mirror of
https://github.com/google/nomulus.git
synced 2025-08-05 17:28:25 +02:00
Decouple SessionMetadata and TransportCredentials
TransportCredentials are per-request, not per-session, and there's no reason to carry them within SessionMetadata. While I'm in here, get rid of "null" credentials. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=125202213
This commit is contained in:
cgoldfeder
Ben McIlwain
parent
fe1cd06da8
commit
3ae646d687
26 changed files with 134 additions and 120 deletions
|
|
@ -22,9 +22,9 @@ import google.registry.flows.EppException.UnimplementedExtensionException;
|
|||
import google.registry.flows.EppException.UnimplementedObjectServiceException;
|
||||
import google.registry.flows.EppException.UnimplementedProtocolVersionException;
|
||||
import google.registry.flows.FlowTestCase;
|
||||
import google.registry.flows.TransportCredentials.BadRegistrarPasswordException;
|
||||
import google.registry.flows.session.LoginFlow.AlreadyLoggedInException;
|
||||
import google.registry.flows.session.LoginFlow.BadRegistrarClientIdException;
|
||||
import google.registry.flows.session.LoginFlow.BadRegistrarPasswordException;
|
||||
import google.registry.flows.session.LoginFlow.PasswordChangesNotSupportedException;
|
||||
import google.registry.flows.session.LoginFlow.RegistrarAccountNotActiveException;
|
||||
import google.registry.flows.session.LoginFlow.TooManyFailedLoginsException;
|
||||
|
|
|
|||
|
|
@ -15,9 +15,9 @@
|
|||
package google.registry.flows.session;
|
||||
|
||||
|
||||
import static com.google.appengine.api.users.UserServiceFactory.getUserService;
|
||||
import static google.registry.testing.DatastoreHelper.persistResource;
|
||||
|
||||
import com.google.appengine.api.users.UserServiceFactory;
|
||||
import com.google.apphosting.api.ApiProxy;
|
||||
import com.google.apphosting.api.ApiProxy.Environment;
|
||||
import com.google.common.collect.ImmutableSet;
|
||||
|
|
@ -150,15 +150,13 @@ public class LoginFlowViaConsoleTest extends LoginFlowTestCase {
|
|||
return envAttr;
|
||||
}
|
||||
});
|
||||
sessionMetadata.setTransportCredentials(new GaeUserCredentials(
|
||||
UserServiceFactory.getUserService().getCurrentUser()));
|
||||
credentials = new GaeUserCredentials(getUserService().getCurrentUser());
|
||||
return oldEnv;
|
||||
}
|
||||
|
||||
void noLogin() {
|
||||
oldEnv = ApiProxy.getCurrentEnvironment();
|
||||
sessionMetadata.setTransportCredentials(new GaeUserCredentials(
|
||||
UserServiceFactory.getUserService().getCurrentUser()));
|
||||
credentials = new GaeUserCredentials(getUserService().getCurrentUser());
|
||||
}
|
||||
|
||||
void persistLinkedAccount(String email, String gaeUserId) {
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
@Test
|
||||
public void testSuccess_withGoodCredentials() throws Exception {
|
||||
persistResource(getRegistrarBuilder().build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(GOOD_CERT, GOOD_IP, "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, GOOD_IP, "goo.example");
|
||||
doSuccessfulTest("login_valid.xml");
|
||||
}
|
||||
|
||||
|
|
@ -63,8 +63,7 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
.setIpAddressWhitelist(ImmutableList.of(
|
||||
CidrAddressBlock.create("2001:db8:0:0:0:0:1:1/32")))
|
||||
.build());
|
||||
sessionMetadata.setTransportCredentials(
|
||||
new TlsCredentials(GOOD_CERT, GOOD_IPV6, "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, GOOD_IPV6, "goo.example");
|
||||
doSuccessfulTest("login_valid.xml");
|
||||
}
|
||||
|
||||
|
|
@ -75,8 +74,7 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
.setIpAddressWhitelist(ImmutableList.of(
|
||||
CidrAddressBlock.create("2001:db8:0:0:0:0:1:1/32")))
|
||||
.build());
|
||||
sessionMetadata.setTransportCredentials(
|
||||
new TlsCredentials(GOOD_CERT, GOOD_IPV6, "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, GOOD_IPV6, "goo.example");
|
||||
doSuccessfulTest("login_valid.xml");
|
||||
}
|
||||
|
||||
|
|
@ -87,28 +85,28 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
.setIpAddressWhitelist(ImmutableList.of(
|
||||
CidrAddressBlock.create("192.168.1.255/24")))
|
||||
.build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(GOOD_CERT, GOOD_IP, "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, GOOD_IP, "goo.example");
|
||||
doSuccessfulTest("login_valid.xml");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_incorrectClientCertificateHash() throws Exception {
|
||||
persistResource(getRegistrarBuilder().build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(BAD_CERT, GOOD_IP, "goo.example"));
|
||||
credentials = new TlsCredentials(BAD_CERT, GOOD_IP, "goo.example");
|
||||
doFailingTest("login_valid.xml", BadRegistrarCertificateException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_missingClientCertificateHash() throws Exception {
|
||||
persistResource(getRegistrarBuilder().build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(null, GOOD_IP, "goo.example"));
|
||||
credentials = new TlsCredentials(null, GOOD_IP, "goo.example");
|
||||
doFailingTest("login_valid.xml", MissingRegistrarCertificateException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testFailure_noSniAndCertRequired() throws Exception {
|
||||
persistResource(getRegistrarBuilder().build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(null, GOOD_IP, null));
|
||||
credentials = new TlsCredentials(null, GOOD_IP, null);
|
||||
doFailingTest("login_valid.xml", NoSniException.class);
|
||||
}
|
||||
|
||||
|
|
@ -120,8 +118,7 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
CidrAddressBlock.create(InetAddresses.forString("192.168.1.1"), 32),
|
||||
CidrAddressBlock.create(InetAddresses.forString("2001:db8::1"), 128)))
|
||||
.build());
|
||||
sessionMetadata.setTransportCredentials(
|
||||
new TlsCredentials(GOOD_CERT, Optional.<String>absent(), "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, Optional.<String>absent(), "goo.example");
|
||||
doFailingTest("login_valid.xml", BadRegistrarIpAddressException.class);
|
||||
}
|
||||
|
||||
|
|
@ -133,7 +130,7 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
CidrAddressBlock.create(InetAddresses.forString("192.168.1.1"), 32),
|
||||
CidrAddressBlock.create(InetAddresses.forString("2001:db8::1"), 128)))
|
||||
.build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(GOOD_CERT, BAD_IP, "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, BAD_IP, "goo.example");
|
||||
doFailingTest("login_valid.xml", BadRegistrarIpAddressException.class);
|
||||
}
|
||||
|
||||
|
|
@ -145,7 +142,7 @@ public class LoginFlowViaTlsTest extends LoginFlowTestCase {
|
|||
CidrAddressBlock.create(InetAddresses.forString("192.168.1.1"), 32),
|
||||
CidrAddressBlock.create(InetAddresses.forString("2001:db8::1"), 128)))
|
||||
.build());
|
||||
sessionMetadata.setTransportCredentials(new TlsCredentials(GOOD_CERT, BAD_IPV6, "goo.example"));
|
||||
credentials = new TlsCredentials(GOOD_CERT, BAD_IPV6, "goo.example");
|
||||
doFailingTest("login_valid.xml", BadRegistrarIpAddressException.class);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue