Skip to content

Commit

Permalink
fix broken mocks
Browse files Browse the repository at this point in the history 
# Conflicts:
#	vdr/didx509/resolver_test.go
  • Loading branch information
@gerardsn
gerardsn committed Dec 11, 2024
1 parent cdae7f4 commit c7c8424
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 35 deletions.
6 changes: 3 additions & 3 deletions network/network_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1255,7 +1255,7 @@ func TestNetwork_checkHealth(t *testing.T) {
t.Run("TLS", func(t *testing.T) {
t.Run("up", func(t *testing.T) {
mockPKIValidator := pki.NewMockValidator(gomock.NewController(t))
mockPKIValidator.EXPECT().Validate([]*x509.Certificate{certificate.Leaf})
mockPKIValidator.EXPECT().CheckCRL([]*x509.Certificate{certificate.Leaf})
n := Network{
trustStore: trustStore,
certificate: certificate,
Expand All @@ -1268,7 +1268,7 @@ func TestNetwork_checkHealth(t *testing.T) {
})
t.Run("revoked/denied certificate", func(t *testing.T) {
mockPKIValidator := pki.NewMockValidator(gomock.NewController(t))
mockPKIValidator.EXPECT().Validate([]*x509.Certificate{certificate.Leaf}).Return(errors.New("custom error"))
mockPKIValidator.EXPECT().CheckCRL([]*x509.Certificate{certificate.Leaf}).Return(errors.New("custom error"))
n := Network{
trustStore: trustStore,
certificate: certificate,
Expand Down Expand Up @@ -1320,7 +1320,7 @@ func TestNetwork_checkHealth(t *testing.T) {
cxt.network.certificate = certificate
cxt.network.nodeDID = *nodeDID
cxt.didStore.EXPECT().Resolve(*nodeDID, nil).MinTimes(1).Return(completeDocument, &resolver.DocumentMetadata{}, nil)
cxt.pkiValidator.EXPECT().Validate([]*x509.Certificate{certificate.Leaf})
cxt.pkiValidator.EXPECT().CheckCRL([]*x509.Certificate{certificate.Leaf})

health := cxt.network.CheckHealth()

Expand Down
6 changes: 3 additions & 3 deletions network/transport/grpc/connection_manager_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1221,7 +1221,7 @@ func Test_grpcConnectionManager_revalidatePeers(t *testing.T) {
cert := testPKI.Certificate().Leaf

t.Run("ok", func(t *testing.T) {
mockValidator.EXPECT().Validate([]*x509.Certificate{cert})
mockValidator.EXPECT().CheckCRL([]*x509.Certificate{cert})
cm, err := NewGRPCConnectionManager(Config{pkiValidator: mockValidator}, nil, *nodeDID, nil)
require.NoError(t, err)
connection := NewStubConnection(transport.Peer{Certificate: cert})
Expand All @@ -1232,7 +1232,7 @@ func Test_grpcConnectionManager_revalidatePeers(t *testing.T) {
assert.Equal(t, 0, connection.disconnectCalls)
})
t.Run("denied", func(t *testing.T) {
mockValidator.EXPECT().Validate([]*x509.Certificate{cert}).Return(pki.ErrCertBanned)
mockValidator.EXPECT().CheckCRL([]*x509.Certificate{cert}).Return(pki.ErrCertBanned)
cm, err := NewGRPCConnectionManager(Config{pkiValidator: mockValidator}, nil, *nodeDID, nil)
require.NoError(t, err)
connection := NewStubConnection(transport.Peer{Certificate: cert})
Expand All @@ -1243,7 +1243,7 @@ func Test_grpcConnectionManager_revalidatePeers(t *testing.T) {
assert.Equal(t, 1, connection.disconnectCalls)
})
t.Run("denied multiple", func(t *testing.T) {
mockValidator.EXPECT().Validate([]*x509.Certificate{cert}).Return(pki.ErrCertBanned).Times(3)
mockValidator.EXPECT().CheckCRL([]*x509.Certificate{cert}).Return(pki.ErrCertBanned).Times(3)
cm, err := NewGRPCConnectionManager(Config{pkiValidator: mockValidator}, nil, *nodeDID, nil)
require.NoError(t, err)
connection := NewStubConnection(transport.Peer{Certificate: cert})
Expand Down
4 changes: 2 additions & 2 deletions network/transport/grpc/tls_offloading_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ func Test_tlsOffloadingAuthenticator(t *testing.T) {
var peerInfo *peer.Peer
var success bool
serverStream.ctx = contextWithMD(encodedCert)
pkiMock.EXPECT().Validate(gomock.Any())
pkiMock.EXPECT().CheckCRL(gomock.Any())

