (bool, error) { ar.UserData = "test" ar.Authorized = true return false, nil }), osinserver.AccessHandlerFunc(func(ar *osin.AccessRequest, w http.ResponseWriter) error { ar.UserData = "test" ar.Authorized = true ar.GenerateRefresh = false return nil }), osinserver.NewDefaultErrorHandler(), ) mux := http.NewServeMux() oauthServer.Install(mux, "") server := httptest.NewServer(mux) defer server.Close() ch := make(chan *osincli.AccessData, 1) var oaclient *osincli.Client var authReq *osincli.AuthorizeRequest assertServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { data, err := authReq.HandleRequest(r) if err != nil { t.Fatalf("unexpected error: %v", err) } tokenReq := oaclient.NewAccessRequest(osincli.AUTHORIZATION_CODE, data) token, err := tokenReq.GetToken() if err != nil { t.Fatalf("unexpected error: %v", err) } ch <- token })) clientRegistry.CreateClient(kapi.NewContext(), &api.OAuthClient{ ObjectMeta: kapi.ObjectMeta{Name: "test"}, Secret: "secret", RedirectURIs: []string{assertServer.URL + "/assert"}, }) storedClient, err := storage.GetClient("test") if err != nil { t.Fatalf("unexpected error: %v", err) } if storedClient.GetSecret() != "secret" { t.Fatalf("unexpected stored client: %#v", storedClient) } oaclientConfig := &osincli.ClientConfig{ ClientId: "test", ClientSecret: "secret", RedirectUrl: assertServer.URL + "/assert", AuthorizeUrl: server.URL + "/authorize", TokenUrl: server.URL + "/token", } osinclient, err := osincli.NewClient(oaclientConfig) if err != nil { t.Fatalf("unexpected error: %v", err) } oaclient = osinclient // initialize the assert server client as well authReq = oaclient.NewAuthorizeRequest(osincli.CODE) config := &oauth2.Config{ ClientID: "test", ClientSecret: "", Scopes: []string{"a_scope"}, RedirectURL: assertServer.URL + "/assert", Endpoint: oauth2.Endpoint{ AuthURL: server.URL + "/authorize", TokenURL: server.URL + "/token", }, } url := config.AuthCodeURL("") client := http.Client{ /*CheckRedirect: func(req *http.Request, via []*http.Request) error { t.Logf("redirect (%d): to %s, %#v", len(via), req.URL, req) return nil }*/} resp, err := client.Get(url) if err != nil { t.Fatalf("unexpected error: %v", err) } if resp.StatusCode != http.StatusOK { t.Fatalf("unexpected response: %#v", resp) } token := <-ch if token.AccessToken == "" { t.Errorf("unexpected access token: %#v", token) } actualToken, err := accessTokenRegistry.GetAccessToken(kapi.NewContext(), token.AccessToken) if err != nil { t.Fatalf("unexpected error: %v", err) } if actualToken.UserUID != "1" || actualToken.UserName != "test" { t.Errorf("unexpected stored token: %#v", actualToken) } }