aboutsummaryrefslogtreecommitdiffhomepage
path: root/test/core
diff options
context:
space:
mode:
Diffstat (limited to 'test/core')
-rw-r--r--test/core/end2end/invalid_call_argument_test.c24
-rw-r--r--test/core/security/create_jwt.c2
-rw-r--r--test/core/security/jwt_verifier_test.c54
-rw-r--r--test/core/security/verify_jwt.c2
-rw-r--r--test/core/support/string_test.c16
5 files changed, 98 insertions, 0 deletions
diff --git a/test/core/end2end/invalid_call_argument_test.c b/test/core/end2end/invalid_call_argument_test.c
index 765b6ad1be..d974d2c8ff 100644
--- a/test/core/end2end/invalid_call_argument_test.c
+++ b/test/core/end2end/invalid_call_argument_test.c
@@ -573,6 +573,29 @@ static void test_recv_close_on_server_twice() {
cleanup_test();
}
+static void test_invalid_initial_metadata_reserved_key() {
+ gpr_log(GPR_INFO, "test_invalid_initial_metadata_reserved_key");
+
+ grpc_metadata metadata;
+ metadata.key = ":start_with_colon";
+ metadata.value = "value";
+ metadata.value_length = 6;
+
+ grpc_op *op;
+ prepare_test(1);
+ op = g_state.ops;
+ op->op = GRPC_OP_SEND_INITIAL_METADATA;
+ op->data.send_initial_metadata.count = 1;
+ op->data.send_initial_metadata.metadata = &metadata;
+ op->flags = 0;
+ op->reserved = NULL;
+ op++;
+ GPR_ASSERT(GRPC_CALL_ERROR_INVALID_METADATA ==
+ grpc_call_start_batch(g_state.call, g_state.ops,
+ (size_t)(op - g_state.ops), tag(1), NULL));
+ cleanup_test();
+}
+
int main(int argc, char **argv) {
grpc_test_init(argc, argv);
grpc_init();
@@ -595,6 +618,7 @@ int main(int argc, char **argv) {
test_send_server_status_twice();
test_recv_close_on_server_with_invalid_flags();
test_recv_close_on_server_twice();
+ test_invalid_initial_metadata_reserved_key();
grpc_shutdown();
return 0;
diff --git a/test/core/security/create_jwt.c b/test/core/security/create_jwt.c
index 741ace9bdd..ac795f29d2 100644
--- a/test/core/security/create_jwt.c
+++ b/test/core/security/create_jwt.c
@@ -72,6 +72,7 @@ int main(int argc, char **argv) {
char *scope = NULL;
char *json_key_file_path = NULL;
char *service_url = NULL;
+ grpc_init();
gpr_cmdline *cl = gpr_cmdline_create("create_jwt");
gpr_cmdline_add_string(cl, "json_key", "File path of the json key.",
&json_key_file_path);
@@ -102,5 +103,6 @@ int main(int argc, char **argv) {
create_jwt(json_key_file_path, service_url, scope);
gpr_cmdline_destroy(cl);
+ grpc_shutdown();
return 0;
}
diff --git a/test/core/security/jwt_verifier_test.c b/test/core/security/jwt_verifier_test.c
index 71da935eeb..9be08c8780 100644
--- a/test/core/security/jwt_verifier_test.c
+++ b/test/core/security/jwt_verifier_test.c
@@ -166,6 +166,13 @@ static const char claims_without_time_constraint[] =
" \"jti\": \"jwtuniqueid\","
" \"foo\": \"bar\"}";
+static const char claims_with_bad_subject[] =
+ "{ \"aud\": \"https://foo.com\","
+ " \"iss\": \"evil@blah.foo.com\","
+ " \"sub\": \"juju@blah.foo.com\","
+ " \"jti\": \"jwtuniqueid\","
+ " \"foo\": \"bar\"}";
+
static const char invalid_claims[] =
"{ \"aud\": \"https://foo.com\","
" \"iss\": 46," /* Issuer cannot be a number. */
@@ -179,6 +186,38 @@ typedef struct {
const char *expected_subject;
} verifier_test_config;
+static void test_jwt_issuer_email_domain(void) {
+ const char *d = grpc_jwt_issuer_email_domain("https://foo.com");
+ GPR_ASSERT(d == NULL);
+ d = grpc_jwt_issuer_email_domain("foo.com");
+ GPR_ASSERT(d == NULL);
+ d = grpc_jwt_issuer_email_domain("");
+ GPR_ASSERT(d == NULL);
+ d = grpc_jwt_issuer_email_domain("@");
+ GPR_ASSERT(d == NULL);
+ d = grpc_jwt_issuer_email_domain("bar@foo");
+ GPR_ASSERT(strcmp(d, "foo") == 0);
+ d = grpc_jwt_issuer_email_domain("bar@foo.com");
+ GPR_ASSERT(strcmp(d, "foo.com") == 0);
+ d = grpc_jwt_issuer_email_domain("bar@blah.foo.com");
+ GPR_ASSERT(strcmp(d, "foo.com") == 0);
+ d = grpc_jwt_issuer_email_domain("bar.blah@blah.foo.com");
+ GPR_ASSERT(strcmp(d, "foo.com") == 0);
+ d = grpc_jwt_issuer_email_domain("bar.blah@baz.blah.foo.com");
