providers.*errorCredentialsProvider.GetProviderName - Code Metrics - Inspection of "refine RAM role arn credentials provider" - aliyun/credentials-go - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( cd6b32...09e2c6 )

by Jackson

created 2024-08-19 10:04 UTC

A

↳ Parent: credentials/internal/providers/ram_role_arn_test.go

Complexity

Conditions

Size

Total Lines	2
Code Lines	2

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	1
eloc	2
nop	0
dl	0
loc	2
rs	10
c	0
b	0
f	0

package providers

import (
	"errors"
	"io"
	"io/ioutil"
	"net/http"
	"strconv"
	"strings"
	"testing"
	"time"

	"github.com/stretchr/testify/assert"
)

type errorReader struct {
}

func (r *errorReader) Read(p []byte) (n int, err error) {
	err = errors.New("read failed")
	return
}

func TestNewRAMRoleARNCredentialsProvider(t *testing.T) {
	// case 1: no credentials provider
	_, err := NewRAMRoleARNCredentialsProviderBuilder().
		Build()
	assert.EqualError(t, err, "must specify a previous credentials provider to asssume role")

	// case 2: no role arn
	akProvider, err := NewStaticAKCredentialsProviderBuilder().
		WithAccessKeyId("akid").
		WithAccessKeySecret("aksecret").
		Build()
	assert.Nil(t, err)
	_, err = NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		Build()
	assert.EqualError(t, err, "the RoleArn is empty")

	// case 3: check default role session name
	p, err := NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").
		Build()
	assert.Nil(t, err)
	assert.True(t, strings.HasPrefix(p.roleSessionName, "credentials-go-"))

	// case 4: check default duration seconds
	p, err = NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").Build()
	assert.Nil(t, err)
	assert.Equal(t, 3600, p.durationSeconds)

	// case 5: check invalid duration seconds
	_, err = NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").
		WithDurationSeconds(100).
		Build()
	assert.EqualError(t, err, "session duration should be in the range of 900s - max session duration")

	// case 6: check all duration seconds
	p, err = NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").
		WithStsRegion("cn-hangzhou").
		WithPolicy("policy").
		WithExternalId("externalId").
		WithRoleSessionName("rsn").
		WithDurationSeconds(1000).
		Build()
	assert.Nil(t, err)
	assert.Equal(t, "rsn", p.roleSessionName)
	assert.Equal(t, "roleArn", p.roleArn)
	assert.Equal(t, "policy", p.policy)
	assert.Equal(t, "externalId", p.externalId)
	assert.Equal(t, "cn-hangzhou", p.stsRegion)
	assert.Equal(t, 1000, p.durationSeconds)
}

func TestRAMRoleARNCredentialsProvider_getCredentials(t *testing.T) {
	akProvider, err := NewStaticAKCredentialsProviderBuilder().
		WithAccessKeyId("akid").
		WithAccessKeySecret("aksecret").
		Build()
	assert.Nil(t, err)
	p, err := NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").
		WithRoleSessionName("rsn").
		WithDurationSeconds(1000).
		Build()
	assert.Nil(t, err)

	cc, err := akProvider.GetCredentials()
	assert.Nil(t, err)

	originNewRequest := hookNewRequest
	defer func() { hookNewRequest = originNewRequest }()

	// case 1: mock new http request failed
	hookNewRequest = func(fn newReuqest) newReuqest {
		return func(method, url string, body io.Reader) (*http.Request, error) {
			return nil, errors.New("new http request failed")
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "new http request failed", err.Error())
	// reset new request
	hookNewRequest = originNewRequest

	originDo := hookDo
	defer func() { hookDo = originDo }()

	// case 2: server error
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			err = errors.New("mock server error")
			return
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "mock server error", err.Error())

	// case 3: mock read response error
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			status := strconv.Itoa(200)
			res = &http.Response{
				Proto:      "HTTP/1.1",
				ProtoMajor: 1,
				Header:     map[string][]string{},
				StatusCode: 200,
				Status:     status + " " + http.StatusText(200),
			}
			res.Body = ioutil.NopCloser(&errorReader{})
			return
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "read failed", err.Error())

