aboutsummaryrefslogtreecommitdiffhomepage
path: root/test/core/security/jwt_verifier_test.cc
diff options
context:
space:
mode:
Diffstat (limited to 'test/core/security/jwt_verifier_test.cc')
-rw-r--r--test/core/security/jwt_verifier_test.cc146
1 files changed, 66 insertions, 80 deletions
diff --git a/test/core/security/jwt_verifier_test.cc b/test/core/security/jwt_verifier_test.cc
index df0ebe5607..e219260b1d 100644
--- a/test/core/security/jwt_verifier_test.cc
+++ b/test/core/security/jwt_verifier_test.cc
@@ -209,8 +209,8 @@ static void test_claims_success(void) {
grpc_json* json = grpc_json_parse_string_with_len(
(char*)GRPC_SLICE_START_PTR(s), GRPC_SLICE_LENGTH(s));
GPR_ASSERT(json != nullptr);
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- claims = grpc_jwt_claims_from_json(&exec_ctx, json, s);
+ grpc_core::ExecCtx exec_ctx;
+ claims = grpc_jwt_claims_from_json(json, s);
GPR_ASSERT(claims != nullptr);
GPR_ASSERT(grpc_jwt_claims_json(claims) == json);
GPR_ASSERT(strcmp(grpc_jwt_claims_audience(claims), "https://foo.com") == 0);
@@ -219,8 +219,7 @@ static void test_claims_success(void) {
GPR_ASSERT(strcmp(grpc_jwt_claims_id(claims), "jwtuniqueid") == 0);
GPR_ASSERT(grpc_jwt_claims_check(claims, "https://foo.com") ==
GRPC_JWT_VERIFIER_OK);
- grpc_jwt_claims_destroy(&exec_ctx, claims);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_claims_destroy(claims);
}
static void test_expired_claims_failure(void) {
@@ -232,8 +231,8 @@ static void test_expired_claims_failure(void) {
gpr_timespec exp_exp = {120, 0, GPR_CLOCK_REALTIME};
gpr_timespec exp_nbf = {60, 0, GPR_CLOCK_REALTIME};
GPR_ASSERT(json != nullptr);
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- claims = grpc_jwt_claims_from_json(&exec_ctx, json, s);
+ grpc_core::ExecCtx exec_ctx;
+ claims = grpc_jwt_claims_from_json(json, s);
GPR_ASSERT(claims != nullptr);
GPR_ASSERT(grpc_jwt_claims_json(claims) == json);
GPR_ASSERT(strcmp(grpc_jwt_claims_audience(claims), "https://foo.com") == 0);
@@ -246,17 +245,15 @@ static void test_expired_claims_failure(void) {
GPR_ASSERT(grpc_jwt_claims_check(claims, "https://foo.com") ==
GRPC_JWT_VERIFIER_TIME_CONSTRAINT_FAILURE);
- grpc_jwt_claims_destroy(&exec_ctx, claims);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_claims_destroy(claims);
}
static void test_invalid_claims_failure(void) {
grpc_slice s = grpc_slice_from_copied_string(invalid_claims);
grpc_json* json = grpc_json_parse_string_with_len(
(char*)GRPC_SLICE_START_PTR(s), GRPC_SLICE_LENGTH(s));
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- GPR_ASSERT(grpc_jwt_claims_from_json(&exec_ctx, json, s) == nullptr);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_core::ExecCtx exec_ctx;
+ GPR_ASSERT(grpc_jwt_claims_from_json(json, s) == nullptr);
}
static void test_bad_audience_claims_failure(void) {
@@ -265,13 +262,12 @@ static void test_bad_audience_claims_failure(void) {
grpc_json* json = grpc_json_parse_string_with_len(
(char*)GRPC_SLICE_START_PTR(s), GRPC_SLICE_LENGTH(s));
GPR_ASSERT(json != nullptr);
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- claims = grpc_jwt_claims_from_json(&exec_ctx, json, s);
+ grpc_core::ExecCtx exec_ctx;
+ claims = grpc_jwt_claims_from_json(json, s);
GPR_ASSERT(claims != nullptr);
GPR_ASSERT(grpc_jwt_claims_check(claims, "https://bar.com") ==
GRPC_JWT_VERIFIER_BAD_AUDIENCE);
- grpc_jwt_claims_destroy(&exec_ctx, claims);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_claims_destroy(claims);
}
static void test_bad_subject_claims_failure(void) {
@@ -280,13 +276,12 @@ static void test_bad_subject_claims_failure(void) {
grpc_json* json = grpc_json_parse_string_with_len(
(char*)GRPC_SLICE_START_PTR(s), GRPC_SLICE_LENGTH(s));
GPR_ASSERT(json != nullptr);
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- claims = grpc_jwt_claims_from_json(&exec_ctx, json, s);
