33de701263
* refactor(atomicx): move outside the engine package
After merging probe-engine into probe-cli, my impression is that we have
too much unnecessary nesting of packages in this repository.
The idea of this commit and of a bunch of following commits will instead
be to reduce the nesting and simplify the structure.
While there, improve the documentation.
* fix: always use the atomicx package
For consistency, never use sync/atomic and always use ./internal/atomicx
so we can just grep and make sure we're not risking to crash if we make
a subtle mistake on a 32 bit platform.
While there, mention in the contributing guidelines that we want to
always prefer the ./internal/atomicx package over sync/atomic.
* fix(atomicx): remove unnecessary constructor
We don't need a constructor here. The default constructed `&Int64{}`
instance is already usable and the constructor does not add anything to
what we are doing, rather it just creates extra confusion.
* cleanup(atomicx): we are not using Float64
Because atomicx.Float64 is unused, we can safely zap it.
* cleanup(atomicx): simplify impl and improve tests
We can simplify the implementation by using defer and by letting
the Load() method call Add(0).
We can improve tests by making many goroutines updated the
atomic int64 value concurrently.
* refactor(fsx): can live in the ./internal pkg
Let us reduce the amount of nesting. While there, ensure that the
package only exports the bare minimum, and improve the documentation
of the tests, to ease reading the code.
* refactor: move runtimex to ./internal
* refactor: move shellx into the ./internal package
While there, remove unnecessary dependency between packages.
While there, specify in the contributing guidelines that
one should use x/sys/execabs instead of os/exec.
* refactor: move ooapi into the ./internal pkg
* refactor(humanize): move to ./internal and better docs
* refactor: move platform to ./internal
* refactor(randx): move to ./internal
* refactor(multierror): move into the ./internal pkg
* refactor(kvstore): all kvstores in ./internal
Rather than having part of the kvstore inside ./internal/engine/kvstore
and part in ./internal/engine/kvstore.go, let us put every piece of code
that is kvstore related into the ./internal/kvstore package.
* fix(kvstore): always return ErrNoSuchKey on Get() error
It should help to use the kvstore everywhere removing all the
copies that are lingering around the tree.
* sessionresolver: make KVStore mandatory
Simplifies implementation. While there, use the ./internal/kvstore
package rather than having our private implementation.
* fix(ooapi): use the ./internal/kvstore package
* fix(platform): better documentation
1434 lines
35 KiB
Go
1434 lines
35 KiB
Go
// Code generated by go generate; DO NOT EDIT.
|
|
// 2021-05-12 09:15:06.893164862 +0200 CEST m=+0.000136881
|
|
|
|
package ooapi
|
|
|
|
//go:generate go run ./internal/generator -file login_test.go
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"net/http/httptest"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/google/go-cmp/cmp"
|
|
"github.com/ooni/probe-cli/v3/internal/atomicx"
|
|
"github.com/ooni/probe-cli/v3/internal/kvstore"
|
|
"github.com/ooni/probe-cli/v3/internal/ooapi/apimodel"
|
|
)
|
|
|
|
func TestRegisterAndLoginPsiphonConfigSuccess(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigContinueUsingToken(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
// step 2: we disable register and login but we
|
|
// should be okay because of the token
|
|
errMocked := errors.New("mocked error")
|
|
registerAPI.Err = errMocked
|
|
registerAPI.Response = nil
|
|
loginAPI.Err = errMocked
|
|
loginAPI.Response = nil
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigWithValidButExpiredToken(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
errMocked := errors.New("mocked error")
|
|
registerAPI := &FakeRegisterAPI{
|
|
Err: errMocked,
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
ls := &loginState{
|
|
ClientID: "antani-antani",
|
|
Expire: time.Now().Add(-5 * time.Second),
|
|
Token: "antani-antani-token",
|
|
Password: "antani-antani-password",
|
|
}
|
|
if err := login.writestate(ls); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 0 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigWithRegisterAPIError(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
errMocked := errors.New("mocked error")
|
|
registerAPI := &FakeRegisterAPI{
|
|
Err: errMocked,
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigWithLoginFailure(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
errMocked := errors.New("mocked error")
|
|
loginAPI := &FakeLoginAPI{
|
|
Err: errMocked,
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestRegisterAndLoginPsiphonConfigThenFail(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
errMocked := errors.New("mocked error")
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Err: errMocked,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigTheDatabaseIsReplaced(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simplePsiphonConfigAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget accounts and try again.
