From 106cca5f907218b44ba72230a203e52559e7f5ba Mon Sep 17 00:00:00 2001
From: Sergey Yakubov <sergey.yakubov@desy.de>
Date: Fri, 11 Feb 2022 20:26:09 +0100
Subject: [PATCH] fix tests
---
.../src/asapo_authorizer/server/authorize.go | 59 ++++-----
.../asapo_authorizer/server/authorize_test.go | 124 +++++++++---------
.../request_handler/authorization_client.cpp | 19 ++-
.../test_authorization_client.cpp | 45 +++++--
..._request_handler_initial_authorization.cpp | 4 -
5 files changed, 134 insertions(+), 117 deletions(-)
diff --git a/authorizer/src/asapo_authorizer/server/authorize.go b/authorizer/src/asapo_authorizer/server/authorize.go
index 60d12b5eb..45e3dcc4e 100644
--- a/authorizer/src/asapo_authorizer/server/authorize.go
+++ b/authorizer/src/asapo_authorizer/server/authorize.go
@@ -12,51 +12,44 @@ import (
)
type SourceCredentials struct {
- BeamtimeId string
- Beamline string
- DataSource string
- Token string
- Type string
+ BeamtimeId string
+ Beamline string
+ DataSource string
+ Token string
+ Type string
// Optional
- InstanceId string `json:",omitempty"`
- PipelineStep string `json:",omitempty"`
+ InstanceId string `json:",omitempty"`
+ PipelineStep string `json:",omitempty"`
}
type authorizationRequest struct {
SourceCredentials string
OriginHost string
- NewFormat bool
}
func getSourceCredentials(request authorizationRequest) (SourceCredentials, error) {
vals := strings.Split(request.SourceCredentials, "%")
nvals := len(vals)
- if (request.NewFormat && nvals < 7) || (!request.NewFormat && nvals < 5) {
+ if nvals < 7 {
return SourceCredentials{}, errors.New("cannot get source credentials from " + request.SourceCredentials)
}
var creds SourceCredentials
- if request.NewFormat {
- creds = SourceCredentials{
- Type: vals[0],
- InstanceId: vals[1], PipelineStep: vals[2],
- BeamtimeId: vals[3], Beamline: vals[4], Token: vals[nvals-1]}
- creds.DataSource = strings.Join(vals[5:nvals-1], "%")
- if creds.InstanceId == "" {
- creds.InstanceId = "auto"
- }
+ creds = SourceCredentials{
+ Type: vals[0],
+ InstanceId: vals[1], PipelineStep: vals[2],
+ BeamtimeId: vals[3], Beamline: vals[4], Token: vals[nvals-1]}
+ creds.DataSource = strings.Join(vals[5:nvals-1], "%")
+ if creds.InstanceId == "" {
+ creds.InstanceId = "auto"
+ }
- if creds.PipelineStep == "" {
- creds.PipelineStep = "auto"
- }
- } else {
- creds = SourceCredentials{
- Type: vals[0],
- BeamtimeId: vals[1], Beamline: vals[2], Token: vals[nvals-1]}
- creds.DataSource = strings.Join(vals[3:nvals-1], "%")
+ if creds.PipelineStep == "" {
+ creds.PipelineStep = "auto"
}
+
if creds.DataSource == "" {
creds.DataSource = "detector"
}
@@ -69,8 +62,6 @@ func getSourceCredentials(request authorizationRequest) (SourceCredentials, erro
creds.BeamtimeId = "auto"
}
-
-
if creds.InstanceId == "auto" || creds.PipelineStep == "auto" {
return SourceCredentials{}, errors.New("InstanceId and PipelineStep must be already set on client side")
}
@@ -364,12 +355,12 @@ func authorize(request authorizationRequest, creds SourceCredentials) (common.Be
meta.AccessTypes = accessTypes
log.WithFields(map[string]interface{}{
- "beamline":creds.Beamline,
- "beamtime":creds.BeamtimeId,
- "origin":request.OriginHost,
- "type":meta.Type,
- "onlinePath":meta.OnlinePath,
- "offlinePath":meta.OfflinePath,
+ "beamline": creds.Beamline,
+ "beamtime": creds.BeamtimeId,
+ "origin": request.OriginHost,
+ "type": meta.Type,
+ "onlinePath": meta.OnlinePath,
+ "offlinePath": meta.OfflinePath,
}).Debug("authorized credentials")
return meta, nil
}
diff --git a/authorizer/src/asapo_authorizer/server/authorize_test.go b/authorizer/src/asapo_authorizer/server/authorize_test.go
index 4ecd35f41..38e79b31f 100644
--- a/authorizer/src/asapo_authorizer/server/authorize_test.go
+++ b/authorizer/src/asapo_authorizer/server/authorize_test.go
@@ -77,35 +77,34 @@ func doPostRequest(path string, buf string, authHeader string) *httptest.Respons
}
var credTests = []struct {
- newFormat bool
request string
cred SourceCredentials
ok bool
message string
}{
- {false, "processed%asapo_test%auto%%", SourceCredentials{"asapo_test", "auto", "detector", "", "processed", "", ""}, true, "auto beamline, source and no token"},
- {false, "processed%asapo_test%auto%%token", SourceCredentials{"asapo_test", "auto", "detector", "token", "processed", "", ""}, true, "auto beamline, source"},
- {false, "processed%asapo_test%auto%source%", SourceCredentials{"asapo_test", "auto", "source", "", "processed", "", ""}, true, "auto beamline, no token"},
- {false, "processed%asapo_test%auto%source%token", SourceCredentials{"asapo_test", "auto", "source", "token", "processed", "", ""}, true, "auto beamline,source, token"},
- {false, "processed%asapo_test%beamline%source%token", SourceCredentials{"asapo_test", "beamline", "source", "token", "processed", "", ""}, true, "all set"},
- {false, "processed%auto%beamline%source%token", SourceCredentials{"auto", "beamline", "source", "token", "processed", "", ""}, true, "auto beamtime"},
- {false, "raw%auto%auto%source%token", SourceCredentials{}, false, "auto beamtime and beamline"},
- {false, "raw%%beamline%source%token", SourceCredentials{"auto", "beamline", "source", "token", "raw", "", ""}, true, "empty beamtime"},
- {false, "raw%asapo_test%%source%token", SourceCredentials{"asapo_test", "auto", "source", "token", "raw", "", ""}, true, "empty bealine"},
- {false, "raw%%%source%token", SourceCredentials{}, false, "both empty"},
- {false, "processed%asapo_test%beamline%source%blabla%token", SourceCredentials{"asapo_test", "beamline", "source%blabla", "token", "processed", "", ""}, true, "% in source"},
- {false, "processed%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "", ""}, true, "% in source, no token"},
- {true, "processed%instance%step%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", "step"}, true, "new format: % in source, no token"},
- {true, "processed%auto%step%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "auto", "step"}, false, "new format: auto instance"},
- {true, "processed%instance%auto%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", "auto"}, false, "new format: auto step"},
- {true, "processed%%auto%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "", "auto"}, false, "new format: missing instance"},
- {true, "processed%instance%%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", ""}, false, "new format: missing step"},
+ { "processed%instance%step%asapo_test%auto%%", SourceCredentials{"asapo_test", "auto", "detector", "", "processed", "instance", "step"}, true, "auto beamline, source and no token"},
+ { "processed%instance%step%asapo_test%auto%%token", SourceCredentials{"asapo_test", "auto", "detector", "token", "processed", "instance", "step"}, true, "auto beamline, source"},
+ { "processed%instance%step%asapo_test%auto%source%", SourceCredentials{"asapo_test", "auto", "source", "", "processed", "instance", "step"}, true, "auto beamline, no token"},
+ { "processed%instance%step%asapo_test%auto%source%token", SourceCredentials{"asapo_test", "auto", "source", "token", "processed", "instance", "step"}, true, "auto beamline,source, token"},
+ { "processed%instance%step%asapo_test%beamline%source%token", SourceCredentials{"asapo_test", "beamline", "source", "token", "processed", "instance", "step"}, true, "all set"},
+ { "processed%instance%step%auto%beamline%source%token", SourceCredentials{"auto", "beamline", "source", "token", "processed", "instance", "step"}, true, "auto beamtime"},
+ { "raw%instance%step%auto%auto%source%token", SourceCredentials{}, false, "auto beamtime and beamline"},
+ { "raw%instance%step%%beamline%source%token", SourceCredentials{"auto", "beamline", "source", "token", "raw", "instance", "step"}, true, "empty beamtime"},
+ { "raw%instance%step%asapo_test%%source%token", SourceCredentials{"asapo_test", "auto", "source", "token", "raw", "instance", "step"}, true, "empty bealine"},
+ { "raw%instance%step%%%source%token", SourceCredentials{}, false, "both empty"},
+ { "processed%instance%step%asapo_test%beamline%source%blabla%token", SourceCredentials{"asapo_test", "beamline", "source%blabla", "token", "processed", "instance", "step"}, true, "% in source"},
