tests: gen jwt token for auth test (#1585)

LucioFranco · web-flow · commit 3e219998cef6 · 2024-07-22T15:07:47.000Z
diff --git a/libsql-server/src/auth/user_auth_strategies/jwt.rs b/libsql-server/src/auth/user_auth_strategies/jwt.rs
@@ -45,8 +45,8 @@ impl Jwt {
     }
 }
 
-#[derive(serde::Deserialize, serde::Serialize, Debug)]
-pub(crate) struct Token {
+#[derive(serde::Deserialize, serde::Serialize, Debug, Default)]
+pub struct Token {
     #[serde(default)]
     id: Option<NamespaceName>,
     #[serde(default)]
diff --git a/libsql-server/tests/auth/jwt_key.pem b/libsql-server/tests/auth/jwt_key.pem
diff --git a/libsql-server/tests/auth/mod.rs b/libsql-server/tests/auth/mod.rs
@@ -2,11 +2,16 @@
 #![allow(deprecated)]
 
 use futures::SinkExt as _;
+use jsonwebtoken::{DecodingKey, EncodingKey};
 use libsql::Database;
 use libsql_server::{
-    auth::{user_auth_strategies, Auth},
+    auth::{
+        user_auth_strategies::{self, jwt::Token},
+        Auth,
+    },
     config::UserApiConfig,
 };
+use ring::signature::{Ed25519KeyPair, KeyPair};
 use tempfile::tempdir;
 use tokio_stream::StreamExt;
 use tokio_tungstenite::{
@@ -17,19 +22,14 @@ use turmoil::net::TcpStream;
 
 use crate::common::net::{init_tracing, SimServer, TestServer, TurmoilConnector};
 
-const TEST_JWT_KEY: &str = "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJleHAiOjE3MjE2NTIwNTB9.5XhUDHQhtShszTssjjUzVuJA3r-031mT4inVkvYEYz64sOCxnNpZUZdVF-CmZ4t-JTSXFlm8ddscBgkhccBxDg";
-
-async fn make_standalone_server() -> Result<(), Box<dyn std::error::Error>> {
-    let jwt_pem = include_bytes!("jwt_key.pem");
-    let jwt_keys = vec![jsonwebtoken::DecodingKey::from_ed_pem(jwt_pem).unwrap()];
-
+async fn make_standalone_server(auth_strategy: Auth) -> Result<(), Box<dyn std::error::Error>> {
     init_tracing();
     let tmp = tempdir()?;
     let server = TestServer {
         path: tmp.path().to_owned().into(),
         user_api_config: UserApiConfig {
             hrana_ws_acceptor: None,
-            auth_strategy: Auth::new(user_auth_strategies::Jwt::new(jwt_keys)),
+            auth_strategy,
             ..Default::default()
         },
         ..Default::default()
@@ -40,16 +40,34 @@ async fn make_standalone_server() -> Result<(), Box<dyn std::error::Error>> {
     Ok(())
 }
 
+fn gen_test_jwt_auth() -> (Auth, String) {
+    let doc = Ed25519KeyPair::generate_pkcs8(&ring::rand::SystemRandom::new()).unwrap();
+    let encoding_key = EncodingKey::from_ed_der(doc.as_ref());
+
+    let pair = Ed25519KeyPair::from_pkcs8(doc.as_ref()).unwrap();
+    let decoding_key = DecodingKey::from_ed_der(pair.public_key().as_ref());
+
+    let claims = Token::default();
+
+    let header = jsonwebtoken::Header::new(jsonwebtoken::Algorithm::EdDSA);
+    let token = jsonwebtoken::encode(&header, &claims, &encoding_key).unwrap();
+
+    let jwt_keys = vec![decoding_key];
+
+    let auth = Auth::new(user_auth_strategies::Jwt::new(jwt_keys));
+
+    (auth, token)
+}
+
 #[test]
 fn http_hrana() {
+    let (auth, token) = gen_test_jwt_auth();
+
     let mut sim = turmoil::Builder::new().build();
-    sim.host("primary", make_standalone_server);
+    sim.host("primary", move || make_standalone_server(auth.clone()));
     sim.client("client", async {
-        let db = Database::open_remote_with_connector(
-            "http://primary:8080",
-            TEST_JWT_KEY,
-            TurmoilConnector,
-        )?;
+        let db =
+            Database::open_remote_with_connector("http://primary:8080", token, TurmoilConnector)?;
         let conn = db.connect()?;
 
         conn.execute("create table t(x text)", ()).await?;
@@ -65,15 +83,18 @@ fn embedded_replica() {
     let tmp_embedded = tempdir().unwrap();
     let tmp_embedded_path = tmp_embedded.path().to_owned();
 
+    let (auth, token) = gen_test_jwt_auth();
+
     let mut sim = turmoil::Builder::new().build();
-    sim.host("primary", make_standalone_server);
+    sim.host("primary", move || make_standalone_server(auth.clone()));
+
     sim.client("client", async move {
         let path = tmp_embedded_path.join("embedded");
 
         let db = Database::open_with_remote_sync_connector(
             path.to_str().unwrap(),
             "http://primary:8080",
-            TEST_JWT_KEY,
+            token,
             TurmoilConnector,
             false,
             None,
@@ -92,9 +113,12 @@ fn embedded_replica() {
 
 #[test]
 fn ws_hrana() {
+    let (auth, token) = gen_test_jwt_auth();
+
     let mut sim = turmoil::Builder::new().build();
-    sim.host("primary", make_standalone_server);
-    sim.client("client", async {
+    sim.host("primary", move || make_standalone_server(auth.clone()));
+
+    sim.client("client", async move {
         let url = "ws://primary:8080";
 
         let req = url.into_client_request().unwrap();
@@ -116,7 +140,7 @@ fn ws_hrana() {
         }
 
         let msg = ClientMsg::Hello {
-            jwt: Some(TEST_JWT_KEY.to_string()),
+            jwt: Some(token.to_string()),
         };
 
         let msg_data = serde_json::to_string(&msg).unwrap();

Original file line number	Diff line number	Diff line change
`@@ -45,8 +45,8 @@ impl Jwt {`
`45`	`45`	`}`
`46`	`46`	`}`
`47`	`47`
`48`		`-#[derive(serde::Deserialize, serde::Serialize, Debug)]`
`49`		`-pub(crate) struct Token {`
	`48`	`+#[derive(serde::Deserialize, serde::Serialize, Debug, Default)]`
	`49`	`+pub struct Token {`
`50`	`50`	`#[serde(default)]`
`51`	`51`	`id: Option<NamespaceName>,`
`52`	`52`	`#[serde(default)]`