+ GPR_ASSERT(strcmp(d, "foo.com") == 0);
+
+ /* This is not a very good parser but make sure we do not crash on these weird
+ inputs. */
+ d = grpc_jwt_issuer_email_domain("@foo");
+ GPR_ASSERT(strcmp(d, "foo") == 0);
+ d = grpc_jwt_issuer_email_domain("bar@.");
+ GPR_ASSERT(d != NULL);
+ d = grpc_jwt_issuer_email_domain("bar@..");
+ GPR_ASSERT(d != NULL);
+ d = grpc_jwt_issuer_email_domain("bar@...");
+ GPR_ASSERT(d != NULL);
+}
+
static void test_claims_success(void) {
grpc_jwt_claims *claims;
grpc_slice s = grpc_slice_from_copied_string(claims_without_time_constraint);
@@ -250,6 +289,19 @@ static void test_bad_audience_claims_failure(void) {
grpc_exec_ctx_finish(&exec_ctx);
}
+static void test_bad_subject_claims_failure(void) {
+ grpc_jwt_claims *claims;
+ grpc_slice s = grpc_slice_from_copied_string(claims_with_bad_subject);
+ grpc_json *json = grpc_json_parse_string_with_len(
+ (char *)GRPC_SLICE_START_PTR(s), GRPC_SLICE_LENGTH(s));
+ GPR_ASSERT(json != NULL);
+ claims = grpc_jwt_claims_from_json(json, s);
+ GPR_ASSERT(claims != NULL);
+ GPR_ASSERT(grpc_jwt_claims_check(claims, "https://foo.com") ==
+ GRPC_JWT_VERIFIER_BAD_SUBJECT);
+ grpc_jwt_claims_destroy(claims);
+}
+
static char *json_key_str(const char *last_part) {
size_t result_len = strlen(json_key_str_part1) + strlen(json_key_str_part2) +
strlen(last_part);
@@ -577,10 +629,12 @@ static void test_jwt_verifier_bad_format(void) {
int main(int argc, char **argv) {
grpc_test_init(argc, argv);
grpc_init();
+ test_jwt_issuer_email_domain();
test_claims_success();
test_expired_claims_failure();
test_invalid_claims_failure();
test_bad_audience_claims_failure();
+ test_bad_subject_claims_failure();
test_jwt_verifier_google_email_issuer_success();
test_jwt_verifier_custom_email_issuer_success();
test_jwt_verifier_url_issuer_success();
diff --git a/test/core/security/verify_jwt.c b/test/core/security/verify_jwt.c
index 32169bb8d2..bbd4a67ac1 100644
--- a/test/core/security/verify_jwt.c
+++ b/test/core/security/verify_jwt.c
@@ -93,6 +93,7 @@ int main(int argc, char **argv) {
char *aud = NULL;
grpc_exec_ctx exec_ctx = GRPC_EXEC_CTX_INIT;
+ grpc_init();
cl = gpr_cmdline_create("JWT verifier tool");
gpr_cmdline_add_string(cl, "jwt", "JSON web token to verify", &jwt);
gpr_cmdline_add_string(cl, "aud", "Audience for the JWT", &aud);
@@ -131,5 +132,6 @@ int main(int argc, char **argv) {
grpc_jwt_verifier_destroy(verifier);
gpr_cmdline_destroy(cl);
+ grpc_shutdown();
return !sync.success;
}
diff --git a/test/core/support/string_test.c b/test/core/support/string_test.c
index 78b77fad8e..af232db350 100644
--- a/test/core/support/string_test.c
+++ b/test/core/support/string_test.c
@@ -243,6 +243,8 @@ static void test_int64toa() {
static void test_leftpad() {
char *padded;
+ LOG_TEST_NAME("test_leftpad");
+
padded = gpr_leftpad("foo", ' ', 5);
GPR_ASSERT(0 == strcmp(" foo", padded));
gpr_free(padded);
@@ -273,12 +275,25 @@ static void test_leftpad() {
}
static void test_stricmp(void) {
+ LOG_TEST_NAME("test_stricmp");
+
GPR_ASSERT(0 == gpr_stricmp("hello", "hello"));
GPR_ASSERT(0 == gpr_stricmp("HELLO", "hello"));
GPR_ASSERT(gpr_stricmp("a", "b") < 0);
GPR_ASSERT(gpr_stricmp("b", "a") > 0);
}
+static void test_memrchr(void) {
+ LOG_TEST_NAME("test_memrchr");
+
+ GPR_ASSERT(NULL == gpr_memrchr(NULL, 'a', 0));
+ GPR_ASSERT(NULL == gpr_memrchr("", 'a', 0));
+ GPR_ASSERT(NULL == gpr_memrchr("hello", 'b', 5));
+ GPR_ASSERT(0 == strcmp((const char *)gpr_memrchr("hello", 'h', 5), "hello"));
+ GPR_ASSERT(0 == strcmp((const char *)gpr_memrchr("hello", 'o', 5), "o"));
+ GPR_ASSERT(0 == strcmp((const char *)gpr_memrchr("hello", 'l', 5), "lo"));
+}
+
int main(int argc, char **argv) {
grpc_test_init(argc, argv);
test_strdup();
@@ -291,5 +306,6 @@ int main(int argc, char **argv) {
test_int64toa();
test_leftpad();
test_stricmp();
+ test_memrchr();
return 0;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-05 05:31:45 +0000