Skip to content

Commit 117dd40

Browse files
michaelklishinmergify[bot]
michaelklishin
authored and
mergify[bot]
committed
OAuth 2: more tests in follow-up to #4588
(cherry picked from commit 38c5683)
1 parent 763e5f1 commit 117dd40

File tree

1 file changed

+78
-11
lines changed

1 file changed

+78
-11
lines changed

deps/rabbitmq_auth_backend_oauth2/test/system_SUITE.erl

Lines changed: 78 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -55,9 +55,11 @@ groups() ->
5555
]},
5656

5757
{scope_aliases, [], [
58-
test_successful_connection_with_with_scope_alias_in_extra_scopes_source,
58+
test_successful_connection_with_with_single_scope_alias_in_extra_scopes_source,
59+
test_successful_connection_with_with_multiple_scope_aliases_in_extra_scopes_source,
5960
test_successful_connection_with_scope_alias_in_scope_field_case1,
6061
test_successful_connection_with_scope_alias_in_scope_field_case2,
62+
test_successful_connection_with_scope_alias_in_scope_field_case3,
6163
test_failed_connection_with_with_non_existent_scope_alias_in_extra_scopes_source,
6264
test_failed_connection_with_non_existent_scope_alias_in_scope_field
6365
]}
@@ -72,7 +74,9 @@ groups() ->
7274
-define(EXTRA_SCOPES_SOURCE, <<"additional_rabbitmq_scopes">>).
7375
-define(CLAIMS_FIELD, <<"claims">>).
7476

75-
-define(SCOPE_ALIAS_NAME, <<"role-1">>).
77+
-define(SCOPE_ALIAS_NAME, <<"role-1">>).
78+
-define(SCOPE_ALIAS_NAME_2, <<"role-2">>).
79+
-define(SCOPE_ALIAS_NAME_3, <<"role-3">>).
7680

7781
init_per_suite(Config) ->
7882
rabbit_ct_helpers:log_environment(),
@@ -126,7 +130,7 @@ init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection
126130
rabbit_ct_helpers:testcase_started(Config, Testcase),
127131
Config;
128132

129-
init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_with_scope_alias_in_extra_scopes_source ->
133+
init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_with_single_scope_alias_in_extra_scopes_source ->
130134
rabbit_ct_broker_helpers:add_vhost(Config, <<"vhost1">>),
131135
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
132136
[rabbitmq_auth_backend_oauth2, extra_scopes_source, ?CLAIMS_FIELD]),
@@ -141,6 +145,25 @@ init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection
141145
rabbit_ct_helpers:testcase_started(Config, Testcase),
142146
Config;
143147

148+
init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_with_multiple_scope_aliases_in_extra_scopes_source ->
149+
rabbit_ct_broker_helpers:add_vhost(Config, <<"vhost4">>),
150+
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
151+
[rabbitmq_auth_backend_oauth2, extra_scopes_source, ?CLAIMS_FIELD]),
152+
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
153+
[rabbitmq_auth_backend_oauth2, scope_aliases, #{
154+
?SCOPE_ALIAS_NAME => [
155+
<<"rabbitmq.configure:vhost4/*">>
156+
],
157+
?SCOPE_ALIAS_NAME_2 => [
158+
<<"rabbitmq.write:vhost4/*">>
159+
],
160+
?SCOPE_ALIAS_NAME_3 => [
161+
<<"rabbitmq.read:vhost4/*">>
162+
]
163+
}]),
164+
rabbit_ct_helpers:testcase_started(Config, Testcase),
165+
Config;
166+
144167
init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_scope_alias_in_scope_field_case1 orelse
145168
Testcase =:= test_successful_connection_with_scope_alias_in_scope_field_case2 ->
146169
rabbit_ct_broker_helpers:add_vhost(Config, <<"vhost2">>),
@@ -154,6 +177,22 @@ init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection
154177
]),
155178
rabbit_ct_helpers:testcase_started(Config, Testcase),
156179
Config;
180+
init_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_scope_alias_in_scope_field_case3 ->
181+
rabbit_ct_broker_helpers:add_vhost(Config, <<"vhost3">>),
182+
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, set_env,
183+
[rabbitmq_auth_backend_oauth2, scope_aliases, #{
184+
?SCOPE_ALIAS_NAME => [
185+
<<"rabbitmq.configure:vhost3/*">>
186+
],
187+
?SCOPE_ALIAS_NAME_2 => [
188+
<<"rabbitmq.write:vhost3/*">>
189+
],
190+
?SCOPE_ALIAS_NAME_3 => [
191+
<<"rabbitmq.read:vhost3/*">>
192+
]
193+
}]),
194+
rabbit_ct_helpers:testcase_started(Config, Testcase),
195+
Config;
157196

158197
init_per_testcase(Testcase, Config) ->
159198
rabbit_ct_helpers:testcase_started(Config, Testcase),
@@ -179,7 +218,7 @@ end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_
179218
rabbit_ct_helpers:testcase_finished(Config, Testcase),
180219
Config;
181220

182-
end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_with_scope_alias_in_extra_scopes_source ->
221+
end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_with_single_scope_alias_in_extra_scopes_source ->
183222
rabbit_ct_broker_helpers:delete_vhost(Config, <<"vhost1">>),
184223
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, unset_env,
185224
[rabbitmq_auth_backend_oauth2, scope_aliases]),
@@ -188,6 +227,15 @@ end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_
188227
rabbit_ct_helpers:testcase_finished(Config, Testcase),
189228
Config;
190229