+ { "processed%instance%step%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", "step"}, true, "% in source, no token"},
+ { "processed%instance%step%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", "step"}, true, "new format: % in source, no token"},
+ { "processed%auto%step%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "auto", "step"}, false, "new format: auto instance"},
+ { "processed%instance%auto%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", "auto"}, false, "new format: auto step"},
+ { "processed%%auto%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "", "auto"}, false, "new format: missing instance"},
+ { "processed%instance%%asapo_test%beamline%source%blabla%", SourceCredentials{"asapo_test", "beamline", "source%blabla", "", "processed", "instance", ""}, false, "new format: missing step"},
}
func TestSplitCreds(t *testing.T) {
for _, test := range credTests {
- request := authorizationRequest{test.request, "host", test.newFormat}
+ request := authorizationRequest{test.request, "host"}
creds, err := getSourceCredentials(request)
if test.ok {
assert.Nil(t, err)
@@ -119,7 +118,7 @@ func TestSplitCreds(t *testing.T) {
func TestAuthorizeDefaultOK(t *testing.T) {
allowBeamlines([]common.BeamtimeMeta{{"asapo_test", "beamline", "", "2019", "tf", "", nil,"instance", "step"},})
- request := makeRequest(authorizationRequest{"processed%asapo_test%%%", "host", false})
+ request := makeRequest(authorizationRequest{"processed%instance%step%asapo_test%%%", "host"})
w := doPostRequest("/authorize", request, "")
body, _ := ioutil.ReadAll(w.Body)
@@ -190,7 +189,6 @@ var commissioning_meta = `
`
var authTests = []struct {
- newFormat bool
source_type string
instance_id string
pipeline_step string
@@ -204,58 +202,58 @@ var authTests = []struct {
answer string
mode int
}{
- {false, "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", nil), "127.0.0.2", http.StatusUnauthorized, "missing access types",
+ { "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", nil), "127.0.0.2", http.StatusUnauthorized, "missing access types",
"", 0},
- {false, "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{}), "127.0.0.2", http.StatusUnauthorized, "empty access types",
+ { "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{}), "127.0.0.2", http.StatusUnauthorized, "empty access types",
"", 0},
- {false, "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{"write"}), "127.0.0.2", http.StatusOK, "user source with correct token",
- `{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["write"]}`, 0},
- {false, "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{"write"}), "127.0.0.2", http.StatusUnauthorized, "token was revoked",
+ { "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{"write"}), "127.0.0.2", http.StatusOK, "user source with correct token",
+ `{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["write"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{"write"}), "127.0.0.2", http.StatusUnauthorized, "token was revoked",
"", 2},
- {false, "processed", "instance", "step", "test_online", "auto", "dataSource", prepareAsapoToken("bt_test_online", []string{"read"}), "127.0.0.1", http.StatusOK, "with online path, processed type",
- `{"beamtimeId":"test_online","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test_online","beamline-path":"","source-type":"processed","access-types":["read"]}`, 0},
- {false, "processed", "instance", "step", "test1", "auto", "dataSource", prepareAsapoToken("bt_test1", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "correct token, beamtime not found",
+ { "processed", "instance", "step", "test_online", "auto", "dataSource", prepareAsapoToken("bt_test_online", []string{"read"}), "127.0.0.1", http.StatusOK, "with online path, processed type",
+ `{"beamtimeId":"test_online","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test_online","beamline-path":"","source-type":"processed","access-types":["read"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "processed", "instance", "step", "test1", "auto", "dataSource", prepareAsapoToken("bt_test1", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "correct token, beamtime not found",
