aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorGravatar Michael Lumish <mlumish@google.com>2015-10-15 16:15:20 -0700
committerGravatar Michael Lumish <mlumish@google.com>2015-10-15 16:15:20 -0700
commit5e75116b9f8e0c60e3a3705aac132ee5fd2ac491 (patch)
treeea5fc30a3e4e7f85b1a3725804463f13d1da2898
parentb0840b5af96595327cdabc49e823d5ecd9ae1b01 (diff)
parent59a15a8558336e6194bd0af5389c616a597c6cae (diff)
Merge pull request #3854 from stanley-cheung/php_add_auth_interop_tests
PHP: add remaining auth interop tests
-rwxr-xr-xsrc/php/tests/interop/interop_client.php157
-rwxr-xr-xtools/run_tests/run_interop_tests.py18
2 files changed, 128 insertions, 47 deletions
diff --git a/src/php/tests/interop/interop_client.php b/src/php/tests/interop/interop_client.php
index 1f903053a7..6670ef3ab9 100755
--- a/src/php/tests/interop/interop_client.php
+++ b/src/php/tests/interop/interop_client.php
@@ -36,6 +36,9 @@ require 'empty.php';
require 'message_set.php';
require 'messages.php';
require 'test.php';
+use Google\Auth\CredentialsLoader;
+use Google\Auth\ApplicationDefaultCredentials;
+use GuzzleHttp\ClientInterface;
/**
* Assertion function that always exits with an error code if the assertion is
@@ -52,7 +55,6 @@ function hardAssert($value, $error_message) {
/**
* Run the empty_unary test.
- * Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods
*/
function emptyUnary($stub) {
@@ -63,7 +65,6 @@ function emptyUnary($stub) {
/**
* Run the large_unary test.
- * Passes when run against the C++/Node server as of 2015-04-30
* @param $stub Stub object that has service methods
*/
function largeUnary($stub) {
@@ -76,7 +77,8 @@ function largeUnary($stub) {
* @param $fillUsername boolean whether to fill result with username
* @param $fillOauthScope boolean whether to fill result with oauth scope
*/
-function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false) {
+function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false,
+ $metadata = array()) {
$request_len = 271828;
$response_len = 314159;
@@ -90,7 +92,7 @@ function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false
$request->setFillUsername($fillUsername);
$request->setFillOauthScope($fillOauthScope);
- list($result, $status) = $stub->UnaryCall($request)->wait();
+ list($result, $status) = $stub->UnaryCall($request, $metadata)->wait();
hardAssert($status->code === Grpc\STATUS_OK, 'Call did not complete successfully');
hardAssert($result !== null, 'Call returned a null response');
$payload = $result->getPayload();
@@ -105,7 +107,6 @@ function performLargeUnary($stub, $fillUsername = false, $fillOauthScope = false
/**
* Run the service account credentials auth test.
- * Passes when run against the cloud server as of 2015-04-30
* @param $stub Stub object that has service methods
* @param $args array command line args
*/
@@ -114,7 +115,7 @@ function serviceAccountCreds($stub, $args) {
throw new Exception('Missing oauth scope');
}
$jsonKey = json_decode(
- file_get_contents(getenv(Google\Auth\CredentialsLoader::ENV_VAR)),
+ file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
true);
$result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true);
hardAssert($result->getUsername() == $jsonKey['client_email'],
@@ -143,13 +144,12 @@ function computeEngineCreds($stub, $args) {
/**
* Run the jwt token credentials auth test.
- * Passes when run against the cloud server as of 2015-05-12
* @param $stub Stub object that has service methods
* @param $args array command line args
*/
function jwtTokenCreds($stub, $args) {
$jsonKey = json_decode(
- file_get_contents(getenv(Google\Auth\CredentialsLoader::ENV_VAR)),
+ file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
true);
$result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true);
hardAssert($result->getUsername() == $jsonKey['client_email'],
@@ -157,8 +157,44 @@ function jwtTokenCreds($stub, $args) {
}
/**
+ * Run the oauth2_auth_token auth test.
+ * @param $stub Stub object that has service methods
+ * @param $args array command line args
+ */
+function oauth2AuthToken($stub, $args) {
+ $jsonKey = json_decode(
+ file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
+ true);
+ $result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true);
+ hardAssert($result->getUsername() == $jsonKey['client_email'],
+ 'invalid email returned');
+}
+
+/**
+ * Run the per_rpc_creds auth test.
