Skip to content

Commit f51a997

Browse files
everesioeveresio
committed
Add googleid tests
1 parent 760bc31 commit f51a997

File tree

5 files changed

+147
-1
lines changed

5 files changed

+147
-1
lines changed

README.md

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -368,7 +368,6 @@ spec:
368368
* [ ] Optional ApiVersionsRequest before Local SASL Authentication Sequence
369369
* [ ] SaslHandshakeRequest v1 - Kafka 1.1.0
370370
* [X] Connect to Kafka through SOCKS5 Proxy
371-
* [ ] Proxy support for outgoing HTTP/HTTPS connections (googleid)
372371
* [ ] Performance tests and tuning
373372
* [ ] Socket buffer sizing e.g. SO_RCVBUF = 32768, SO_SNDBUF = 131072
374373
* [ ] Kafka connect tests

pkg/libs/googleid/certs_test.go

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,32 @@
1+
package googleid
2+
3+
import (
4+
"context"
5+
"github.com/stretchr/testify/assert"
6+
"testing"
7+
"time"
8+
)
9+
10+
func TestGetCerts(t *testing.T) {
11+
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
12+
defer cancel()
13+
certs, err := GetCerts(ctx)
14+
15+
a := assert.New(t)
16+
a.Nil(err)
17+
a.NotNil(certs)
18+
a.True(len(certs.Keys) > 0)
19+
20+
for _, key := range certs.Keys {
21+
a.NotEmpty(key.Kty)
22+
a.NotEmpty(key.Alg)
23+
a.NotEmpty(key.Use)
24+
a.NotEmpty(key.E)
25+
a.NotEmpty(key.N)
26+
a.NotEmpty(key.Kid)
27+
28+
pk, err := key.GetPublicKey()
29+
a.Nil(err)
30+
a.NotNil(pk)
31+
}
32+
}

pkg/libs/googleid/jwt_test.go

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
package googleid
2+
3+
import (
4+
"crypto"
5+
"crypto/rand"
6+
"crypto/rsa"
7+
"crypto/sha256"
8+
"encoding/base64"
9+
"fmt"
10+
"github.com/stretchr/testify/assert"
11+
"testing"
12+
)
13+
14+
func TestParseJWT(t *testing.T) {
15+
a := assert.New(t)
16+
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
17+
a.Nil(err)
18+
19+
testHeader := `{
20+
"alg": "RS256",
21+
"kid": "978ca4118bf1883b316bbca6ce9044d9977f2027"
22+
}`
23+
testClaims := `{
24+
"azp": "4712.apps.googleusercontent.com",
25+
"aud": "4711.apps.googleusercontent.com",
26+
"sub": "100004711",
27+
"hd": "grepplabs.com",
28+
"email": "[email protected]",
29+
"email_verified": true,
30+
"exp": 2114380800,
31+
"iss": "accounts.google.com",
32+
"iat": 1516304351
33+
}`
34+
35+
tokenString, err := encodeTestToken(testHeader, testClaims, privateKey)
36+
a.Nil(err)
37+
a.NotEmpty(tokenString)
38+
39+
token, err := ParseJWT(tokenString)
40+
a.Nil(err)
41+
a.NotNil(token)
42+
43+
a.Equal(token.Raw, tokenString)
44+
a.Equal(token.Header.Algorithm, "RS256")
45+
a.Equal(token.Header.KeyID, "978ca4118bf1883b316bbca6ce9044d9977f2027")
46+
47+
a.Equal(token.ClaimSet.Azp, "4712.apps.googleusercontent.com")
48+
a.Equal(token.ClaimSet.Aud, "4711.apps.googleusercontent.com")
49+
a.Equal(token.ClaimSet.Sub, "100004711")
50+
a.Equal(token.ClaimSet.Email, "[email protected]")
51+
a.Equal(token.ClaimSet.EmailVerified, true)
52+
a.Equal(token.ClaimSet.Exp, int64(2114380800))
53+
a.Equal(token.ClaimSet.Iss, "accounts.google.com")
54+
a.Equal(token.ClaimSet.Iat, int64(1516304351))
55+
56+
}
57+
58+
func encodeTestToken(headerJSON string, claimsJSON string, key *rsa.PrivateKey) (string, error) {
59+
sg := func(data []byte) (sig []byte, err error) {
60+
h := sha256.New()
61+
h.Write(data)
62+
return rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA256, h.Sum(nil))
63+
}
64+
ss := fmt.Sprintf("%s.%s", base64.RawURLEncoding.EncodeToString([]byte(headerJSON)), base64.RawURLEncoding.EncodeToString([]byte(claimsJSON)))
65+
sig, err := sg([]byte(ss))
66+
if err != nil {
67+
return "", err
68+
}
69+
return fmt.Sprintf("%s.%s", ss, base64.RawURLEncoding.EncodeToString(sig)), nil
70+
}

pkg/libs/googleid/service_account_test.go

Lines changed: 24 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,24 @@
1+
package googleid
2+
3+
import (
4+
"context"
5+
"github.com/stretchr/testify/assert"
6+
"os"
7+
"path/filepath"
8+
"testing"
9+
"time"
10+
)
11+
12+
func TestGetServiceAccountIDToken(t *testing.T) {
13+
t.Skip() // Uncomment to execute
14+
15+
credentialsFile := filepath.Join(os.Getenv("HOME"), "kafka-gateway-service-account.json")
16+
src, err := NewServiceAccountTokenSource(credentialsFile, "tcp://kafka-gateway.grepplabs.com")
17+
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
18+
defer cancel()
19+
token, err := src.GetIDToken(ctx)
20+
21+
a := assert.New(t)
22+
a.Nil(err)
23+
a.NotEmpty(token)
24+
}

pkg/libs/googleid/user_account_test.go

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
package googleid
2+
3+
import (
4+
"context"
5+
"github.com/stretchr/testify/assert"
6+
"testing"
7+
"time"
8+
)
9+
10+
func TestGetUserIDToken(t *testing.T) {
11+
t.Skip() // Uncomment to execute
12+
13+
src := NewAuthorizedUserTokenSource()
14+
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
15+
defer cancel()
16+
token, err := src.GetIDToken(ctx)
17+
18+
a := assert.New(t)
19+
a.Nil(err)
20+
a.NotEmpty(token)
21+
}

0 commit comments

Comments
 (0)