	// case 4: 4xx error
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(400, "4xx error")
			return
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "refresh session token failed: 4xx error", err.Error())

	// case 5: invalid json
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(200, "invalid json")
			return
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err, json.Unmarshal fail: invalid character 'i' looking for beginning of value", err.Error())

	// case 6: empty response json
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(200, "null")
			return
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err, fail to get credentials", err.Error())

	// case 7: empty session ak response json
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(200, `{"Credentials": {}}`)
			return
		}
	}
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "refresh RoleArn sts token err, fail to get credentials", err.Error())

	// case 8: mock ok value
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(200, `{"Credentials": {"AccessKeyId":"saki","AccessKeySecret":"saks","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"token"}}`)
			return
		}
	}
	creds, err := p.getCredentials(cc)
	assert.Nil(t, err)
	assert.Equal(t, "saki", creds.AccessKeyId)
	assert.Equal(t, "saks", creds.AccessKeySecret)
	assert.Equal(t, "token", creds.SecurityToken)
	assert.Equal(t, "2021-10-20T04:27:09Z", creds.Expiration)

	// needUpdateCredential
	assert.True(t, p.needUpdateCredential())
	p.expirationTimestamp = time.Now().Unix()
	assert.True(t, p.needUpdateCredential())

	p.expirationTimestamp = time.Now().Unix() + 300
	assert.False(t, p.needUpdateCredential())
}

func TestRAMRoleARNCredentialsProvider_getCredentialsWithRequestCheck(t *testing.T) {
	originDo := hookDo
	defer func() { hookDo = originDo }()

	stsProvider, err := NewStaticSTSCredentialsProviderBuilder().
		WithAccessKeyId("akid").
		WithAccessKeySecret("aksecret").
		WithSecurityToken("ststoken").
		Build()
	assert.Nil(t, err)
	p, err := NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(stsProvider).
		WithRoleArn("roleArn").
		WithRoleSessionName("rsn").
		WithDurationSeconds(1000).
		WithPolicy("policy").
		WithStsRegion("cn-beijing").
		WithExternalId("externalId").
		Build()
	assert.Nil(t, err)

	// case 1: server error
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			assert.Equal(t, "sts.cn-beijing.aliyuncs.com", req.Host)
			assert.Contains(t, req.URL.String(), "SecurityToken=ststoken")
			body, err := ioutil.ReadAll(req.Body)
			assert.Nil(t, err)
			bodyString := string(body)
			assert.Contains(t, bodyString, "Policy=policy")
			assert.Contains(t, bodyString, "RoleArn=roleArn")
			assert.Contains(t, bodyString, "RoleSessionName=rsn")
			assert.Contains(t, bodyString, "DurationSeconds=1000")

			err = errors.New("mock server error")
			return
		}
	}

	cc, err := stsProvider.GetCredentials()
	assert.Nil(t, err)
	_, err = p.getCredentials(cc)
	assert.NotNil(t, err)
	assert.Equal(t, "mock server error", err.Error())
}

type errorCredentialsProvider struct {
}

func (p *errorCredentialsProvider) GetCredentials() (cc *Credentials, err error) {
	err = errors.New("get credentials failed")
	return
}

func (p *errorCredentialsProvider) GetProviderName() string {
	return "error_credentials_provider"
}

func TestRAMRoleARNCredentialsProviderGetCredentials(t *testing.T) {
	originDo := hookDo
	defer func() { hookDo = originDo }()

	// case 0: get previous credentials failed
	p, err := NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(&errorCredentialsProvider{}).
		WithRoleArn("roleArn").
		WithRoleSessionName("rsn").
		WithDurationSeconds(1000).
		Build()
	assert.Nil(t, err)
	_, err = p.GetCredentials()
	assert.Equal(t, "get credentials failed", err.Error())

	akProvider, err := NewStaticAKCredentialsProviderBuilder().
		WithAccessKeyId("akid").
		WithAccessKeySecret("aksecret").
		Build()
	assert.Nil(t, err)

	p, err = NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").
		WithRoleSessionName("rsn").
		WithDurationSeconds(1000).
		Build()
	assert.Nil(t, err)

