Consul is a distributed, highly available, and data center aware solution to connect and configure applications across dynamic, distributed infrastructure.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

120 lines
2.7 KiB

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: BUSL-1.1
package peering
import (
"errors"
"testing"
"github.com/stretchr/testify/require"
"github.com/hashicorp/consul/agent/structs"
)
func TestValidatePeeringToken(t *testing.T) {
type testCase struct {
name string
token *structs.PeeringToken
wantErr error
}
tt := []testCase{
{
name: "empty",
token: &structs.PeeringToken{},
wantErr: errPeeringTokenEmptyServerAddresses,
},
{
name: "empty CA",
token: &structs.PeeringToken{
CA: []string{},
},
wantErr: errPeeringTokenEmptyServerAddresses,
},
{
name: "invalid CA",
token: &structs.PeeringToken{
CA: []string{"notavalidcert"},
},
wantErr: errors.New("peering token invalid CA: no PEM-encoded data found"),
},
{
name: "invalid CA cert",
token: &structs.PeeringToken{
CA: []string{invalidCA},
},
wantErr: errors.New("peering token invalid CA: x509: malformed certificate"),
},
{
name: "invalid address port",
token: &structs.PeeringToken{
CA: []string{validCA},
ServerAddresses: []string{"1.2.3.4"},
},
wantErr: &errPeeringInvalidServerAddress{
"1.2.3.4",
},
},
{
name: "invalid address port - manual",
token: &structs.PeeringToken{
CA: []string{validCA},
ManualServerAddresses: []string{"1.2.3.4"},
},
wantErr: &errPeeringInvalidServerAddress{
"1.2.3.4",
},
},
{
name: "invalid server name",
token: &structs.PeeringToken{
CA: []string{validCA},
ServerAddresses: []string{"1.2.3.4:80"},
},
wantErr: errPeeringTokenEmptyServerName,
},
{
name: "invalid peer ID",
token: &structs.PeeringToken{
CA: []string{validCA},
ServerAddresses: []string{validAddress},
ServerName: validServerName,
},
wantErr: errPeeringTokenEmptyPeerID,
},
{
name: "valid token",
token: &structs.PeeringToken{
CA: []string{validCA},
ServerAddresses: []string{validAddress},
ServerName: validServerName,
PeerID: validPeerID,
},
},
{
name: "valid token with hostname address",
token: &structs.PeeringToken{
CA: []string{validCA},
ServerAddresses: []string{validHostnameAddress},
ServerName: validServerName,
PeerID: validPeerID,
},
},
}
for _, tc := range tt {
t.Run(tc.name, func(t *testing.T) {
err := validatePeeringToken(tc.token)
if tc.wantErr != nil {
if err == nil {
t.Error("expected error but got nil")
return
}
require.Contains(t, err.Error(), tc.wantErr.Error())
return
}
require.NoError(t, err)
})
}
}