+ grpc_core::ExecCtx exec_ctx;
+ claims = grpc_jwt_claims_from_json(json, s);
GPR_ASSERT(claims != nullptr);
GPR_ASSERT(grpc_jwt_claims_check(claims, "https://foo.com") ==
GRPC_JWT_VERIFIER_BAD_SUBJECT);
- grpc_jwt_claims_destroy(&exec_ctx, claims);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_claims_destroy(claims);
}
static char* json_key_str(const char* last_part) {
@@ -323,17 +318,16 @@ static grpc_httpcli_response http_response(int status, char* body) {
}
static int httpcli_post_should_not_be_called(
- grpc_exec_ctx* exec_ctx, const grpc_httpcli_request* request,
- const char* body_bytes, size_t body_size, grpc_millis deadline,
- grpc_closure* on_done, grpc_httpcli_response* response) {
+ const grpc_httpcli_request* request, const char* body_bytes,
+ size_t body_size, grpc_millis deadline, grpc_closure* on_done,
+ grpc_httpcli_response* response) {
GPR_ASSERT("HTTP POST should not be called" == nullptr);
return 1;
}
static int httpcli_get_google_keys_for_email(
- grpc_exec_ctx* exec_ctx, const grpc_httpcli_request* request,
- grpc_millis deadline, grpc_closure* on_done,
- grpc_httpcli_response* response) {
+ const grpc_httpcli_request* request, grpc_millis deadline,
+ grpc_closure* on_done, grpc_httpcli_response* response) {
*response = http_response(200, good_google_email_keys());
GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl);
GPR_ASSERT(strcmp(request->host, "www.googleapis.com") == 0);
@@ -341,22 +335,22 @@ static int httpcli_get_google_keys_for_email(
"/robot/v1/metadata/x509/"
"777-abaslkan11hlb6nmim3bpspl31ud@developer."
"gserviceaccount.com") == 0);
- GRPC_CLOSURE_SCHED(exec_ctx, on_done, GRPC_ERROR_NONE);
+ GRPC_CLOSURE_SCHED(on_done, GRPC_ERROR_NONE);
return 1;
}
-static void on_verification_success(grpc_exec_ctx* exec_ctx, void* user_data,
+static void on_verification_success(void* user_data,
grpc_jwt_verifier_status status,
grpc_jwt_claims* claims) {
GPR_ASSERT(status == GRPC_JWT_VERIFIER_OK);
GPR_ASSERT(claims != nullptr);
GPR_ASSERT(user_data == (void*)expected_user_data);
GPR_ASSERT(strcmp(grpc_jwt_claims_audience(claims), expected_audience) == 0);
- grpc_jwt_claims_destroy(exec_ctx, claims);
+ grpc_jwt_claims_destroy(claims);
}
static void test_jwt_verifier_google_email_issuer_success(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(nullptr, 0);
char* jwt = nullptr;
char* key_str = json_key_str(json_key_str_part3_for_google_email_issuer);
@@ -369,28 +363,27 @@ static void test_jwt_verifier_google_email_issuer_success(void) {
nullptr);
grpc_auth_json_key_destruct(&key);
GPR_ASSERT(jwt != nullptr);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, jwt, expected_audience,
+ grpc_jwt_verifier_verify(verifier, nullptr, jwt, expected_audience,
on_verification_success, (void*)expected_user_data);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
gpr_free(jwt);
grpc_httpcli_set_override(nullptr, nullptr);
}
static int httpcli_get_custom_keys_for_email(
- grpc_exec_ctx* exec_ctx, const grpc_httpcli_request* request,
- grpc_millis deadline, grpc_closure* on_done,
- grpc_httpcli_response* response) {
+ const grpc_httpcli_request* request, grpc_millis deadline,
+ grpc_closure* on_done, grpc_httpcli_response* response) {
*response = http_response(200, gpr_strdup(good_jwk_set));
GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl);
GPR_ASSERT(strcmp(request->host, "keys.bar.com") == 0);
GPR_ASSERT(strcmp(request->http.path, "/jwk/foo@bar.com") == 0);
- GRPC_CLOSURE_SCHED(exec_ctx, on_done, GRPC_ERROR_NONE);
+ GRPC_CLOSURE_SCHED(on_done, GRPC_ERROR_NONE);
return 1;
}
static void test_jwt_verifier_custom_email_issuer_success(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(&custom_mapping, 1);
char* jwt = nullptr;
char* key_str = json_key_str(json_key_str_part3_for_custom_email_issuer);
@@ -403,28 +396,26 @@ static void test_jwt_verifier_custom_email_issuer_success(void) {
