Skip to content

Overhaul tracker keys: add more tests #990

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
josecelano merged 2 commits into from
Aug 1, 2024
Merged

Overhaul tracker keys: add more tests #990

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8d58882
refactor: make method private
josecelano Aug 1, 2024
349692b
test: [#989] add more tests for keys
josecelano Aug 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
248 changes: 188 additions & 60 deletions src/core/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -988,9 +988,7 @@ impl Tracker {
/// # Errors
///
/// Will return a `key::Error` if unable to get any `auth_key`.
pub async fn verify_auth_key(&self, key: &Key) -> Result<(), auth::Error> {
// code-review: this function is public only because it's used in a test.
// We should change the test and make it private.
async fn verify_auth_key(&self, key: &Key) -> Result<(), auth::Error> {
match self.keys.read().await.get(key) {
None => Err(auth::Error::UnableToReadKey {
location: Location::caller(),
Expand Down Expand Up @@ -1787,35 +1785,8 @@ mod tests {
use std::str::FromStr;
use std::time::Duration;

use torrust_tracker_clock::clock::Time;
use torrust_tracker_configuration::v2::core::PrivateMode;

use crate::core::auth::{self, Key};
use crate::core::auth::{self};
use crate::core::tests::the_tracker::private_tracker;
use crate::CurrentClock;

#[tokio::test]
async fn it_should_generate_the_expiring_authentication_keys() {
let tracker = private_tracker();

let key = tracker.generate_auth_key(Some(Duration::from_secs(100))).await.unwrap();

assert_eq!(
key.valid_until,
Some(CurrentClock::now_add(&Duration::from_secs(100)).unwrap())
);
}

#[tokio::test]
async fn it_should_authenticate_a_peer_by_using_a_key() {
let tracker = private_tracker();

let expiring_key = tracker.generate_auth_key(Some(Duration::from_secs(100))).await.unwrap();

let result = tracker.authenticate(&expiring_key.key()).await;

assert!(result.is_ok());
}

#[tokio::test]
async fn it_should_fail_authenticating_a_peer_when_it_uses_an_unregistered_key() {
Expand All @@ -1828,35 +1799,6 @@ mod tests {
assert!(result.is_err());
}

#[tokio::test]
async fn it_should_verify_a_valid_authentication_key() {
// todo: this should not be tested directly because
// `verify_auth_key` should be a private method.
let tracker = private_tracker();

let expiring_key = tracker.generate_auth_key(Some(Duration::from_secs(100))).await.unwrap();

assert!(tracker.verify_auth_key(&expiring_key.key()).await.is_ok());
}

#[tokio::test]
async fn it_should_accept_an_expired_key_when_checking_expiration_is_disabled_in_configuration() {
let mut tracker = private_tracker();

tracker.config.private_mode = Some(PrivateMode {
check_keys_expiration: false,
});

let past_time = Some(Duration::ZERO);

let expiring_key = tracker
.add_auth_key(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap(), past_time)
.await
.unwrap();

assert!(tracker.authenticate(&expiring_key.key()).await.is_ok());
}

#[tokio::test]
async fn it_should_fail_verifying_an_unregistered_authentication_key() {
let tracker = private_tracker();
Expand Down Expand Up @@ -1892,6 +1834,192 @@ mod tests {
assert!(result.is_ok());
assert!(tracker.verify_auth_key(&expiring_key.key()).await.is_ok());
}

mod with_expiring_and {

mod randomly_generated_keys {
use std::time::Duration;

use torrust_tracker_clock::clock::Time;
use torrust_tracker_configuration::v2::core::PrivateMode;

use crate::core::auth::Key;
use crate::core::tests::the_tracker::private_tracker;
use crate::CurrentClock;

#[tokio::test]
async fn it_should_generate_the_key() {
let tracker = private_tracker();

let peer_key = tracker.generate_auth_key(Some(Duration::from_secs(100))).await.unwrap();

assert_eq!(
peer_key.valid_until,
Some(CurrentClock::now_add(&Duration::from_secs(100)).unwrap())
);
}

#[tokio::test]
async fn it_should_authenticate_a_peer_with_the_key() {
let tracker = private_tracker();

let peer_key = tracker.generate_auth_key(Some(Duration::from_secs(100))).await.unwrap();

let result = tracker.authenticate(&peer_key.key()).await;

assert!(result.is_ok());
}

#[tokio::test]
async fn it_should_accept_an_expired_key_when_checking_expiration_is_disabled_in_configuration() {
let mut tracker = private_tracker();

tracker.config.private_mode = Some(PrivateMode {
check_keys_expiration: false,
});

let past_timestamp = Duration::ZERO;

let peer_key = tracker
.add_auth_key(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap(), Some(past_timestamp))
.await
.unwrap();

assert!(tracker.authenticate(&peer_key.key()).await.is_ok());
}
}

mod pre_generated_keys {
use std::time::Duration;

use torrust_tracker_clock::clock::Time;
use torrust_tracker_configuration::v2::core::PrivateMode;

use crate::core::auth::Key;
use crate::core::tests::the_tracker::private_tracker;
use crate::core::AddKeyRequest;
use crate::CurrentClock;

