providers.TestCloudSSOCredentialsProvider_getCredentials - Code Metrics - Inspection of "feat: support CloudSSO credentials provider" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( a528aa...fe6920 )

unknown

created 2025-07-30 12:13 UTC

er_getCredentials C

↳ Parent: credentials/providers/cloud_sso_test.go

Complexity

Conditions

Size

Total Lines	92
Code Lines	65

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	8
eloc	65
nop	1
dl	0
loc	92
rs	6.2787
c	0
b	0
f	0

How to fix Long Method

package providers

import (
	"errors"
	"testing"
	"time"

	httputil "github.com/aliyun/credentials-go/credentials/internal/http"
	"github.com/stretchr/testify/assert"
)

func TestNewCloudSSOCredentialsProvider(t *testing.T) {

	_, err := NewCloudSSOCredentialsProviderBuilder().Build()
	assert.NotNil(t, err)
	assert.Equal(t, "CloudSSO access token is empty or expired, please re-login with cli", err.Error())

	_, err = NewCloudSSOCredentialsProviderBuilder().WithAccessToken("token").Build()
	assert.NotNil(t, err)
	assert.Equal(t, "CloudSSO access token is empty or expired, please re-login with cli", err.Error())

	_, err = NewCloudSSOCredentialsProviderBuilder().
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		Build()
	assert.NotNil(t, err)
	assert.Equal(t, "CloudSSO sign in url or account id or access config is empty", err.Error())

	_, err = NewCloudSSOCredentialsProviderBuilder().
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		WithSignInUrl("https://signin.aliyun.com").
		Build()
	assert.NotNil(t, err)
	assert.Equal(t, "CloudSSO sign in url or account id or access config is empty", err.Error())

	_, err = NewCloudSSOCredentialsProviderBuilder().
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		WithSignInUrl("https://signin.aliyun.com").
		WithAccountId("123456").
		Build()
	assert.NotNil(t, err)
	assert.Equal(t, "CloudSSO sign in url or account id or access config is empty", err.Error())

	p, err := NewCloudSSOCredentialsProviderBuilder().
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		WithSignInUrl("https://signin.aliyun.com").
		WithAccountId("123456").
		WithAccessConfig("config").
		Build()
	assert.Nil(t, err)

	assert.Equal(t, "https://signin.aliyun.com", p.signInUrl)

}

func TestCloudSSOCredentialsProvider_getCredentials(t *testing.T) {
	originHttpDo := httpDo
	defer func() { httpDo = originHttpDo }()

	p, err := NewCloudSSOCredentialsProviderBuilder().
		WithSignInUrl("https://signin-cn-shanghai.alibabacloudsso.com/a/login").
		WithAccountId("uid").
		WithAccessConfig("config").
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		Build()
	assert.Nil(t, err)

	// case 1: mock new http request failed
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		err = errors.New("mock server error")
		return
	}
	_, err = p.getCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "mock server error", err.Error())

	// case 2: 4xx error
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 400,
			Body:       []byte("4xx error"),
		}
		return
	}
	_, err = p.getCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "get session token from sso failed: 4xx error", err.Error())

	// case 3: invalid json
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 200,
			Body:       []byte("invalid json"),
		}
		return
	}
	_, err = p.getCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "get session token from sso failed, json.Unmarshal fail: invalid character 'i' looking for beginning of value", err.Error())

	// case 4: empty response json
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 200,
			Body:       []byte("null"),
		}
		return
	}
	_, err = p.getCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "get session token from sso failed, fail to get credentials", err.Error())

	// case 5: empty session ak response json
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 200,
			Body:       []byte(`{"Credentials": {}}`),
		}
		return
	}
	_, err = p.getCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "get session token from sso failed, fail to get credentials", err.Error())

	// case 6: mock ok value
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 200,
			Body:       []byte(`{"RequestId": "123", "CloudCredential": {"AccessKeyId":"ak","AccessKeySecret":"sk","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"token"}}`),
		}
		return
	}
	creds, err := p.getCredentials()
	assert.Nil(t, err)
	assert.Equal(t, "ak", creds.AccessKeyId)
	assert.Equal(t, "sk", creds.AccessKeySecret)
	assert.Equal(t, "token", creds.SecurityToken)
	assert.Equal(t, "2021-10-20T04:27:09Z", creds.Expiration)

	// needUpdateCredential
	assert.True(t, p.needUpdateCredential())
	p.expirationTimestamp = time.Now().Unix()
	assert.True(t, p.needUpdateCredential())

	p.expirationTimestamp = time.Now().Unix() + 300
	assert.False(t, p.needUpdateCredential())
}

func TestCloudSSOCredentialsProviderGetCredentials(t *testing.T) {

	p, err := NewCloudSSOCredentialsProviderBuilder().
		WithSignInUrl("https://signin-cn-shanghai.alibabacloudsso.com/a/login").
		WithAccountId("uid").
		WithAccessConfig("config").
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		WithHttpOptions(&HttpOptions{
			ConnectTimeout: 10000,
		}).
		Build()

	assert.Nil(t, err)
	assert.Equal(t, 10000, p.httpOptions.ConnectTimeout)
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Contains(t, err.Error(), "InvalidParameter.AccountId.InvalidChars")

	originHttpDo := httpDo
	defer func() { httpDo = originHttpDo }()

	// case 1: mock new http request failed
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		err = errors.New("mock server error")
		return
	}
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "mock server error", err.Error())

	// case 2: get invalid expiration
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 200,
			Body:       []byte(`{"CloudCredential": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"invalidexpiration","SecurityToken":"ststoken"}}`),
		}
		return
	}
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "parsing time \"invalidexpiration\" as \"2006-01-02T15:04:05Z\": cannot parse \"invalidexpiration\" as \"2006\"", err.Error())

	// case 3: happy result
	httpDo = func(req *httputil.Request) (res *httputil.Response, err error) {
		res = &httputil.Response{
			StatusCode: 200,
			Body:       []byte(`{"CloudCredential": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`),
		}
		return
	}
	cc, err := p.GetCredentials()
	assert.Nil(t, err)
	assert.Equal(t, "akid", cc.AccessKeyId)
	assert.Equal(t, "aksecret", cc.AccessKeySecret)
	assert.Equal(t, "ststoken", cc.SecurityToken)
	assert.Equal(t, "cloud_sso", cc.ProviderName)
	assert.True(t, p.needUpdateCredential())
}

func TestCloudSSOCredentialsProviderGetCredentialsWithHttpOptions(t *testing.T) {
	p, err := NewCloudSSOCredentialsProviderBuilder().
		WithSignInUrl("https://signin-cn-shanghai.alibabacloudsso.com/a/login").
		WithAccountId("uid").
		WithAccessConfig("config").
		WithAccessToken("token").
		WithAccessTokenExpire(time.Now().Unix() + 1000).
		WithHttpOptions(&HttpOptions{
			ConnectTimeout: 1000,
			ReadTimeout:    1000,
			Proxy:          "localhost:3999",
		}).
		Build()

	assert.Nil(t, err)
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Contains(t, err.Error(), "proxyconnect tcp:")
}


1			package providers
2
3			import (
4			"errors"
5			"testing"
6			"time"
7
8			httputil "github.com/aliyun/credentials-go/credentials/internal/http"
9			"github.com/stretchr/testify/assert"
10			)
11
12			func TestNewCloudSSOCredentialsProvider(t *testing.T) {
13
14			_, err := NewCloudSSOCredentialsProviderBuilder().Build()
15			assert.NotNil(t, err)
16			assert.Equal(t, "CloudSSO access token is empty or expired, please re-login with cli", err.Error())
17
18			_, err = NewCloudSSOCredentialsProviderBuilder().WithAccessToken("token").Build()
19			assert.NotNil(t, err)
20			assert.Equal(t, "CloudSSO access token is empty or expired, please re-login with cli", err.Error())
21
22			_, err = NewCloudSSOCredentialsProviderBuilder().
23			WithAccessToken("token").
24			WithAccessTokenExpire(time.Now().Unix() + 1000).
25			Build()
26			assert.NotNil(t, err)
27			assert.Equal(t, "CloudSSO sign in url or account id or access config is empty", err.Error())
28
29			_, err = NewCloudSSOCredentialsProviderBuilder().
30			WithAccessToken("token").
31			WithAccessTokenExpire(time.Now().Unix() + 1000).
32			WithSignInUrl("https://signin.aliyun.com").
33			Build()
34			assert.NotNil(t, err)
35			assert.Equal(t, "CloudSSO sign in url or account id or access config is empty", err.Error())
36
37			_, err = NewCloudSSOCredentialsProviderBuilder().
38			WithAccessToken("token").
39			WithAccessTokenExpire(time.Now().Unix() + 1000).
40			WithSignInUrl("https://signin.aliyun.com").
41			WithAccountId("123456").
42			Build()
43			assert.NotNil(t, err)
44			assert.Equal(t, "CloudSSO sign in url or account id or access config is empty", err.Error())
45
46			p, err := NewCloudSSOCredentialsProviderBuilder().
47			WithAccessToken("token").
48			WithAccessTokenExpire(time.Now().Unix() + 1000).
49			WithSignInUrl("https://signin.aliyun.com").
50			WithAccountId("123456").
51			WithAccessConfig("config").
52			Build()
53			assert.Nil(t, err)
54
55			assert.Equal(t, "https://signin.aliyun.com", p.signInUrl)
56
57			}
58
59			func TestCloudSSOCredentialsProvider_getCredentials(t *testing.T) {
60			originHttpDo := httpDo
61			defer func() { httpDo = originHttpDo }()
62
63			p, err := NewCloudSSOCredentialsProviderBuilder().
64			WithSignInUrl("https://signin-cn-shanghai.alibabacloudsso.com/a/login").
65			WithAccountId("uid").
66			WithAccessConfig("config").
67			WithAccessToken("token").
68			WithAccessTokenExpire(time.Now().Unix() + 1000).
69			Build()
70			assert.Nil(t, err)
71
72			// case 1: mock new http request failed
73			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
74			err = errors.New("mock server error")
75			return
76			}
77			_, err = p.getCredentials()
78			assert.NotNil(t, err)
79			assert.Equal(t, "mock server error", err.Error())
80
81			// case 2: 4xx error
82			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
83			res = &httputil.Response{
84			StatusCode: 400,
85			Body: []byte("4xx error"),
86			}
87			return
88			}
89			_, err = p.getCredentials()
90			assert.NotNil(t, err)
91			assert.Equal(t, "get session token from sso failed: 4xx error", err.Error())
92
93			// case 3: invalid json
94			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
95			res = &httputil.Response{
96			StatusCode: 200,
97			Body: []byte("invalid json"),
98			}
99			return
100			}
101			_, err = p.getCredentials()
102			assert.NotNil(t, err)
103			assert.Equal(t, "get session token from sso failed, json.Unmarshal fail: invalid character 'i' looking for beginning of value", err.Error())
104
105			// case 4: empty response json
106			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
107			res = &httputil.Response{
108			StatusCode: 200,
109			Body: []byte("null"),
110			}
111			return
112			}
113			_, err = p.getCredentials()
114			assert.NotNil(t, err)
115			assert.Equal(t, "get session token from sso failed, fail to get credentials", err.Error())
116
117			// case 5: empty session ak response json
118			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
119			res = &httputil.Response{
120			StatusCode: 200,
121			Body: []byte(`{"Credentials": {}}`),
122			}
123			return
124			}
125			_, err = p.getCredentials()
