server/rest/controller/v4/auth_resource_test.go - servicecomb-service-center - Git at Google

 package v4_test

 import (
 	"bytes"
 	"context"
 	"encoding/json"
 	"github.com/apache/servicecomb-service-center/pkg/rbacframe"
 	"github.com/apache/servicecomb-service-center/pkg/rest"
 	v4 "github.com/apache/servicecomb-service-center/server/rest/controller/v4"
 	"github.com/apache/servicecomb-service-center/server/service/rbac"
 	"github.com/apache/servicecomb-service-center/server/service/rbac/dao"
 	"github.com/astaxie/beego"
 	"github.com/go-chassis/go-archaius"
 	"github.com/go-chassis/go-chassis/security/secret"
 	"github.com/stretchr/testify/assert"
 	"io/ioutil"
 	"net/http"
 	"net/http/httptest"
 	"testing"

 	_ "github.com/apache/servicecomb-service-center/test"
 )

 func init() {
 	beego.AppConfig.Set("rbac_enabled", "true")
 	beego.AppConfig.Set(rbac.PubFilePath, "./rbac.pub")
 	beego.AppConfig.Set("rbac_rsa_private_key_file", "./private.key")
 }
 func TestAuthResource_Login(t *testing.T) {
 	err := archaius.Init(archaius.WithMemorySource(), archaius.WithENVSource())
 	assert.NoError(t, err)

 	pri, pub, err := secret.GenRSAKeyPair(4096)
 	assert.NoError(t, err)

 	b, err := secret.RSAPrivate2Bytes(pri)
 	assert.NoError(t, err)
 	ioutil.WriteFile("./private.key", b, 0600)
 	b, err = secret.RSAPublicKey2Bytes(pub)
 	err = ioutil.WriteFile("./rbac.pub", b, 0600)
 	assert.NoError(t, err)

 	archaius.Set(rbac.InitPassword, "Complicated_password1")

 	ctx := context.TODO()
 	dao.DeleteAccount(ctx, "root")
 	archaius.Init(archaius.WithMemorySource())

 	rbac.Init()
 	rest.RegisterServant(&v4.AuthResource{})

 	dao.DeleteAccount(ctx, "dev_account")

 	t.Run("invalid user login", func(t *testing.T) {
 		b, _ := json.Marshal(&rbacframe.Account{Name: "dev_account", Password: "Complicated_password1"})

 		r, _ := http.NewRequest(http.MethodPost, "/v4/token", bytes.NewBuffer(b))
 		w := httptest.NewRecorder()
 		rest.GetRouter().ServeHTTP(w, r)
 		assert.NotEqual(t, http.StatusOK, w.Code)
 	})
 	err = dao.CreateAccount(ctx, &rbacframe.Account{Name: "dev_account",
 		Password: "Complicated_password1",
 		Role:     "developer"})
 	assert.NoError(t, err)

 	t.Run("root login", func(t *testing.T) {
 		b, _ := json.Marshal(&rbacframe.Account{Name: "root", Password: "Complicated_password1"})

 		r, _ := http.NewRequest(http.MethodPost, "/v4/token", bytes.NewBuffer(b))
 		w := httptest.NewRecorder()
 		rest.GetRouter().ServeHTTP(w, r)
 		assert.Equal(t, http.StatusOK, w.Code)
 	})
 	t.Run("dev_account login", func(t *testing.T) {
 		b, _ := json.Marshal(&rbacframe.Account{Name: "dev_account", Password: "Complicated_password1"})

 		r, _ := http.NewRequest(http.MethodPost, "/v4/token", bytes.NewBuffer(b))
 		w := httptest.NewRecorder()
 		rest.GetRouter().ServeHTTP(w, r)
 		assert.Equal(t, http.StatusOK, w.Code)
 	})
 }
	package v4_test

	import (
	"bytes"
	"context"
	"encoding/json"
	"github.com/apache/servicecomb-service-center/pkg/rbacframe"
	"github.com/apache/servicecomb-service-center/pkg/rest"
	v4 "github.com/apache/servicecomb-service-center/server/rest/controller/v4"
	"github.com/apache/servicecomb-service-center/server/service/rbac"
	"github.com/apache/servicecomb-service-center/server/service/rbac/dao"
	"github.com/astaxie/beego"
	"github.com/go-chassis/go-archaius"
	"github.com/go-chassis/go-chassis/security/secret"
	"github.com/stretchr/testify/assert"
	"io/ioutil"
	"net/http"
	"net/http/httptest"
	"testing"

	_ "github.com/apache/servicecomb-service-center/test"
	)

	func init() {
	beego.AppConfig.Set("rbac_enabled", "true")
	beego.AppConfig.Set(rbac.PubFilePath, "./rbac.pub")
	beego.AppConfig.Set("rbac_rsa_private_key_file", "./private.key")
	}
	func TestAuthResource_Login(t *testing.T) {
	err := archaius.Init(archaius.WithMemorySource(), archaius.WithENVSource())
	assert.NoError(t, err)

	pri, pub, err := secret.GenRSAKeyPair(4096)
	assert.NoError(t, err)

	b, err := secret.RSAPrivate2Bytes(pri)
	assert.NoError(t, err)
	ioutil.WriteFile("./private.key", b, 0600)
	b, err = secret.RSAPublicKey2Bytes(pub)
	err = ioutil.WriteFile("./rbac.pub", b, 0600)
	assert.NoError(t, err)

	archaius.Set(rbac.InitPassword, "Complicated_password1")

	ctx := context.TODO()
	dao.DeleteAccount(ctx, "root")
	archaius.Init(archaius.WithMemorySource())

	rbac.Init()
	rest.RegisterServant(&v4.AuthResource{})

	dao.DeleteAccount(ctx, "dev_account")

	t.Run("invalid user login", func(t *testing.T) {
	b, _ := json.Marshal(&rbacframe.Account{Name: "dev_account", Password: "Complicated_password1"})

	r, _ := http.NewRequest(http.MethodPost, "/v4/token", bytes.NewBuffer(b))
	w := httptest.NewRecorder()
	rest.GetRouter().ServeHTTP(w, r)
	assert.NotEqual(t, http.StatusOK, w.Code)
	})
	err = dao.CreateAccount(ctx, &rbacframe.Account{Name: "dev_account",
	Password: "Complicated_password1",
	Role: "developer"})
	assert.NoError(t, err)

	t.Run("root login", func(t *testing.T) {
	b, _ := json.Marshal(&rbacframe.Account{Name: "root", Password: "Complicated_password1"})

	r, _ := http.NewRequest(http.MethodPost, "/v4/token", bytes.NewBuffer(b))
	w := httptest.NewRecorder()
	rest.GetRouter().ServeHTTP(w, r)
	assert.Equal(t, http.StatusOK, w.Code)
	})
	t.Run("dev_account login", func(t *testing.T) {
	b, _ := json.Marshal(&rbacframe.Account{Name: "dev_account", Password: "Complicated_password1"})

	r, _ := http.NewRequest(http.MethodPost, "/v4/token", bytes.NewBuffer(b))
	w := httptest.NewRecorder()
	rest.GetRouter().ServeHTTP(w, r)
	assert.Equal(t, http.StatusOK, w.Code)
	})
	}