3 // Copyright 2020 gRPC authors.
5 // Licensed under the Apache License, Version 2.0 (the "License");
6 // you may not use this file except in compliance with the License.
7 // You may obtain a copy of the License at
9 // http://www.apache.org/licenses/LICENSE-2.0
11 // Unless required by applicable law or agreed to in writing, software
12 // distributed under the License is distributed on an "AS IS" BASIS,
13 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 // See the License for the specific language governing permissions and
15 // limitations under the License.
19 #include "src/core/ext/xds/file_watcher_certificate_provider_factory.h"
21 #include <gmock/gmock.h>
22 #include <gtest/gtest.h>
24 #include "absl/strings/str_format.h"
26 #include <grpc/grpc.h>
28 #include "test/core/util/test_config.h"
34 const char* kIdentityCertFile = "/path/to/identity_cert_file";
35 const char* kPrivateKeyFile = "/path/to/private_key_file";
36 const char* kRootCertFile = "/path/to/root_cert_file";
37 const int kRefreshInterval = 400;
39 TEST(FileWatcherConfigTest, Basic) {
40 std::string json_str = absl::StrFormat(
42 " \"certificate_file\": \"%s\","
43 " \"private_key_file\": \"%s\","
44 " \"ca_certificate_file\": \"%s\","
45 " \"refresh_interval\": \"%ds\""
47 kIdentityCertFile, kPrivateKeyFile, kRootCertFile, kRefreshInterval);
48 grpc_error_handle error = GRPC_ERROR_NONE;
49 Json json = Json::Parse(json_str, &error);
50 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
52 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
53 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
54 EXPECT_EQ(config->identity_cert_file(), kIdentityCertFile);
55 EXPECT_EQ(config->private_key_file(), kPrivateKeyFile);
56 EXPECT_EQ(config->root_cert_file(), kRootCertFile);
57 EXPECT_EQ(config->refresh_interval_ms(), kRefreshInterval * 1000);
60 TEST(FileWatcherConfigTest, DefaultRefreshInterval) {
61 std::string json_str = absl::StrFormat(
63 " \"certificate_file\": \"%s\","
64 " \"private_key_file\": \"%s\","
65 " \"ca_certificate_file\": \"%s\""
67 kIdentityCertFile, kPrivateKeyFile, kRootCertFile);
68 grpc_error_handle error = GRPC_ERROR_NONE;
69 Json json = Json::Parse(json_str, &error);
70 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
72 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
73 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
74 EXPECT_EQ(config->identity_cert_file(), kIdentityCertFile);
75 EXPECT_EQ(config->private_key_file(), kPrivateKeyFile);
76 EXPECT_EQ(config->root_cert_file(), kRootCertFile);
77 EXPECT_EQ(config->refresh_interval_ms(), 600 * 1000);
80 TEST(FileWatcherConfigTest, OnlyRootCertificatesFileProvided) {
81 std::string json_str = absl::StrFormat(
83 " \"ca_certificate_file\": \"%s\""
86 grpc_error_handle error = GRPC_ERROR_NONE;
87 Json json = Json::Parse(json_str, &error);
88 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
90 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
91 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
92 EXPECT_TRUE(config->identity_cert_file().empty());
93 EXPECT_TRUE(config->private_key_file().empty());
94 EXPECT_EQ(config->root_cert_file(), kRootCertFile);
95 EXPECT_EQ(config->refresh_interval_ms(), 600 * 1000);
98 TEST(FileWatcherConfigTest, OnlyIdenityCertificatesAndPrivateKeyProvided) {
99 std::string json_str = absl::StrFormat(
101 " \"certificate_file\": \"%s\","
102 " \"private_key_file\": \"%s\""
104 kIdentityCertFile, kPrivateKeyFile);
105 grpc_error_handle error = GRPC_ERROR_NONE;
106 Json json = Json::Parse(json_str, &error);
107 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
109 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
110 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
111 EXPECT_EQ(config->identity_cert_file(), kIdentityCertFile);
112 EXPECT_EQ(config->private_key_file(), kPrivateKeyFile);
113 EXPECT_TRUE(config->root_cert_file().empty());
114 EXPECT_EQ(config->refresh_interval_ms(), 600 * 1000);
117 TEST(FileWatcherConfigTest, WrongTypes) {
118 const char* json_str =
120 " \"certificate_file\": 123,"
121 " \"private_key_file\": 123,"
122 " \"ca_certificate_file\": 123,"
123 " \"refresh_interval\": 123"
125 grpc_error_handle error = GRPC_ERROR_NONE;
126 Json json = Json::Parse(json_str, &error);
127 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
129 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
130 EXPECT_THAT(grpc_error_std_string(error),
131 ::testing::ContainsRegex(
132 "field:certificate_file error:type should be STRING.*"
133 "field:private_key_file error:type should be STRING.*"
134 "field:ca_certificate_file error:type should be STRING.*"
135 "field:refresh_interval error:type should be STRING of the "
137 "google.proto.Duration.*"));
138 GRPC_ERROR_UNREF(error);
141 TEST(FileWatcherConfigTest, IdentityCertProvidedButPrivateKeyMissing) {
142 std::string json_str = absl::StrFormat(
144 " \"certificate_file\": \"%s\""
147 grpc_error_handle error = GRPC_ERROR_NONE;
148 Json json = Json::Parse(json_str, &error);
149 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
151 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
152 EXPECT_THAT(grpc_error_std_string(error),
153 ::testing::ContainsRegex(
154 "fields \"certificate_file\" and \"private_key_file\" must "
155 "be both set or both unset."));
156 GRPC_ERROR_UNREF(error);
159 TEST(FileWatcherConfigTest, PrivateKeyProvidedButIdentityCertMissing) {
160 std::string json_str = absl::StrFormat(
162 " \"private_key_file\": \"%s\""
165 grpc_error_handle error = GRPC_ERROR_NONE;
166 Json json = Json::Parse(json_str, &error);
167 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
169 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
170 EXPECT_THAT(grpc_error_std_string(error),
171 ::testing::ContainsRegex(
172 "fields \"certificate_file\" and \"private_key_file\" must "
173 "be both set or both unset."));
174 GRPC_ERROR_UNREF(error);
177 TEST(FileWatcherConfigTest, EmptyJsonObject) {
178 std::string json_str = absl::StrFormat("{}");
179 grpc_error_handle error = GRPC_ERROR_NONE;
180 Json json = Json::Parse(json_str, &error);
181 ASSERT_EQ(error, GRPC_ERROR_NONE) << grpc_error_std_string(error);
183 FileWatcherCertificateProviderFactory::Config::Parse(json, &error);
185 grpc_error_std_string(error),
186 ::testing::ContainsRegex("At least one of \"certificate_file\" and "
187 "\"ca_certificate_file\" must be specified."));
188 GRPC_ERROR_UNREF(error);
192 } // namespace testing
193 } // namespace grpc_core
195 int main(int argc, char** argv) {
196 ::testing::InitGoogleTest(&argc, argv);
197 grpc::testing::TestEnvironment env(argc, argv);
199 auto result = RUN_ALL_TESTS();