-
Notifications
You must be signed in to change notification settings - Fork 127
/
Copy pathauth_with_external_browser_test.go
178 lines (158 loc) · 5.19 KB
/
auth_with_external_browser_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
package gosnowflake
import (
"context"
"database/sql"
"errors"
"fmt"
"log"
"os/exec"
"sync"
"testing"
"time"
)
func TestExternalBrowserSuccessful(t *testing.T) {
cfg := setupExternalBrowserTest(t)
var wg sync.WaitGroup
wg.Add(2)
go func() {
defer wg.Done()
provideExternalBrowserCredentials(t, externalBrowserType.Success, cfg.User, cfg.Password)
}()
go func() {
defer wg.Done()
err := verifyConnectionToSnowflakeAuthTests(t, cfg)
assertNilE(t, err, fmt.Sprintf("Connection failed due to %v", err))
}()
wg.Wait()
}
func TestExternalBrowserFailed(t *testing.T) {
cfg := setupExternalBrowserTest(t)
cfg.ExternalBrowserTimeout = time.Duration(10) * time.Second
var wg sync.WaitGroup
wg.Add(2)
go func() {
defer wg.Done()
provideExternalBrowserCredentials(t, externalBrowserType.Fail, "FakeAccount", "NotARealPassword")
}()
go func() {
defer wg.Done()
err := verifyConnectionToSnowflakeAuthTests(t, cfg)
assertEqualE(t, err.Error(), "authentication timed out")
}()
wg.Wait()
}
func TestExternalBrowserTimeout(t *testing.T) {
cfg := setupExternalBrowserTest(t)
cfg.ExternalBrowserTimeout = time.Duration(1) * time.Second
var wg sync.WaitGroup
wg.Add(2)
go func() {
defer wg.Done()
provideExternalBrowserCredentials(t, externalBrowserType.Timeout, cfg.User, cfg.Password)
}()
go func() {
defer wg.Done()
err := verifyConnectionToSnowflakeAuthTests(t, cfg)
assertEqualE(t, err.Error(), "authentication timed out")
}()
wg.Wait()
}
func TestExternalBrowserMismatchUser(t *testing.T) {
cfg := setupExternalBrowserTest(t)
correctUsername := cfg.User
cfg.User = "fakeAccount"
var wg sync.WaitGroup
wg.Add(2)
go func() {
defer wg.Done()
provideExternalBrowserCredentials(t, externalBrowserType.Success, correctUsername, cfg.Password)
}()
go func() {
defer wg.Done()
err := verifyConnectionToSnowflakeAuthTests(t, cfg)
var snowflakeErr *SnowflakeError
assertTrueF(t, errors.As(err, &snowflakeErr))
assertEqualE(t, snowflakeErr.Number, 390191, fmt.Sprintf("Expected 390191, but got %v", snowflakeErr.Number))
}()
wg.Wait()
}
func TestClientStoreCredentials(t *testing.T) {
cfg := setupExternalBrowserTest(t)
cfg.ClientStoreTemporaryCredential = 1
cfg.ExternalBrowserTimeout = time.Duration(10) * time.Second
t.Run("Obtains the ID token from the server and saves it on the local storage", func(t *testing.T) {
cleanupBrowserProcesses(t)
var wg sync.WaitGroup
wg.Add(2)
go func() {
defer wg.Done()
provideExternalBrowserCredentials(t, externalBrowserType.Success, cfg.User, cfg.Password)
}()
go func() {
defer wg.Done()
err := verifyConnectionToSnowflakeAuthTests(t, cfg)
assertNilE(t, err, fmt.Sprintf("Connection failed: err %v", err))
}()
wg.Wait()
})
t.Run("Verify validation of ID token if option enabled", func(t *testing.T) {
cleanupBrowserProcesses(t)
cfg.ClientStoreTemporaryCredential = 1
db := getDbHandlerFromConfig(t, cfg)
conn, err := db.Conn(context.Background())
assertNilE(t, err, fmt.Sprintf("Failed to connect to Snowflake. err: %v", err))
defer conn.Close()
rows, err := conn.QueryContext(context.Background(), "SELECT 1")
assertNilE(t, err, fmt.Sprintf("Failed to run a query. err: %v", err))
rows.Close()
})
t.Run("Verify validation of IDToken if option disabled", func(t *testing.T) {
cleanupBrowserProcesses(t)
cfg.ClientStoreTemporaryCredential = 0
db := getDbHandlerFromConfig(t, cfg)
_, err := db.Conn(context.Background())
assertEqualE(t, err.Error(), "authentication timed out", fmt.Sprintf("Expected timeout, but got %v", err))
})
}
type ExternalBrowserProcessResult struct {
Success string
Fail string
Timeout string
}
var externalBrowserType = ExternalBrowserProcessResult{
Success: "success",
Fail: "fail",
Timeout: "timeout",
}
func cleanupBrowserProcesses(t *testing.T) {
const cleanBrowserProcessesPath = "/externalbrowser/cleanBrowserProcesses.js"
_, err := exec.Command("node", cleanBrowserProcessesPath).Output()
assertNilE(t, err, fmt.Sprintf("failed to execute command: %v", err))
}
func provideExternalBrowserCredentials(t *testing.T, ExternalBrowserProcess string, user string, password string) {
const provideBrowserCredentialsPath = "/externalbrowser/provideBrowserCredentials.js"
_, err := exec.Command("node", provideBrowserCredentialsPath, ExternalBrowserProcess, user, password).Output()
assertNilE(t, err, fmt.Sprintf("failed to execute command: %v", err))
}
func verifyConnectionToSnowflakeAuthTests(t *testing.T, cfg *Config) (err error) {
dsn, err := DSN(cfg)
assertNilE(t, err, "failed to create DSN from Config")
db, err := sql.Open("snowflake", dsn)
assertNilE(t, err, "failed to open Snowflake DB connection")
defer db.Close()
rows, err := db.Query("SELECT 1")
if err != nil {
log.Printf("failed to run a query. 'SELECT 1', err: %v", err)
return err
}
defer rows.Close()
assertTrueE(t, rows.Next(), "failed to get result", "There were no results for query: ")
return err
}
func setupExternalBrowserTest(t *testing.T) *Config {
runOnlyOnDockerContainer(t, "Running only on Docker container")
cleanupBrowserProcesses(t)
cfg, err := getAuthTestsConfig(t, AuthTypeExternalBrowser)
assertNilF(t, err, fmt.Sprintf("failed to get config: %v", err))
return cfg
}