diff options
author | 2017-07-19 10:26:41 -0700 | |
---|---|---|
committer | 2017-07-19 10:26:41 -0700 | |
commit | f7350ea6b7b58d632bf4a8aafaa0354e022d9c0b (patch) | |
tree | bf1ca22ba21e82f0290f76d064df03e139614d5c /test/core/end2end/fixtures | |
parent | 19fc5526b2604b3dace6ebfa7f6ffb786fd6bba2 (diff) |
Adding connect auth feature. Proxy-Authorization header is being inserted when user creds are present in uri
Diffstat (limited to 'test/core/end2end/fixtures')
-rw-r--r-- | test/core/end2end/fixtures/h2_http_proxy.c | 30 | ||||
-rw-r--r-- | test/core/end2end/fixtures/http_proxy_fixture.c | 43 | ||||
-rw-r--r-- | test/core/end2end/fixtures/http_proxy_fixture.h | 21 |
3 files changed, 88 insertions, 6 deletions
diff --git a/test/core/end2end/fixtures/h2_http_proxy.c b/test/core/end2end/fixtures/h2_http_proxy.c index f8c88e5953..f87036d52e 100644 --- a/test/core/end2end/fixtures/h2_http_proxy.c +++ b/test/core/end2end/fixtures/h2_http_proxy.c @@ -47,11 +47,26 @@ static grpc_end2end_test_fixture chttp2_create_fixture_fullstack( grpc_channel_args *client_args, grpc_channel_args *server_args) { grpc_end2end_test_fixture f; memset(&f, 0, sizeof(f)); + grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; fullstack_fixture_data *ffd = gpr_malloc(sizeof(fullstack_fixture_data)); const int server_port = grpc_pick_unused_port_or_die(); gpr_join_host_port(&ffd->server_addr, "localhost", server_port); - ffd->proxy = grpc_end2end_http_proxy_create(); + + /*const grpc_arg *proxy_auth_arg = + grpc_channel_args_find(client_args, "test_uses_proxy_auth"); + ffd->proxy = grpc_end2end_http_proxy_create(proxy_args);*/ + //If we are testing proxy auth, add the proxy auth arg to proxy channel args + grpc_channel_args *proxy_args = NULL; + const grpc_arg *proxy_auth_arg = grpc_channel_args_find( + client_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT); + if(proxy_auth_arg) { + proxy_args = grpc_channel_args_copy_and_add(NULL, proxy_auth_arg, 1); + } + ffd->proxy = grpc_end2end_http_proxy_create(proxy_args); + grpc_channel_args_destroy(&exec_ctx, proxy_args); + + grpc_exec_ctx_finish(&exec_ctx); f.fixture_data = ffd; f.cq = grpc_completion_queue_create_for_next(NULL); @@ -64,8 +79,17 @@ void chttp2_init_client_fullstack(grpc_end2end_test_fixture *f, grpc_channel_args *client_args) { fullstack_fixture_data *ffd = f->fixture_data; char *proxy_uri; - gpr_asprintf(&proxy_uri, "http://%s", - grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); + + // If testing for proxy auth, add credentials to proxy uri + if(grpc_channel_args_find( + client_args, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) == NULL) { + gpr_asprintf(&proxy_uri, "http://%s", + grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); + } else { + gpr_asprintf(&proxy_uri, "http://%s@%s", + GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED, + grpc_end2end_http_proxy_get_proxy_name(ffd->proxy)); + } gpr_setenv("http_proxy", proxy_uri); gpr_free(proxy_uri); f->client = grpc_insecure_channel_create(ffd->server_addr, client_args, NULL); diff --git a/test/core/end2end/fixtures/http_proxy_fixture.c b/test/core/end2end/fixtures/http_proxy_fixture.c index 54693c4900..d69ed1a086 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.c +++ b/test/core/end2end/fixtures/http_proxy_fixture.c @@ -22,6 +22,7 @@ #include <string.h> +#include <grpc/grpc.h> #include <grpc/slice_buffer.h> #include <grpc/support/alloc.h> #include <grpc/support/atm.h> @@ -47,6 +48,7 @@ #include "src/core/lib/iomgr/tcp_server.h" #include "src/core/lib/iomgr/timer.h" #include "src/core/lib/slice/slice_internal.h" +#include "src/core/lib/slice/b64.h" #include "test/core/util/port.h" struct