credentials.Test_oidcCredential_updateCredential - Code Metrics - Inspection of "improve test cases for OIDC provider" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 10e109...9e570d )

by Jackson

created 2024-07-29 06:03 UTC

credentials.Test_oidcCredential_updateCredential F

↳ Parent: credentials/oidc_credentials_provider_test.go

Complexity

Conditions

Size

Total Lines	108
Code Lines	77

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	15
eloc	77
nop	1
dl	0
loc	108
rs	2.8527
c	0
b	0
f	0

How to fix Long Method Complexity

package credentials

import (
	"errors"
	"net/http"
	"os"
	"path"
	"testing"

	"github.com/stretchr/testify/assert"

	"github.com/aliyun/credentials-go/credentials/utils"
)

func TestNewOidcCredentialsProvider(t *testing.T) {
	_, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "", "roleSessionName", "Policy", 3600, nil)
	assert.NotNil(t, err)
	assert.Equal(t, "the OIDC token file path is empty", err.Error())

	// get oidc token path from env
	os.Setenv("ALIBABA_CLOUD_OIDC_TOKEN_FILE", "/path/to/oidc_token")
	provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "", "roleSessionName", "Policy", 3600, nil)
	assert.Nil(t, err)
	assert.Equal(t, "/path/to/oidc_token", provider.OIDCTokenFilePath)

	os.Unsetenv("ALIBABA_CLOUD_OIDC_TOKEN_FILE")
	provider, err = newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "/path/to/oidc_token_args", "roleSessionName", "Policy", 3600, nil)
	assert.Nil(t, err)
	assert.Equal(t, "/path/to/oidc_token_args", provider.OIDCTokenFilePath)
}

func Test_oidcCredential_updateCredential(t *testing.T) {
	oidcCredential, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "/path/to/tokenFilePath", "roleSessionName", "Policy", 3600, nil)
	assert.Nil(t, err)

	c, err := oidcCredential.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
	assert.Nil(t, c)

	accessKeyId, err := oidcCredential.GetAccessKeyId()
	assert.NotNil(t, err)
	assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
	assert.Nil(t, accessKeyId)

	accessKeySecret, err := oidcCredential.GetAccessKeySecret()
	assert.NotNil(t, err)
	assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
	assert.Nil(t, accessKeySecret)

	securityToken, err := oidcCredential.GetSecurityToken()
	assert.NotNil(t, err)
	assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
	assert.Nil(t, securityToken)

	originGetFileContent := getFileContent
	defer func() {
		getFileContent = originGetFileContent
	}()
	getFileContent = func(filePath string) (content string, err error) {
		return "token", nil
	}
	// mock server error
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(500, ``, errors.New("mock server error"))
		}
	}
	c, err = oidcCredential.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "get sts token failed with: mock server error", err.Error())
	assert.Nil(t, c)
	// mock unmarshal error
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `invalid json`, nil)
		}
	}
	c, err = oidcCredential.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "get sts token failed with: Json.Unmarshal fail: invalid character 'i' looking for beginning of value", err.Error())
	assert.Nil(t, c)

	// mock null response
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `null`, nil)
		}
	}
	c, err = oidcCredential.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "get sts token failed with: credentials is empty", err.Error())
	assert.Nil(t, c)

	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{}`, nil)
		}
	}
	c, err = oidcCredential.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "get sts token failed with: credentials is empty", err.Error())
	assert.Nil(t, c)

	// mock empty ak
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{"Credentials": {}}`, nil)
		}
	}
	c, err = oidcCredential.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "get sts token failed with: AccessKeyId: , AccessKeySecret: , SecurityToken: , Expiration: ", err.Error())
	assert.Nil(t, c)

	// mock normal credentials
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			return mockResponse(200, `{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","SecurityToken":"ststoken","Expiration":"2006-01-02T15:04:05Z"}}`, nil)
		}
	}
	c, err = oidcCredential.GetCredential()
	assert.Nil(t, err)
	assert.NotNil(t, c)
	assert.Equal(t, "akid", *c.AccessKeyId)
	assert.Equal(t, "aksecret", *c.AccessKeySecret)
	assert.Equal(t, "ststoken", *c.SecurityToken)

	akid, err := oidcCredential.GetAccessKeyId()
	assert.Nil(t, err)
	assert.Equal(t, "akid", *akid)

	secret, err := oidcCredential.GetAccessKeySecret()
	assert.Nil(t, err)
	assert.Equal(t, "aksecret", *secret)

	ststoken, err := oidcCredential.GetSecurityToken()
	assert.Nil(t, err)
	assert.Equal(t, "ststoken", *ststoken)
}

func TestOIDCCredentialsProviderGetBearerToken(t *testing.T) {
	provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "tokenFilePath", "roleSessionName", "Policy", 3600, nil)
	assert.Nil(t, err)
	assert.Equal(t, "", *provider.GetBearerToken())
}

func TestOIDCCredentialsProviderGetType(t *testing.T) {
	provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "tokenFilePath", "roleSessionName", "Policy", 3600, nil)
	assert.Nil(t, err)
	assert.Equal(t, "oidc_role_arn", *provider.GetType())
}

func Test_getFileContent(t *testing.T) {
	wd, _ := os.Getwd()
	// read a normal token
	token, err := getFileContent(path.Join(wd, "../test_fixtures/oidc_token"))
	assert.Nil(t, err)
	assert.Equal(t, "test_long_oidc_token_eyJhbGciOiJSUzI1NiIsImtpZCI6ImFQaXlpNEVGSU8wWnlGcFh1V0psQUNWbklZVlJsUkNmM2tlSzNMUlhWT1UifQ.eyJhdWQiOlsic3RzLmFsaXl1bmNzLmNvbSJdLCJleHAiOjE2NDUxMTk3ODAsImlhdCI6MTY0NTA4Mzc4MCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWFjay1jbi1oYW5nemhvdS5vc3MtY24taGFuZ3pob3UtaW50ZXJuYWwuYWxpeXVuY3MuY29tL2NmMWQ4ZGIwMjM0ZDk0YzEyOGFiZDM3MTc4NWJjOWQxNSIsImt1YmVybmV0ZXMuaW8iOnsibmFtZXNwYWNlIjoidGVzdC1ycnNhIiwicG9kIjp7Im5hbWUiOiJydW4tYXMtcm9vdCIsInVpZCI6ImIzMGI0MGY2LWNiZTAtNGY0Yy1hZGYyLWM1OGQ4ZmExZTAxMCJ9LCJzZXJ2aWNlYWNjb3VudCI6eyJuYW1lIjoidXNlcjEiLCJ1aWQiOiJiZTEyMzdjYS01MTY4LTQyMzYtYWUyMC00NDM1YjhmMGI4YzAifX0sIm5iZiI6MTY0NTA4Mzc4MCwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OnRlc3QtcnJzYTp1c2VyMSJ9.XGP-wgLj-iMiAHjLe0lZLh7y48Qsj9HzsEbNh706WwerBoxnssdsyGFb9lzd2FyM8CssbAOCstr7OuAMWNdJmDZgpiOGGSbQ-KXXmbfnIS4ix-V3pQF6LVBFr7xJlj20J6YY89um3rv_04t0iCGxKWs2ZMUyU1FbZpIPRep24LVKbUz1saiiVGgDBTIZdHA13Z-jUvYAnsxK_Kj5tc1K-IuQQU0IwSKJh5OShMcdPugMV5LwTL3ogCikfB7yljq5vclBhCeF2lXLIibvwF711TOhuJ5lMlh-a2KkIgwBHhANg_U9k4Mt_VadctfUGc4hxlSbBD0w9o9mDGKwgGmW5Q", token)

	// read a empty token
	_, err = getFileContent(path.Join(wd, "../test_fixtures/empty_oidc_token"))
	assert.NotNil(t, err)
	assert.Contains(t, err.Error(), "the content of ")
	assert.Contains(t, err.Error(), "/test_fixtures/empty_oidc_token is empty")

