mirrors/lnd
1
0
Fork 0
mirror of https://github.com/lightningnetwork/lnd.git synced 2025-03-04 09:48:19 +01:00
Code Issues Projects Releases Wiki Activity

itest: refactor testMacaroonAuthentication

Browse source
This commit is contained in:
yyforyongyu 2022-08-09 14:30:44 +08:00
parent 84278d6a49
commit 9794dbd7b2
No known key found for this signature in database
GPG key ID: 9BCD95C4FF296868
3 changed files with 26 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lntest/itest/list_on_test.go
View file

@ -345,4 +345,8 @@ var allTestCasesTemp = []*lntemp.TestCase{
Name: "rpc middleware interceptor", Name: "rpc middleware interceptor",
TestFunc: testRPCMiddlewareInterceptor, TestFunc: testRPCMiddlewareInterceptor,
}, },
{
Name: "macaroon authentication",
TestFunc: testMacaroonAuthentication,
},
} }

42
lntest/itest/lnd_macaroons_test.go
View file

@ -12,6 +12,7 @@ import (
"github.com/golang/protobuf/proto" "github.com/golang/protobuf/proto"
"github.com/lightningnetwork/lnd/lnrpc" "github.com/lightningnetwork/lnd/lnrpc"
"github.com/lightningnetwork/lnd/lntemp"
"github.com/lightningnetwork/lnd/lntemp/node" "github.com/lightningnetwork/lnd/lntemp/node"
"github.com/lightningnetwork/lnd/lntest" "github.com/lightningnetwork/lnd/lntest"
"github.com/lightningnetwork/lnd/macaroons" "github.com/lightningnetwork/lnd/macaroons"
@ -24,13 +25,14 @@ import (
// enabled on the gRPC interface, no requests with missing or invalid // enabled on the gRPC interface, no requests with missing or invalid
// macaroons are allowed. Further, the specific access rights (read/write, // macaroons are allowed. Further, the specific access rights (read/write,
// entity based) and first-party caveats are tested as well. // entity based) and first-party caveats are tested as well.
func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) { func testMacaroonAuthentication(ht *lntemp.HarnessTest) {
var ( var (
infoReq = &lnrpc.GetInfoRequest{} infoReq = &lnrpc.GetInfoRequest{}
newAddrReq = &lnrpc.NewAddressRequest{ newAddrReq = &lnrpc.NewAddressRequest{
Type: AddrTypeWitnessPubkeyHash, Type: AddrTypeWitnessPubkeyHash,
} }
testNode = net.Alice testNode = ht.Alice
testClient = testNode.RPC.LN
) )
testCases := []struct { testCases := []struct {
@ -42,7 +44,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
// enabled. // enabled.
name: "no macaroon", name: "no macaroon",
run: func(ctxt context.Context, t *testing.T) { run: func(ctxt context.Context, t *testing.T) {
conn, err := testNode.ConnectRPC(false) conn, err := testNode.ConnectRPCWithMacaroon(nil)
require.NoError(t, err) require.NoError(t, err)
defer func() { _ = conn.Close() }() defer func() { _ = conn.Close() }()
client := lnrpc.NewLightningClient(conn) client := lnrpc.NewLightningClient(conn)
@ -59,7 +61,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
[]byte("dummy_root_key"), []byte("0"), "itest", []byte("dummy_root_key"), []byte("0"), "itest",
macaroon.LatestVersion, macaroon.LatestVersion,
) )
cleanup, client := macaroonClientOld( cleanup, client := macaroonClient(
t, testNode, invalidMac, t, testNode, invalidMac,
) )
defer cleanup() defer cleanup()
@ -73,10 +75,10 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
name: "read only macaroon", name: "read only macaroon",
run: func(ctxt context.Context, t *testing.T) { run: func(ctxt context.Context, t *testing.T) {
readonlyMac, err := testNode.ReadMacaroon( readonlyMac, err := testNode.ReadMacaroon(
testNode.ReadMacPath(), defaultTimeout, testNode.Cfg.ReadMacPath, defaultTimeout,
) )
require.NoError(t, err) require.NoError(t, err)
cleanup, client := macaroonClientOld( cleanup, client := macaroonClient(
t, testNode, readonlyMac, t, testNode, readonlyMac,
) )
defer cleanup() defer cleanup()
@ -90,14 +92,14 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
name: "expired macaroon", name: "expired macaroon",
run: func(ctxt context.Context, t *testing.T) { run: func(ctxt context.Context, t *testing.T) {
readonlyMac, err := testNode.ReadMacaroon( readonlyMac, err := testNode.ReadMacaroon(
testNode.ReadMacPath(), defaultTimeout, testNode.Cfg.ReadMacPath, defaultTimeout,
) )
require.NoError(t, err) require.NoError(t, err)
timeoutMac, err := macaroons.AddConstraints( timeoutMac, err := macaroons.AddConstraints(
readonlyMac, macaroons.TimeoutConstraint(-30), readonlyMac, macaroons.TimeoutConstraint(-30),
) )
require.NoError(t, err) require.NoError(t, err)
cleanup, client := macaroonClientOld( cleanup, client := macaroonClient(
t, testNode, timeoutMac, t, testNode, timeoutMac,
) )
defer cleanup() defer cleanup()
@ -110,7 +112,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
name: "invalid IP macaroon", name: "invalid IP macaroon",
run: func(ctxt context.Context, t *testing.T) { run: func(ctxt context.Context, t *testing.T) {