err := auth.intercept(nil, serverStream, nil, func(srv interface{}, wrappedStream grpc.ServerStream) error {
peerInfo, success = peer.FromContext(wrappedStream.Context())
Expand All @@ -99,7 +99,7 @@ func Test_tlsOffloadingAuthenticator(t *testing.T) {
})
t.Run("certificate revoked/banned", func(t *testing.T) {
serverStream.ctx = contextWithMD(encodedCert)
pkiMock.EXPECT().Validate(gomock.Any()).Return(errors.New("custom error"))
pkiMock.EXPECT().CheckCRL(gomock.Any()).Return(errors.New("custom error"))

err := auth.intercept(nil, serverStream, nil, func(srv interface{}, wrappedStream grpc.ServerStream) error {
t.Fatal("should not be called")
Expand Down
4 changes: 2 additions & 2 deletions vcr/verifier/signature_verifier_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ func TestSignatureVerifier_VerifySignature(t *testing.T) {

t.Run("happy flow", func(t *testing.T) {
sv, validator := x509VerifierTestSetup(t)
validator.EXPECT().ValidateStrict(gomock.Any()).Return(nil)
validator.EXPECT().CheckCRLStrict(gomock.Any()).Return(nil)
err = sv.VerifySignature(*cred, nil)
assert.NoError(t, err)
})
Expand All @@ -121,7 +121,7 @@ func TestSignatureVerifier_VerifySignature(t *testing.T) {
assert.NoError(t, err)
sv, validator := x509VerifierTestSetup(t)
expectedError := errors.New("wrong ura")
validator.EXPECT().ValidateStrict(gomock.Any()).Return(expectedError)
validator.EXPECT().CheckCRLStrict(gomock.Any()).Return(expectedError)
err = sv.VerifySignature(*cred, nil)
assert.Error(t, err)
assert.ErrorIs(t, err, expectedError)
Expand Down
52 changes: 27 additions & 25 deletions vdr/didx509/resolver_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,8 @@ func TestManager_Resolve_OtherName(t *testing.T) {
})
t.Run("happy flow, policy depth of 0", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s", "sha256", sha256Sum(rootCertificate.Raw)))
validator.EXPECT().ValidateStrict(gomock.Any())

validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)

require.NoError(t, err)
Expand All @@ -88,7 +89,8 @@ func TestManager_Resolve_OtherName(t *testing.T) {
assert.NotNil(t, resolve.VerificationMethod.FindByID(*didUrl))
})
t.Run("happy flow, policy depth of 1 and primary value", func(t *testing.T) {
validator.EXPECT().ValidateStrict(gomock.Any())

validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)

require.NoError(t, err)
Expand All @@ -102,7 +104,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
t.Run("happy flow, policy depth of 1 and secondary value", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:otherName:%s", "sha256", sha256Sum(rootCertificate.Raw), otherNameValueSecondary))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)

require.NoError(t, err)
Expand All @@ -116,7 +118,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
t.Run("happy flow, policy depth of 2 of type OU", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:otherName:%s::subject:OU:%s", "sha256", sha256Sum(rootCertificate.Raw), otherNameValue, "The%20A-Team"))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)

require.NoError(t, err)
Expand All @@ -130,7 +132,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
t.Run("happy flow, policy depth of 2, primary and secondary", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:otherName:%s::san:otherName:%s", "sha256", sha256Sum(rootCertificate.Raw), otherNameValue, otherNameValueSecondary))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)

require.NoError(t, err)
Expand All @@ -144,7 +146,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
t.Run("happy flow, policy depth of 2, secondary and primary", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:otherName:%s::san:otherName:%s", "sha256", sha256Sum(rootCertificate.Raw), otherNameValue, otherNameValueSecondary))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)

