forked from envoyproxy/envoy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathxfcc_integration_test.h
67 lines (56 loc) · 2.51 KB
/
xfcc_integration_test.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#pragma once
#include <memory>
#include <string>
#include "test/config/integration/certs/clientcert_hash.h"
#include "test/integration/http_integration.h"
#include "test/integration/server.h"
#include "test/mocks/server/mocks.h"
#include "absl/strings/ascii.h"
#include "absl/strings/str_replace.h"
#include "gmock/gmock.h"
#include "gtest/gtest.h"
using testing::NiceMock;
using testing::ReturnRef;
namespace Envoy {
namespace Xfcc {
class XfccIntegrationTest : public testing::TestWithParam<Network::Address::IpVersion>,
public HttpIntegrationTest {
public:
const std::string previous_xfcc_ =
"By=spiffe://lyft.com/frontend;Hash=123456;URI=spiffe://lyft.com/testclient";
const std::string current_xfcc_by_hash_ =
"By=spiffe://lyft.com/"
"backend-team;Hash=" +
absl::AsciiStrToLower(absl::StrReplaceAll(TEST_CLIENT_CERT_HASH, {{":", ""}}));
const std::string client_subject_ =
"Subject=\""
"[email protected],CN=Test Frontend Team,"
"OU=Lyft Engineering,O=Lyft,L=San Francisco,ST=California,C=US\"";
const std::string client_uri_san_ = "URI=spiffe://lyft.com/frontend-team";
const std::string client_dns_san_ = "DNS=lyft.com;DNS=www.lyft.com";
XfccIntegrationTest() : HttpIntegrationTest(Http::CodecClient::Type::HTTP1, GetParam()) {
ON_CALL(factory_context_, api()).WillByDefault(ReturnRef(*api_));
}
void initialize() override;
void createUpstreams() override;
void TearDown() override;
Network::TransportSocketFactoryPtr createUpstreamSslContext();
Network::TransportSocketFactoryPtr createClientSslContext(bool mtls);
Network::ClientConnectionPtr makeClientConnection();
Network::ClientConnectionPtr makeTlsClientConnection();
Network::ClientConnectionPtr makeMtlsClientConnection();
void testRequestAndResponseWithXfccHeader(std::string privous_xfcc, std::string expected_xfcc);
envoy::config::filter::network::http_connection_manager::v2::HttpConnectionManager::
ForwardClientCertDetails fcc_;
envoy::config::filter::network::http_connection_manager::v2::HttpConnectionManager::
SetCurrentClientCertDetails sccd_;
bool tls_ = true;
private:
std::unique_ptr<Ssl::ContextManager> context_manager_;
Network::TransportSocketFactoryPtr client_tls_ssl_ctx_;
Network::TransportSocketFactoryPtr client_mtls_ssl_ctx_;
Network::TransportSocketFactoryPtr upstream_ssl_ctx_;
testing::NiceMock<Server::Configuration::MockTransportSocketFactoryContext> factory_context_;
};
} // namespace Xfcc
} // namespace Envoy