credentials.TestStsRoleARNCredentialsProviderWithSecurityToken - Code Metrics - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

rityToken A
last analyzed 2025-04-18 09:05 UTC

↳ Parent: credentials/ram_role_arn_credentials_provider_test.go

Complexity

Conditions

Size

Total Lines	11
Code Lines	8

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	3
eloc	8
nop	1
dl	0
loc	11
rs	10
c	0
b	0
f	0

package credentials

import (
	"bytes"
	"errors"
	"io/ioutil"
	"net/http"
	"strconv"
	"testing"

	"github.com/aliyun/credentials-go/credentials/internal/utils"
	"github.com/stretchr/testify/assert"
)

func mockResponse(statusCode int, content string, mockerr error) (res *http.Response, err error) {
	status := strconv.Itoa(statusCode)
	res = &http.Response{
		Proto:      "HTTP/1.1",
		ProtoMajor: 1,
		Header:     map[string][]string{"sdk": {"test"}},
		StatusCode: statusCode,
		Status:     status + " " + http.StatusText(statusCode),
	}
	res.Body = ioutil.NopCloser(bytes.NewReader([]byte(content)))
	err = mockerr
	return
}

func Test_RoleArnCredential(t *testing.T) {
	auth := newRAMRoleArnCredential("accessKeyId", "accessKeySecret", "roleArn", "roleSessionName", "policy", 300, nil)
	origTestHookDo := hookDo
	defer func() { hookDo = origTestHookDo }()
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, errors.New("Internal error"))
		}
	}
	accesskeyId, err := auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "[InvalidParam]:Assume Role session duration should be in the range of 15min - 1Hr", err.Error())
	assert.Nil(t, accesskeyId)

	accesskeySecret, err := auth.GetAccessKeySecret()
	assert.NotNil(t, err)
	assert.Equal(t, "[InvalidParam]:Assume Role session duration should be in the range of 15min - 1Hr", err.Error())
	assert.Nil(t, accesskeySecret)

	ststoken, err := auth.GetSecurityToken()
	assert.NotNil(t, err)
	assert.Equal(t, "[InvalidParam]:Assume Role session duration should be in the range of 15min - 1Hr", err.Error())
	assert.Nil(t, ststoken)

	assert.Equal(t, "", *auth.GetBearerToken())
	assert.Equal(t, "ram_role_arn", *auth.GetType())

	auth.RoleSessionExpiration = 1000
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: Internal error", err.Error())
	assert.Nil(t, accesskeyId)

	auth.RoleSessionExpiration = 0
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: Internal error", err.Error())
	assert.Nil(t, accesskeyId)

	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(300, ``, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: httpStatus: 300, message = ", err.Error())
	assert.Nil(t, accesskeyId)

	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: Json.Unmarshal fail: invalid character ':' after top-level value", err.Error())
	assert.Nil(t, accesskeyId)

	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{"Credentials":{"AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: AccessKeyId: , AccessKeySecret: accessKeySecret, SecurityToken: securitytoken, Expiration: expiration", err.Error())
	assert.Nil(t, accesskeyId)

	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{}`, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: Credentials is empty", err.Error())
	assert.Nil(t, accesskeyId)

	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.Nil(t, err)
	assert.Equal(t, "accessKeyId", *accesskeyId)

	accesskeySecret, err = auth.GetAccessKeySecret()
	assert.Nil(t, err)
	assert.Equal(t, "accessKeySecret", *accesskeySecret)

	ststoken, err = auth.GetSecurityToken()
	assert.Nil(t, err)
	assert.Equal(t, "securitytoken", *ststoken)

	cred, err := auth.GetCredential()
	assert.Nil(t, err)
	assert.Equal(t, "accessKeyId", *cred.AccessKeyId)
	assert.Equal(t, "accessKeySecret", *cred.AccessKeySecret)
	assert.Equal(t, "securitytoken", *cred.SecurityToken)
	assert.Nil(t, cred.BearerToken)
	assert.Equal(t, "ram_role_arn", *cred.Type)

	auth = newRAMRoleArnCredential("accessKeyId", "accessKeySecret", "roleArn", "roleSessionName", "policy", 3600, &utils.Runtime{STSEndpoint: "www.aliyun.com"})
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			assert.Equal(t, "www.aliyun.com", req.Host)
			return mockResponse(200, `{}`, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err: Credentials is empty", err.Error())
	assert.Nil(t, accesskeyId)

