test(auth): authn & authz http placeholder in HTTP path
This commit is contained in:
JimMoen
parent
15ef9892c5
commit
c1dfd0aa36
|
|
@ -184,14 +184,14 @@ test_authenticators(PathPrefix) ->
|
||||||
InvalidConfig0
|
InvalidConfig0
|
||||||
),
|
),
|
||||||
|
|
||||||
InvalidConfig1 = ValidConfig#{
|
ValidConfig1 = ValidConfig#{
|
||||||
method => <<"get">>,
|
method => <<"get">>,
|
||||||
headers => #{<<"content-type">> => <<"application/json">>}
|
headers => #{<<"content-type">> => <<"application/json">>}
|
||||||
},
|
},
|
||||||
{ok, 400, _} = request(
|
{ok, 200, _} = request(
|
||||||
post,
|
put,
|
||||||
uri(PathPrefix ++ [?CONF_NS]),
|
uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
|
||||||
InvalidConfig1
|
ValidConfig1
|
||||||
),
|
),
|
||||||
|
|
||||||
?assertAuthenticatorsMatch(
|
?assertAuthenticatorsMatch(
|
||||||
|
|
@ -264,23 +264,23 @@ test_authenticator(PathPrefix) ->
|
||||||
InvalidConfig0
|
InvalidConfig0
|
||||||
),
|
),
|
||||||
|
|
||||||
InvalidConfig1 = ValidConfig0#{
|
ValidConfig1 = ValidConfig0#{
|
||||||
method => <<"get">>,
|
method => <<"get">>,
|
||||||
headers => #{<<"content-type">> => <<"application/json">>}
|
headers => #{<<"content-type">> => <<"application/json">>}
|
||||||
},
|
},
|
||||||
{ok, 400, _} = request(
|
|
||||||
put,
|
|
||||||
uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
|
|
||||||
InvalidConfig1
|
|
||||||
),
|
|
||||||
|
|
||||||
ValidConfig1 = ValidConfig0#{pool_size => 9},
|
|
||||||
{ok, 200, _} = request(
|
{ok, 200, _} = request(
|
||||||
put,
|
put,
|
||||||
uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
|
uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
|
||||||
ValidConfig1
|
ValidConfig1
|
||||||
),
|
),
|
||||||
|
|
||||||
|
ValidConfig2 = ValidConfig0#{pool_size => 9},
|
||||||
|
{ok, 200, _} = request(
|
||||||
|
put,
|
||||||
|
uri(PathPrefix ++ [?CONF_NS, "password_based:http"]),
|
||||||
|
ValidConfig2
|
||||||
|
),
|
||||||
|
|
||||||
{ok, 404, _} = request(
|
{ok, 404, _} = request(
|
||||||
delete,
|
delete,
|
||||||
uri(PathPrefix ++ [?CONF_NS, "password_based:redis"])
|
uri(PathPrefix ++ [?CONF_NS, "password_based:redis"])
|
||||||
|
|
|
||||||
|
|
@ -201,6 +201,54 @@ t_query_params(_Config) ->
|
||||||
emqx_access_control:authorize(ClientInfo, publish, <<"t">>)
|
emqx_access_control:authorize(ClientInfo, publish, <<"t">>)
|
||||||
).
|
).
|
||||||
|
|
||||||
|
t_path(_Config) ->
|
||||||
|
ok = setup_handler_and_config(
|
||||||
|
fun(Req0, State) ->
|
||||||
|
?assertEqual(
|
||||||
|
<<
|
||||||
|
"/authz/users/"
|
||||||
|
"user%20name/"
|
||||||
|
"client%20id/"
|
||||||
|
"127.0.0.1/"
|
||||||
|
"MQTT/"
|
||||||
|
"MOUNTPOINT/"
|
||||||
|
"t/1/"
|
||||||
|
"publish"
|
||||||
|
>>,
|
||||||
|
cowboy_req:path(Req0)
|
||||||
|
),
|
||||||
|
Req = cowboy_req:reply(200, Req0),
|
||||||
|
{ok, Req, State}
|
||||||
|
end,
|
||||||
|
#{
|
||||||
|
<<"url">> => <<
|
||||||
|
"http://127.0.0.1:33333/authz/users/"
|
||||||
|
"${username}/"
|
||||||
|
"${clientid}/"
|
||||||
|
"${peerhost}/"
|
||||||
|
"${proto_name}/"
|
||||||
|
"${mountpoint}/"
|
||||||
|
"${topic}/"
|
||||||
|
"${action}"
|
||||||
|
>>
|
||||||
|
}
|
||||||
|
),
|
||||||
|
|
||||||
|
ClientInfo = #{
|
||||||
|
clientid => <<"client id">>,
|
||||||
|
username => <<"user name">>,
|
||||||
|
peerhost => {127, 0, 0, 1},
|
||||||
|
protocol => <<"MQTT">>,
|
||||||
|
mountpoint => <<"MOUNTPOINT">>,
|
||||||
|
zone => default,
|
||||||
|
listener => {tcp, default}
|
||||||
|
},
|
||||||
|
|
||||||
|
?assertEqual(
|
||||||
|
allow,
|
||||||
|
emqx_access_control:authorize(ClientInfo, publish, <<"t/1">>)
|
||||||
|
).
|
||||||
|
|
||||||
t_json_body(_Config) ->
|
t_json_body(_Config) ->
|
||||||
ok = setup_handler_and_config(
|
ok = setup_handler_and_config(
|
||||||
fun(Req0, State) ->
|
fun(Req0, State) ->
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue