// Copyright (c) 2023 Alibaba Group Holding Ltd. // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. // You may obtain a copy of the License at // // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, software // distributed under the License is distributed on an "AS IS" BASIS, // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // See the License for the specific language governing permissions and // limitations under the License. package tests import ( "testing" "github.com/alibaba/higress/test/e2e/conformance/utils/http" "github.com/alibaba/higress/test/e2e/conformance/utils/suite" ) func init() { Register(WasmPluginsKeyAuth) } var WasmPluginsKeyAuth = suite.ConformanceTest{ ShortName: "WasmPluginsKeyAuth", Description: "The Ingress in the higress-conformance-infra namespace test the key-auth WASM plugin.", Manifests: []string{"tests/go-wasm-key-auth.yaml"}, Features: []suite.SupportedFeature{suite.WASMGoConformanceFeature}, Test: func(t *testing.T, suite *suite.ConformanceTestSuite) { testcases := []http.Assertion{ { Meta: http.AssertionMeta{ TestCaseName: "case 1: Successful authentication", TargetBackend: "infra-backend-v1", TargetNamespace: "higress-conformance-infra", }, Request: http.AssertionRequest{ ActualRequest: http.Request{ Host: "foo.com", Path: "/foo", Headers: map[string]string{"x-api-key": "token11111111111111111111"}, }, ExpectedRequest: &http.ExpectedRequest{ Request: http.Request{ Host: "foo.com", Path: "/foo", Headers: map[string]string{"X-Mse-Consumer": "consumer1"}, }, }, }, Response: http.AssertionResponse{ ExpectedResponse: http.Response{ StatusCode: 200, }, }, }, { Meta: http.AssertionMeta{ TestCaseName: "case 2: No Key Authentication information found", TargetBackend: "infra-backend-v1", TargetNamespace: "higress-conformance-infra", }, Request: http.AssertionRequest{ ActualRequest: http.Request{ Host: "foo.com", Path: "/foo", }, }, Response: http.AssertionResponse{ ExpectedResponse: http.Response{ StatusCode: 401, }, }, }, { Meta: http.AssertionMeta{ TestCaseName: "case 3: Invalid token", TargetBackend: "infra-backend-v1", TargetNamespace: "higress-conformance-infra", }, Request: http.AssertionRequest{ ActualRequest: http.Request{ Host: "foo.com", Path: "/foo", Headers: map[string]string{"x-api-key": "xxxxxxxxxnotfoundtoken"}, }, }, Response: http.AssertionResponse{ ExpectedResponse: http.Response{ StatusCode: 403, }, }, }, { Meta: http.AssertionMeta{ TestCaseName: "case 4: Unauthorized consumer", TargetBackend: "infra-backend-v1", TargetNamespace: "higress-conformance-infra", }, Request: http.AssertionRequest{ ActualRequest: http.Request{ Host: "foo.com", Path: "/foo", Headers: map[string]string{"x-api-key": "token22222222222222222222"}, }, }, Response: http.AssertionResponse{ ExpectedResponse: http.Response{ StatusCode: 403, }, }, }, { Meta: http.AssertionMeta{ TestCaseName: "case 5: Muti Key Authentication information found", TargetBackend: "infra-backend-v1", TargetNamespace: "higress-conformance-infra", }, Request: http.AssertionRequest{ ActualRequest: http.Request{ Host: "foo.com", Path: "/foo", Headers: map[string]string{"apikey": "token11111111111111111111", "x-api-key": "token11111111111111111111"}, }, }, Response: http.AssertionResponse{ ExpectedResponse: http.Response{ StatusCode: 401, }, }, }, } t.Run("WasmPlugins key-auth", func(t *testing.T) { for _, testcase := range testcases { http.MakeRequestAndExpectEventuallyConsistentResponse(t, suite.RoundTripper, suite.TimeoutConfig, suite.GatewayAddress, testcase) } }) }, }