+ * @param $stub Stub object that has service methods
+ * @param $args array command line args
+ */
+function perRpcCreds($stub, $args) {
+ $jsonKey = json_decode(
+ file_get_contents(getenv(CredentialsLoader::ENV_VAR)),
+ true);
+ $auth_credentials = ApplicationDefaultCredentials::getCredentials(
+ $args['oauth_scope']
+ );
+ $token = $auth_credentials->fetchAuthToken();
+ $metadata = array(CredentialsLoader::AUTH_METADATA_KEY =>
+ array(sprintf("%s %s",
+ $token['token_type'],
+ $token['access_token'])));
+ $result = performLargeUnary($stub, $fillUsername=true, $fillOauthScope=true,
+ $metadata);
+ hardAssert($result->getUsername() == $jsonKey['client_email'],
+ 'invalid email returned');
+}
+
+/**
* Run the client_streaming test.
- * Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods
*/
function clientStreaming($stub) {
@@ -185,7 +221,6 @@ function clientStreaming($stub) {
/**
* Run the server_streaming test.
- * Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods.
*/
function serverStreaming($stub) {
@@ -216,7 +251,6 @@ function serverStreaming($stub) {
/**
* Run the ping_pong test.
- * Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods.
*/
function pingPong($stub) {
@@ -252,7 +286,6 @@ function pingPong($stub) {
/**
* Run the empty_stream test.
- * Passes when run against the Node server as of 2015-10-09
* @param $stub Stub object that has service methods.
*/
function emptyStream($stub) {
@@ -265,7 +298,6 @@ function emptyStream($stub) {
/**
* Run the cancel_after_begin test.
- * Passes when run against the Node server as of 2015-08-28
* @param $stub Stub object that has service methods.
*/
function cancelAfterBegin($stub) {
@@ -278,7 +310,6 @@ function cancelAfterBegin($stub) {
/**
* Run the cancel_after_first_response test.
- * Passes when run against the Node server as of 2015-04-30
* @param $stub Stub object that has service methods.
*/
function cancelAfterFirstResponse($stub) {
@@ -319,12 +350,17 @@ function timeoutOnSleepingServer($stub) {
}
$args = getopt('', array('server_host:', 'server_port:', 'test_case:',
+ 'use_tls::', 'use_test_ca::',
'server_host_override:', 'oauth_scope:',
'default_service_account:'));
-if (!array_key_exists('server_host', $args) ||
- !array_key_exists('server_port', $args) ||
- !array_key_exists('test_case', $args)) {
- throw new Exception('Missing argument');
+if (!array_key_exists('server_host', $args)) {
+ throw new Exception('Missing argument: --server_host is required');
+}
+if (!array_key_exists('server_port', $args)) {
+ throw new Exception('Missing argument: --server_port is required');
+}
+if (!array_key_exists('test_case', $args)) {
+ throw new Exception('Missing argument: --test_case is required');
}
if ($args['server_port'] == 443) {
@@ -333,41 +369,76 @@ if ($args['server_port'] == 443) {
$server_address = $args['server_host'] . ':' . $args['server_port'];
}
-if (!array_key_exists('server_host_override', $args)) {
- $args['server_host_override'] = 'foo.test.google.fr';
+$test_case = $args['test_case'];
+
+$host_override = 'foo.test.google.fr';
+if (array_key_exists('server_host_override', $args)) {
+ $host_override = $args['server_host_override'];
+}
+
+$use_tls = false;
+if (array_key_exists('use_tls', $args) &&
+ $args['use_tls'] != 'false') {
+ $use_tls = true;
}
-$ssl_cert_file = getenv('SSL_CERT_FILE');
-if (!$ssl_cert_file) {
- $ssl_cert_file = dirname(__FILE__) . '/../data/ca.pem';
+$use_test_ca = false;
+if (array_key_exists('use_test_ca', $args) &&
+ $args['use_test_ca'] != 'false') {
+ $use_test_ca = true;
}
-$credentials = Grpc\Credentials::createSsl(file_get_contents($ssl_cert_file));
+$opts = [];
-$opts = [
- 'grpc.ssl_target_name_override' => $args['server_host_override'],
- 'credentials' => $credentials,
- ];
+if ($use_tls) {
+ if ($use_test_ca) {
+ $ssl_cert_file = dirname(__FILE__) . '/../data/ca.pem';
+ } else {