	// read a inexist token
	_, err = getFileContent(path.Join(wd, "../test_fixtures/inexist_oidc_token"))
	assert.NotNil(t, err)
	assert.Contains(t, err.Error(), "no such file or directory")
}

func TestSTSEndpoint(t *testing.T) {
	originGetFileContent := getFileContent
	defer func() {
		getFileContent = originGetFileContent
	}()
	getFileContent = func(filePath string) (content string, err error) {
		return "token", nil
	}
	// mock server error
	hookDo = func(fn func(req *http.Request) (*http.Response, error)) func(req *http.Request) (*http.Response, error) {
		return func(req *http.Request) (*http.Response, error) {
			assert.Equal(t, "sts.cn-beijing.aliyuncs.com", req.Host)
			return mockResponse(500, ``, errors.New("mock server error"))
		}
	}

	runtime := &utils.Runtime{
		STSEndpoint: "sts.cn-beijing.aliyuncs.com",
	}
	provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "tokenFilePath", "roleSessionName", "Policy", 3600, runtime)
	assert.Nil(t, err)
	c, err := provider.GetCredential()
	assert.NotNil(t, err)
	assert.Equal(t, "get sts token failed with: mock server error", err.Error())
	assert.Nil(t, c)
}


1			package credentials
2
3			import (
4			"errors"
5			"net/http"
6			"os"
7			"path"
8			"testing"
9
10			"github.com/stretchr/testify/assert"
11
12			"github.com/aliyun/credentials-go/credentials/utils"
13			)
14
15			func TestNewOidcCredentialsProvider(t *testing.T) {
16			_, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "", "roleSessionName", "Policy", 3600, nil)
17			assert.NotNil(t, err)
18			assert.Equal(t, "the OIDC token file path is empty", err.Error())
19
20			// get oidc token path from env
21			os.Setenv("ALIBABA_CLOUD_OIDC_TOKEN_FILE", "/path/to/oidc_token")
22			provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "", "roleSessionName", "Policy", 3600, nil)
23			assert.Nil(t, err)
24			assert.Equal(t, "/path/to/oidc_token", provider.OIDCTokenFilePath)
25
26			os.Unsetenv("ALIBABA_CLOUD_OIDC_TOKEN_FILE")
27			provider, err = newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "/path/to/oidc_token_args", "roleSessionName", "Policy", 3600, nil)
28			assert.Nil(t, err)
29			assert.Equal(t, "/path/to/oidc_token_args", provider.OIDCTokenFilePath)
30			}
31
32			func Test_oidcCredential_updateCredential(t *testing.T) {
33			oidcCredential, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "/path/to/tokenFilePath", "roleSessionName", "Policy", 3600, nil)
34			assert.Nil(t, err)
35
36			c, err := oidcCredential.GetCredential()
37			assert.NotNil(t, err)
38			assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
39			assert.Nil(t, c)
40
41			accessKeyId, err := oidcCredential.GetAccessKeyId()
42			assert.NotNil(t, err)
43			assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
44			assert.Nil(t, accessKeyId)
45
46			accessKeySecret, err := oidcCredential.GetAccessKeySecret()
47			assert.NotNil(t, err)
48			assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
49			assert.Nil(t, accessKeySecret)
50
51			securityToken, err := oidcCredential.GetSecurityToken()
52			assert.NotNil(t, err)
53			assert.Equal(t, "read oidc token file failed: open /path/to/tokenFilePath: no such file or directory", err.Error())
54			assert.Nil(t, securityToken)
55
56			originGetFileContent := getFileContent
57			defer func() {
58			getFileContent = originGetFileContent
59			}()
60			getFileContent = func(filePath string) (content string, err error) {
61			return "token", nil
62			}
63			// mock server error
64			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
65			return func(req http.Request) (http.Response, error) {
66			return mockResponse(500, ``, errors.New("mock server error"))
67			}
68			}
69			c, err = oidcCredential.GetCredential()
70			assert.NotNil(t, err)
71			assert.Equal(t, "get sts token failed with: mock server error", err.Error())
72			assert.Nil(t, c)
73			// mock unmarshal error
74			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
75			return func(req http.Request) (http.Response, error) {
76			return mockResponse(200, `invalid json`, nil)
77			}
78			}
79			c, err = oidcCredential.GetCredential()
80			assert.NotNil(t, err)
81			assert.Equal(t, "get sts token failed with: Json.Unmarshal fail: invalid character 'i' looking for beginning of value", err.Error())
82			assert.Nil(t, c)
83
84			// mock null response
85			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
86			return func(req http.Request) (http.Response, error) {
87			return mockResponse(200, `null`, nil)
88			}
89			}
90			c, err = oidcCredential.GetCredential()
91			assert.NotNil(t, err)
92			assert.Equal(t, "get sts token failed with: credentials is empty", err.Error())
93			assert.Nil(t, c)
94
95			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
96			return func(req http.Request) (http.Response, error) {
97			return mockResponse(200, `{}`, nil)
98			}
99			}
100			c, err = oidcCredential.GetCredential()
101			assert.NotNil(t, err)
102			assert.Equal(t, "get sts token failed with: credentials is empty", err.Error())
103			assert.Nil(t, c)
104
105			// mock empty ak
106			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
107			return func(req http.Request) (http.Response, error) {
108			return mockResponse(200, `{"Credentials": {}}`, nil)
109			}
110			}
111			c, err = oidcCredential.GetCredential()
112			assert.NotNil(t, err)
113			assert.Equal(t, "get sts token failed with: AccessKeyId: , AccessKeySecret: , SecurityToken: , Expiration: ", err.Error())
114			assert.Nil(t, c)
115
116			// mock normal credentials
117			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
118			return func(req http.Request) (http.Response, error) {
119			return mockResponse(200, `{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","SecurityToken":"ststoken","Expiration":"2006-01-02T15:04:05Z"}}`, nil)
120			}
121			}
122			c, err = oidcCredential.GetCredential()
123			assert.Nil(t, err)
124			assert.NotNil(t, c)
125			assert.Equal(t, "akid", *c.AccessKeyId)
126			assert.Equal(t, "aksecret", *c.AccessKeySecret)
127			assert.Equal(t, "ststoken", *c.SecurityToken)
128
129			akid, err := oidcCredential.GetAccessKeyId()
130			assert.Nil(t, err)
131			assert.Equal(t, "akid", *akid)
132
133			secret, err := oidcCredential.GetAccessKeySecret()
134			assert.Nil(t, err)
135			assert.Equal(t, "aksecret", *secret)
136
137			ststoken, err := oidcCredential.GetSecurityToken()
138			assert.Nil(t, err)
139			assert.Equal(t, "ststoken", *ststoken)
140			}
141
142			func TestOIDCCredentialsProviderGetBearerToken(t *testing.T) {
143			provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "tokenFilePath", "roleSessionName", "Policy", 3600, nil)
144			assert.Nil(t, err)
145			assert.Equal(t, "", *provider.GetBearerToken())
146			}
147