|
|
handler.forgetLogins()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 3 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 2 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestRegisterAndLoginPsiphonConfigCannotWriteState(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
errMocked := errors.New("mocked error")
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: &FakePsiphonConfigAPI{
|
|
WithResult: &FakePsiphonConfigAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
JSONCodec: &FakeCodec{
|
|
EncodeErr: errMocked,
|
|
},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigReadStateDecodeFailure(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.PsiphonConfigResponse
|
|
ff.fill(&expect)
|
|
errMocked := errors.New("mocked error")
|
|
login := &withLoginPsiphonConfigAPI{
|
|
KVStore: &kvstore.Memory{},
|
|
JSONCodec: &FakeCodec{DecodeErr: errMocked},
|
|
}
|
|
ls := &loginState{
|
|
ClientID: "antani-antani",
|
|
Expire: time.Now().Add(-5 * time.Second),
|
|
Token: "antani-antani-token",
|
|
Password: "antani-antani-password",
|
|
}
|
|
if err := login.writestate(ls); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
out, err := login.forceLogin(context.Background())
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if out != "" {
|
|
t.Fatal("expected empty string here")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigTheDatabaseIsReplacedThenFailure(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simplePsiphonConfigAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget accounts and try again.
|
|
// but registrations are also failing.
|
|
handler.forgetLogins()
|
|
handler.noRegister = true
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, ErrHTTPFailure) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if handler.logins.Load() != 2 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 2 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigClockIsOffThenSuccess(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simplePsiphonConfigAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget tokens and try again.
|
|
// this should simulate the client clock
|
|
// being off and considering a token still valid
|
|
handler.forgetTokens()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 2 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigClockIsOffThen401(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simplePsiphonConfigAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget tokens and try again.
|
|
// this should simulate the client clock
|
|
// being off and considering a token still valid
|
|
handler.forgetTokens()
|
|
handler.failCallWith = []int{401, 401}
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 3 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 2 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestPsiphonConfigClockIsOffThen500(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simplePsiphonConfigAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginPsiphonConfigAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.PsiphonConfigRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget tokens and try again.
|
|
// this should simulate the client clock
|
|
// being off and considering a token still valid
|
|
handler.forgetTokens()
|
|
handler.failCallWith = []int{401, 500}
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, ErrHTTPFailure) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if handler.logins.Load() != 2 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestRegisterAndLoginTorTargetsSuccess(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsContinueUsingToken(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
// step 2: we disable register and login but we
|
|
// should be okay because of the token
|
|
errMocked := errors.New("mocked error")
|
|
registerAPI.Err = errMocked
|
|
registerAPI.Response = nil
|
|
loginAPI.Err = errMocked
|
|
loginAPI.Response = nil
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsWithValidButExpiredToken(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
errMocked := errors.New("mocked error")
|
|
registerAPI := &FakeRegisterAPI{
|
|
Err: errMocked,
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
ls := &loginState{
|
|
ClientID: "antani-antani",
|
|
Expire: time.Now().Add(-5 * time.Second),
|
|
Token: "antani-antani-token",
|
|
Password: "antani-antani-password",
|
|
}
|
|
if err := login.writestate(ls); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if diff := cmp.Diff(expect, resp); diff != "" {
|
|
t.Fatal(diff)
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 0 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsWithRegisterAPIError(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
errMocked := errors.New("mocked error")
|
|
registerAPI := &FakeRegisterAPI{
|
|
Err: errMocked,
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsWithLoginFailure(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
errMocked := errors.New("mocked error")
|
|
loginAPI := &FakeLoginAPI{
|
|
Err: errMocked,
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestRegisterAndLoginTorTargetsThenFail(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
errMocked := errors.New("mocked error")
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Err: errMocked,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsTheDatabaseIsReplaced(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simpleTorTargetsAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget accounts and try again.