"", 1},
- {false, "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("wrong", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "user source with wrong token",
+ { "processed", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("wrong", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "user source with wrong token",
"", 0},
- {false, "processed", "instance", "step", "test", "bl1", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusOK, "correct beamline given",
- `{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["read"]}`, 0},
- {false, "processed", "instance", "step", "test", "bl2", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "incorrect beamline given",
+ { "processed", "instance", "step", "test", "bl1", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusOK, "correct beamline given",
+ `{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["read"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "processed", "instance", "step", "test", "bl2", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "incorrect beamline given",
"", 1},
- {false, "processed", "instance", "step", "auto", "p07", "dataSource", prepareAsapoToken("bl_p07", []string{"read"}), "127.0.0.1", http.StatusOK, "beamtime found",
- `{"beamtimeId":"11111111","beamline":"p07","dataSource":"dataSource","corePath":"asap3/petra3/gpfs/p07/2020/data/11111111","beamline-path":"","source-type":"processed","access-types":["read"]}`, 0},
- {false, "processed", "instance", "step", "auto", "p07", "dataSource", prepareAsapoToken("bl_p06", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "wrong token",
+ { "processed", "instance", "step", "auto", "p07", "dataSource", prepareAsapoToken("bl_p07", []string{"read"}), "127.0.0.1", http.StatusOK, "beamtime found",
+ `{"beamtimeId":"11111111","beamline":"p07","dataSource":"dataSource","corePath":"asap3/petra3/gpfs/p07/2020/data/11111111","beamline-path":"","source-type":"processed","access-types":["read"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "processed", "instance", "step", "auto", "p07", "dataSource", prepareAsapoToken("bl_p06", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "wrong token",
"", 0},
- {false, "processed", "instance", "step", "auto", "p08", "dataSource", prepareAsapoToken("bl_p08", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "beamtime not found",
+ { "processed", "instance", "step", "auto", "p08", "dataSource", prepareAsapoToken("bl_p08", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "beamtime not found",
"", 1},
- {false, "raw", "instance", "step", "test_online", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type",
- `{"beamtimeId":"test_online","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test_online","beamline-path":"./bl1/current","source-type":"raw","access-types":["read","write","writeraw"]}`, 0},
- {false, "raw", "instance", "step", "test_online", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type",
- `{"beamtimeId":"test_online","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test_online","beamline-path":"./bl1/current","source-type":"raw","access-types":["read","write","writeraw"]}`, 0},
- {false, "raw", "instance", "step", "auto", "p07", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type, auto beamtime",
- `{"beamtimeId":"11111111","beamline":"p07","dataSource":"dataSource","corePath":"asap3/petra3/gpfs/p07/2020/data/11111111","beamline-path":"./p07/current","source-type":"raw","access-types":["read","write","writeraw"]}`, 0},
- {false, "raw", "instance", "step", "auto", "p07", "noldap", "", "127.0.0.1", http.StatusServiceUnavailable, "no conection to ldap",
+ { "raw", "instance", "step", "test_online", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type",
+ `{"beamtimeId":"test_online","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test_online","beamline-path":"./bl1/current","source-type":"raw","access-types":["read","write","writeraw"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "raw", "instance", "step", "test_online", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type",