require.NoError(t, err)
Expand All @@ -157,7 +159,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
})
t.Run("happy flow with only x5t header", func(t *testing.T) {
delete(metadata.JwtProtectedHeaders, X509CertThumbprintS256Header)
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -166,7 +168,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
})
t.Run("happy flow with only x5t#S256 header", func(t *testing.T) {
delete(metadata.JwtProtectedHeaders, X509CertThumbprintHeader)
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -186,7 +188,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
t.Run("happy flow with alternative hash alg sha512", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:otherName:%s", "sha512", sha512Sum(rootCertificate.Raw), otherNameValue))
delete(metadata.JwtProtectedHeaders, X509CertThumbprintHeader)
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -196,7 +198,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
t.Run("happy flow with alternative hash alg sha384", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:otherName:%s", "sha384", sha384Sum(rootCertificate.Raw), otherNameValue))
delete(metadata.JwtProtectedHeaders, X509CertThumbprintHeader)
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand Down Expand Up @@ -271,7 +273,7 @@ func TestManager_Resolve_OtherName(t *testing.T) {
})
t.Run("broken chain", func(t *testing.T) {
expectedErr := errors.New("broken chain")
validator.EXPECT().ValidateStrict(gomock.Any()).Return(expectedErr)
validator.EXPECT().CheckCRLStrict(gomock.Any()).Return(expectedErr)
_, _, err := didResolver.Resolve(rootDID, &metadata)
require.Error(t, err)
assert.ErrorIs(t, err, expectedErr)
Expand Down Expand Up @@ -351,7 +353,7 @@ func TestManager_Resolve_San_Generic(t *testing.T) {
t.Run("happy SAN DNS www.example.com", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:dns:%s", "sha256", sha256Sum(rootCertificate.Raw), "www.example.com"))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -366,7 +368,7 @@ func TestManager_Resolve_San_Generic(t *testing.T) {
t.Run("happy SAN ip", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:ip:%s", "sha256", sha256Sum(rootCertificate.Raw), "192.1.2.3"))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -381,7 +383,7 @@ func TestManager_Resolve_San_Generic(t *testing.T) {
t.Run("happy SAN email", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::san:email:%s", "sha256", sha256Sum(rootCertificate.Raw), "info%40example.com"))

validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand Down Expand Up @@ -441,7 +443,7 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow CN www.example.com", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:CN:%s", "sha256", sha256Sum(rootCertificate.Raw), "www.example.com"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -455,23 +457,23 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow O", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:O:%s", "sha256", sha256Sum(rootCertificate.Raw), "NUTS%20Foundation"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
assert.NotNil(t, documentMetadata)
})
t.Run("happy flow O and CN", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:O:%s::subject:CN:%s", "sha256", sha256Sum(rootCertificate.Raw), "NUTS%20Foundation", "www.example.com"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
assert.NotNil(t, documentMetadata)
})
t.Run("happy flow O and CN and OU", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:O:%s::subject:CN:%s::subject:OU:%s", "sha256", sha256Sum(rootCertificate.Raw), "NUTS%20Foundation", "www.example.com", "The%20A-Team"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand Down Expand Up @@ -509,15 +511,15 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow L Amsterdam", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:L:%s", "sha256", sha256Sum(rootCertificate.Raw), "Amsterdam"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
assert.NotNil(t, documentMetadata)
})
t.Run("happy flow L Den Haag", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:L:%s", "sha256", sha256Sum(rootCertificate.Raw), "The%20Hague"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -531,7 +533,7 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow C", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:C:%s", "sha256", sha256Sum(rootCertificate.Raw), "NL"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -545,7 +547,7 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow ST", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:ST:%s", "sha256", sha256Sum(rootCertificate.Raw), "Noord-Holland"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -559,7 +561,7 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow STREET", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:STREET:%s", "sha256", sha256Sum(rootCertificate.Raw), "Amsterdamseweg%20100"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -574,7 +576,7 @@ func TestManager_Resolve_Subject(t *testing.T) {

t.Run("happy flow serialNumber", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:serialNumber:%s", "sha256", sha256Sum(rootCertificate.Raw), "32121323"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand All @@ -588,7 +590,7 @@ func TestManager_Resolve_Subject(t *testing.T) {
})
t.Run("happy flow OU", func(t *testing.T) {
rootDID := did.MustParseDID(fmt.Sprintf("did:x509:0:%s:%s::subject:OU:%s", "sha256", sha256Sum(rootCertificate.Raw), "The%20A-Team"))
validator.EXPECT().ValidateStrict(gomock.Any())
validator.EXPECT().CheckCRLStrict(gomock.Any())
resolve, documentMetadata, err := didResolver.Resolve(rootDID, &metadata)
require.NoError(t, err)
assert.NotNil(t, resolve)
Expand Down

0 comments on commit c7c8424

Please sign in to comment.