proxygen
Functions | Variables
SecondaryAuthManagerTest.cpp File Reference
#include <proxygen/lib/http/session/SecondaryAuthManager.h>
#include <fizz/crypto/test/TestUtil.h>
#include <fizz/protocol/test/Mocks.h>
#include <fizz/record/Extensions.h>
#include <fizz/record/Types.h>
#include <folly/Conv.h>
#include <folly/String.h>
#include <folly/ssl/Init.h>
#include <folly/portability/GMock.h>
#include <folly/portability/GTest.h>

Go to the source code of this file.

Functions

 TEST (SecondaryAuthManagerTest, AuthenticatorRequest)
 
 TEST (SecondaryAuthManagerTest, Authenticator)
 

Variables

StringPiece expected_auth_request
 
StringPiece expected_cert
 

Function Documentation

TEST ( SecondaryAuthManagerTest  ,
AuthenticatorRequest   
)

Definition at line 49 of file SecondaryAuthManagerTest.cpp.

References folly::IOBuf::copyBuffer(), proxygen::SecondaryAuthManager::createAuthRequest(), fizz::encodeExtension(), EXPECT_EQ, folly::hexlify(), folly::gen::move, and fizz::SignatureAlgorithms::supported_signature_algorithms.

49  {
50  auto certRequestContext = folly::IOBuf::copyBuffer("0123456789abcdef");
51  fizz::SignatureAlgorithms sigAlgs;
52  sigAlgs.supported_signature_algorithms.push_back(
53  SignatureScheme::ecdsa_secp256r1_sha256);
54  std::vector<fizz::Extension> extensions;
55  extensions.push_back(encodeExtension(std::move(sigAlgs)));
56  SecondaryAuthManager authManager;
57  auto authRequestPair = authManager.createAuthRequest(
58  std::move(certRequestContext), std::move(extensions));
59  auto requestId = authRequestPair.first;
60  auto authRequest = std::move(authRequestPair.second);
61  EXPECT_EQ(requestId, 0);
62  EXPECT_EQ(expected_auth_request,
63  StringPiece(hexlify(authRequest->coalesce())));
64 }
EXPECT_EQ
#define EXPECT_EQ(val1, val2)
Definition: gtest.h:1922
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
fizz::SignatureAlgorithms::supported_signature_algorithms
std::vector< SignatureScheme > supported_signature_algorithms
Definition: Extensions.h:17
proxygen::SecondaryAuthManager::createAuthRequest
std::pair< uint16_t, std::unique_ptr< folly::IOBuf > > createAuthRequest(std::unique_ptr< folly::IOBuf > certRequestContext, std::vector< fizz::Extension > extensions) override
Definition: SecondaryAuthManager.cpp:27
fizz::encodeExtension
Extension encodeExtension(const TokenBindingParameters &params)
Definition: Types.cpp:113
folly::StringPiece
Range< const char * > StringPiece
Definition: ScopedEventBaseThread.h:29
folly::hexlify
bool hexlify(const InputString &input, OutputString &output, bool append_output)
Definition: String-inl.h:596
folly::IOBuf::copyBuffer
static std::unique_ptr< IOBuf > copyBuffer(const void *buf, std::size_t size, std::size_t headroom=0, std::size_t minTailroom=0)
Definition: IOBuf.h:1587
expected_auth_request
StringPiece expected_auth_request
Definition: SecondaryAuthManagerTest.cpp:30
TEST ( SecondaryAuthManagerTest  ,
Authenticator   
)

Definition at line 66 of file SecondaryAuthManagerTest.cpp.