230+
end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_with_multiple_scope_aliases_in_extra_scopes_source ->
231+
rabbit_ct_broker_helpers:delete_vhost(Config, <<"vhost4">>),
232+
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, unset_env,
233+
[rabbitmq_auth_backend_oauth2, scope_aliases]),
234+
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, unset_env,
235+
[rabbitmq_auth_backend_oauth2, extra_scopes_source]),
236+
rabbit_ct_helpers:testcase_finished(Config, Testcase),
237+
Config;
238+
191239
end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_scope_alias_in_scope_field_case1 orelse
192240
Testcase =:= test_successful_connection_with_scope_alias_in_scope_field_case2 ->
193241
rabbit_ct_broker_helpers:delete_vhost(Config, <<"vhost2">>),
@@ -196,6 +244,13 @@ end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_
196244
rabbit_ct_helpers:testcase_finished(Config, Testcase),
197245
Config;
198246

247+
end_per_testcase(Testcase, Config) when Testcase =:= test_successful_connection_with_scope_alias_in_scope_field_case3 ->
248+
rabbit_ct_broker_helpers:delete_vhost(Config, <<"vhost3">>),
249+
ok = rabbit_ct_broker_helpers:rpc(Config, 0, application, unset_env,
250+
[rabbitmq_auth_backend_oauth2, scope_aliases]),
251+
rabbit_ct_helpers:testcase_finished(Config, Testcase),
252+
Config;
253+
199254
end_per_testcase(Testcase, Config) ->
200255
rabbit_ct_broker_helpers:delete_vhost(Config, <<"vhost1">>),
201256
rabbit_ct_helpers:testcase_finished(Config, Testcase),
@@ -447,26 +502,38 @@ test_failed_token_refresh_case2(Config) ->
447502
close_connection(Conn).
448503

449504

450-
test_successful_connection_with_with_scope_alias_in_extra_scopes_source(Config) ->
505+
test_successful_connection_with_with_single_scope_alias_in_extra_scopes_source(Config) ->
506+
test_successful_connection_with_with_scope_aliases_in_extra_scopes_source(Config, ?SCOPE_ALIAS_NAME, <<"vhost1">>).
507+
508+
test_successful_connection_with_with_multiple_scope_aliases_in_extra_scopes_source(Config) ->
509+
Claims = [?SCOPE_ALIAS_NAME, ?SCOPE_ALIAS_NAME_2, ?SCOPE_ALIAS_NAME_3],
510+
test_successful_connection_with_with_scope_aliases_in_extra_scopes_source(Config, Claims, <<"vhost4">>).
511+
512+
test_successful_connection_with_with_scope_aliases_in_extra_scopes_source(Config, Claims, VHost) ->
451513
{_Algo, Token} = generate_valid_token_with_extra_fields(
452514
Config,
453-
#{<<"claims">> => ?SCOPE_ALIAS_NAME}
515+
#{<<"claims">> => Claims}
454516
),
455-
Conn = open_unmanaged_connection(Config, 0, <<"vhost1">>, <<"username">>, Token),
517+
Conn = open_unmanaged_connection(Config, 0, VHost, <<"username">>, Token),
456518
{ok, Ch} = amqp_connection:open_channel(Conn),
457519
#'queue.declare_ok'{} =
458520
amqp_channel:call(Ch, #'queue.declare'{queue = <<"one">>, exclusive = true}),
459521
close_connection_and_channel(Conn, Ch).
460522

523+
461524
test_successful_connection_with_scope_alias_in_scope_field_case1(Config) ->
462-
test_successful_connection_with_scope_alias_in_scope_field_case(Config, ?SCOPE_ALIAS_NAME).
525+
test_successful_connection_with_scope_alias_in_scope_field_case(Config, ?SCOPE_ALIAS_NAME, <<"vhost2">>).
463526

464527
test_successful_connection_with_scope_alias_in_scope_field_case2(Config) ->
465-
test_successful_connection_with_scope_alias_in_scope_field_case(Config, [?SCOPE_ALIAS_NAME]).
528+
test_successful_connection_with_scope_alias_in_scope_field_case(Config, [?SCOPE_ALIAS_NAME], <<"vhost2">>).
466529

467-
test_successful_connection_with_scope_alias_in_scope_field_case(Config, Scopes) ->
530+
test_successful_connection_with_scope_alias_in_scope_field_case3(Config) ->
531+
Scopes = [?SCOPE_ALIAS_NAME, ?SCOPE_ALIAS_NAME_2, ?SCOPE_ALIAS_NAME_3],
532+
test_successful_connection_with_scope_alias_in_scope_field_case(Config, Scopes, <<"vhost3">>).
533+
534+
test_successful_connection_with_scope_alias_in_scope_field_case(Config, Scopes, VHost) ->
468535
{_Algo, Token} = generate_valid_token(Config, Scopes),
469-
Conn = open_unmanaged_connection(Config, 0, <<"vhost2">>, <<"username">>, Token),
536+
Conn = open_unmanaged_connection(Config, 0, VHost, <<"username">>, Token),
470537
{ok, Ch} = amqp_connection:open_channel(Conn),
471538
#'queue.declare_ok'{} =
472539
amqp_channel:call(Ch, #'queue.declare'{queue = <<"one">>, exclusive = true}),

0 commit comments

Comments
 (0)