X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/fa8fd28e3ca22518a147cf34bf7146ef2a173257..ba9b709bfed45aad249b3aa0a69de9b0f9eb9861:/lib/controller/handler_test.go diff --git a/lib/controller/handler_test.go b/lib/controller/handler_test.go index a187ba4433..746b9242f2 100644 --- a/lib/controller/handler_test.go +++ b/lib/controller/handler_test.go @@ -8,7 +8,9 @@ import ( "encoding/json" "net/http" "net/http/httptest" + "net/url" "os" + "strings" "testing" "time" @@ -32,15 +34,16 @@ type HandlerSuite struct { func (s *HandlerSuite) SetUpTest(c *check.C) { s.cluster = &arvados.Cluster{ - ClusterID: "zzzzz", - SystemNodes: map[string]arvados.SystemNode{ + ClusterID: "zzzzz", + PostgreSQL: integrationTestCluster().PostgreSQL, + NodeProfiles: map[string]arvados.NodeProfile{ "*": { Controller: arvados.SystemServiceInstance{Listen: ":"}, - RailsAPI: arvados.SystemServiceInstance{Listen: os.Getenv("ARVADOS_API_HOST"), TLS: true}, + RailsAPI: arvados.SystemServiceInstance{Listen: os.Getenv("ARVADOS_TEST_API_HOST"), TLS: true, Insecure: true}, }, }, } - node := s.cluster.SystemNodes["*"] + node := s.cluster.NodeProfiles["*"] s.handler = newHandler(s.cluster, &node) } @@ -63,12 +66,12 @@ func (s *HandlerSuite) TestRequestTimeout(c *check.C) { req := httptest.NewRequest("GET", "/discovery/v1/apis/arvados/v1/rest", nil) resp := httptest.NewRecorder() s.handler.ServeHTTP(resp, req) - c.Check(resp.Code, check.Equals, http.StatusInternalServerError) + c.Check(resp.Code, check.Equals, http.StatusBadGateway) var jresp httpserver.ErrorResponse err := json.Unmarshal(resp.Body.Bytes(), &jresp) c.Check(err, check.IsNil) c.Assert(len(jresp.Errors), check.Equals, 1) - c.Check(jresp.Errors[0], check.Matches, `.*context deadline exceeded`) + c.Check(jresp.Errors[0], check.Matches, `.*context deadline exceeded.*`) } func (s *HandlerSuite) TestProxyWithoutToken(c *check.C) { @@ -94,6 +97,21 @@ func (s *HandlerSuite) TestProxyWithToken(c *check.C) { c.Check(u.UUID, check.Equals, arvadostest.ActiveUserUUID) } +func (s *HandlerSuite) TestProxyWithTokenInRequestBody(c *check.C) { + req := httptest.NewRequest("POST", "/arvados/v1/users/current", strings.NewReader(url.Values{ + "_method": {"GET"}, + "api_token": {arvadostest.ActiveToken}, + }.Encode())) + req.Header.Set("Content-type", "application/x-www-form-urlencoded") + resp := httptest.NewRecorder() + s.handler.ServeHTTP(resp, req) + c.Check(resp.Code, check.Equals, http.StatusOK) + var u arvados.User + err := json.Unmarshal(resp.Body.Bytes(), &u) + c.Check(err, check.IsNil) + c.Check(u.UUID, check.Equals, arvadostest.ActiveUserUUID) +} + func (s *HandlerSuite) TestProxyNotFound(c *check.C) { req := httptest.NewRequest("GET", "/arvados/v1/xyzzy", nil) resp := httptest.NewRecorder() @@ -104,3 +122,47 @@ func (s *HandlerSuite) TestProxyNotFound(c *check.C) { c.Check(err, check.IsNil) c.Check(jresp["errors"], check.FitsTypeOf, []interface{}{}) } + +func (s *HandlerSuite) TestProxyRedirect(c *check.C) { + req := httptest.NewRequest("GET", "https://0.0.0.0:1/login?return_to=foo", nil) + resp := httptest.NewRecorder() + s.handler.ServeHTTP(resp, req) + c.Check(resp.Code, check.Equals, http.StatusFound) + c.Check(resp.Header().Get("Location"), check.Matches, `https://0.0.0.0:1/auth/joshid\?return_to=foo&?`) +} + +func (s *HandlerSuite) TestValidateV1APIToken(c *check.C) { + req := httptest.NewRequest("GET", "/arvados/v1/users/current", nil) + user, err := s.handler.(*Handler).validateAPItoken(req, arvadostest.ActiveToken) + c.Assert(err, check.IsNil) + c.Check(user.Authorization.UUID, check.Equals, arvadostest.ActiveTokenUUID) + c.Check(user.Authorization.APIToken, check.Equals, arvadostest.ActiveToken) + c.Check(user.Authorization.Scopes, check.DeepEquals, []string{"all"}) + c.Check(user.UUID, check.Equals, arvadostest.ActiveUserUUID) +} + +func (s *HandlerSuite) TestValidateV2APIToken(c *check.C) { + req := httptest.NewRequest("GET", "/arvados/v1/users/current", nil) + user, err := s.handler.(*Handler).validateAPItoken(req, arvadostest.ActiveTokenV2) + c.Assert(err, check.IsNil) + c.Check(user.Authorization.UUID, check.Equals, arvadostest.ActiveTokenUUID) + c.Check(user.Authorization.APIToken, check.Equals, arvadostest.ActiveToken) + c.Check(user.Authorization.Scopes, check.DeepEquals, []string{"all"}) + c.Check(user.UUID, check.Equals, arvadostest.ActiveUserUUID) + c.Check(user.Authorization.TokenV2(), check.Equals, arvadostest.ActiveTokenV2) +} + +func (s *HandlerSuite) TestCreateAPIToken(c *check.C) { + req := httptest.NewRequest("GET", "/arvados/v1/users/current", nil) + auth, err := s.handler.(*Handler).createAPItoken(req, arvadostest.ActiveUserUUID, nil) + c.Assert(err, check.IsNil) + c.Check(auth.Scopes, check.DeepEquals, []string{"all"}) + + user, err := s.handler.(*Handler).validateAPItoken(req, auth.TokenV2()) + c.Assert(err, check.IsNil) + c.Check(user.Authorization.UUID, check.Equals, auth.UUID) + c.Check(user.Authorization.APIToken, check.Equals, auth.APIToken) + c.Check(user.Authorization.Scopes, check.DeepEquals, []string{"all"}) + c.Check(user.UUID, check.Equals, arvadostest.ActiveUserUUID) + c.Check(user.Authorization.TokenV2(), check.Equals, auth.TokenV2()) +}