References testing::_, cipher, folly::IOBuf::copyBuffer(), proxygen::SecondaryAuthManager::createAuthRequest(), fizz::encodeExtension(), EXPECT_CALL, EXPECT_EQ, EXPECT_NE, EXPECT_TRUE, proxygen::SecondaryAuthManager::getAuthenticator(), fizz::test::getCert(), proxygen::SecondaryAuthManager::getCertId(), fizz::test::getCipher(), proxygen::SecondaryAuthManager::getPeerCert(), fizz::test::getPrivateKey(), folly::hexlify(), folly::ssl::init(), testing::InvokeWithoutArgs(), fizz::test::kP256Certificate, fizz::test::kP256Key, folly::gen::move, fizz::SignatureAlgorithms::supported_signature_algorithms, proxygen::UPSTREAM, and proxygen::SecondaryAuthManager::validateAuthenticator().

66  {
67  folly::ssl::init();
68  // Instantiate a SecondaryAuthManager.
69  auto cert = fizz::test::getCert(kP256Certificate);
70  auto key = fizz::test::getPrivateKey(kP256Key);
71  std::vector<folly::ssl::X509UniquePtr> certs;
72  certs.push_back(std::move(cert));
73  std::unique_ptr<fizz::SelfCert> certPtr =
74  std::make_unique<SelfCertImpl<KeyType::P256>>(std::move(key),
75  std::move(certs));
76  EXPECT_NE(certPtr, nullptr);
77  SecondaryAuthManager authManager(std::move(certPtr));
78  // Genearte an authenticator request.
79  auto certRequestContext = folly::IOBuf::copyBuffer("0123456789abcdef");
80  fizz::SignatureAlgorithms sigAlgs;
81  sigAlgs.supported_signature_algorithms.push_back(
82  SignatureScheme::ecdsa_secp256r1_sha256);
83  std::vector<fizz::Extension> extensions;
84  extensions.push_back(encodeExtension(std::move(sigAlgs)));
85  auto authRequestPair = authManager.createAuthRequest(
86  std::move(certRequestContext), std::move(extensions));
87  auto requestId = authRequestPair.first;
88  auto authRequest = std::move(authRequestPair.second);
89 
90  // Generate an authenticator.
91  MockAsyncFizzBase fizzBase;
92  EXPECT_CALL(fizzBase, getCipher()).WillRepeatedly(InvokeWithoutArgs([]() {
93  folly::Optional<CipherSuite> cipher = CipherSuite::TLS_AES_128_GCM_SHA256;
94  return cipher;
95  }));
96  EXPECT_CALL(fizzBase, getSupportedSigSchemes())
97  .WillRepeatedly(InvokeWithoutArgs([]() {
98  std::vector<SignatureScheme> schemes = {
99  SignatureScheme::ecdsa_secp256r1_sha256};
100  return schemes;
101  }));
102  EXPECT_CALL(fizzBase, getEkm(_, _, _)).WillRepeatedly(InvokeWithoutArgs([]() {
103  return folly::IOBuf::copyBuffer("exportedmaterial");
104  }));
105  auto authenticatorPair =
106  authManager.getAuthenticator(fizzBase,
107  TransportDirection::UPSTREAM,
108  requestId,
109  std::move(authRequest));
110  auto certId = authenticatorPair.first;
111  auto authenticator = std::move(authenticatorPair.second);
112 
113  // Validate the authenticator.
114  auto isValid = authManager.validateAuthenticator(
115  fizzBase, TransportDirection::UPSTREAM, certId, std::move(authenticator));
116  auto cachedCertId = authManager.getCertId(requestId);
117  EXPECT_TRUE(cachedCertId.hasValue());
118  EXPECT_EQ(*cachedCertId, certId);
119  auto peerCert = authManager.getPeerCert(certId);
120  EXPECT_TRUE(peerCert.hasValue());
121  EXPECT_EQ((*peerCert).size(), 1);
122  EXPECT_EQ(expected_cert,
123  StringPiece(hexlify(((*peerCert)[0].cert_data)->coalesce())));
124  EXPECT_TRUE(isValid);
125 }
fizz::test::kP256Key
constexpr folly::StringPiece kP256Key
Definition: TestUtil.h:18
EXPECT_EQ
#define EXPECT_EQ(val1, val2)
Definition: gtest.h:1922
folly::gen::move
constexpr detail::Map< Move > move
Definition: Base-inl.h:2567
folly::ssl::init
void init()
Definition: Init.cpp:54
fizz::test::getPrivateKey
EvpPkeyUniquePtr getPrivateKey(StringPiece key)
Definition: TestUtil.cpp:21
testing::InvokeWithoutArgs
PolymorphicAction< internal::InvokeWithoutArgsAction< FunctionImpl > > InvokeWithoutArgs(FunctionImpl function_impl)
Definition: gmock-actions.h:1168
fizz::test::getCert
folly::ssl::X509UniquePtr getCert(folly::StringPiece cert)
Definition: TestUtil.cpp:48
cipher
CipherSuite cipher
Definition: ClientProtocol.cpp:1006
expected_cert
StringPiece expected_cert
Definition: SecondaryAuthManagerTest.cpp:33
fizz::SignatureAlgorithms::supported_signature_algorithms
std::vector< SignatureScheme > supported_signature_algorithms
Definition: Extensions.h:17
EXPECT_TRUE
#define EXPECT_TRUE(condition)
Definition: gtest.h:1859
fizz::test::getCipher
std::unique_ptr< Aead > getCipher(const CipherParams &params)
Definition: OpenSSLEVPCipherTest.cpp:42
EXPECT_NE
#define EXPECT_NE(val1, val2)
Definition: gtest.h:1926
EXPECT_CALL
#define EXPECT_CALL(obj, call)
Definition: gmock-spec-builders.h:1845
testing::_
const internal::AnythingMatcher _
Definition: gmock-matchers.h:3729
fizz::encodeExtension
Extension encodeExtension(const TokenBindingParameters &params)
Definition: Types.cpp:113
folly::StringPiece
Range< const char * > StringPiece
Definition: ScopedEventBaseThread.h:29
folly::hexlify
bool hexlify(const InputString &input, OutputString &output, bool append_output)
Definition: String-inl.h:596
folly::IOBuf::copyBuffer
static std::unique_ptr< IOBuf > copyBuffer(const void *buf, std::size_t size, std::size_t headroom=0, std::size_t minTailroom=0)
Definition: IOBuf.h:1587
fizz::test::kP256Certificate
constexpr folly::StringPiece kP256Certificate
Definition: TestUtil.h:41