	auth = newRAMRoleArnWithExternalIdCredential("accessKeyId", "accessKeySecret", "roleArn", "roleSessionName", "policy", 3600, "externalId", nil)
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
		}
	}
	accesskeyId, err = auth.GetAccessKeyId()
	assert.Nil(t, err)
	assert.Equal(t, "accessKeyId", *accesskeyId)

	accesskeySecret, err = auth.GetAccessKeySecret()
	assert.Nil(t, err)
	assert.Equal(t, "accessKeySecret", *accesskeySecret)

	ststoken, err = auth.GetSecurityToken()
	assert.Nil(t, err)
	assert.Equal(t, "securitytoken", *ststoken)
}

func TestStsRoleARNCredentialsProviderWithSecurityToken(t *testing.T) {
	auth := newRAMRoleArnl("accessKeyId", "accessKeySecret", "securityToken", "roleArn", "roleSessionName", "policy", 3600, "externalId", nil)
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			assert.Equal(t, "securityToken", req.URL.Query().Get("SecurityToken"))
			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
		}
	}

	_, err := auth.GetCredential()
	assert.Nil(t, err)
}


1			package credentials
2
3			import (
4			"bytes"
5			"errors"
6			"io/ioutil"
7			"net/http"
8			"strconv"
9			"testing"
10
11			"github.com/aliyun/credentials-go/credentials/internal/utils"
12			"github.com/stretchr/testify/assert"
13			)
14
15			func mockResponse(statusCode int, content string, mockerr error) (res *http.Response, err error) {
16			status := strconv.Itoa(statusCode)
17			res = &http.Response{
18			Proto: "HTTP/1.1",
19			ProtoMajor: 1,
20			Header: map[string][]string{"sdk": {"test"}},
21			StatusCode: statusCode,
22			Status: status + " " + http.StatusText(statusCode),
23			}
24			res.Body = ioutil.NopCloser(bytes.NewReader([]byte(content)))
25			err = mockerr
26			return
27			}
28
29			func Test_RoleArnCredential(t *testing.T) {
30			auth := newRAMRoleArnCredential("accessKeyId", "accessKeySecret", "roleArn", "roleSessionName", "policy", 300, nil)
31			origTestHookDo := hookDo
32			defer func() { hookDo = origTestHookDo }()
33			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
34			return func(req http.Request) (http.Response, error) {
35			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, errors.New("Internal error"))
36			}
37			}
38			accesskeyId, err := auth.GetAccessKeyId()
39			assert.NotNil(t, err)
40			assert.Equal(t, "[InvalidParam]:Assume Role session duration should be in the range of 15min - 1Hr", err.Error())
41			assert.Nil(t, accesskeyId)
42
43			accesskeySecret, err := auth.GetAccessKeySecret()
44			assert.NotNil(t, err)
45			assert.Equal(t, "[InvalidParam]:Assume Role session duration should be in the range of 15min - 1Hr", err.Error())
46			assert.Nil(t, accesskeySecret)
47
48			ststoken, err := auth.GetSecurityToken()
49			assert.NotNil(t, err)
50			assert.Equal(t, "[InvalidParam]:Assume Role session duration should be in the range of 15min - 1Hr", err.Error())
51			assert.Nil(t, ststoken)
52
53			assert.Equal(t, "", *auth.GetBearerToken())
54			assert.Equal(t, "ram_role_arn", *auth.GetType())
55
56			auth.RoleSessionExpiration = 1000
57			accesskeyId, err = auth.GetAccessKeyId()
58			assert.NotNil(t, err)
59			assert.Equal(t, "refresh RoleArn sts token err: Internal error", err.Error())
60			assert.Nil(t, accesskeyId)
61
62			auth.RoleSessionExpiration = 0
63			accesskeyId, err = auth.GetAccessKeyId()
64			assert.NotNil(t, err)
65			assert.Equal(t, "refresh RoleArn sts token err: Internal error", err.Error())
66			assert.Nil(t, accesskeyId)
67
68			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
69			return func(req http.Request) (http.Response, error) {
70			return mockResponse(300, ``, nil)
71			}
72			}
73			accesskeyId, err = auth.GetAccessKeyId()
74			assert.NotNil(t, err)
75			assert.Equal(t, "refresh RoleArn sts token err: httpStatus: 300, message = ", err.Error())
76			assert.Nil(t, accesskeyId)
77
78			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
79			return func(req http.Request) (http.Response, error) {
80			return mockResponse(200, `"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, nil)
81			}
82			}
83			accesskeyId, err = auth.GetAccessKeyId()
84			assert.NotNil(t, err)
85			assert.Equal(t, "refresh RoleArn sts token err: Json.Unmarshal fail: invalid character ':' after top-level value", err.Error())
