add authenticator tests

Author: liustve

aws-distro-opentelemetry-node-autoinstrumentation/src/exporter/otlp/aws/common/aws-authenticator.ts

@@ -39,7 +39,7 @@ export class AwsAuthenticator {
 
       if (serializedData == undefined) {
         diag.error('Given serialized data is undefined. Not authenticating.');
-        return;
+        return headers;
       }
 
       const cleanedHeaders = this.removeSigV4Headers(headers);

aws-distro-opentelemetry-node-autoinstrumentation/test/exporter/otlp/aws/common/aws-authenticator.test.ts

@@ -0,0 +1,157 @@
+// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+// SPDX-License-Identifier: Apache-2.0
+
+import { describe, it, beforeEach } from 'mocha';
+import * as proxyquire from 'proxyquire';
+import * as sinon from 'sinon';
+import expect from 'expect';
+import { AwsAuthenticator } from '../../../../../src/exporter/otlp/aws/common/aws-authenticator';
+
+const PATH = '../../../../../src/exporter/otlp/aws/common/aws-authenticator';
+const SIGNATURE_V4_MODULE = '@smithy/signature-v4';
+const CREDENTIAL_PROVIDER_MODULE = '@aws-sdk/credential-provider-node';
+const SHA_256_MODULE = '@aws-crypto/sha256-js';
+const AWS_HTTP_MODULE = '@smithy/protocol-http';
+
+const AWS_OTLP_TRACES_ENDPOINT = 'https://xray.us-east-1.amazonaws.com/v1/traces';
+
+const AUTHORIZATION_HEADER = 'authorization';
+const X_AMZ_DATE_HEADER = 'x-amz-date';
+const X_AMZ_SECURITY_TOKEN_HEADER = 'x-amz-security-token';
+
+const mockCredentials = {
+  accessKeyId: 'test_access_key',
+  secretAccessKey: 'test_secret_key',
+  sessionToken: 'test_session_token',
+};
+
+describe('AwsAuthenticator', () => {
+  let sandbox: sinon.SinonSandbox;
+
+  beforeEach(() => {
+    sandbox = sinon.createSandbox();
+  });
+
+  afterEach(() => {
+    sandbox.restore();
+  });
+
+  describe('should not inject SigV4 Headers if required modules are not available', async () => {
+    const dependencies = [SIGNATURE_V4_MODULE, CREDENTIAL_PROVIDER_MODULE, SHA_256_MODULE, AWS_HTTP_MODULE];
+
+    dependencies.forEach(dependency => {
+      it(`should not sign headers if missing dependency: ${dependency}`, async () => {
+        Object.keys(require.cache).forEach(key => {
+          delete require.cache[key];
+        });
+
+        const requireStub = sandbox.stub(require('module'), '_load');
+        requireStub.withArgs(dependency).throws(new Error(`Cannot find module '${dependency}'`));
+        requireStub.callThrough();
+
+        const { AwsAuthenticator: MockThrowableModuleAuthenticator } = require(PATH);
+
+        const result = await new MockThrowableModuleAuthenticator('us-east-1', 'xray').authenticate(
+          AWS_OTLP_TRACES_ENDPOINT,
+          {},
+          new Uint8Array()
+        );
+
+        expect(result).not.toHaveProperty(AUTHORIZATION_HEADER);
+        expect(result).not.toHaveProperty(X_AMZ_DATE_HEADER);
+        expect(result).not.toHaveProperty(X_AMZ_SECURITY_TOKEN_HEADER);
+      });
+    });
+  });
+
+  it('should not inject SigV4 Headers if serialized data is undefined', async () => {
+    const authenticator = new AwsAuthenticator('us-east-1', 'xray');