126			assert.NotNil(t, err)
127			assert.Equal(t, "get session token from sso failed, fail to get credentials", err.Error())
128
129			// case 6: mock ok value
130			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
131			res = &httputil.Response{
132			StatusCode: 200,
133			Body: []byte(`{"RequestId": "123", "CloudCredential": {"AccessKeyId":"ak","AccessKeySecret":"sk","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"token"}}`),
134			}
135			return
136			}
137			creds, err := p.getCredentials()
138			assert.Nil(t, err)
139			assert.Equal(t, "ak", creds.AccessKeyId)
140			assert.Equal(t, "sk", creds.AccessKeySecret)
141			assert.Equal(t, "token", creds.SecurityToken)
142			assert.Equal(t, "2021-10-20T04:27:09Z", creds.Expiration)
143
144			// needUpdateCredential
145			assert.True(t, p.needUpdateCredential())
146			p.expirationTimestamp = time.Now().Unix()
147			assert.True(t, p.needUpdateCredential())
148
149			p.expirationTimestamp = time.Now().Unix() + 300
150			assert.False(t, p.needUpdateCredential())
151			}
152
153			func TestCloudSSOCredentialsProviderGetCredentials(t *testing.T) {
154
155			p, err := NewCloudSSOCredentialsProviderBuilder().
156			WithSignInUrl("https://signin-cn-shanghai.alibabacloudsso.com/a/login").
157			WithAccountId("uid").
158			WithAccessConfig("config").
159			WithAccessToken("token").
160			WithAccessTokenExpire(time.Now().Unix() + 1000).
161			WithHttpOptions(&HttpOptions{
162			ConnectTimeout: 10000,
163			}).
164			Build()
165
166			assert.Nil(t, err)
167			assert.Equal(t, 10000, p.httpOptions.ConnectTimeout)
168			_, err = p.GetCredentials()
169			assert.NotNil(t, err)
170			assert.Contains(t, err.Error(), "InvalidParameter.AccountId.InvalidChars")
171
172			originHttpDo := httpDo
173			defer func() { httpDo = originHttpDo }()
174
175			// case 1: mock new http request failed
176			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
177			err = errors.New("mock server error")
178			return
179			}
180			_, err = p.GetCredentials()
181			assert.NotNil(t, err)
182			assert.Equal(t, "mock server error", err.Error())
183
184			// case 2: get invalid expiration
185			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
186			res = &httputil.Response{
187			StatusCode: 200,
188			Body: []byte(`{"CloudCredential": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"invalidexpiration","SecurityToken":"ststoken"}}`),
189			}
190			return
191			}
192			_, err = p.GetCredentials()
193			assert.NotNil(t, err)
194			assert.Equal(t, "parsing time \"invalidexpiration\" as \"2006-01-02T15:04:05Z\": cannot parse \"invalidexpiration\" as \"2006\"", err.Error())
195
196			// case 3: happy result
197			httpDo = func(req httputil.Request) (res httputil.Response, err error) {
198			res = &httputil.Response{
199			StatusCode: 200,
200			Body: []byte(`{"CloudCredential": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`),
201			}
202			return
203			}
204			cc, err := p.GetCredentials()
205			assert.Nil(t, err)
206			assert.Equal(t, "akid", cc.AccessKeyId)
207			assert.Equal(t, "aksecret", cc.AccessKeySecret)
208			assert.Equal(t, "ststoken", cc.SecurityToken)
209			assert.Equal(t, "cloud_sso", cc.ProviderName)
210			assert.True(t, p.needUpdateCredential())
211			}
212
213			func TestCloudSSOCredentialsProviderGetCredentialsWithHttpOptions(t *testing.T) {
214			p, err := NewCloudSSOCredentialsProviderBuilder().
215			WithSignInUrl("https://signin-cn-shanghai.alibabacloudsso.com/a/login").
216			WithAccountId("uid").
217			WithAccessConfig("config").
218			WithAccessToken("token").
219			WithAccessTokenExpire(time.Now().Unix() + 1000).
220			WithHttpOptions(&HttpOptions{
221			ConnectTimeout: 1000,
222			ReadTimeout: 1000,
223			Proxy: "localhost:3999",
224			}).
225			Build()
226
227			assert.Nil(t, err)
228			_, err = p.GetCredentials()
229			assert.NotNil(t, err)
230			assert.Contains(t, err.Error(), "proxyconnect tcp:")
231			}
232

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( a528aa...fe6920 )

er_getCredentials C

Complexity

Size

Duplication

Importance

How to fix Long Method

Long Method

Duplication Side-by-Side

Filter issues like