readonlyMac, err := testNode.ReadMacaroon( readonlyMac, err := testNode.ReadMacaroon(
testNode.ReadMacPath(), defaultTimeout, testNode.Cfg.ReadMacPath, defaultTimeout,
) )
require.NoError(t, err) require.NoError(t, err)
invalidIPAddrMac, err := macaroons.AddConstraints( invalidIPAddrMac, err := macaroons.AddConstraints(
@ -119,7 +121,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
), ),
) )
require.NoError(t, err) require.NoError(t, err)
cleanup, client := macaroonClientOld( cleanup, client := macaroonClient(
t, testNode, invalidIPAddrMac, t, testNode, invalidIPAddrMac,
) )
defer cleanup() defer cleanup()
@ -134,7 +136,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
name: "correct macaroon", name: "correct macaroon",
run: func(ctxt context.Context, t *testing.T) { run: func(ctxt context.Context, t *testing.T) {
adminMac, err := testNode.ReadMacaroon( adminMac, err := testNode.ReadMacaroon(
testNode.AdminMacPath(), defaultTimeout, testNode.Cfg.AdminMacPath, defaultTimeout,
) )
require.NoError(t, err) require.NoError(t, err)
adminMac, err = macaroons.AddConstraints( adminMac, err = macaroons.AddConstraints(
@ -142,7 +144,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
macaroons.IPLockConstraint("127.0.0.1"), macaroons.IPLockConstraint("127.0.0.1"),
) )
require.NoError(t, err) require.NoError(t, err)
cleanup, client := macaroonClientOld(t, testNode, adminMac) cleanup, client := macaroonClient(t, testNode, adminMac)
defer cleanup() defer cleanup()
res, err := client.NewAddress(ctxt, newAddrReq) res, err := client.NewAddress(ctxt, newAddrReq)
require.NoError(t, err, "get new address") require.NoError(t, err, "get new address")
@ -164,7 +166,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
"Permissions", "Permissions",
}}, }},
} }
bakeRes, err := testNode.BakeMacaroon(ctxt, req) bakeRes, err := testClient.BakeMacaroon(ctxt, req)
require.NoError(t, err) require.NoError(t, err)
// Create a connection that uses the custom macaroon. // Create a connection that uses the custom macaroon.
@ -175,7 +177,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
customMac := &macaroon.Macaroon{} customMac := &macaroon.Macaroon{}
err = customMac.UnmarshalBinary(customMacBytes) err = customMac.UnmarshalBinary(customMacBytes)
require.NoError(t, err) require.NoError(t, err)
cleanup, client := macaroonClientOld( cleanup, client := macaroonClient(
t, testNode, customMac, t, testNode, customMac,
) )
defer cleanup() defer cleanup()
@ -219,7 +221,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
}}, }},
AllowExternalPermissions: true, AllowExternalPermissions: true,
} }
bakeResp, err := testNode.BakeMacaroon(ctxt, req) bakeResp, err := testClient.BakeMacaroon(ctxt, req)
require.NoError(t, err) require.NoError(t, err)
macBytes, err := hex.DecodeString(bakeResp.Macaroon) macBytes, err := hex.DecodeString(bakeResp.Macaroon)
@ -233,7 +235,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
// Test that CheckMacaroonPermissions accurately // Test that CheckMacaroonPermissions accurately
// characterizes macaroon as valid, even if the // characterizes macaroon as valid, even if the
// permissions are not native to LND. // permissions are not native to LND.
checkResp, err := testNode.CheckMacaroonPermissions( checkResp, err := testClient.CheckMacaroonPermissions(
ctxt, checkReq, ctxt, checkReq,
) )
require.NoError(t, err) require.NoError(t, err)
@ -254,7 +256,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
checkReq.Macaroon = timeoutMacBytes checkReq.Macaroon = timeoutMacBytes
_, err = testNode.CheckMacaroonPermissions( _, err = testClient.CheckMacaroonPermissions(
ctxt, checkReq, ctxt, checkReq,
) )
require.Error(t, err) require.Error(t, err)
@ -270,7 +272,7 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
checkReq.Permissions = wrongPermissions checkReq.Permissions = wrongPermissions
checkReq.Macaroon = macBytes checkReq.Macaroon = macBytes
_, err = testNode.CheckMacaroonPermissions( _, err = testClient.CheckMacaroonPermissions(
ctxt, checkReq, ctxt, checkReq,
) )
require.Error(t, err) require.Error(t, err)
@ -280,9 +282,9 @@ func testMacaroonAuthentication(net *lntest.NetworkHarness, ht *harnessTest) {
for _, tc := range testCases { for _, tc := range testCases {
tc := tc tc := tc
ht.t.Run(tc.name, func(tt *testing.T) { ht.Run(tc.name, func(tt *testing.T) {
ctxt, cancel := context.WithTimeout( ctxt, cancel := context.WithTimeout(
context.Background(), defaultTimeout, ht.Context(), defaultTimeout,
) )
defer cancel() defer cancel()

4
lntest/itest/lnd_test_list_on_test.go
View file

@ -52,10 +52,6 @@ var allTestCases = []*testCase{
name: "cpfp", name: "cpfp",
test: testCPFP, test: testCPFP,
}, },
{
name: "macaroon authentication",
test: testMacaroonAuthentication,
},
{ {
name: "bake macaroon", name: "bake macaroon",
test: testBakeMacaroon, test: testBakeMacaroon,