e2e: add a test case of JWT token expiration
parent
8fd01f56d6
commit
2a54e32819
|
@ -78,6 +78,11 @@ var (
|
|||
initialToken: "new",
|
||||
clientCertAuthEnabled: true,
|
||||
}
|
||||
configJWT = etcdProcessClusterConfig{
|
||||
clusterSize: 1,
|
||||
initialToken: "new",
|
||||
authTokenOpts: "jwt,pub-key=../integration/fixtures/server.crt,priv-key=../integration/fixtures/server.key.insecure,sign-method=RS256,ttl=1s",
|
||||
}
|
||||
)
|
||||
|
||||
func configStandalone(cfg etcdProcessClusterConfig) *etcdProcessClusterConfig {
|
||||
|
@ -117,6 +122,7 @@ type etcdProcessClusterConfig struct {
|
|||
quotaBackendBytes int64
|
||||
noStrictReconfig bool
|
||||
initialCorruptCheck bool
|
||||
authTokenOpts string
|
||||
}
|
||||
|
||||
// newEtcdProcessCluster launches a new cluster from etcd processes, returning
|
||||
|
@ -238,6 +244,11 @@ func (cfg *etcdProcessClusterConfig) etcdServerProcessConfigs() []*etcdServerPro
|
|||
}
|
||||
|
||||
args = append(args, cfg.tlsArgs()...)
|
||||
|
||||
if cfg.authTokenOpts != "" {
|
||||
args = append(args, "--auth-token", cfg.authTokenOpts)
|
||||
}
|
||||
|
||||
etcdCfgs[i] = &etcdServerProcessConfig{
|
||||
execPath: cfg.execPath,
|
||||
args: args,
|
||||
|
|
|
@ -18,6 +18,7 @@ import (
|
|||
"fmt"
|
||||
"os"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/coreos/etcd/clientv3"
|
||||
)
|
||||
|
@ -58,6 +59,7 @@ func TestCtlV3AuthSnapshot(t *testing.T) { testCtl(t, authTestSnapshot) }
|
|||
func TestCtlV3AuthCertCNAndUsername(t *testing.T) {
|
||||
testCtl(t, authTestCertCNAndUsername, withCfg(configClientTLSCertAuth))
|
||||
}
|
||||
func TestCtlV3AuthJWTExpire(t *testing.T) { testCtl(t, authTestJWTExpire, withCfg(configJWT)) }
|
||||
|
||||
func authEnableTest(cx ctlCtx) {
|
||||
if err := authEnable(cx); err != nil {
|
||||
|
@ -1073,3 +1075,24 @@ func authTestCertCNAndUsername(cx ctlCtx) {
|
|||
cx.t.Error(err)
|
||||
}
|
||||
}
|
||||
|
||||
func authTestJWTExpire(cx ctlCtx) {
|
||||
if err := authEnable(cx); err != nil {
|
||||
cx.t.Fatal(err)
|
||||
}
|
||||
|
||||
cx.user, cx.pass = "root", "root"
|
||||
authSetupTestUser(cx)
|
||||
|
||||
// try a granted key
|
||||
if err := ctlV3Put(cx, "hoo", "bar", ""); err != nil {
|
||||
cx.t.Error(err)
|
||||
}
|
||||
|
||||
// wait an expiration of my JWT token
|
||||
<-time.After(3 * time.Second)
|
||||
|
||||
if err := ctlV3Put(cx, "hoo", "bar", ""); err != nil {
|
||||
cx.t.Error(err)
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue