Added a new libprocess test for invalid principals. This patch adds `HttpAuthenticationTest.InvalidPrincipal` to libprocess to verify that requests return a 500 status code when the authenticator fails to return a valid principal.
Review: https://reviews.apache.org/r/57298/ Project: http://git-wip-us.apache.org/repos/asf/mesos/repo Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/e71f957a Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/e71f957a Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/e71f957a Branch: refs/heads/master Commit: e71f957a15c2d4e126e987bacfe64aae7f37a7dd Parents: 602c9db Author: Greg Mann <[email protected]> Authored: Mon Mar 6 12:40:01 2017 -0800 Committer: Vinod Kone <[email protected]> Committed: Mon Mar 6 12:40:01 2017 -0800 ---------------------------------------------------------------------- 3rdparty/libprocess/src/tests/http_tests.cpp | 25 +++++++++++++++++++++++ 1 file changed, 25 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/mesos/blob/e71f957a/3rdparty/libprocess/src/tests/http_tests.cpp ---------------------------------------------------------------------- diff --git a/3rdparty/libprocess/src/tests/http_tests.cpp b/3rdparty/libprocess/src/tests/http_tests.cpp index 0f0b36c..a0e23c2 100644 --- a/3rdparty/libprocess/src/tests/http_tests.cpp +++ b/3rdparty/libprocess/src/tests/http_tests.cpp @@ -1858,6 +1858,31 @@ TEST_F(HttpAuthenticationTest, Authenticated) } +// Tests that if an authenticator returns an invalid principal, the request +// will not succeed. +TEST_F(HttpAuthenticationTest, InvalidPrincipal) +{ + MockAuthenticator* authenticator = new MockAuthenticator(); + setAuthenticator("realm", Owned<Authenticator>(authenticator)); + + Http http; + + // This principal is invalid because it has neither `value` nor `claims` set. + AuthenticationResult authentication; + authentication.principal = Principal(None(), {}); + + EXPECT_CALL((*authenticator), authenticate(_)) + .WillOnce(Return(authentication)); + + // Note that we don't bother pretending to specify a valid + // 'Authorization' header since we force authentication success. + Future<http::Response> response = + http::get(http.process->self(), "authenticated"); + + AWAIT_EXPECT_RESPONSE_STATUS_EQ(http::InternalServerError().status, response); +} + + // Tests that HTTP pipelining is respected even when // authentications are satisfied out-of-order. TEST_F(HttpAuthenticationTest, Pipelining)
