veyron/lib/testutil: Helper type for acting as an "identity provider"
in tests.
Change-Id: I56c19685cd0fd2fafb7d82131d53680eaf08ba5f
diff --git a/lib/testutil/security/util.go b/lib/testutil/security/util.go
index f43789e..5a97102 100644
--- a/lib/testutil/security/util.go
+++ b/lib/testutil/security/util.go
@@ -74,3 +74,42 @@
}
return f.Name()
}
+
+// IDProvider is a convenience wrapper over security.Principal that
+// makes a Principal act as an "identity provider" (i.e., provides
+// other principals with a blessing from it).
+type IDProvider struct {
+ p security.Principal
+ b security.Blessings
+}
+
+func NewIDProvider(name string) *IDProvider {
+ p, err := vsecurity.NewPrincipal()
+ if err != nil {
+ panic(err)
+ }
+ b, err := p.BlessSelf(name)
+ if err != nil {
+ panic(err)
+ }
+ return &IDProvider{p, b}
+}
+
+// Bless sets up the provided principal to use blessings from idp as its
+// default.
+func (idp *IDProvider) Bless(who security.Principal, extension string, caveats ...security.Caveat) error {
+ if len(caveats) == 0 {
+ caveats = append(caveats, security.UnconstrainedUse())
+ }
+ blessings, err := idp.p.Bless(who.PublicKey(), idp.b, extension, caveats[0], caveats[1:]...)
+ if err != nil {
+ return err
+ }
+ SetDefaultBlessings(who, blessings)
+ return nil
+}
+
+// PublicKey is the public key of the identity provider.
+func (idp *IDProvider) PublicKey() security.PublicKey {
+ return idp.p.PublicKey()
+}
diff --git a/lib/testutil/security/util_test.go b/lib/testutil/security/util_test.go
index a62d65a..08eb1e1 100644
--- a/lib/testutil/security/util_test.go
+++ b/lib/testutil/security/util_test.go
@@ -63,3 +63,30 @@
t.Fatalf("Got ACL %v, but want %v", loadedACL, acl)
}
}
+
+func TestIDProvider(t *testing.T) {
+ idp := NewIDProvider("foo")
+ p, err := vsecurity.NewPrincipal()
+ if err != nil {
+ t.Fatal(err)
+ }
+ if err := idp.Bless(p, "bar"); err != nil {
+ t.Fatal(err)
+ }
+ if err := p.Roots().Recognized(idp.PublicKey(), "foo"); err != nil {
+ t.Error(err)
+ }
+ if err := p.Roots().Recognized(idp.PublicKey(), "foo/bar"); err != nil {
+ t.Error(err)
+ }
+ def := p.BlessingStore().Default()
+ peers := p.BlessingStore().ForPeer("anyone_else")
+ if def == nil {
+ t.Errorf("BlessingStore should have a default blessing")
+ }
+ if peers != def {
+ t.Errorf("ForPeer(...) returned %v, want %v", peers, def)
+ }
+ // TODO(ashankar): Implement a security.Context and test the string
+ // values as well.
+}
diff --git a/services/mgmt/node/impl/impl_test.go b/services/mgmt/node/impl/impl_test.go
index baaf81a..fdd2c32 100644
--- a/services/mgmt/node/impl/impl_test.go
+++ b/services/mgmt/node/impl/impl_test.go
@@ -824,7 +824,7 @@
defer cleanup()
var (
- proot = newRootPrincipal("root")
+ idp = tsecurity.NewIDProvider("root")
// The two "processes"/runtimes which will act as IPC clients to the
// nodemanager process.
selfRT = rt.R()
@@ -834,10 +834,10 @@
// By default, selfRT and otherRT will have blessings generated based on the
// username/machine name running this process. Since these blessings will appear
// in ACLs, give them recognizable names.
- if err := setDefaultBlessings(selfRT.Principal(), proot, "self"); err != nil {
+ if err := idp.Bless(selfRT.Principal(), "self"); err != nil {
t.Fatal(err)
}
- if err := setDefaultBlessings(otherRT.Principal(), proot, "other"); err != nil {
+ if err := idp.Bless(otherRT.Principal(), "other"); err != nil {
t.Fatal(err)
}
@@ -1046,37 +1046,6 @@
}
}
-// rootPrincipal encapsulates a principal that acts as an "identity provider".
-type rootPrincipal struct {
- p security.Principal
- b security.Blessings
-}
-
-func (r *rootPrincipal) Bless(key security.PublicKey, as string) (security.Blessings, error) {
- return r.p.Bless(key, r.b, as, security.UnconstrainedUse())
-}
-
-func newRootPrincipal(name string) *rootPrincipal {
- p, err := vsecurity.NewPrincipal()
- if err != nil {
- panic(err)
- }
- b, err := p.BlessSelf(name)
- if err != nil {
- panic(err)
- }
- return &rootPrincipal{p, b}
-}
-
-func setDefaultBlessings(p security.Principal, root *rootPrincipal, name string) error {
- b, err := root.Bless(p.PublicKey(), name)
- if err != nil {
- return err
- }
- tsecurity.SetDefaultBlessings(p, b)
- return nil
-}
-
func listAndVerifyAssociations(t *testing.T, stub node.Node, run veyron2.Runtime, expected []node.Association) {
assocs, err := stub.ListAssociations(run.NewContext())
if err != nil {
@@ -1094,7 +1063,7 @@
defer cleanup()
var (
- proot = newRootPrincipal("root")
+ idp = tsecurity.NewIDProvider("root")
// The two "processes"/runtimes which will act as IPC clients to
// the nodemanager process.
selfRT = rt.R()
@@ -1105,10 +1074,10 @@
// on the username/machine name running this process. Since these
// blessings will appear in test expecations, give them readable
// names.
- if err := setDefaultBlessings(selfRT.Principal(), proot, "self"); err != nil {
+ if err := idp.Bless(selfRT.Principal(), "self"); err != nil {
t.Fatal(err)
}
- if err := setDefaultBlessings(otherRT.Principal(), proot, "other"); err != nil {
+ if err := idp.Bless(otherRT.Principal(), "other"); err != nil {
t.Fatal(err)
}
@@ -1203,7 +1172,7 @@
defer cleanup()
var (
- proot = newRootPrincipal("root")
+ idp = tsecurity.NewIDProvider("root")
// The two "processes"/runtimes which will act as IPC clients to
// the nodemanager process.
selfRT = rt.R()
@@ -1215,10 +1184,10 @@
// based on the username/machine name running this process. Since
// these blessings can appear in debugging output, give them
// recognizable names.
- if err := setDefaultBlessings(selfRT.Principal(), proot, "self"); err != nil {
+ if err := idp.Bless(selfRT.Principal(), "self"); err != nil {
t.Fatal(err)
}
- if err := setDefaultBlessings(otherRT.Principal(), proot, "other"); err != nil {
+ if err := idp.Bless(otherRT.Principal(), "other"); err != nil {
t.Fatal(err)
}