nullptr);
grpc_auth_json_key_destruct(&key);
GPR_ASSERT(jwt != nullptr);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, jwt, expected_audience,
+ grpc_jwt_verifier_verify(verifier, nullptr, jwt, expected_audience,
on_verification_success, (void*)expected_user_data);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
gpr_free(jwt);
grpc_httpcli_set_override(nullptr, nullptr);
}
-static int httpcli_get_jwk_set(grpc_exec_ctx* exec_ctx,
- const grpc_httpcli_request* request,
+static int httpcli_get_jwk_set(const grpc_httpcli_request* request,
grpc_millis deadline, grpc_closure* on_done,
grpc_httpcli_response* response) {
*response = http_response(200, gpr_strdup(good_jwk_set));
GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl);
GPR_ASSERT(strcmp(request->host, "www.googleapis.com") == 0);
GPR_ASSERT(strcmp(request->http.path, "/oauth2/v3/certs") == 0);
- GRPC_CLOSURE_SCHED(exec_ctx, on_done, GRPC_ERROR_NONE);
+ GRPC_CLOSURE_SCHED(on_done, GRPC_ERROR_NONE);
return 1;
}
-static int httpcli_get_openid_config(grpc_exec_ctx* exec_ctx,
- const grpc_httpcli_request* request,
+static int httpcli_get_openid_config(const grpc_httpcli_request* request,
grpc_millis deadline,
grpc_closure* on_done,
grpc_httpcli_response* response) {
@@ -434,12 +425,12 @@ static int httpcli_get_openid_config(grpc_exec_ctx* exec_ctx,
GPR_ASSERT(strcmp(request->http.path, GRPC_OPENID_CONFIG_URL_SUFFIX) == 0);
grpc_httpcli_set_override(httpcli_get_jwk_set,
httpcli_post_should_not_be_called);
- GRPC_CLOSURE_SCHED(exec_ctx, on_done, GRPC_ERROR_NONE);
+ GRPC_CLOSURE_SCHED(on_done, GRPC_ERROR_NONE);
return 1;
}
static void test_jwt_verifier_url_issuer_success(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(nullptr, 0);
char* jwt = nullptr;
char* key_str = json_key_str(json_key_str_part3_for_url_issuer);
@@ -452,16 +443,15 @@ static void test_jwt_verifier_url_issuer_success(void) {
nullptr);
grpc_auth_json_key_destruct(&key);
GPR_ASSERT(jwt != nullptr);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, jwt, expected_audience,
+ grpc_jwt_verifier_verify(verifier, nullptr, jwt, expected_audience,
on_verification_success, (void*)expected_user_data);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
gpr_free(jwt);
grpc_httpcli_set_override(nullptr, nullptr);
}
-static void on_verification_key_retrieval_error(grpc_exec_ctx* exec_ctx,
- void* user_data,
+static void on_verification_key_retrieval_error(void* user_data,
grpc_jwt_verifier_status status,
grpc_jwt_claims* claims) {
GPR_ASSERT(status == GRPC_JWT_VERIFIER_KEY_RETRIEVAL_ERROR);
@@ -469,18 +459,17 @@ static void on_verification_key_retrieval_error(grpc_exec_ctx* exec_ctx,
GPR_ASSERT(user_data == (void*)expected_user_data);
}
-static int httpcli_get_bad_json(grpc_exec_ctx* exec_ctx,
- const grpc_httpcli_request* request,
+static int httpcli_get_bad_json(const grpc_httpcli_request* request,
grpc_millis deadline, grpc_closure* on_done,
grpc_httpcli_response* response) {
*response = http_response(200, gpr_strdup("{\"bad\": \"stuff\"}"));
GPR_ASSERT(request->handshaker == &grpc_httpcli_ssl);
- GRPC_CLOSURE_SCHED(exec_ctx, on_done, GRPC_ERROR_NONE);
+ GRPC_CLOSURE_SCHED(on_done, GRPC_ERROR_NONE);
return 1;
}
static void test_jwt_verifier_url_issuer_bad_config(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(nullptr, 0);
char* jwt = nullptr;
char* key_str = json_key_str(json_key_str_part3_for_url_issuer);
@@ -493,17 +482,17 @@ static void test_jwt_verifier_url_issuer_bad_config(void) {
nullptr);
grpc_auth_json_key_destruct(&key);
GPR_ASSERT(jwt != nullptr);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, jwt, expected_audience,
+ grpc_jwt_verifier_verify(verifier, nullptr, jwt, expected_audience,
on_verification_key_retrieval_error,
(void*)expected_user_data);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