	// case 1: get credentials failed
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			err = errors.New("mock server error")
			return
		}
	}
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "mock server error", err.Error())

	// case 2: get invalid expiration
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(200, `{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"invalidexpiration","SecurityToken":"ststoken"}}`)
			return
		}
	}
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Equal(t, "parsing time \"invalidexpiration\" as \"2006-01-02T15:04:05Z\": cannot parse \"invalidexpiration\" as \"2006\"", err.Error())

	// case 3: happy result
	hookDo = func(fn do) do {
		return func(req *http.Request) (res *http.Response, err error) {
			res = mockResponse(200, `{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`)
			return
		}
	}
	cc, err := p.GetCredentials()
	assert.Nil(t, err)
	assert.Equal(t, "akid", cc.AccessKeyId)
	assert.Equal(t, "aksecret", cc.AccessKeySecret)
	assert.Equal(t, "ststoken", cc.SecurityToken)
	assert.True(t, p.needUpdateCredential())
}

func TestRAMRoleARNCredentialsProviderGetCredentialsWithError(t *testing.T) {
	akProvider, err := NewStaticAKCredentialsProviderBuilder().
		WithAccessKeyId("akid").
		WithAccessKeySecret("aksecret").
		Build()
	assert.Nil(t, err)
	p, err := NewRAMRoleARNCredentialsProviderBuilder().
		WithCredentialsProvider(akProvider).
		WithRoleArn("roleArn").
		WithRoleSessionName("rsn").
		WithDurationSeconds(1000).
		Build()
	assert.Nil(t, err)
	_, err = p.GetCredentials()
	assert.NotNil(t, err)
	assert.Contains(t, err.Error(), "InvalidAccessKeyId.NotFound")
}