+ `{"beamtimeId":"test_online","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test_online","beamline-path":"./bl1/current","source-type":"raw","access-types":["read","write","writeraw"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "raw", "instance", "step", "auto", "p07", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type, auto beamtime",
+ `{"beamtimeId":"11111111","beamline":"p07","dataSource":"dataSource","corePath":"asap3/petra3/gpfs/p07/2020/data/11111111","beamline-path":"./p07/current","source-type":"raw","access-types":["read","write","writeraw"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "raw", "instance", "step", "auto", "p07", "noldap", "", "127.0.0.1", http.StatusServiceUnavailable, "no conection to ldap",
"", 0},
- {false, "raw", "instance", "step", "auto", "p07", "dataSource", prepareAsapoToken("bl_p07", []string{"read", "writeraw"}), "127.0.0.2", http.StatusOK, "raw type with token",
- `{"beamtimeId":"11111111","beamline":"p07","dataSource":"dataSource","corePath":"asap3/petra3/gpfs/p07/2020/data/11111111","beamline-path":"./p07/current","source-type":"raw","access-types":["read","writeraw"]}`, 0},
+ { "raw", "instance", "step", "auto", "p07", "dataSource", prepareAsapoToken("bl_p07", []string{"read", "writeraw"}), "127.0.0.2", http.StatusOK, "raw type with token",
+ `{"beamtimeId":"11111111","beamline":"p07","dataSource":"dataSource","corePath":"asap3/petra3/gpfs/p07/2020/data/11111111","beamline-path":"./p07/current","source-type":"raw","access-types":["read","writeraw"],"instanceId":"instance","pipelineStep":"step"}`, 0},
- {false, "raw", "instance", "step", "test_online", "auto", "dataSource", "", "127.0.0.2", http.StatusUnauthorized, "raw type, wrong origin host",
+ { "raw", "instance", "step", "test_online", "auto", "dataSource", "", "127.0.0.2", http.StatusUnauthorized, "raw type, wrong origin host",
"", 0},
- {false, "raw", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "raw when not online",
+ { "raw", "instance", "step", "test", "auto", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusUnauthorized, "raw when not online",
"", 1},
- {false, "processed", "instance", "step", "test", "auto", "dataSource", "", "127.0.0.1:1001", http.StatusOK, "processed without token",
- `{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["read","write"]}`, 0},
- {false, "processed", "instance", "step", "test", "auto", "dataSource", "", "127.0.0.2", http.StatusUnauthorized, "processed without token, wrong host",
+ { "processed", "instance", "step", "test", "auto", "dataSource", "", "127.0.0.1:1001", http.StatusOK, "processed without token",
+ `{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["read","write"],"instanceId":"instance","pipelineStep":"step"}`, 0},
+ { "processed", "instance", "step", "test", "auto", "dataSource", "", "127.0.0.2", http.StatusUnauthorized, "processed without token, wrong host",
"", 0},
- {false, "raw", "instance", "step", "c20210823_000_MAA", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type commissioning",
- `{"beamtimeId":"c20210823_000_MAA","beamline":"p04","dataSource":"dataSource","corePath":"./tf/gpfs/p04/2019/commissioning/c20210823_000_MAA","beamline-path":"./p04/commissioning","source-type":"raw","access-types":["read","write","writeraw"]}`, 0},
+ { "raw", "instance", "step", "c20210823_000_MAA", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "raw type commissioning",
+ `{"beamtimeId":"c20210823_000_MAA","beamline":"p04","dataSource":"dataSource","corePath":"./tf/gpfs/p04/2019/commissioning/c20210823_000_MAA","beamline-path":"./p04/commissioning","source-type":"raw","access-types":["read","write","writeraw"],"instanceId":"instance","pipelineStep":"step"}`, 0},
- {false, "processed", "instance", "step", "c20210823_000_MAA", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "processed type commissioning",
- `{"beamtimeId":"c20210823_000_MAA","beamline":"p04","dataSource":"dataSource","corePath":"./tf/gpfs/p04/2019/commissioning/c20210823_000_MAA","beamline-path":"","source-type":"processed","access-types":["read","write"]}`, 0},
