diff --git a/middleware/auth.go b/middleware/auth.go index ca67402..7d1dd3f 100644 --- a/middleware/auth.go +++ b/middleware/auth.go @@ -199,6 +199,7 @@ func QiniuCallbackAuth() gin.HandlerFunc { c.Abort() return } + if !ok { c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: "回调签名无效"}) c.Abort() @@ -283,21 +284,6 @@ func OneDriveCallbackAuth() gin.HandlerFunc { } } -// S3CallbackAuth Amazon S3回调签名验证 -func S3CallbackAuth() gin.HandlerFunc { - return func(c *gin.Context) { - //// 验证key并查找用户 - //resp, _ := uploadCallbackCheck(c) - //if resp.Code != 0 { - // c.JSON(401, serializer.GeneralUploadCallbackFailed{Error: resp.Msg}) - // c.Abort() - // return - //} - - c.Next() - } -} - // IsAdmin 必须为管理员用户组 func IsAdmin() gin.HandlerFunc { return func(c *gin.Context) { diff --git a/middleware/auth_test.go b/middleware/auth_test.go index ab206a0..9e8650f 100644 --- a/middleware/auth_test.go +++ b/middleware/auth_test.go @@ -3,21 +3,24 @@ package middleware import ( "database/sql" "errors" + "github.com/cloudreve/Cloudreve/v3/pkg/cache" + "github.com/cloudreve/Cloudreve/v3/pkg/filesystem" + "github.com/cloudreve/Cloudreve/v3/pkg/mq" + "github.com/cloudreve/Cloudreve/v3/pkg/serializer" + "github.com/qiniu/go-sdk/v7/auth/qbox" "io/ioutil" "net/http" "net/http/httptest" "strings" "testing" + "time" "github.com/DATA-DOG/go-sqlmock" model "github.com/cloudreve/Cloudreve/v3/models" "github.com/cloudreve/Cloudreve/v3/pkg/auth" - "github.com/cloudreve/Cloudreve/v3/pkg/cache" - "github.com/cloudreve/Cloudreve/v3/pkg/serializer" "github.com/cloudreve/Cloudreve/v3/pkg/util" "github.com/gin-gonic/gin" "github.com/jinzhu/gorm" - "github.com/qiniu/go-sdk/v7/auth/qbox" "github.com/stretchr/testify/assert" ) @@ -223,19 +226,31 @@ func TestWebDAVAuth(t *testing.T) { } -func TestRemoteCallbackAuth(t *testing.T) { +func TestUseUploadSession(t *testing.T) { asserts := assert.New(t) rec := httptest.NewRecorder() - AuthFunc := RemoteCallbackAuth() + AuthFunc := UseUploadSession("local") + + // sessionID 为空 + { + + c, _ := gin.CreateTestContext(rec) + c.Params = []gin.Param{} + c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/sessionID", nil) + authInstance := auth.HMACAuth{SecretKey: []byte("123")} + auth.SignRequest(authInstance, c.Request, 0) + AuthFunc(c) + asserts.True(c.IsAborted()) + } // 成功 { cache.Set( - "callback_testCallBackRemote", + filesystem.UploadSessionCachePrefix+"testCallBackRemote", serializer.UploadSession{ UID: 1, - PolicyID: 513, VirtualPath: "/", + Policy: model.Policy{Type: "local"}, }, 0, ) @@ -248,7 +263,7 @@ func TestRemoteCallbackAuth(t *testing.T) { WillReturnRows(sqlmock.NewRows([]string{"id", "secret_key"}).AddRow(2, "123")) c, _ := gin.CreateTestContext(rec) c.Params = []gin.Param{ - {"key", "testCallBackRemote"}, + {"sessionID", "testCallBackRemote"}, } c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/testCallBackRemote", nil) authInstance := auth.HMACAuth{SecretKey: []byte("123")} @@ -257,79 +272,95 @@ func TestRemoteCallbackAuth(t *testing.T) { asserts.NoError(mock.ExpectationsWereMet()) asserts.False(c.IsAborted()) } +} - // Callback Key 不存在 - { +func TestUploadCallbackCheck(t *testing.T) { + a := assert.New(t) + rec := httptest.NewRecorder() + // 上传会话不存在 + { c, _ := gin.CreateTestContext(rec) c.Params = []gin.Param{ - {"key", "testCallBackRemote"}, + {"sessionID", "testSessionNotExist"}, } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/testCallBackRemote", nil) - authInstance := auth.HMACAuth{SecretKey: []byte("123")} - auth.SignRequest(authInstance, c.Request, 0) - AuthFunc(c) - asserts.True(c.IsAborted()) + res := uploadCallbackCheck(c, "local") + a.Contains("上传会话不存在或已过期", res.Msg) } - // 用户不存在 + // 上传策略不一致 { + c, _ := gin.CreateTestContext(rec) + c.Params = []gin.Param{ + {"sessionID", "testPolicyNotMatch"}, + } cache.Set( - "callback_testCallBackRemote", + filesystem.UploadSessionCachePrefix+"testPolicyNotMatch", serializer.UploadSession{ UID: 1, - PolicyID: 550, VirtualPath: "/", + Policy: model.Policy{Type: "remote"}, }, 0, ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"})) - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackRemote"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/testCallBackRemote", nil) - authInstance := auth.HMACAuth{SecretKey: []byte("123")} - auth.SignRequest(authInstance, c.Request, 0) - AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) - asserts.True(c.IsAborted()) + res := uploadCallbackCheck(c, "local") + a.Contains("Policy not supported", res.Msg) } - // 签名错误 + // 用户不存在 { + c, _ := gin.CreateTestContext(rec) + c.Params = []gin.Param{ + {"sessionID", "testUserNotExist"}, + } cache.Set( - "callback_testCallBackRemote", + filesystem.UploadSessionCachePrefix+"testUserNotExist", serializer.UploadSession{ - UID: 1, - PolicyID: 514, + UID: 313, VirtualPath: "/", + Policy: model.Policy{Type: "remote"}, }, 0, ) - cache.Deletes([]string{"1"}, "policy_") mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[514]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "secret_key"}).AddRow(2, "123")) + WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"})) + res := uploadCallbackCheck(c, "remote") + a.Contains("找不到用户", res.Msg) + a.NoError(mock.ExpectationsWereMet()) + _, ok := cache.Get(filesystem.UploadSessionCachePrefix + "testUserNotExist") + a.False(ok) + } +} + +func TestRemoteCallbackAuth(t *testing.T) { + asserts := assert.New(t) + rec := httptest.NewRecorder() + AuthFunc := RemoteCallbackAuth() + + // 成功 + { c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackRemote"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{SecretKey: "123"}, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/testCallBackRemote", nil) + authInstance := auth.HMACAuth{SecretKey: []byte("123")} + auth.SignRequest(authInstance, c.Request, 0) AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) - asserts.True(c.IsAborted()) + asserts.False(c.IsAborted()) } - // Callback Key 为空 + // 签名错误 { c, _ := gin.CreateTestContext(rec) - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote", nil) + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{SecretKey: "123"}, + }) + c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/testCallBackRemote", nil) AuthFunc(c) asserts.True(c.IsAborted()) } @@ -340,39 +371,17 @@ func TestQiniuCallbackAuth(t *testing.T) { rec := httptest.NewRecorder() AuthFunc := QiniuCallbackAuth() - // Callback Key 相关验证失败 - { - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testQiniuBackRemote"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/remote/testQiniuBackRemote", nil) - AuthFunc(c) - asserts.True(c.IsAborted()) - } - // 成功 { - cache.Set( - "callback_testCallBackQiniu", - serializer.UploadSession{ - UID: 1, - PolicyID: 515, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[515]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackQiniu"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/qiniu/testCallBackQiniu", nil) mac := qbox.NewMac("123", "123") token, err := mac.SignRequest(c.Request) @@ -385,33 +394,21 @@ func TestQiniuCallbackAuth(t *testing.T) { // 验证失败 { - cache.Set( - "callback_testCallBackQiniu", - serializer.UploadSession{ - UID: 1, - PolicyID: 516, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[516]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackQiniu"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/qiniu/testCallBackQiniu", nil) - mac := qbox.NewMac("123", "123") + mac := qbox.NewMac("123", "1213") token, err := mac.SignRequest(c.Request) asserts.NoError(err) - c.Request.Header["Authorization"] = []string{"QBox " + token + " "} + c.Request.Header["Authorization"] = []string{"QBox " + token} AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.True(c.IsAborted()) } } @@ -421,76 +418,41 @@ func TestOSSCallbackAuth(t *testing.T) { rec := httptest.NewRecorder() AuthFunc := OSSCallbackAuth() - // Callback Key 相关验证失败 - { - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testOSSBackRemote"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/oss/testQiniuBackRemote", nil) - AuthFunc(c) - asserts.True(c.IsAborted()) - } - // 签名验证失败 { - cache.Set( - "callback_testCallBackOSS", - serializer.UploadSession{ - UID: 1, - PolicyID: 517, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[517]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackOSS"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/oss/testCallBackOSS", nil) mac := qbox.NewMac("123", "123") token, err := mac.SignRequest(c.Request) asserts.NoError(err) c.Request.Header["Authorization"] = []string{"QBox " + token} AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.True(c.IsAborted()) } // 成功 { - cache.Set( - "callback_TnXx5E5VyfJUyM1UdkdDu1rtnJ34EbmH", - serializer.UploadSession{ - UID: 1, - PolicyID: 518, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[518]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "TnXx5E5VyfJUyM1UdkdDu1rtnJ34EbmH"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/oss/TnXx5E5VyfJUyM1UdkdDu1rtnJ34EbmH", ioutil.NopCloser(strings.NewReader(`{"name":"2f7b2ccf30e9270ea920f1ab8a4037a546a2f0d5.jpg","source_name":"1/1_hFRtDLgM_2f7b2ccf30e9270ea920f1ab8a4037a546a2f0d5.jpg","size":114020,"pic_info":"810,539"}`))) c.Request.Header["Authorization"] = []string{"e5LwzwTkP9AFAItT4YzvdJOHd0Y0wqTMWhsV/h5SG90JYGAmMd+8LQyj96R+9qUfJWjMt6suuUh7LaOryR87Dw=="} c.Request.Header["X-Oss-Pub-Key-Url"] = []string{"aHR0cHM6Ly9nb3NzcHVibGljLmFsaWNkbi5jb20vY2FsbGJhY2tfcHViX2tleV92MS5wZW0="} AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.False(c.IsAborted()) } @@ -507,130 +469,71 @@ func TestUpyunCallbackAuth(t *testing.T) { rec := httptest.NewRecorder() AuthFunc := UpyunCallbackAuth() - // Callback