TestInsecureCreds tests the use of insecure creds on the server and client side, and verifies that expect security level and auth info are returned. Also verifies that this credential can interop with existing `WithInsecure` DialOption.
(t *testing.T)
| 61 | // Also verifies that this credential can interop with existing `WithInsecure` |
| 62 | // DialOption. |
| 63 | func (s) TestInsecureCreds(t *testing.T) { |
| 64 | tests := []struct { |
| 65 | desc string |
| 66 | clientInsecureCreds bool |
| 67 | serverInsecureCreds bool |
| 68 | }{ |
| 69 | { |
| 70 | desc: "client and server insecure creds", |
| 71 | clientInsecureCreds: true, |
| 72 | serverInsecureCreds: true, |
| 73 | }, |
| 74 | { |
| 75 | desc: "client only insecure creds", |
| 76 | clientInsecureCreds: true, |
| 77 | }, |
| 78 | { |
| 79 | desc: "server only insecure creds", |
| 80 | serverInsecureCreds: true, |
| 81 | }, |
| 82 | } |
| 83 | |
| 84 | for _, test := range tests { |
| 85 | t.Run(test.desc, func(t *testing.T) { |
| 86 | lis, err := testutils.LocalTCPListener() |
| 87 | if err != nil { |
| 88 | t.Fatalf("net.Listen(tcp, localhost:0) failed: %v", err) |
| 89 | } |
| 90 | |
| 91 | ss := &stubserver.StubServer{ |
| 92 | Listener: lis, |
| 93 | EmptyCallF: func(ctx context.Context, _ *testpb.Empty) (*testpb.Empty, error) { |
| 94 | if !test.serverInsecureCreds { |
| 95 | return &testpb.Empty{}, nil |
| 96 | } |
| 97 | |
| 98 | pr, ok := peer.FromContext(ctx) |
| 99 | if !ok { |
| 100 | return nil, status.Error(codes.DataLoss, "Failed to get peer from ctx") |
| 101 | } |
| 102 | // Check security level. |
| 103 | secLevel := getSecurityLevel(pr.AuthInfo) |
| 104 | if secLevel == credentials.InvalidSecurityLevel { |
| 105 | return nil, status.Errorf(codes.Unauthenticated, "peer.AuthInfo does not implement GetCommonAuthInfo()") |
| 106 | } |
| 107 | if secLevel != credentials.NoSecurity { |
| 108 | return nil, status.Errorf(codes.Unauthenticated, "Wrong security level: got %q, want %q", secLevel, credentials.NoSecurity) |
| 109 | } |
| 110 | return &testpb.Empty{}, nil |
| 111 | }, |
| 112 | } |
| 113 | sOpts := []grpc.ServerOption{} |
| 114 | if test.serverInsecureCreds { |
| 115 | ss.S = grpc.NewServer(grpc.Creds(insecure.NewCredentials())) |
| 116 | } else { |
| 117 | ss.S = grpc.NewServer(sOpts...) |
| 118 | } |
| 119 | stubserver.StartTestService(t, ss) |
| 120 | defer ss.S.Stop() |
nothing calls this directly
no test coverage detected