1			package providers
2
3			import (
4			"errors"
5			"io"
6			"io/ioutil"
7			"net/http"
8			"strconv"
9			"strings"
10			"testing"
11			"time"
12
13			"github.com/stretchr/testify/assert"
14			)
15
16			type errorReader struct {
17			}
18
19			func (r *errorReader) Read(p []byte) (n int, err error) {
20			err = errors.New("read failed")
21			return
22			}
23
24			func TestNewRAMRoleARNCredentialsProvider(t *testing.T) {
25			// case 1: no credentials provider
26			_, err := NewRAMRoleARNCredentialsProviderBuilder().
27			Build()
28			assert.EqualError(t, err, "must specify a previous credentials provider to asssume role")
29
30			// case 2: no role arn
31			akProvider, err := NewStaticAKCredentialsProviderBuilder().
32			WithAccessKeyId("akid").
33			WithAccessKeySecret("aksecret").
34			Build()
35			assert.Nil(t, err)
36			_, err = NewRAMRoleARNCredentialsProviderBuilder().
37			WithCredentialsProvider(akProvider).
38			Build()
39			assert.EqualError(t, err, "the RoleArn is empty")
40
41			// case 3: check default role session name
42			p, err := NewRAMRoleARNCredentialsProviderBuilder().
43			WithCredentialsProvider(akProvider).
44			WithRoleArn("roleArn").
45			Build()
46			assert.Nil(t, err)
47			assert.True(t, strings.HasPrefix(p.roleSessionName, "credentials-go-"))
48
49			// case 4: check default duration seconds
50			p, err = NewRAMRoleARNCredentialsProviderBuilder().
51			WithCredentialsProvider(akProvider).
52			WithRoleArn("roleArn").Build()
53			assert.Nil(t, err)
54			assert.Equal(t, 3600, p.durationSeconds)
55
56			// case 5: check invalid duration seconds
57			_, err = NewRAMRoleARNCredentialsProviderBuilder().
58			WithCredentialsProvider(akProvider).
59			WithRoleArn("roleArn").
60			WithDurationSeconds(100).
61			Build()
62			assert.EqualError(t, err, "session duration should be in the range of 900s - max session duration")
63
64			// case 6: check all duration seconds
65			p, err = NewRAMRoleARNCredentialsProviderBuilder().
66			WithCredentialsProvider(akProvider).
67			WithRoleArn("roleArn").
68			WithStsRegion("cn-hangzhou").
69			WithPolicy("policy").
70			WithExternalId("externalId").
71			WithRoleSessionName("rsn").
72			WithDurationSeconds(1000).
73			Build()
74			assert.Nil(t, err)
75			assert.Equal(t, "rsn", p.roleSessionName)
76			assert.Equal(t, "roleArn", p.roleArn)
77			assert.Equal(t, "policy", p.policy)
78			assert.Equal(t, "externalId", p.externalId)
79			assert.Equal(t, "cn-hangzhou", p.stsRegion)
80			assert.Equal(t, 1000, p.durationSeconds)
81			}
82
83			func TestRAMRoleARNCredentialsProvider_getCredentials(t *testing.T) {
84			akProvider, err := NewStaticAKCredentialsProviderBuilder().
85			WithAccessKeyId("akid").
86			WithAccessKeySecret("aksecret").
87			Build()
88			assert.Nil(t, err)
89			p, err := NewRAMRoleARNCredentialsProviderBuilder().
90			WithCredentialsProvider(akProvider).
91			WithRoleArn("roleArn").
92			WithRoleSessionName("rsn").
93			WithDurationSeconds(1000).
94			Build()
95			assert.Nil(t, err)
96
97			cc, err := akProvider.GetCredentials()
98			assert.Nil(t, err)
99
100			originNewRequest := hookNewRequest
101			defer func() { hookNewRequest = originNewRequest }()
102
103			// case 1: mock new http request failed
104			hookNewRequest = func(fn newReuqest) newReuqest {
105			return func(method, url string, body io.Reader) (*http.Request, error) {
106			return nil, errors.New("new http request failed")
107			}
108			}
109			_, err = p.getCredentials(cc)
110			assert.NotNil(t, err)
111			assert.Equal(t, "new http request failed", err.Error())
112			// reset new request
113			hookNewRequest = originNewRequest
114
115			originDo := hookDo
116			defer func() { hookDo = originDo }()
117
118			// case 2: server error
119			hookDo = func(fn do) do {
120			return func(req http.Request) (res http.Response, err error) {
121			err = errors.New("mock server error")
122			return
123			}
124			}
125			_, err = p.getCredentials(cc)
126			assert.NotNil(t, err)
127			assert.Equal(t, "mock server error", err.Error())
128
129			// case 3: mock read response error