+ { "processed", "instance", "step", "c20210823_000_MAA", "auto", "dataSource", "", "127.0.0.1", http.StatusOK, "processed type commissioning",
+ `{"beamtimeId":"c20210823_000_MAA","beamline":"p04","dataSource":"dataSource","corePath":"./tf/gpfs/p04/2019/commissioning/c20210823_000_MAA","beamline-path":"","source-type":"processed","access-types":["read","write"],"instanceId":"instance","pipelineStep":"step"}`, 0},
// Format testing
- {true, "processed", "instance", "step", "test", "bl1", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusOK, "old format: correct beamline given",
+ { "processed", "instance", "step", "test", "bl1", "dataSource", prepareAsapoToken("bt_test", []string{"read"}), "127.0.0.1", http.StatusOK, "old format: correct beamline given",
`{"beamtimeId":"test","beamline":"bl1","dataSource":"dataSource","corePath":"./tf/gpfs/bl1/2019/data/test","beamline-path":"","source-type":"processed","access-types":["read"],"instanceId":"instance","pipelineStep":"step"}`, 0},
@@ -319,13 +317,9 @@ func TestAuthorize(t *testing.T) {
}
var sourceString string
- if test.newFormat {
- sourceString = test.source_type + "%" + test.instance_id + "%" + test.pipeline_step + "%" + test.beamtime_id + "%" + test.beamline + "%" + test.dataSource + "%" + test.token
- } else {
- sourceString = test.source_type + "%" + test.beamtime_id + "%" + test.beamline + "%" + test.dataSource + "%" + test.token
- }
+ sourceString = test.source_type + "%" + test.instance_id + "%" + test.pipeline_step + "%" + test.beamtime_id + "%" + test.beamline + "%" + test.dataSource + "%" + test.token
- request := makeRequest(authorizationRequest{sourceString, test.originHost, test.newFormat})
+ request := makeRequest(authorizationRequest{sourceString, test.originHost})
w := doPostRequest("/authorize", request, "")
body, _ := ioutil.ReadAll(w.Body)
@@ -345,7 +339,7 @@ func TestAuthorize(t *testing.T) {
}
func TestNotAuthorized(t *testing.T) {
- request := makeRequest(authorizationRequest{"raw%any_id%%%", "host", false})
+ request := makeRequest(authorizationRequest{"raw%instance%step%any_id%%%", "host"})
w := doPostRequest("/authorize", request, "")
assert.Equal(t, http.StatusUnauthorized, w.Code, "")
}
@@ -363,7 +357,7 @@ func TestAuthorizeWrongPath(t *testing.T) {
func TestDoNotAuthorizeIfNotInAllowed(t *testing.T) {
allowBeamlines([]common.BeamtimeMeta{{"test", "beamline", "", "2019", "tf", "", nil,"",""}})
- request := authorizationRequest{"asapo_test%%", "host", false}
+ request := authorizationRequest{"asapo_test%%", "host"}
creds, _ := getSourceCredentials(request)
_, err := authorize(request, creds)
assert.Error(t, err, "")
@@ -414,7 +408,7 @@ func TestGetBeamtimeInfo(t *testing.T) {
func TestExpiredToken(t *testing.T) {
Auth = authorization.NewAuth(utils.NewJWTAuth("secret_user"), utils.NewJWTAuth("secret_admin"), utils.NewJWTAuth("secret"))
token := "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2MzU3NTMxMDksImp0aSI6ImMyOTR0NWFodHY1am9vZHVoaGNnIiwic3ViIjoiYnRfMTEwMTIxNzEiLCJFeHRyYUNsYWltcyI6eyJBY2Nlc3NUeXBlcyI6WyJyZWFkIiwid3JpdGUiXX19.kITePbv_dXY2ACxpAQ-PeQJPQtnR02bMoFrXq0Pbcm0"
- request := authorizationRequest{"asapo_test%%" + token, "host", false}
+ request := authorizationRequest{"asapo_test%%" + token, "host"}
creds, _ := getSourceCredentials(request)
creds.Token = token
diff --git a/receiver/src/request_handler/authorization_client.cpp b/receiver/src/request_handler/authorization_client.cpp
index a5d4abe31..c0e876d93 100644
--- a/receiver/src/request_handler/authorization_client.cpp
+++ b/receiver/src/request_handler/authorization_client.cpp
@@ -4,6 +4,8 @@
#include "asapo/json_parser/json_parser.h"
+#include "asapo/common/internal/version.h"
+
#include "../receiver_config.h"
#include "../receiver_logger.h"
#include "../request.h"
@@ -11,9 +13,18 @@
namespace asapo {
std::string GetRequestString(const Request *request, const std::string &source_credentials) {
-// request->GetApiVersion()
- std::string request_string = std::string("{\"NewFormat\":True,\"SourceCredentials\":\"") +