|
|
handler.forgetLogins()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 3 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 2 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestRegisterAndLoginTorTargetsCannotWriteState(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
registerAPI := &FakeRegisterAPI{
|
|
Response: &apimodel.RegisterResponse{
|
|
ClientID: "antani-antani",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
loginAPI := &FakeLoginAPI{
|
|
Response: &apimodel.LoginResponse{
|
|
Expire: time.Now().Add(3600 * time.Second),
|
|
Token: "antani-antani-token",
|
|
},
|
|
CountCall: &atomicx.Int64{},
|
|
}
|
|
errMocked := errors.New("mocked error")
|
|
login := &withLoginTorTargetsAPI{
|
|
API: &FakeTorTargetsAPI{
|
|
WithResult: &FakeTorTargetsAPI{
|
|
Response: expect,
|
|
},
|
|
},
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
JSONCodec: &FakeCodec{
|
|
EncodeErr: errMocked,
|
|
},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if loginAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid loginAPI.CountCall")
|
|
}
|
|
if registerAPI.CountCall.Load() != 1 {
|
|
t.Fatal("invalid registerAPI.CountCall")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsReadStateDecodeFailure(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
var expect apimodel.TorTargetsResponse
|
|
ff.fill(&expect)
|
|
errMocked := errors.New("mocked error")
|
|
login := &withLoginTorTargetsAPI{
|
|
KVStore: &kvstore.Memory{},
|
|
JSONCodec: &FakeCodec{DecodeErr: errMocked},
|
|
}
|
|
ls := &loginState{
|
|
ClientID: "antani-antani",
|
|
Expire: time.Now().Add(-5 * time.Second),
|
|
Token: "antani-antani-token",
|
|
Password: "antani-antani-password",
|
|
}
|
|
if err := login.writestate(ls); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
out, err := login.forceLogin(context.Background())
|
|
if !errors.Is(err, errMocked) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if out != "" {
|
|
t.Fatal("expected empty string here")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsTheDatabaseIsReplacedThenFailure(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simpleTorTargetsAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget accounts and try again.
|
|
// but registrations are also failing.
|
|
handler.forgetLogins()
|
|
handler.noRegister = true
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, ErrHTTPFailure) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if handler.logins.Load() != 2 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 2 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsClockIsOffThenSuccess(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simpleTorTargetsAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget tokens and try again.
|
|
// this should simulate the client clock
|
|
// being off and considering a token still valid
|
|
handler.forgetTokens()
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 2 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsClockIsOffThen401(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simpleTorTargetsAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget tokens and try again.
|
|
// this should simulate the client clock
|
|
// being off and considering a token still valid
|
|
handler.forgetTokens()
|
|
handler.failCallWith = []int{401, 401}
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 3 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 2 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
|
|
func TestTorTargetsClockIsOffThen500(t *testing.T) {
|
|
ff := &fakeFill{}
|
|
handler := &LoginHandler{
|
|
logins: &atomicx.Int64{},
|
|
registers: &atomicx.Int64{},
|
|
t: t,
|
|
}
|
|
srvr := httptest.NewServer(handler)
|
|
defer srvr.Close()
|
|
registerAPI := &simpleRegisterAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
loginAPI := &simpleLoginAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
baseAPI := &simpleTorTargetsAPI{
|
|
HTTPClient: &VerboseHTTPClient{T: t},
|
|
BaseURL: srvr.URL,
|
|
}
|
|
login := &withLoginTorTargetsAPI{
|
|
API: baseAPI,
|
|
RegisterAPI: registerAPI,
|
|
LoginAPI: loginAPI,
|
|
KVStore: &kvstore.Memory{},
|
|
}
|
|
var req *apimodel.TorTargetsRequest
|
|
ff.fill(&req)
|
|
ctx := context.Background()
|
|
// step 1: we register and login and use the token
|
|
// inside a scope just to avoid mistakes
|
|
{
|
|
resp, err := login.Call(ctx, req)
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
if resp == nil {
|
|
t.Fatal("expected non-nil response")
|
|
}
|
|
if handler.logins.Load() != 1 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|
|
// step 2: we forget tokens and try again.
|
|
// this should simulate the client clock
|
|
// being off and considering a token still valid
|
|
handler.forgetTokens()
|
|
handler.failCallWith = []int{401, 500}
|
|
resp, err := login.Call(ctx, req)
|
|
if !errors.Is(err, ErrHTTPFailure) {
|
|
t.Fatal("not the error we expected", err)
|
|
}
|
|
if resp != nil {
|
|
t.Fatal("expected nil response")
|
|
}
|
|
if handler.logins.Load() != 2 {
|
|
t.Fatal("invalid handler.logins")
|
|
}
|
|
if handler.registers.Load() != 1 {
|
|
t.Fatal("invalid handler.registers")
|
|
}
|
|
}
|