Variable Documentation

StringPiece expected_auth_request
Initial value:
= {
"120000303132333435363738396162636465660008000d000400020403"}

Definition at line 30 of file SecondaryAuthManagerTest.cpp.

StringPiece expected_cert
Initial value:
= {
"308201ee30820195a003020102020900c569eec901ce86d9300a06082a8648ce3d04030230"
"54310b3009060355040613025553310b300906035504080c024e59310b300906035504070c"
"024e59310d300b060355040a0c0446697a7a310d300b060355040b0c0446697a7a310d300b"
"06035504030c0446697a7a301e170d3137303430343138323930395a170d34313131323431"
"38323930395a3054310b3009060355040613025553310b300906035504080c024e59310b30"
"0906035504070c024e59310d300b060355040a0c0446697a7a310d300b060355040b0c0446"
"697a7a310d300b06035504030c0446697a7a3059301306072a8648ce3d020106082a8648ce"
"3d030107034200049d87bcaddb65d8dcf6df8b148a9679b5b710db19c95a9badfff13468cb"
"358b4e21d24a5c826112658ebb96d64e2985dfb41c1948334391a4aa81b67837e2dbf0a350"
"304e301d0603551d0e041604143c5b8ba954d9752faf3c8ad6d1a62449dccaa850301f0603"
"551d230418301680143c5b8ba954d9752faf3c8ad6d1a62449dccaa850300c0603551d1304"
"0530030101ff300a06082a8648ce3d04030203470030440220349b7d34d7132fb2756576e0"
"bfa36cbe1723337a7a6f5ef9c8d3bf1aa7efa4a5022025c50a91e0aa4272f1f52c3d5583a7"
"d7cee14b178835273a0bd814303e62d714"}

Definition at line 33 of file SecondaryAuthManagerTest.cpp.