- source_credentials + "\",\"OriginHost\":\"" + request->GetOriginUri() + "\"}";
+ auto api_version = VersionToNumber(request->GetApiVersion());
+ std::string request_string;
+ if (api_version < 6) { // old approach, need to add instanceId and step, deprecates 01.03.2023
+ std::string updated_source_credentials_prefix = source_credentials;
+ std::string uri = request->GetOriginUri();
+ updated_source_credentials_prefix.insert(source_credentials.find("%")+1,uri+"%DefaultStep%");
+ request_string = std::string("{\"SourceCredentials\":\"") +
+ updated_source_credentials_prefix + "\",\"OriginHost\":\"" + uri + "\"}";
+ } else {
+ request_string = std::string("{\"SourceCredentials\":\"") +
+ source_credentials + "\",\"OriginHost\":\"" + request->GetOriginUri() + "\"}";
+ }
return request_string;
}
@@ -70,6 +81,8 @@ Error ParseServerResponse(const std::string &response,
(err = parser.GetString("source-type", &stype)) ||
(err = parser.GetArrayString("access-types", access_types)) ||
(err = GetSourceTypeFromString(stype, &data->source_type)) ||
+ (err = parser.GetString("instanceId", &data->producer_instance_id)) ||
+ (err = parser.GetString("pipelineStep", &data->pipeline_step_id)) ||
(err = parser.GetString("beamline", &data->beamline));
if (err) {
return ErrorFromAuthorizationServerResponse(std::move(err), response, code);
diff --git a/receiver/unittests/request_handler/test_authorization_client.cpp b/receiver/unittests/request_handler/test_authorization_client.cpp
index 2c6c857bd..70e48a2a0 100644
--- a/receiver/unittests/request_handler/test_authorization_client.cpp
+++ b/receiver/unittests/request_handler/test_authorization_client.cpp
@@ -8,6 +8,7 @@
#include "asapo/common/networking.h"
#include "../mock_receiver_config.h"
#include "asapo/preprocessor/definitions.h"
+#include "asapo/common/internal/version.h"
#include "../receiver_mocking.h"
@@ -49,19 +50,23 @@ class AuthorizerClientTests : public Test {
std::string expected_producer_uri = "producer_uri";
std::string expected_authorization_server = "authorizer_host";
std::string expect_request_string;
+ std::string expect_request_string_old;
std::string expected_source_credentials;
+ std::string expected_source_credentials_old;
asapo::SourceType expected_source_type = asapo::SourceType::kProcessed;
-
std::string expected_source_type_str = "processed";
std::string expected_access_type_str = "[\"write\"]";
void SetUp() override {
GenericRequestHeader request_header;
- expected_source_credentials = "processed%" + expected_beamtime_id + "%source%token";
+ expected_source_credentials = "processed%" + expected_producer_instance_id+"%"+expected_pipeline_step_id+"%"+expected_beamtime_id + "%source%token";
+ expected_source_credentials_old = "processed%"+expected_beamtime_id + "%source%token";
expected_auth_data.source_credentials = expected_source_credentials;
expect_request_string = std::string("{\"SourceCredentials\":\"") + expected_source_credentials +
"\",\"OriginHost\":\"" +
expected_producer_uri + "\"}";
-
+ expect_request_string_old = std::string("{\"SourceCredentials\":\"") + "processed%" + expected_producer_uri+"%DefaultStep%"+expected_beamtime_id + "%source%token" +
+ "\",\"OriginHost\":\"" +
+ expected_producer_uri + "\"}";
mock_request.reset(new NiceMock<MockRequest>{request_header, 1, expected_producer_uri, nullptr, nullptr});
client.http_client__ = std::unique_ptr<asapo::HttpClient> {&mock_http_client};
client.log__ = &mock_logger;
@@ -73,7 +78,9 @@ class AuthorizerClientTests : public Test {
void TearDown() override {
client.http_client__.release();
}
- void MockAuthRequest(bool error, HttpCode code = HttpCode::OK) {
+ void MockAuthRequest(bool error, HttpCode code = HttpCode::OK, bool oldVersion = false) {
+ EXPECT_CALL(*mock_request,
+ GetApiVersion()).WillOnce(Return(oldVersion?"v0.5":asapo::GetReceiverApiVersion()));
EXPECT_CALL(*mock_request,
GetOriginUri()).WillOnce(ReturnRef(expected_producer_uri));
if (error) {
@@ -85,17 +92,20 @@ class AuthorizerClientTests : public Test {
));
} else {
EXPECT_CALL(mock_http_client,
- Post_t(expected_authorization_server + "/authorize", _, expect_request_string, _, _)).
