55 lines
1.8 KiB
Go
55 lines
1.8 KiB
Go
package peerstream
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/hashicorp/consul/proto/pbpeering"
|
|
"github.com/hashicorp/consul/proto/pbpeerstream"
|
|
"github.com/hashicorp/consul/sdk/testutil"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestServer_ExchangeSecret(t *testing.T) {
|
|
srv, store := newTestServer(t, nil)
|
|
_ = writePeeringToBeDialed(t, store, 1, "my-peer")
|
|
|
|
testutil.RunStep(t, "unknown establishment secret is rejected", func(t *testing.T) {
|
|
resp, err := srv.ExchangeSecret(context.Background(), &pbpeerstream.ExchangeSecretRequest{
|
|
PeerID: testPeerID,
|
|
EstablishmentSecret: "bad",
|
|
})
|
|
testutil.RequireErrorContains(t, err, `rpc error: code = PermissionDenied desc = invalid peering establishment secret`)
|
|
require.Nil(t, resp)
|
|
})
|
|
|
|
var secret string
|
|
testutil.RunStep(t, "known establishment secret is accepted", func(t *testing.T) {
|
|
require.NoError(t, store.PeeringSecretsWrite(1, &pbpeering.PeeringSecrets{
|
|
PeerID: testPeerID,
|
|
Establishment: &pbpeering.PeeringSecrets_Establishment{SecretID: testEstablishmentSecretID},
|
|
Stream: &pbpeering.PeeringSecrets_Stream{
|
|
ActiveSecretID: testActiveStreamSecretID,
|
|
},
|
|
}))
|
|
resp, err := srv.ExchangeSecret(context.Background(), &pbpeerstream.ExchangeSecretRequest{
|
|
PeerID: testPeerID,
|
|
EstablishmentSecret: testEstablishmentSecretID,
|
|
})
|
|
require.NoError(t, err)
|
|
require.NotEmpty(t, resp.StreamSecret)
|
|
|
|
secret = resp.StreamSecret
|
|
})
|
|
|
|
testutil.RunStep(t, "pending secret is persisted to server", func(t *testing.T) {
|
|
s, err := store.PeeringSecretsRead(nil, testPeerID)
|
|
require.NoError(t, err)
|
|
|
|
require.Equal(t, secret, s.GetStream().GetPendingSecretID())
|
|
|
|
// Active stream secret persists until pending secret is promoted during peering establishment.
|
|
require.Equal(t, testActiveStreamSecretID, s.GetStream().GetActiveSecretID())
|
|
})
|
|
}
|