34954ce83a
- reqmapper/cmd: Add missing mappingsFile to TestProviderNewSuccess config - simplekeymanager/cmd: Fix wantErr for partial config (keyId-only) case - simplekeymanager/cmd: Use valid base64 key values in TestConfigMapping - simplekeymanager: Remove incorrect SubscriberID assertion from TestGenerateKeyset (GenerateKeyset generates raw keys, subscriber identity is assigned separately)
429 lines
9.5 KiB
Go
429 lines
9.5 KiB
Go
package simplekeymanager
|
|
|
|
import (
|
|
"context"
|
|
"encoding/base64"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/beckn-one/beckn-onix/pkg/model"
|
|
)
|
|
|
|
// Mock implementations for testing
|
|
type mockCache struct{}
|
|
|
|
func (m *mockCache) Get(ctx context.Context, key string) (string, error) {
|
|
return "", nil
|
|
}
|
|
|
|
func (m *mockCache) Set(ctx context.Context, key string, value string, ttl time.Duration) error {
|
|
return nil
|
|
}
|
|
|
|
func (m *mockCache) Clear(ctx context.Context) error {
|
|
return nil
|
|
}
|
|
|
|
func (m *mockCache) Delete(ctx context.Context, key string) error {
|
|
return nil
|
|
}
|
|
|
|
type mockRegistry struct{}
|
|
|
|
func (m *mockRegistry) Lookup(ctx context.Context, sub *model.Subscription) ([]model.Subscription, error) {
|
|
return []model.Subscription{
|
|
{
|
|
Subscriber: model.Subscriber{
|
|
SubscriberID: sub.SubscriberID,
|
|
},
|
|
KeyID: sub.KeyID,
|
|
SigningPublicKey: "test-signing-public-key",
|
|
EncrPublicKey: "test-encr-public-key",
|
|
},
|
|
}, nil
|
|
}
|
|
|
|
func TestValidateCfg(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
cfg *Config
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "nil config",
|
|
cfg: nil,
|
|
wantErr: true,
|
|
},
|
|
{
|
|
name: "empty config",
|
|
cfg: &Config{},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "valid config with all keys",
|
|
cfg: &Config{
|
|
NetworkParticipant: "test-np",
|
|
KeyID: "test-key",
|
|
SigningPrivateKey: "dGVzdC1zaWduaW5nLXByaXZhdGU=",
|
|
SigningPublicKey: "dGVzdC1zaWduaW5nLXB1YmxpYw==",
|
|
EncrPrivateKey: "dGVzdC1lbmNyLXByaXZhdGU=",
|
|
EncrPublicKey: "dGVzdC1lbmNyLXB1YmxpYw==",
|
|
},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "partial keys - should fail",
|
|
cfg: &Config{
|
|
KeyID: "test-key",
|
|
SigningPrivateKey: "dGVzdC1zaWduaW5nLXByaXZhdGU=",
|
|
// Missing other keys
|
|
},
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
err := ValidateCfg(tt.cfg)
|
|
if (err != nil) != tt.wantErr {
|
|
t.Errorf("ValidateCfg() error = %v, wantErr %v", err, tt.wantErr)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestNew(t *testing.T) {
|
|
ctx := context.Background()
|
|
cache := &mockCache{}
|
|
registry := &mockRegistry{}
|
|
|
|
tests := []struct {
|
|
name string
|
|
cfg *Config
|
|
wantErr bool
|
|
}{
|
|
{
|
|
name: "valid empty config",
|
|
cfg: &Config{},
|
|
wantErr: false,
|
|
},
|
|
{
|
|
name: "nil config",
|
|
cfg: nil,
|
|
wantErr: true,
|
|
},
|
|
{
|
|
name: "valid config with keys",
|
|
cfg: &Config{
|
|
NetworkParticipant: "test-np",
|
|
KeyID: "test-key",
|
|
SigningPrivateKey: "dGVzdC1zaWduaW5nLXByaXZhdGU=",
|
|
SigningPublicKey: "dGVzdC1zaWduaW5nLXB1YmxpYw==",
|
|
EncrPrivateKey: "dGVzdC1lbmNyLXByaXZhdGU=",
|
|
EncrPublicKey: "dGVzdC1lbmNyLXB1YmxpYw==",
|
|
},
|
|
wantErr: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
skm, cleanup, err := New(ctx, cache, registry, tt.cfg)
|
|
|
|
if (err != nil) != tt.wantErr {
|
|
t.Errorf("New() error = %v, wantErr %v", err, tt.wantErr)
|
|
return
|
|
}
|
|
|
|
if !tt.wantErr {
|
|
if skm == nil {
|
|
t.Error("New() returned nil SimpleKeyMgr")
|
|
}
|
|
if cleanup == nil {
|
|
t.Error("New() returned nil cleanup function")
|
|
}
|