gpr_free(jwt);
grpc_httpcli_set_override(nullptr, nullptr);
}
static void test_jwt_verifier_bad_json_key(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(nullptr, 0);
char* jwt = nullptr;
char* key_str = json_key_str(json_key_str_part3_for_google_email_issuer);
@@ -516,11 +505,11 @@ static void test_jwt_verifier_bad_json_key(void) {
nullptr);
grpc_auth_json_key_destruct(&key);
GPR_ASSERT(jwt != nullptr);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, jwt, expected_audience,
+ grpc_jwt_verifier_verify(verifier, nullptr, jwt, expected_audience,
on_verification_key_retrieval_error,
(void*)expected_user_data);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
gpr_free(jwt);
grpc_httpcli_set_override(nullptr, nullptr);
}
@@ -532,9 +521,8 @@ static void corrupt_jwt_sig(char* jwt) {
char* last_dot = strrchr(jwt, '.');
GPR_ASSERT(last_dot != nullptr);
{
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
- sig = grpc_base64_decode(&exec_ctx, last_dot + 1, 1);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_core::ExecCtx exec_ctx;
+ sig = grpc_base64_decode(last_dot + 1, 1);
}
GPR_ASSERT(!GRPC_SLICE_IS_EMPTY(sig));
sig_bytes = GRPC_SLICE_START_PTR(sig);
@@ -546,8 +534,7 @@ static void corrupt_jwt_sig(char* jwt) {
grpc_slice_unref(sig);
}
-static void on_verification_bad_signature(grpc_exec_ctx* exec_ctx,
- void* user_data,
+static void on_verification_bad_signature(void* user_data,
grpc_jwt_verifier_status status,
grpc_jwt_claims* claims) {
GPR_ASSERT(status == GRPC_JWT_VERIFIER_BAD_SIGNATURE);
@@ -556,7 +543,7 @@ static void on_verification_bad_signature(grpc_exec_ctx* exec_ctx,
}
static void test_jwt_verifier_bad_signature(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(nullptr, 0);
char* jwt = nullptr;
char* key_str = json_key_str(json_key_str_part3_for_url_issuer);
@@ -570,17 +557,16 @@ static void test_jwt_verifier_bad_signature(void) {
grpc_auth_json_key_destruct(&key);
corrupt_jwt_sig(jwt);
GPR_ASSERT(jwt != nullptr);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, jwt, expected_audience,
+ grpc_jwt_verifier_verify(verifier, nullptr, jwt, expected_audience,
on_verification_bad_signature,
(void*)expected_user_data);
gpr_free(jwt);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
grpc_httpcli_set_override(nullptr, nullptr);
}
-static int httpcli_get_should_not_be_called(grpc_exec_ctx* exec_ctx,
- const grpc_httpcli_request* request,
+static int httpcli_get_should_not_be_called(const grpc_httpcli_request* request,
grpc_millis deadline,
grpc_closure* on_done,
grpc_httpcli_response* response) {
@@ -588,7 +574,7 @@ static int httpcli_get_should_not_be_called(grpc_exec_ctx* exec_ctx,
return 1;
}
-static void on_verification_bad_format(grpc_exec_ctx* exec_ctx, void* user_data,
+static void on_verification_bad_format(void* user_data,
grpc_jwt_verifier_status status,
grpc_jwt_claims* claims) {
GPR_ASSERT(status == GRPC_JWT_VERIFIER_BAD_FORMAT);
@@ -597,15 +583,15 @@ static void on_verification_bad_format(grpc_exec_ctx* exec_ctx, void* user_data,
}
static void test_jwt_verifier_bad_format(void) {
- grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_core::ExecCtx exec_ctx;
grpc_jwt_verifier* verifier = grpc_jwt_verifier_create(nullptr, 0);
grpc_httpcli_set_override(httpcli_get_should_not_be_called,
httpcli_post_should_not_be_called);
- grpc_jwt_verifier_verify(&exec_ctx, verifier, nullptr, "bad jwt",
- expected_audience, on_verification_bad_format,
+ grpc_jwt_verifier_verify(verifier, nullptr, "bad jwt", expected_audience,
+ on_verification_bad_format,
(void*)expected_user_data);
- grpc_jwt_verifier_destroy(&exec_ctx, verifier);
- grpc_exec_ctx_finish(&exec_ctx);
+ grpc_jwt_verifier_destroy(verifier);
+ grpc_core::ExecCtx::Get()->Flush();
grpc_httpcli_set_override(nullptr, nullptr);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-23 20:21:51 +0000