opensource/grafana
1
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-07-29 16:02:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
grafana/pkg/services/auth/authimpl/token_cleanup_test.go
Misi bd7850853e Auth: Attach external session info to Grafana session (#93849) 
* initial from poc changes

* wip

* Remove public external session service

* Update swagger

* Fix merge

* Cleanup

* Add backgroud service for cleanup

* Add auth_module to user_external_session

* Add tests for token revocation functions

* Add secret migration capabilities for user_external_session fields

* Cleanup, refactor to address feedback

* Fix test
2024-10-08 11:03:29 +02:00

141 lines
4.3 KiB
Go
Raw Permalink Blame History

package authimpl
import (
"context"
"fmt"
"testing"
"time"
"github.com/stretchr/testify/require"
"github.com/grafana/grafana/pkg/infra/db"
"github.com/grafana/grafana/pkg/services/auth"
)
func TestIntegrationUserAuthTokenCleanup(t *testing.T) {
if testing.Short() {
t.Skip("skipping integration test")
}
setup := func() *testContext {
ctx := createTestContext(t)
maxInactiveLifetime, _ := time.ParseDuration("168h")
maxLifetime, _ := time.ParseDuration("720h")
ctx.tokenService.cfg.LoginMaxInactiveLifetime = maxInactiveLifetime
ctx.tokenService.cfg.LoginMaxLifetime = maxLifetime
return ctx
}
insertToken := func(ctx *testContext, token string, prev string, createdAt, rotatedAt int64) {
ut := userAuthToken{AuthToken: token, PrevAuthToken: prev, CreatedAt: createdAt, RotatedAt: rotatedAt, UserAgent: "", ClientIp: ""}
err := ctx.sqlstore.WithDbSession(context.Background(), func(sess *db.Session) error {
_, err := sess.Insert(&ut)
require.Nil(t, err)
return nil
})
require.NoError(t, err)
}
now := time.Date(2018, 12, 13, 13, 45, 0, 0, time.UTC)
getTime = func() time.Time { return now }
t.Run("should delete tokens where token rotation age is older than or equal 7 days", func(t *testing.T) {
ctx := setup()
from := now.Add(-168 * time.Hour)
// insert three old tokens that should be deleted
for i := 0; i < 3; i++ {
insertToken(ctx, fmt.Sprintf("oldA%d", i), fmt.Sprintf("oldB%d", i), from.Unix(), from.Unix())
}
// insert three active tokens that should not be deleted
for i := 0; i < 3; i++ {
from = from.Add(time.Second)
insertToken(ctx, fmt.Sprintf("newA%d", i), fmt.Sprintf("newB%d", i), from.Unix(), from.Unix())
}
affected, err := ctx.tokenService.deleteExpiredTokens(context.Background(), 168*time.Hour, 30*24*time.Hour)
require.Nil(t, err)
require.Equal(t, int64(3), affected)
})
t.Run("should delete tokens where token age is older than or equal 30 days", func(t *testing.T) {
ctx := setup()
from := now.Add(-30 * 24 * time.Hour)
fromRotate := now.Add(-time.Second)
// insert three old tokens that should be deleted
for i := 0; i < 3; i++ {
insertToken(ctx, fmt.Sprintf("oldA%d", i), fmt.Sprintf("oldB%d", i), from.Unix(), fromRotate.Unix())
}
// insert three active tokens that should not be deleted
for i := 0; i < 3; i++ {
from = from.Add(time.Second)
insertToken(ctx, fmt.Sprintf("newA%d", i), fmt.Sprintf("newB%d", i), from.Unix(), fromRotate.Unix())
}
affected, err := ctx.tokenService.deleteExpiredTokens(context.Background(), 7*24*time.Hour, 30*24*time.Hour)
require.Nil(t, err)
require.Equal(t, int64(3), affected)
})
}
func TestIntegrationOrphanedExternalSessionsCleanup(t *testing.T) {
if testing.Short() {
t.Skip("skipping integration test")
}
setup := func() *testContext {
ctx := createTestContext(t)
return ctx
}
insertExternalSession := func(ctx *testContext, id int64) {
es := &auth.ExternalSession{ID: id, UserAuthID: 1, UserID: 1}
err := ctx.sqlstore.WithDbSession(context.Background(), func(sess *db.Session) error {
_, err := sess.Insert(es)
require.Nil(t, err)
return nil
})
require.NoError(t, err)
}
insertAuthToken := func(ctx *testContext, token string, externalSessionId int64) {
ut := userAuthToken{AuthToken: token, PrevAuthToken: fmt.Sprintf("old%s", token), ExternalSessionId: externalSessionId}
err := ctx.sqlstore.WithDbSession(context.Background(), func(sess *db.Session) error {
_, err := sess.Insert(&ut)
require.Nil(t, err)
return nil
})
require.NoError(t, err)
}
t.Run("should delete orphaned external sessions", func(t *testing.T) {
ctx := setup()
// insert three external sessions
for i := int64(1); i <= 3; i++ {
insertExternalSession(ctx, i)
}
// insert two auth tokens linked to external sessions
insertAuthToken(ctx, "token1", 1)
insertAuthToken(ctx, "token2", 2)
// delete orphaned external sessions
err := ctx.tokenService.deleteOrphanedExternalSessions(context.Background())
require.NoError(t, err)
// verify that only the orphaned external session is deleted
var count int64
err = ctx.sqlstore.WithDbSession(context.Background(), func(sess *db.Session) error {
count, err = sess.Count(&auth.ExternalSession{})
require.Nil(t, err)
return nil
})
require.NoError(t, err)
require.Equal(t, int64(2), count)
})
}
Reference in New Issue View Git Blame Copy Permalink