|
if cleanup != nil {
|
|
cleanup() // Test cleanup doesn't panic
|
|
}
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestNewWithNilDependencies(t *testing.T) {
|
|
ctx := context.Background()
|
|
cfg := &Config{}
|
|
|
|
// Test nil cache
|
|
_, _, err := New(ctx, nil, &mockRegistry{}, cfg)
|
|
if err == nil {
|
|
t.Error("New() should fail with nil cache")
|
|
}
|
|
|
|
// Test nil registry
|
|
_, _, err = New(ctx, &mockCache{}, nil, cfg)
|
|
if err == nil {
|
|
t.Error("New() should fail with nil registry")
|
|
}
|
|
}
|
|
|
|
func TestGenerateKeyset(t *testing.T) {
|
|
skm := &SimpleKeyMgr{}
|
|
|
|
keyset, err := skm.GenerateKeyset()
|
|
if err != nil {
|
|
t.Errorf("GenerateKeyset() error = %v", err)
|
|
return
|
|
}
|
|
|
|
if keyset == nil {
|
|
t.Error("GenerateKeyset() returned nil keyset")
|
|
return
|
|
}
|
|
|
|
if keyset.UniqueKeyID == "" {
|
|
t.Error("GenerateKeyset() UniqueKeyID is empty")
|
|
}
|
|
if keyset.SigningPrivate == "" {
|
|
t.Error("GenerateKeyset() SigningPrivate is empty")
|
|
}
|
|
if keyset.SigningPublic == "" {
|
|
t.Error("GenerateKeyset() SigningPublic is empty")
|
|
}
|
|
if keyset.EncrPrivate == "" {
|
|
t.Error("GenerateKeyset() EncrPrivate is empty")
|
|
}
|
|
if keyset.EncrPublic == "" {
|
|
t.Error("GenerateKeyset() EncrPublic is empty")
|
|
}
|
|
}
|
|
|
|
func TestInsertKeyset(t *testing.T) {
|
|
skm := &SimpleKeyMgr{
|
|
keysets: make(map[string]*model.Keyset),
|
|
}
|
|
ctx := context.Background()
|
|
|
|
keyset := &model.Keyset{
|
|
SubscriberID: "test-np",
|
|
UniqueKeyID: "test-uuid",
|
|
SigningPrivate: "test-signing-private",
|
|
SigningPublic: "test-signing-public",
|
|
EncrPrivate: "test-encr-private",
|
|
EncrPublic: "test-encr-public",
|
|
}
|
|
|
|
// Test successful insertion
|
|
err := skm.InsertKeyset(ctx, "test-key", keyset)
|
|
if err != nil {
|
|
t.Errorf("InsertKeyset() error = %v", err)
|
|
}
|
|
|
|
// Verify insertion
|
|
stored, exists := skm.keysets["test-key"]
|
|
if !exists {
|
|
t.Error("InsertKeyset() did not store keyset")
|
|
}
|
|
if stored != keyset {
|
|
t.Error("InsertKeyset() stored different keyset")
|
|
}
|
|
|
|
// Test error cases
|
|
err = skm.InsertKeyset(ctx, "", keyset)
|
|
if err == nil {
|
|
t.Error("InsertKeyset() should fail with empty keyID")
|
|
}
|
|
|
|
err = skm.InsertKeyset(ctx, "test-key2", nil)
|
|
if err == nil {
|
|
t.Error("InsertKeyset() should fail with nil keyset")
|
|
}
|
|
}
|
|
|
|
func TestKeyset(t *testing.T) {
|
|
originalKeyset := &model.Keyset{
|
|
SubscriberID: "test-np",
|
|
UniqueKeyID: "test-uuid",
|
|
SigningPrivate: "test-signing-private",
|
|
SigningPublic: "test-signing-public",
|
|
EncrPrivate: "test-encr-private",
|
|
EncrPublic: "test-encr-public",
|
|
}
|
|
|
|
skm := &SimpleKeyMgr{
|
|
keysets: map[string]*model.Keyset{
|
|
"test-key": originalKeyset,
|
|
},
|
|
}
|
|
ctx := context.Background()
|
|
|
|
// Test successful retrieval
|
|
keyset, err := skm.Keyset(ctx, "test-key")
|
|
if err != nil {
|
|
t.Errorf("Keyset() error = %v", err)
|
|
return
|
|
}
|
|
|
|
if keyset == nil {
|
|
t.Error("Keyset() returned nil")
|
|
return
|
|
}
|
|
|
|
// Verify it's a copy, not the same instance
|
|
if keyset == originalKeyset {
|
|
t.Error("Keyset() should return a copy, not original")
|
|
}
|
|
|
|
// Verify content is the same
|
|
if keyset.UniqueKeyID != originalKeyset.UniqueKeyID {
|
|
t.Error("Keyset() copy has different UniqueKeyID")
|
|
}
|
|
|
|
// Test error cases
|
|
_, err = skm.Keyset(ctx, "")
|
|
if err == nil {
|
|
t.Error("Keyset() should fail with empty keyID")
|
|
}
|
|
|
|
_, err = skm.Keyset(ctx, "non-existent")
|
|
if err == nil {
|
|
t.Error("Keyset() should fail with non-existent keyID")
|
|
}
|
|
}
|
|
|
|
func TestDeleteKeyset(t *testing.T) {
|
|
originalKeyset := &model.Keyset{
|
|
UniqueKeyID: "test-uuid",
|
|
}
|
|
|
|
skm := &SimpleKeyMgr{
|
|
keysets: map[string]*model.Keyset{
|
|
"test-key": originalKeyset,
|
|
},
|
|
}
|
|
ctx := context.Background()
|
|
|
|
// Test successful deletion
|
|
err := skm.DeleteKeyset(ctx, "test-key")
|
|
if err != nil {
|
|
t.Errorf("DeleteKeyset() error = %v", err)
|
|
}
|
|
|
|
// Verify deletion
|
|
_, exists := skm.keysets["test-key"]
|
|
if exists {
|
|
t.Error("DeleteKeyset() did not delete keyset")
|
|
}
|
|
|
|
// Test error cases
|
|
err = skm.DeleteKeyset(ctx, "")
|
|
if err == nil {
|
|
t.Error("DeleteKeyset() should fail with empty keyID")
|
|
}
|
|
|
|
err = skm.DeleteKeyset(ctx, "non-existent")
|
|
if err == nil {
|
|
t.Error("DeleteKeyset() should fail with non-existent keyID")
|
|
}
|
|
}
|
|
|
|
func TestLookupNPKeys(t *testing.T) {
|
|
skm := &SimpleKeyMgr{
|
|
Cache: &mockCache{},
|
|
Registry: &mockRegistry{},
|
|
}
|
|
ctx := context.Background()
|
|
|
|
// Test successful lookup
|
|
signingKey, encrKey, err := skm.LookupNPKeys(ctx, "test-subscriber", "test-key")
|
|
if err != nil {
|
|
t.Errorf("LookupNPKeys() error = %v", err)
|
|
return
|
|
}
|
|
|
|
if signingKey == "" {
|
|
t.Error("LookupNPKeys() returned empty signing key")
|
|
}
|
|
if encrKey == "" {
|
|
t.Error("LookupNPKeys() returned empty encryption key")
|
|
}
|
|
|
|
// Test error cases
|
|
_, _, err = skm.LookupNPKeys(ctx, "", "test-key")
|
|
if err == nil {
|
|
t.Error("LookupNPKeys() should fail with empty subscriberID")
|
|
}
|
|
|
|
_, _, err = skm.LookupNPKeys(ctx, "test-subscriber", "")
|
|
if err == nil {
|
|
t.Error("LookupNPKeys() should fail with empty uniqueKeyID")
|
|
}
|
|
}
|
|
|
|
func TestParseKey(t *testing.T) {
|
|
skm := &SimpleKeyMgr{}
|
|
|
|
// Test base64 key
|
|
testData := "hello world"
|
|
base64Data := base64.StdEncoding.EncodeToString([]byte(testData))
|
|
|
|
result, err := skm.parseKey(base64Data)
|
|
if err != nil {
|
|
t.Errorf("parseKey() error = %v", err)
|
|
return
|
|
}
|
|
|
|
if string(result) != testData {
|
|
t.Errorf("parseKey() = %s, want %s", string(result), testData)
|
|
}
|
|
|
|
// Test error cases
|
|
_, err = skm.parseKey("")
|
|
if err == nil {
|
|
t.Error("parseKey() should fail with empty input")
|
|
}
|
|
|
|
_, err = skm.parseKey("invalid-base64!")
|
|
if err == nil {
|
|
t.Error("parseKey() should fail with invalid base64")
|
|
}
|
|
}
|
|
|
|
func TestLoadKeysFromConfig(t *testing.T) {
|
|
skm := &SimpleKeyMgr{
|
|
keysets: make(map[string]*model.Keyset),
|
|
}
|
|
ctx := context.Background()
|
|
|
|
// Test with valid config
|
|
cfg := &Config{
|
|
NetworkParticipant: "test-np",
|
|
KeyID: "test-key",
|
|
SigningPrivateKey: base64.StdEncoding.EncodeToString([]byte("signing-private")),
|
|
SigningPublicKey: base64.StdEncoding.EncodeToString([]byte("signing-public")),
|
|
EncrPrivateKey: base64.StdEncoding.EncodeToString([]byte("encr-private")),
|
|
EncrPublicKey: base64.StdEncoding.EncodeToString([]byte("encr-public")),
|
|
}
|
|
|
|
err := skm.loadKeysFromConfig(ctx, cfg)
|
|
if err != nil {
|
|
t.Errorf("loadKeysFromConfig() error = %v", err)
|
|
return
|
|
}
|
|
|
|
// Verify keyset was loaded
|
|
_, exists := skm.keysets["test-np"]
|
|
if !exists {
|
|
t.Error("loadKeysFromConfig() did not load keyset")
|
|
}
|
|
|
|
// Test with empty config (should not error)
|
|
skm2 := &SimpleKeyMgr{
|
|
keysets: make(map[string]*model.Keyset),
|
|
}
|
|
err = skm2.loadKeysFromConfig(ctx, &Config{})
|
|
if err != nil {
|
|
t.Errorf("loadKeysFromConfig() with empty config error = %v", err)
|
|
}
|
|
}
|