MCPcopy
hub / github.com/nats-io/nats.go / TestExpiredAuthentication

Function TestExpiredAuthentication

nats_test.go:1247–1401  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

1245}
1246
1247func TestExpiredAuthentication(t *testing.T) {
1248 // The goal of these tests was to check how a client with an expiring JWT
1249 // behaves. It should receive an async -ERR indicating that the auth
1250 // has expired, which will trigger reconnects. There, the lib should
1251 // received -ERR for auth violation in response to the CONNECT (instead
1252 // of the PONG). The library should close the connection after receiving
1253 // twice the same auth error.
1254 // If we use an actual JWT that expires, the way the JWT library expires
1255 // a JWT cause the server to send the async -ERR first but then accepts
1256 // the CONNECT (since JWT lib does not say that it has expired), but
1257 // when the server sets up the expire callback, that callback fires right
1258 // away and so client receives async -ERR again.
1259 // So for a deterministic test, we won't use an actual NATS Server.
1260 // Instead, we will use a mock that simply returns appropriate -ERR and
1261 // ensure the client behaves as expected.
1262 for _, test := range []struct {
1263 name string
1264 expectedProto string
1265 expectedErr error
1266 ignoreAbort bool
1267 }{
1268 {"expired users credentials", AUTHENTICATION_EXPIRED_ERR, ErrAuthExpired, false},
1269 {"revoked users credentials", AUTHENTICATION_REVOKED_ERR, ErrAuthRevoked, false},
1270 {"expired account", ACCOUNT_AUTHENTICATION_EXPIRED_ERR, ErrAccountAuthExpired, false},
1271 {"expired users credentials", AUTHENTICATION_EXPIRED_ERR, ErrAuthExpired, true},
1272 {"revoked users credentials", AUTHENTICATION_REVOKED_ERR, ErrAuthRevoked, true},
1273 {"expired account", ACCOUNT_AUTHENTICATION_EXPIRED_ERR, ErrAccountAuthExpired, true},
1274 } {
1275 t.Run(test.name, func(t *testing.T) {
1276 l, e := net.Listen("tcp", "127.0.0.1:0")
1277 if e != nil {
1278 t.Fatal("Could not listen on an ephemeral port")
1279 }
1280 tl := l.(*net.TCPListener)
1281 defer tl.Close()
1282
1283 addr := tl.Addr().(*net.TCPAddr)
1284
1285 wg := sync.WaitGroup{}
1286 wg.Add(1)
1287
1288 go func() {
1289 defer wg.Done()
1290 connect := 0
1291 for {
1292 conn, err := l.Accept()
1293 if err != nil {
1294 return
1295 }
1296 defer conn.Close()
1297
1298 info := "INFO {\"server_id\":\"foobar\",\"nonce\":\"anonce\"}\r\n"
1299 conn.Write([]byte(info))
1300
1301 // Read connect and ping commands sent from the client
1302 br := bufio.NewReaderSize(conn, 10*1024)
1303 br.ReadLine()
1304 br.ReadLine()

Callers

nothing calls this directly

Calls 14

ReconnectWaitFunction · 0.85
ReconnectJitterFunction · 0.85
MaxReconnectsFunction · 0.85
ErrorHandlerFunction · 0.85
ClosedHandlerFunction · 0.85
IgnoreAuthErrorAbortFunction · 0.85
ConnectFunction · 0.85
FatalfMethod · 0.80
WaitTimeFunction · 0.70
AddMethod · 0.65
DoneMethod · 0.65
StatsMethod · 0.65

Tested by

no test coverage detected