Key 相关验证失败 - { - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testUpyunBackRemote"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testUpyunBackRemote", nil) - AuthFunc(c) - asserts.True(c.IsAborted()) - } - // 无法获取请求正文 { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 509, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[519]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(fakeRead(""))) AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.True(c.IsAborted()) } // 正文MD5不一致 { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 510, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[520]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) c.Request.Header["Content-Md5"] = []string{"123"} AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.True(c.IsAborted()) } // 签名不一致 { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 511, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[521]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) c.Request.Header["Content-Md5"] = []string{"c4ca4238a0b923820dcc509a6f75849b"} AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.True(c.IsAborted()) } // 成功 { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 512, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[522]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", + }, + }) c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) c.Request.Header["Content-Md5"] = []string{"c4ca4238a0b923820dcc509a6f75849b"} c.Request.Header["Authorization"] = []string{"UPYUN 123:GWueK9x493BKFFk5gmfdO2Mn6EM="} AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) asserts.False(c.IsAborted()) } } @@ -640,87 +543,28 @@ func TestOneDriveCallbackAuth(t *testing.T) { rec := httptest.NewRecorder() AuthFunc := OneDriveCallbackAuth() - // Callback Key 相关验证失败 - { - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testUpyunBackRemote"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testUpyunBackRemote", nil) - AuthFunc(c) - asserts.True(c.IsAborted()) - } - // 成功 - { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 512, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[657]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) - AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) - asserts.False(c.IsAborted()) - } -} - -func TestCOSCallbackAuth(t *testing.T) { - asserts := assert.New(t) - rec := httptest.NewRecorder() - AuthFunc := COSCallbackAuth() - - // Callback Key 相关验证失败 { c, _ := gin.CreateTestContext(rec) c.Params = []gin.Param{ - {"key", "testUpyunBackRemote"}, + {"sessionID", "TestOneDriveCallbackAuth"}, } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testUpyunBackRemote", nil) - AuthFunc(c) - asserts.True(c.IsAborted()) - } - - // 成功 - { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 512, - VirtualPath: "/", + c.Set(filesystem.UploadSessionCtx, &serializer.UploadSession{ + UID: 1, + VirtualPath: "/", + Policy: model.Policy{ + SecretKey: "123", + AccessKey: "123", }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[702]")) - mock.ExpectQuery("SELECT(.+)policies(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "access_key", "secret_key"}).AddRow(2, "123", "123")) - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) + }) + c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/TestOneDriveCallbackAuth", ioutil.NopCloser(strings.NewReader("1"))) + res := mq.GlobalMQ.Subscribe("TestOneDriveCallbackAuth", 1) AuthFunc(c) - asserts.NoError(mock.ExpectationsWereMet()) + select { + case <-res: + case <-time.After(time.Millisecond * 500): + asserts.Fail("mq message should be published") + } asserts.False(c.IsAborted()) } } @@ -759,46 +603,3 @@ func TestIsAdmin(t *testing.T) { asserts.False(c.IsAborted()) } } - -func TestS3CallbackAuth(t *testing.T) { - asserts := assert.New(t) - rec := httptest.NewRecorder() - AuthFunc := S3CallbackAuth() - - // Callback Key 相关验证失败 - { - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testUpyunBackRemote"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testUpyunBackRemote", nil) - AuthFunc(c) - asserts.True(c.IsAborted()) - } - - // 成功 - { - cache.Set( - "callback_testCallBackUpyun", - serializer.UploadSession{ - UID: 1, - PolicyID: 512, - VirtualPath: "/", - }, - 0, - ) - cache.Deletes([]string{"1"}, "policy_") - mock.ExpectQuery("SELECT(.+)users(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "group_id"}).AddRow(1, 1)) - mock.ExpectQuery("SELECT(.+)groups(.+)"). - WillReturnRows(sqlmock.NewRows([]string{"id", "policies"}).AddRow(1, "[702]")) - c, _ := gin.CreateTestContext(rec) - c.Params = []gin.Param{ - {"key", "testCallBackUpyun"}, - } - c.Request, _ = http.NewRequest("POST", "/api/v3/callback/upyun/testCallBackUpyun", ioutil.NopCloser(strings.NewReader("1"))) - AuthFunc(c) - asserts.False(c.IsAborted()) - asserts.NoError(mock.ExpectationsWereMet()) - } -}