130			hookDo = func(fn do) do {
131			return func(req http.Request) (res http.Response, err error) {
132			status := strconv.Itoa(200)
133			res = &http.Response{
134			Proto: "HTTP/1.1",
135			ProtoMajor: 1,
136			Header: map[string][]string{},
137			StatusCode: 200,
138			Status: status + " " + http.StatusText(200),
139			}
140			res.Body = ioutil.NopCloser(&errorReader{})
141			return
142			}
143			}
144			_, err = p.getCredentials(cc)
145			assert.NotNil(t, err)
146			assert.Equal(t, "read failed", err.Error())
147
148			// case 4: 4xx error
149			hookDo = func(fn do) do {
150			return func(req http.Request) (res http.Response, err error) {
151			res = mockResponse(400, "4xx error")
152			return
153			}
154			}
155			_, err = p.getCredentials(cc)
156			assert.NotNil(t, err)
157			assert.Equal(t, "refresh session token failed: 4xx error", err.Error())
158
159			// case 5: invalid json
160			hookDo = func(fn do) do {
161			return func(req http.Request) (res http.Response, err error) {
162			res = mockResponse(200, "invalid json")
163			return
164			}
165			}
166			_, err = p.getCredentials(cc)
167			assert.NotNil(t, err)
168			assert.Equal(t, "refresh RoleArn sts token err, json.Unmarshal fail: invalid character 'i' looking for beginning of value", err.Error())
169
170			// case 6: empty response json
171			hookDo = func(fn do) do {
172			return func(req http.Request) (res http.Response, err error) {
173			res = mockResponse(200, "null")
174			return
175			}
176			}
177			_, err = p.getCredentials(cc)
178			assert.NotNil(t, err)
179			assert.Equal(t, "refresh RoleArn sts token err, fail to get credentials", err.Error())
180
181			// case 7: empty session ak response json
182			hookDo = func(fn do) do {
183			return func(req http.Request) (res http.Response, err error) {
184			res = mockResponse(200, `{"Credentials": {}}`)
185			return
186			}
187			}
188			_, err = p.getCredentials(cc)
189			assert.NotNil(t, err)
190			assert.Equal(t, "refresh RoleArn sts token err, fail to get credentials", err.Error())
191
192			// case 8: mock ok value
193			hookDo = func(fn do) do {
194			return func(req http.Request) (res http.Response, err error) {
195			res = mockResponse(200, `{"Credentials": {"AccessKeyId":"saki","AccessKeySecret":"saks","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"token"}}`)
196			return
197			}
198			}
199			creds, err := p.getCredentials(cc)
200			assert.Nil(t, err)
201			assert.Equal(t, "saki", creds.AccessKeyId)
202			assert.Equal(t, "saks", creds.AccessKeySecret)
203			assert.Equal(t, "token", creds.SecurityToken)
204			assert.Equal(t, "2021-10-20T04:27:09Z", creds.Expiration)
205
206			// needUpdateCredential
207			assert.True(t, p.needUpdateCredential())
208			p.expirationTimestamp = time.Now().Unix()
209			assert.True(t, p.needUpdateCredential())
210
211			p.expirationTimestamp = time.Now().Unix() + 300
212			assert.False(t, p.needUpdateCredential())
213			}
214
215			func TestRAMRoleARNCredentialsProvider_getCredentialsWithRequestCheck(t *testing.T) {
216			originDo := hookDo
217			defer func() { hookDo = originDo }()
218
219			stsProvider, err := NewStaticSTSCredentialsProviderBuilder().
220			WithAccessKeyId("akid").
221			WithAccessKeySecret("aksecret").
222			WithSecurityToken("ststoken").
223			Build()
224			assert.Nil(t, err)
225			p, err := NewRAMRoleARNCredentialsProviderBuilder().
226			WithCredentialsProvider(stsProvider).
227			WithRoleArn("roleArn").
228			WithRoleSessionName("rsn").
229			WithDurationSeconds(1000).
230			WithPolicy("policy").
231			WithStsRegion("cn-beijing").
232			WithExternalId("externalId").
233			Build()
234			assert.Nil(t, err)
235
236			// case 1: server error
237			hookDo = func(fn do) do {
238			return func(req http.Request) (res http.Response, err error) {
239			assert.Equal(t, "sts.cn-beijing.aliyuncs.com", req.Host)
240			assert.Contains(t, req.URL.String(), "SecurityToken=ststoken")
241			body, err := ioutil.ReadAll(req.Body)
242			assert.Nil(t, err)
243			bodyString := string(body)