+    const result = await authenticator.authenticate(AWS_OTLP_TRACES_ENDPOINT, {}, undefined);
+
+    expect(result).not.toHaveProperty(AUTHORIZATION_HEADER);
+    expect(result).not.toHaveProperty(X_AMZ_DATE_HEADER);
+    expect(result).not.toHaveProperty(X_AMZ_SECURITY_TOKEN_HEADER);
+  });
+
+  it('should inject SigV4 Headers', async () => {
+    const expected = {
+      [AUTHORIZATION_HEADER]: 'testAuth',
+      [X_AMZ_DATE_HEADER]: 'testDate',
+      [X_AMZ_SECURITY_TOKEN_HEADER]: 'testSecurityToken',
+    };
+
+    const AwsAuthenticatorWithMock = proxyquire(PATH, {
+      [CREDENTIAL_PROVIDER_MODULE]: {
+        defaultProvider: () => Promise.resolve(mockCredentials),
+      },
+      [SIGNATURE_V4_MODULE]: {
+        SignatureV4: class {
+          constructor() {}
+          sign(request: any) {
+            return Promise.resolve({
+              headers: expected,
+            });
+          }
+        },
+      },
+    }).AwsAuthenticator;
+
+    const result = await new AwsAuthenticatorWithMock('us-east-1', 'xray').authenticate(
+      AWS_OTLP_TRACES_ENDPOINT,
+      { test: 'test' },
+      new Uint8Array()
+    );
+
+    expect(result).toHaveProperty(AUTHORIZATION_HEADER);
+    expect(result).toHaveProperty(X_AMZ_DATE_HEADER);
+    expect(result).toHaveProperty(X_AMZ_SECURITY_TOKEN_HEADER);
+
+    expect(result[AUTHORIZATION_HEADER]).toBe(expected[AUTHORIZATION_HEADER]);
+    expect(result[X_AMZ_DATE_HEADER]).toBe(expected[X_AMZ_DATE_HEADER]);
+    expect(result[X_AMZ_SECURITY_TOKEN_HEADER]).toBe(expected[X_AMZ_SECURITY_TOKEN_HEADER]);
+  });
+
+  it('should clear SigV4 headers if already present ', async () => {
+    const notExpected = {
+      [AUTHORIZATION_HEADER]: 'notExpectedAuth',
+      [X_AMZ_DATE_HEADER]: 'notExpectedDate',
+      [X_AMZ_SECURITY_TOKEN_HEADER]: 'notExpectedSecurityToken',
+    };
+
+    const expected = {
+      [AUTHORIZATION_HEADER]: 'testAuth',
+      [X_AMZ_DATE_HEADER]: 'testDate',
+      [X_AMZ_SECURITY_TOKEN_HEADER]: 'testSecurityToken',
+    };
+
+    const AwsAuthenticatorWithMock = proxyquire(PATH, {
+      [CREDENTIAL_PROVIDER_MODULE]: {
+        defaultProvider: () => Promise.resolve(mockCredentials),
+      },
+      [SIGNATURE_V4_MODULE]: {
+        SignatureV4: class {
+          constructor() {}
+          sign(request: any) {
+            return Promise.resolve({
+              headers: expected,
+            });
+          }
+        },
+      },
+    }).AwsAuthenticator;
+
+    const result = await new AwsAuthenticatorWithMock('us-east-1', 'xray').authenticate(
+      AWS_OTLP_TRACES_ENDPOINT,
+      notExpected,
+      new Uint8Array()
+    );
+
+    expect(result).toHaveProperty(AUTHORIZATION_HEADER);
+    expect(result).toHaveProperty(X_AMZ_DATE_HEADER);
+    expect(result).toHaveProperty(X_AMZ_SECURITY_TOKEN_HEADER);
+
+    expect(result[AUTHORIZATION_HEADER]).toBe(expected[AUTHORIZATION_HEADER]);
+    expect(result[X_AMZ_DATE_HEADER]).toBe(expected[X_AMZ_DATE_HEADER]);
+    expect(result[X_AMZ_SECURITY_TOKEN_HEADER]).toBe(expected[X_AMZ_SECURITY_TOKEN_HEADER]);
+  });
+});