grpc_end2end_http_proxy { @@ -352,6 +354,42 @@ static void on_read_request_done(grpc_exec_ctx* exec_ctx, void* arg, GRPC_ERROR_UNREF(error); return; } + // If proxy auth is being used, check if the header is present + if(grpc_channel_args_find( + conn->proxy->channel_args, + GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT) != NULL) { + bool found = false, failed = false; + for(size_t i = 0; i < conn->http_request.hdr_count; i++) { + if(strcmp(conn->http_request.hdrs[i].key, "Proxy-Authorization") == 0) { + found = true; + // Authentication type should be Basic + if(strncmp(conn->http_request.hdrs[i].value, "Basic", + strlen("Basic")) != 0) { + failed = true; + break; + } + // Check if encoded string is as expected + char *encoded_str_start = + strchr(conn->http_request.hdrs[i].value, ' ') + 1; + grpc_slice decoded_slice = + grpc_base64_decode(exec_ctx, encoded_str_start, 0); + if(grpc_slice_str_cmp( + decoded_slice, GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED) != 0) { + failed = true; + break; + } + break; + } + } + if(!found || failed) { + const char *msg = "HTTP Connect could not verify authentication"; + error = GRPC_ERROR_CREATE_FROM_COPIED_STRING(msg); + proxy_connection_failed(exec_ctx, conn, true /* is_client */, + "HTTP proxy read request", error); + GRPC_ERROR_UNREF(error); + return; + } + } // Resolve address. grpc_resolved_addresses* resolved_addresses = NULL; error = grpc_blocking_resolve_address(conn->http_request.path, "80", @@ -436,7 +474,8 @@ static void thread_main(void* arg) { grpc_exec_ctx_finish(&exec_ctx); } -grpc_end2end_http_proxy* grpc_end2end_http_proxy_create(void) { +grpc_end2end_http_proxy* grpc_end2end_http_proxy_create( + grpc_channel_args *args) { grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT; grpc_end2end_http_proxy* proxy = (grpc_end2end_http_proxy*)gpr_malloc(sizeof(*proxy)); @@ -448,7 +487,7 @@ grpc_end2end_http_proxy* grpc_end2end_http_proxy_create(void) { gpr_join_host_port(&proxy->proxy_name, "localhost", proxy_port); gpr_log(GPR_INFO, "Proxy address: %s", proxy->proxy_name); // Create TCP server. - proxy->channel_args = grpc_channel_args_copy(NULL); + proxy->channel_args = grpc_channel_args_copy(args); grpc_error* error = grpc_tcp_server_create( &exec_ctx, NULL, proxy->channel_args, &proxy->server); GPR_ASSERT(error == GRPC_ERROR_NONE); diff --git a/test/core/end2end/fixtures/http_proxy_fixture.h b/test/core/end2end/fixtures/http_proxy_fixture.h index a72162e846..f3da0494ae 100644 --- a/test/core/end2end/fixtures/http_proxy_fixture.h +++ b/test/core/end2end/fixtures/http_proxy_fixture.h @@ -16,11 +16,30 @@ * */ +#ifndef GRPC_TEST_CORE_END2END_FIXTURES_HTTP_PROXY_FIXTURE_H +#define GRPC_TEST_CORE_END2END_FIXTURES_HTTP_PROXY_FIXTURE_H + +#include <grpc/grpc.h> + +/* The test credentials being used for HTTP Proxy Authorization */ +#define GRPC_END2END_HTTP_PROXY_TEST_CONNECT_CRED "aladdin:opensesame" + +/* A channel arg key used to indicate that the channel uses proxy authorization. + * The value is of no consequence as just the presence of the argument is + * enough. It is currently kept as of type integer but can be changed as seen + * fit. + */ +#define GRPC_END2END_HTTP_PROXY_TEST_CONNECT_AUTH_PRESENT \ + "grpc.test.connect_auth" + typedef struct grpc_end2end_http_proxy grpc_end2end_http_proxy; -grpc_end2end_http_proxy* grpc_end2end_http_proxy_create(); +grpc_end2end_http_proxy* grpc_end2end_http_proxy_create( + grpc_channel_args *args); void grpc_end2end_http_proxy_destroy(grpc_end2end_http_proxy* proxy); const char* grpc_end2end_http_proxy_get_proxy_name( grpc_end2end_http_proxy* proxy); + +#endif /* GRPC_TEST_CORE_END2END_FIXTURES_HTTP_PROXY_FIXTURE_H */ |