-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Expand file tree
/
Copy pathclient_side_encryption.prose.18.azure_kms_mock_server.test.ts
More file actions
122 lines (104 loc) · 4.77 KB
/
client_side_encryption.prose.18.azure_kms_mock_server.test.ts
File metadata and controls
122 lines (104 loc) · 4.77 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
import { expect } from 'chai';
import {
type AzureKMSRequestOptions,
type Document,
fetchAzureKMSToken,
MongoCryptAzureKMSRequestError
} from '../../mongodb';
const BASE_URL = new URL(`http://127.0.0.1:8080/metadata/identity/oauth2/token`);
class KMSRequestOptions implements AzureKMSRequestOptions {
url: URL = BASE_URL;
headers: Document;
constructor(testCase?: 'empty-json' | 'bad-json' | '404' | '500' | 'slow') {
this.headers =
testCase != null
? {
'X-MongoDB-HTTP-TestParams': `case=${testCase}`
}
: {};
}
}
const metadata: MongoDBMetadataUI = {
requires: {
clientSideEncryption: true,
idmsMockServer: true
}
};
context('Azure KMS Mock Server Tests', function () {
context('Case 1: Success', metadata, function () {
// Do not set an ``X-MongoDB-HTTP-TestParams`` header.
// Upon receiving a response from ``fake_azure``, the driver must decode the
// following information:
// 1. HTTP status will be ``200 Okay``.
// 2. The HTTP body will be a valid JSON string.
// 3. The access token will be the string ``"magic-cookie"``.
// 4. The expiry duration of the token will be seventy seconds.
// 5. The token will have a resource of ``"https://vault.azure.net"``
it('returns a properly formatted access token', async () => {
const credentials = await fetchAzureKMSToken(new KMSRequestOptions());
expect(credentials).to.have.property('accessToken', 'magic-cookie');
});
});
context('Case 2: Empty JSON', metadata, function () {
// This case addresses a server returning valid JSON with invalid content.
// Set ``X-MongoDB-HTTP-TestParams`` to ``case=empty-json``.
// Upon receiving a response:
// 1. HTTP status will be ``200 Okay``
// 2. The HTTP body will be a valid JSON string.
// 3. There will be no access token, expiry duration, or resource.
// The test case should ensure that this error condition is handled gracefully.
it('returns an error', async () => {
const error = await fetchAzureKMSToken(new KMSRequestOptions('empty-json')).catch(e => e);
expect(error).to.be.instanceof(MongoCryptAzureKMSRequestError);
});
});
context('Case 3: Bad JSON', metadata, function () {
// This case addresses a server returning malformed JSON.
// Set ``X-MongoDB-HTTP-TestParams`` to ``case=bad-json``.
// Upon receiving a response:
// 1. HTTP status will be ``200 Okay``
// 2. The response body will contain a malformed JSON string.
// The test case should ensure that this error condition is handled gracefully.
it('returns an error', async () => {
const error = await fetchAzureKMSToken(new KMSRequestOptions('bad-json')).catch(e => e);
expect(error).to.be.instanceof(MongoCryptAzureKMSRequestError);
});
});
context('Case 4: HTTP 404', metadata, function () {
// This case addresses a server returning a "Not Found" response. This is
// documented to occur spuriously within an Azure environment.
// Set ``X-MongoDB-HTTP-TestParams`` to ``case=404``.
// Upon receiving a response:
// 1. HTTP status will be ``404 Not Found``.
// 2. The response body is unspecified.
// The test case should ensure that this error condition is handled gracefully.
it('returns an error', async () => {
const error = await fetchAzureKMSToken(new KMSRequestOptions('404')).catch(e => e);
expect(error).to.be.instanceof(MongoCryptAzureKMSRequestError);
});
});
context('Case 5: HTTP 500', metadata, function () {
// This case addresses an IMDS server reporting an internal error. This is
// documented to occur spuriously within an Azure environment.
// Set ``X-MongoDB-HTTP-TestParams`` to ``case=500``.
// Upon receiving a response:
// 1. HTTP status code will be ``500``.
// 2. The response body is unspecified.
// The test case should ensure that this error condition is handled gracefully.
it('returns an error', async () => {
const error = await fetchAzureKMSToken(new KMSRequestOptions('500')).catch(e => e);
expect(error).to.be.instanceof(MongoCryptAzureKMSRequestError);
});
});
context('Case 6: Slow Response', metadata, function () {
// This case addresses an IMDS server responding very slowly. Drivers should not
// halt the application waiting on a peer to communicate.
// Set ``X-MongoDB-HTTP-TestParams`` to ``case=slow``.
// The HTTP response from the ``fake_azure`` server will take at least 1000 seconds
// to complete. The request should fail with a timeout.
it('returns an error after the request times out', async () => {
const error = await fetchAzureKMSToken(new KMSRequestOptions('slow')).catch(e => e);
expect(error).to.be.instanceof(MongoCryptAzureKMSRequestError);
});
});
});