+ $ssl_cert_file = getenv('SSL_CERT_FILE');
+ }
+ $ssl_credentials = Grpc\Credentials::createSsl(
+ file_get_contents($ssl_cert_file));
+ $opts['credentials'] = $ssl_credentials;
+ $opts['grpc.ssl_target_name_override'] = $host_override;
+}
-if (in_array($args['test_case'], array(
- 'service_account_creds',
- 'compute_engine_creds',
- 'jwt_token_creds'))) {
- if ($args['test_case'] == 'jwt_token_creds') {
- $auth = Google\Auth\ApplicationDefaultCredentials::getCredentials();
+if (in_array($test_case, array('service_account_creds',
+ 'compute_engine_creds', 'jwt_token_creds'))) {
+ if ($test_case == 'jwt_token_creds') {
+ $auth_credentials = ApplicationDefaultCredentials::getCredentials();
} else {
- $auth = Google\Auth\ApplicationDefaultCredentials::getCredentials(
- $args['oauth_scope']);
+ $auth_credentials = ApplicationDefaultCredentials::getCredentials(
+ $args['oauth_scope']
+ );
}
- $opts['update_metadata'] = $auth->getUpdateMetadataFunc();
+ $opts['update_metadata'] = $auth_credentials->getUpdateMetadataFunc();
+}
+
+if ($test_case == 'oauth2_auth_token') {
+ $auth_credentials = ApplicationDefaultCredentials::getCredentials(
+ $args['oauth_scope']
+ );
+ $token = $auth_credentials->fetchAuthToken();
+ $update_metadata =
+ function($metadata,
+ $authUri = null,
+ ClientInterface $client = null) use ($token) {
+ $metadata_copy = $metadata;
+ $metadata_copy[CredentialsLoader::AUTH_METADATA_KEY] =
+ array(sprintf("%s %s",
+ $token['token_type'],
+ $token['access_token']));
+ return $metadata_copy;
+ };
+ $opts['update_metadata'] = $update_metadata;
}
$stub = new grpc\testing\TestServiceClient($server_address, $opts);
echo "Connecting to $server_address\n";
-echo "Running test case $args[test_case]\n";
+echo "Running test case $test_case\n";
-switch ($args['test_case']) {
+switch ($test_case) {
case 'empty_unary':
emptyUnary($stub);
break;
@@ -404,7 +475,13 @@ switch ($args['test_case']) {
case 'jwt_token_creds':
jwtTokenCreds($stub, $args);
break;
+ case 'oauth2_auth_token':
+ oauth2AuthToken($stub, $args);
+ break;
+ case 'per_rpc_creds':
+ perRpcCreds($stub, $args);
+ break;
default:
- echo "Unsupported test case $args[test_case]\n";
+ echo "Unsupported test case $test_case\n";
exit(1);
}
diff --git a/tools/run_tests/run_interop_tests.py b/tools/run_tests/run_interop_tests.py
index 1814ba1abc..a4b6a747ed 100755
--- a/tools/run_tests/run_interop_tests.py
+++ b/tools/run_tests/run_interop_tests.py
@@ -220,17 +220,20 @@ class PHPLanguage:
def cloud_to_prod_args(self):
return (self.client_cmdline_base + _CLOUD_TO_PROD_BASE_ARGS +
- ['--use_tls'])
+ ['--use_tls=true'])
def cloud_to_cloud_args(self):
return (self.client_cmdline_base + _CLOUD_TO_CLOUD_BASE_ARGS +
- ['--use_tls', '--use_test_ca'])
+ ['--use_tls=true', '--use_test_ca=true'])
def cloud_to_prod_env(self):
return _SSL_CERT_ENV
def global_env(self):
- return {}
+ # need to manually copy to each jenkins machine if we run into github
+ # rate limit when running `composer install`
+ return {"BUILD_INTEROP_DOCKER_EXTRA_ARGS":
+ "-v /var/local/.composer/auth.json:/root/.composer/auth.json:ro"}
def __str__(self):
return 'php'
@@ -472,15 +475,16 @@ def server_jobspec(language, docker_image):
def build_interop_image_jobspec(language, tag=None):
"""Creates jobspec for building interop docker image for a language"""
+ environ = language.global_env()
if not tag:
tag = 'grpc_interop_%s:%s' % (language.safename, uuid.uuid4())
- env = {'INTEROP_IMAGE': tag,
- 'BASE_NAME': 'grpc_interop_%s' % language.safename}
+ environ['INTEROP_IMAGE'] = tag
+ environ['BASE_NAME'] = 'grpc_interop_%s' % language.safename
if not args.travis:
- env['TTY_FLAG'] = '-t'
+ environ['TTY_FLAG'] = '-t'
build_job = jobset.JobSpec(
cmdline=['tools/jenkins/build_interop_image.sh'],
- environ=env,
+ environ=environ,
shortname="build_docker_%s" % (language),
timeout_seconds=30*60)
build_job.tag = tag