148			func TestOIDCCredentialsProviderGetType(t *testing.T) {
149			provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "tokenFilePath", "roleSessionName", "Policy", 3600, nil)
150			assert.Nil(t, err)
151			assert.Equal(t, "oidc_role_arn", *provider.GetType())
152			}
153
154			func Test_getFileContent(t *testing.T) {
155			wd, _ := os.Getwd()
156			// read a normal token
157			token, err := getFileContent(path.Join(wd, "../test_fixtures/oidc_token"))
158			assert.Nil(t, err)
159			assert.Equal(t, "test_long_oidc_token_eyJhbGciOiJSUzI1NiIsImtpZCI6ImFQaXlpNEVGSU8wWnlGcFh1V0psQUNWbklZVlJsUkNmM2tlSzNMUlhWT1UifQ.eyJhdWQiOlsic3RzLmFsaXl1bmNzLmNvbSJdLCJleHAiOjE2NDUxMTk3ODAsImlhdCI6MTY0NTA4Mzc4MCwiaXNzIjoiaHR0cHM6Ly9vaWRjLWFjay1jbi1oYW5nemhvdS5vc3MtY24taGFuZ3pob3UtaW50ZXJuYWwuYWxpeXVuY3MuY29tL2NmMWQ4ZGIwMjM0ZDk0YzEyOGFiZDM3MTc4NWJjOWQxNSIsImt1YmVybmV0ZXMuaW8iOnsibmFtZXNwYWNlIjoidGVzdC1ycnNhIiwicG9kIjp7Im5hbWUiOiJydW4tYXMtcm9vdCIsInVpZCI6ImIzMGI0MGY2LWNiZTAtNGY0Yy1hZGYyLWM1OGQ4ZmExZTAxMCJ9LCJzZXJ2aWNlYWNjb3VudCI6eyJuYW1lIjoidXNlcjEiLCJ1aWQiOiJiZTEyMzdjYS01MTY4LTQyMzYtYWUyMC00NDM1YjhmMGI4YzAifX0sIm5iZiI6MTY0NTA4Mzc4MCwic3ViIjoic3lzdGVtOnNlcnZpY2VhY2NvdW50OnRlc3QtcnJzYTp1c2VyMSJ9.XGP-wgLj-iMiAHjLe0lZLh7y48Qsj9HzsEbNh706WwerBoxnssdsyGFb9lzd2FyM8CssbAOCstr7OuAMWNdJmDZgpiOGGSbQ-KXXmbfnIS4ix-V3pQF6LVBFr7xJlj20J6YY89um3rv_04t0iCGxKWs2ZMUyU1FbZpIPRep24LVKbUz1saiiVGgDBTIZdHA13Z-jUvYAnsxK_Kj5tc1K-IuQQU0IwSKJh5OShMcdPugMV5LwTL3ogCikfB7yljq5vclBhCeF2lXLIibvwF711TOhuJ5lMlh-a2KkIgwBHhANg_U9k4Mt_VadctfUGc4hxlSbBD0w9o9mDGKwgGmW5Q", token)
160
161			// read a empty token
162			_, err = getFileContent(path.Join(wd, "../test_fixtures/empty_oidc_token"))
163			assert.NotNil(t, err)
164			assert.Contains(t, err.Error(), "the content of ")
165			assert.Contains(t, err.Error(), "/test_fixtures/empty_oidc_token is empty")
166
167			// read a inexist token
168			_, err = getFileContent(path.Join(wd, "../test_fixtures/inexist_oidc_token"))
169			assert.NotNil(t, err)
170			assert.Contains(t, err.Error(), "no such file or directory")
171			}
172
173			func TestSTSEndpoint(t *testing.T) {
174			originGetFileContent := getFileContent
175			defer func() {
176			getFileContent = originGetFileContent
177			}()
178			getFileContent = func(filePath string) (content string, err error) {
179			return "token", nil
180			}
181			// mock server error
182			hookDo = func(fn func(req http.Request) (http.Response, error)) func(req http.Request) (http.Response, error) {
183			return func(req http.Request) (http.Response, error) {
184			assert.Equal(t, "sts.cn-beijing.aliyuncs.com", req.Host)
185			return mockResponse(500, ``, errors.New("mock server error"))
186			}
187			}
188
189			runtime := &utils.Runtime{
190			STSEndpoint: "sts.cn-beijing.aliyuncs.com",
191			}
192			provider, err := newOIDCRoleArnCredential("accessKeyId", "accessKeySecret", "RoleArn", "OIDCProviderArn", "tokenFilePath", "roleSessionName", "Policy", 3600, runtime)
193			assert.Nil(t, err)
194			c, err := provider.GetCredential()
195			assert.NotNil(t, err)
196			assert.Equal(t, "get sts token failed with: mock server error", err.Error())
197			assert.Nil(t, c)
198			}
199

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( 10e109...9e570d )

credentials.Test_oidcCredential_updateCredential F

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Complexity

Duplication Side-by-Side

Filter issues like