244			assert.Contains(t, bodyString, "Policy=policy")
245			assert.Contains(t, bodyString, "RoleArn=roleArn")
246			assert.Contains(t, bodyString, "RoleSessionName=rsn")
247			assert.Contains(t, bodyString, "DurationSeconds=1000")
248
249			err = errors.New("mock server error")
250			return
251			}
252			}
253
254			cc, err := stsProvider.GetCredentials()
255			assert.Nil(t, err)
256			_, err = p.getCredentials(cc)
257			assert.NotNil(t, err)
258			assert.Equal(t, "mock server error", err.Error())
259			}
260
261			type errorCredentialsProvider struct {
262			}
263
264			func (p errorCredentialsProvider) GetCredentials() (cc Credentials, err error) {
265			err = errors.New("get credentials failed")
266			return
267			}
268
269			func (p *errorCredentialsProvider) GetProviderName() string {
270			return "error_credentials_provider"
271			}
272
273			func TestRAMRoleARNCredentialsProviderGetCredentials(t *testing.T) {
274			originDo := hookDo
275			defer func() { hookDo = originDo }()
276
277			// case 0: get previous credentials failed
278			p, err := NewRAMRoleARNCredentialsProviderBuilder().
279			WithCredentialsProvider(&errorCredentialsProvider{}).
280			WithRoleArn("roleArn").
281			WithRoleSessionName("rsn").
282			WithDurationSeconds(1000).
283			Build()
284			assert.Nil(t, err)
285			_, err = p.GetCredentials()
286			assert.Equal(t, "get credentials failed", err.Error())
287
288			akProvider, err := NewStaticAKCredentialsProviderBuilder().
289			WithAccessKeyId("akid").
290			WithAccessKeySecret("aksecret").
291			Build()
292			assert.Nil(t, err)
293
294			p, err = NewRAMRoleARNCredentialsProviderBuilder().
295			WithCredentialsProvider(akProvider).
296			WithRoleArn("roleArn").
297			WithRoleSessionName("rsn").
298			WithDurationSeconds(1000).
299			Build()
300			assert.Nil(t, err)
301
302			// case 1: get credentials failed
303			hookDo = func(fn do) do {
304			return func(req http.Request) (res http.Response, err error) {
305			err = errors.New("mock server error")
306			return
307			}
308			}
309			_, err = p.GetCredentials()
310			assert.NotNil(t, err)
311			assert.Equal(t, "mock server error", err.Error())
312
313			// case 2: get invalid expiration
314			hookDo = func(fn do) do {
315			return func(req http.Request) (res http.Response, err error) {
316			res = mockResponse(200, `{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"invalidexpiration","SecurityToken":"ststoken"}}`)
317			return
318			}
319			}
320			_, err = p.GetCredentials()
321			assert.NotNil(t, err)
322			assert.Equal(t, "parsing time \"invalidexpiration\" as \"2006-01-02T15:04:05Z\": cannot parse \"invalidexpiration\" as \"2006\"", err.Error())
323
324			// case 3: happy result
325			hookDo = func(fn do) do {
326			return func(req http.Request) (res http.Response, err error) {
327			res = mockResponse(200, `{"Credentials": {"AccessKeyId":"akid","AccessKeySecret":"aksecret","Expiration":"2021-10-20T04:27:09Z","SecurityToken":"ststoken"}}`)
328			return
329			}
330			}
331			cc, err := p.GetCredentials()
332			assert.Nil(t, err)
333			assert.Equal(t, "akid", cc.AccessKeyId)
334			assert.Equal(t, "aksecret", cc.AccessKeySecret)
335			assert.Equal(t, "ststoken", cc.SecurityToken)
336			assert.True(t, p.needUpdateCredential())
337			}
338
339			func TestRAMRoleARNCredentialsProviderGetCredentialsWithError(t *testing.T) {
340			akProvider, err := NewStaticAKCredentialsProviderBuilder().
341			WithAccessKeyId("akid").
342			WithAccessKeySecret("aksecret").
343			Build()
344			assert.Nil(t, err)
345			p, err := NewRAMRoleARNCredentialsProviderBuilder().
346			WithCredentialsProvider(akProvider).
347			WithRoleArn("roleArn").
348			WithRoleSessionName("rsn").
349			WithDurationSeconds(1000).
350			Build()
351			assert.Nil(t, err)
352			_, err = p.GetCredentials()
353			assert.NotNil(t, err)
354			assert.Contains(t, err.Error(), "InvalidAccessKeyId.NotFound")
355			}
356

aliyun / credentials-go

GitHub Access Token became invalid

Push — master ( cd6b32...09e2c6 )

A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like