#[tokio::test]
async fn it_should_add_a_pre_generated_key() {
let tracker = private_tracker();

let peer_key = tracker
.add_peer_key(AddKeyRequest {
opt_key: Some(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap().to_string()),
opt_seconds_valid: Some(100),
})
.await
.unwrap();

assert_eq!(
peer_key.valid_until,
Some(CurrentClock::now_add(&Duration::from_secs(100)).unwrap())
);
}

#[tokio::test]
async fn it_should_authenticate_a_peer_with_the_key() {
let tracker = private_tracker();

let peer_key = tracker
.add_peer_key(AddKeyRequest {
opt_key: Some(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap().to_string()),
opt_seconds_valid: Some(100),
})
.await
.unwrap();

let result = tracker.authenticate(&peer_key.key()).await;

assert!(result.is_ok());
}

#[tokio::test]
async fn it_should_accept_an_expired_key_when_checking_expiration_is_disabled_in_configuration() {
let mut tracker = private_tracker();

tracker.config.private_mode = Some(PrivateMode {
check_keys_expiration: false,
});

let peer_key = tracker
.add_peer_key(AddKeyRequest {
opt_key: Some(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap().to_string()),
opt_seconds_valid: Some(0),
})
.await
.unwrap();

assert!(tracker.authenticate(&peer_key.key()).await.is_ok());
}
}
}

mod with_permanent_and {

mod randomly_generated_keys {
use crate::core::tests::the_tracker::private_tracker;

#[tokio::test]
async fn it_should_generate_the_key() {
let tracker = private_tracker();

let peer_key = tracker.generate_permanent_auth_key().await.unwrap();

assert_eq!(peer_key.valid_until, None);
}

#[tokio::test]
async fn it_should_authenticate_a_peer_with_the_key() {
let tracker = private_tracker();

let peer_key = tracker.generate_permanent_auth_key().await.unwrap();

let result = tracker.authenticate(&peer_key.key()).await;

assert!(result.is_ok());
}
}

mod pre_generated_keys {
use crate::core::auth::Key;
use crate::core::tests::the_tracker::private_tracker;
use crate::core::AddKeyRequest;

#[tokio::test]
async fn it_should_add_a_pre_generated_key() {
let tracker = private_tracker();

let peer_key = tracker
.add_peer_key(AddKeyRequest {
opt_key: Some(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap().to_string()),
opt_seconds_valid: None,
})
.await
.unwrap();

assert_eq!(peer_key.valid_until, None);
}

#[tokio::test]
async fn it_should_authenticate_a_peer_with_the_key() {
let tracker = private_tracker();

let peer_key = tracker
.add_peer_key(AddKeyRequest {
opt_key: Some(Key::new("YZSl4lMZupRuOpSRC3krIKR5BPB14nrJ").unwrap().to_string()),
opt_seconds_valid: None,
})
.await
.unwrap();

let result = tracker.authenticate(&peer_key.key()).await;

assert!(result.is_ok());
}
}
}
}

mod handling_an_announce_request {}
Expand Down
9 changes: 3 additions & 6 deletions tests/servers/api/v1/contract/context/auth_key.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,9 @@ async fn should_allow_generating_a_new_random_auth_key() {

let auth_key_resource = assert_auth_key_utf8(response).await;

// Verify the key with the tracker
assert!(env
.tracker
.verify_auth_key(&auth_key_resource.key.parse::<Key>().unwrap())
.authenticate(&auth_key_resource.key.parse::<Key>().unwrap())
.await
.is_ok());

Expand All @@ -49,10 +48,9 @@ async fn should_allow_uploading_a_preexisting_auth_key() {

let auth_key_resource = assert_auth_key_utf8(response).await;

// Verify the key with the tracker
assert!(env
.tracker
.verify_auth_key(&auth_key_resource.key.parse::<Key>().unwrap())
.authenticate(&auth_key_resource.key.parse::<Key>().unwrap())
.await
.is_ok());

Expand Down Expand Up @@ -357,10 +355,9 @@ mod deprecated_generate_key_endpoint {

let auth_key_resource = assert_auth_key_utf8(response).await;

// Verify the key with the tracker
assert!(env
.tracker
.verify_auth_key(&auth_key_resource.key.parse::<Key>().unwrap())
.authenticate(&auth_key_resource.key.parse::<Key>().unwrap())
.await
.is_ok());

Expand Down