86			assert.Nil(t, accesskeyId)
87
88			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
89			return func(req http.Request) (http.Response, error) {
90			return mockResponse(200, `{"Credentials":{"AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"expiration"}}`, nil)
91			}
92			}
93			accesskeyId, err = auth.GetAccessKeyId()
94			assert.NotNil(t, err)
95			assert.Equal(t, "refresh RoleArn sts token err: AccessKeyId: , AccessKeySecret: accessKeySecret, SecurityToken: securitytoken, Expiration: expiration", err.Error())
96			assert.Nil(t, accesskeyId)
97
98			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
99			return func(req http.Request) (http.Response, error) {
100			return mockResponse(200, `{}`, nil)
101			}
102			}
103			accesskeyId, err = auth.GetAccessKeyId()
104			assert.NotNil(t, err)
105			assert.Equal(t, "refresh RoleArn sts token err: Credentials is empty", err.Error())
106			assert.Nil(t, accesskeyId)
107
108			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
109			return func(req http.Request) (http.Response, error) {
110			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
111			}
112			}
113			accesskeyId, err = auth.GetAccessKeyId()
114			assert.Nil(t, err)
115			assert.Equal(t, "accessKeyId", *accesskeyId)
116
117			accesskeySecret, err = auth.GetAccessKeySecret()
118			assert.Nil(t, err)
119			assert.Equal(t, "accessKeySecret", *accesskeySecret)
120
121			ststoken, err = auth.GetSecurityToken()
122			assert.Nil(t, err)
123			assert.Equal(t, "securitytoken", *ststoken)
124
125			cred, err := auth.GetCredential()
126			assert.Nil(t, err)
127			assert.Equal(t, "accessKeyId", *cred.AccessKeyId)
128			assert.Equal(t, "accessKeySecret", *cred.AccessKeySecret)
129			assert.Equal(t, "securitytoken", *cred.SecurityToken)
130			assert.Nil(t, cred.BearerToken)
131			assert.Equal(t, "ram_role_arn", *cred.Type)
132
133			auth = newRAMRoleArnCredential("accessKeyId", "accessKeySecret", "roleArn", "roleSessionName", "policy", 3600, &utils.Runtime{STSEndpoint: "www.aliyun.com"})
134			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
135			return func(req http.Request) (http.Response, error) {
136			assert.Equal(t, "www.aliyun.com", req.Host)
137			return mockResponse(200, `{}`, nil)
138			}
139			}
140			accesskeyId, err = auth.GetAccessKeyId()
141			assert.NotNil(t, err)
142			assert.Equal(t, "refresh RoleArn sts token err: Credentials is empty", err.Error())
143			assert.Nil(t, accesskeyId)
144
145			auth = newRAMRoleArnWithExternalIdCredential("accessKeyId", "accessKeySecret", "roleArn", "roleSessionName", "policy", 3600, "externalId", nil)
146			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
147			return func(req http.Request) (http.Response, error) {
148			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
149			}
150			}
151			accesskeyId, err = auth.GetAccessKeyId()
152			assert.Nil(t, err)
153			assert.Equal(t, "accessKeyId", *accesskeyId)
154
155			accesskeySecret, err = auth.GetAccessKeySecret()
156			assert.Nil(t, err)
157			assert.Equal(t, "accessKeySecret", *accesskeySecret)
158
159			ststoken, err = auth.GetSecurityToken()
160			assert.Nil(t, err)
161			assert.Equal(t, "securitytoken", *ststoken)
162			}
163
164			func TestStsRoleARNCredentialsProviderWithSecurityToken(t *testing.T) {
165			auth := newRAMRoleArnl("accessKeyId", "accessKeySecret", "securityToken", "roleArn", "roleSessionName", "policy", 3600, "externalId", nil)
166			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
167			return func(req http.Request) (http.Response, error) {
168			assert.Equal(t, "securityToken", req.URL.Query().Get("SecurityToken"))
169			return mockResponse(200, `{"Credentials":{"AccessKeyId":"accessKeyId","AccessKeySecret":"accessKeySecret","SecurityToken":"securitytoken","Expiration":"2020-01-02T15:04:05Z"}}`, nil)
170			}
171			}
172
173			_, err := auth.GetCredential()
174			assert.Nil(t, err)
175			}
176

aliyun / credentials-go

GitHub Access Token became invalid

rityToken A last analyzed 2025-04-18 09:05 UTC

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like

rityToken A
last analyzed 2025-04-18 09:05 UTC