+ Post_t(expected_authorization_server + "/authorize", _, oldVersion?expect_request_string_old:expect_request_string, _, _)).
WillOnce(
DoAll(SetArgPointee<4>(nullptr),
SetArgPointee<3>(code),
Return("{\"beamtimeId\":\"" + expected_beamtime_id +
- "\",\"dataSource\":" + "\"" + expected_data_source +
- "\",\"beamline-path\":" + "\"" + expected_beamline_path +
- "\",\"corePath\":" + "\"" + expected_core_path +
- "\",\"source-type\":" + "\"" + expected_source_type_str +
- "\",\"beamline\":" + "\"" + expected_beamline +
- "\",\"access-types\":" + expected_access_type_str + "}")
+ "\",\"dataSource\":\"" + expected_data_source +
+ "\",\"beamline-path\":\"" + expected_beamline_path +
+ "\",\"corePath\":\"" + expected_core_path +
+ "\",\"source-type\":\"" + expected_source_type_str +
+ "\",\"beamline\":\"" + expected_beamline +
+ "\",\"access-types\":" + expected_access_type_str +
+ ",\"instanceId\":\"" + (oldVersion?expected_producer_uri:expected_producer_instance_id) +
+ "\",\"pipelineStep\":\"" + (oldVersion?"DefaultStep":expected_pipeline_step_id) +
+ "\"}")
));
}
}
@@ -139,8 +149,21 @@ TEST_F(AuthorizerClientTests, AuthorizeOk) {
ASSERT_THAT(expected_auth_data.source_credentials, Eq(expected_source_credentials));
ASSERT_THAT(expected_auth_data.pipeline_step_id, Eq(expected_pipeline_step_id));
ASSERT_THAT(expected_auth_data.producer_instance_id, Eq(expected_producer_instance_id));
+}
+TEST_F(AuthorizerClientTests, AuthorizeOkOldVersion) {
+ MockAuthRequest(false, HttpCode::OK, true);
+ EXPECT_CALL(mock_logger, Debug(AllOf(HasSubstr("authorized"),
+ HasSubstr(expected_beamtime_id)
+ )));
+
+ expected_auth_data.source_credentials = expected_source_credentials_old;
+ auto err = client.Authorize(mock_request.get(), &expected_auth_data);
+
+ ASSERT_THAT(err, Eq(nullptr));
+ ASSERT_THAT(expected_auth_data.pipeline_step_id, Eq("DefaultStep"));
+ ASSERT_THAT(expected_auth_data.producer_instance_id, Eq(expected_producer_uri));
}
TEST_F(AuthorizerClientTests, AuthorizeFailsOnWrongAccessType) {
diff --git a/receiver/unittests/request_handler/test_request_handler_initial_authorization.cpp b/receiver/unittests/request_handler/test_request_handler_initial_authorization.cpp
index 705714866..5fb6efb64 100644
--- a/receiver/unittests/request_handler/test_request_handler_initial_authorization.cpp
+++ b/receiver/unittests/request_handler/test_request_handler_initial_authorization.cpp
@@ -45,10 +45,6 @@ class InitialAuthorizationHandlerTests : public Test {
TEST_F(InitialAuthorizationHandlerTests, AuthorizeOk) {
ExpectAuthMocks();
- expected_auth_data->producer_instance_id="producer_instance_id";
- expected_auth_data->pipeline_step_id="pipeline_step_id";
- EXPECT_CALL(*mock_request, SetProducerInstanceId(expected_auth_data->producer_instance_id));
- EXPECT_CALL(*mock_request, SetPipelineStepId(expected_auth_data->pipeline_step_id));
auto err = handler.ProcessRequest(mock_request.get());
--
GitLab