app_dart/test/request_handling/swarming_authentication_test.dart - mirrors/cocoon - Git at Google

 // Copyright 2019 The Flutter Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 import 'dart:io';

 import 'package:cocoon_service/src/request_handling/authentication.dart' show AuthenticatedContext;
 import 'package:cocoon_service/src/request_handling/exceptions.dart';
 import 'package:cocoon_service/src/request_handling/swarming_authentication.dart';
 import 'package:cocoon_service/src/service/config.dart';
 import 'package:http/http.dart' as http;
 import 'package:http/testing.dart';
 import 'package:test/test.dart';

 import '../src/datastore/fake_config.dart';
 import '../src/request_handling/fake_authentication.dart';
 import '../src/request_handling/fake_http.dart';

 void main() {
   group('SwarmingAuthenticationProvider', () {
     late FakeConfig config;
     late FakeClientContext clientContext;
     late FakeHttpRequest request;
     late SwarmingAuthenticationProvider auth;

     setUp(() {
       config = FakeConfig();
       clientContext = FakeClientContext();
       request = FakeHttpRequest();
       auth = SwarmingAuthenticationProvider(
         config: config,
         clientContextProvider: () => clientContext,
       );
     });

     test('fails for App Engine cronjobs', () async {
       request.headers.set('X-Appengine-Cron', 'true');
       expect(auth.authenticate(request), throwsA(isA<Unauthenticated>()));
     });

     group('when access token is given', () {
       late MockClient httpClient;

       setUp(() {
         auth = SwarmingAuthenticationProvider(
           config: config,
           clientContextProvider: () => clientContext,
           httpClientProvider: () => httpClient,
         );
       });

       test('auth succeeds with flutter luci service account', () async {
         httpClient = MockClient((_) async => http.Response('{"email": "${Config.luciProdAccount}"}', HttpStatus.ok));
         auth = SwarmingAuthenticationProvider(
           config: config,
           clientContextProvider: () => clientContext,
           httpClientProvider: () => httpClient,
         );

         request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'token');

         final AuthenticatedContext result = await auth.authenticate(request);
         expect(result.clientContext, same(clientContext));
       });

       test('auth succeeds with frob service account', () async {
         httpClient = MockClient((_) async => http.Response('{"email": "${Config.frobAccount}"}', HttpStatus.ok));
         auth = SwarmingAuthenticationProvider(
           config: config,
           clientContextProvider: () => clientContext,
           httpClientProvider: () => httpClient,
         );
         request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'token');

         final AuthenticatedContext result = await auth.authenticate(request);
         expect(result.clientContext, same(clientContext));
       });

       test('auth fails with non-luci service account', () async {
         httpClient = MockClient((_) async => http.Response('{"email": "abc@gmail.com"}', HttpStatus.ok));
         auth = SwarmingAuthenticationProvider(
           config: config,
           clientContextProvider: () => clientContext,
           httpClientProvider: () => httpClient,
         );

         request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'unauthenticated token');

         expect(auth.authenticate(request), throwsA(isA<Unauthenticated>()));
       });

       test('auth fails with unauthenticated service account token', () async {
         httpClient = MockClient((_) async => http.Response('Invalid token', HttpStatus.unauthorized));
         auth = SwarmingAuthenticationProvider(
           config: config,
           clientContextProvider: () => clientContext,
           httpClientProvider: () => httpClient,
         );

         request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'unauthenticated token');

         expect(auth.authenticate(request), throwsA(isA<Unauthenticated>()));
       });
     });
   });
 }
	// Copyright 2019 The Flutter Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	import 'dart:io';

	import 'package:cocoon_service/src/request_handling/authentication.dart' show AuthenticatedContext;
	import 'package:cocoon_service/src/request_handling/exceptions.dart';
	import 'package:cocoon_service/src/request_handling/swarming_authentication.dart';
	import 'package:cocoon_service/src/service/config.dart';
	import 'package:http/http.dart' as http;
	import 'package:http/testing.dart';
	import 'package:test/test.dart';

	import '../src/datastore/fake_config.dart';
	import '../src/request_handling/fake_authentication.dart';
	import '../src/request_handling/fake_http.dart';

	void main() {
	group('SwarmingAuthenticationProvider', () {
	late FakeConfig config;
	late FakeClientContext clientContext;
	late FakeHttpRequest request;
	late SwarmingAuthenticationProvider auth;

	setUp(() {
	config = FakeConfig();
	clientContext = FakeClientContext();
	request = FakeHttpRequest();
	auth = SwarmingAuthenticationProvider(
	config: config,
	clientContextProvider: () => clientContext,
	);
	});

	test('fails for App Engine cronjobs', () async {
	request.headers.set('X-Appengine-Cron', 'true');
	expect(auth.authenticate(request), throwsA(isA<Unauthenticated>()));
	});

	group('when access token is given', () {
	late MockClient httpClient;

	setUp(() {
	auth = SwarmingAuthenticationProvider(
	config: config,
	clientContextProvider: () => clientContext,
	httpClientProvider: () => httpClient,
	);
	});

	test('auth succeeds with flutter luci service account', () async {
	httpClient = MockClient((_) async => http.Response('{"email": "${Config.luciProdAccount}"}', HttpStatus.ok));
	auth = SwarmingAuthenticationProvider(
	config: config,
	clientContextProvider: () => clientContext,
	httpClientProvider: () => httpClient,
	);

	request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'token');

	final AuthenticatedContext result = await auth.authenticate(request);
	expect(result.clientContext, same(clientContext));
	});

	test('auth succeeds with frob service account', () async {
	httpClient = MockClient((_) async => http.Response('{"email": "${Config.frobAccount}"}', HttpStatus.ok));
	auth = SwarmingAuthenticationProvider(
	config: config,
	clientContextProvider: () => clientContext,
	httpClientProvider: () => httpClient,
	);
	request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'token');

	final AuthenticatedContext result = await auth.authenticate(request);
	expect(result.clientContext, same(clientContext));
	});

	test('auth fails with non-luci service account', () async {
	httpClient = MockClient((_) async => http.Response('{"email": "abc@gmail.com"}', HttpStatus.ok));
	auth = SwarmingAuthenticationProvider(
	config: config,
	clientContextProvider: () => clientContext,
	httpClientProvider: () => httpClient,
	);

	request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'unauthenticated token');

	expect(auth.authenticate(request), throwsA(isA<Unauthenticated>()));
	});

	test('auth fails with unauthenticated service account token', () async {
	httpClient = MockClient((_) async => http.Response('Invalid token', HttpStatus.unauthorized));
	auth = SwarmingAuthenticationProvider(
	config: config,
	clientContextProvider: () => clientContext,
	httpClientProvider: () => httpClient,
	);

	request.headers.add(SwarmingAuthenticationProvider.kSwarmingTokenHeader, 'unauthenticated token');

	expect(auth.authenticate(request), throwsA(isA<Unauthenticated>()));
	});
	});
	});
	}