(t *testing.T)
| 33 | ) |
| 34 | |
| 35 | func TestEncodeDecodeFedSessionToken(t *testing.T) { |
| 36 | fedAk := stsAkPrefix + util.RandomString(13, util.Numeric|util.LowerLetter|util.UpperLetter) |
| 37 | fedSk := util.RandomString(32, util.Numeric|util.LowerLetter|util.UpperLetter) |
| 38 | durationSeconds := 3600 |
| 39 | expireUnixStr := fmt.Sprint(time.Now().UTC().Unix() + int64(durationSeconds)) |
| 40 | policyStr := `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":"s3:GetObject","Resource":"arn:aws:s3:::bucket/key"}]}` |
| 41 | |
| 42 | token, err := EncodeFedSessionToken(testOwnerAK, testOwnerSK, fedAk, fedSk, "test", policyStr, expireUnixStr) |
| 43 | require.NoError(t, err) |
| 44 | |
| 45 | fed, err := DecodeFedSessionToken(fedAk, token, testGetUserInfo) |
| 46 | require.NoError(t, err) |
| 47 | require.Equal(t, fedSk, fed.FedSK) |
| 48 | require.Equal(t, testUser, fed.UserInfo.UserID) |
| 49 | require.Equal(t, testOwnerAK, fed.UserInfo.AccessKey) |
| 50 | require.Equal(t, testOwnerSK, fed.UserInfo.SecretKey) |
| 51 | |
| 52 | var policy PolicyV2 |
| 53 | err = json.Unmarshal([]byte(policyStr), &policy) |
| 54 | require.NoError(t, err) |
| 55 | require.Equal(t, &policy, fed.Policy) |
| 56 | } |
| 57 | |
| 58 | func testGetUserInfo(ak string) (*proto.UserInfo, error) { |
| 59 | if ak != testOwnerAK { |
nothing calls this directly
no test coverage detected