878 878 | ExploreResult::MissingEndpointConfig,
|
879 879 | );
|
880 880 | }
|
881 881 | let err = NoMatchingAuthSchemeError(list).to_string();
|
882 882 | if !err.contains(
|
883 883 | "Note: there were other auth schemes that were evaluated that weren't listed here",
|
884 884 | ) {
|
885 885 | panic!("The error should indicate that the explored list was truncated.");
|
886 886 | }
|
887 887 | }
|
888 + |
|
889 + | #[cfg(feature = "http-auth")]
|
890 + | #[tokio::test]
|
891 + | async fn test_resolve_identity() {
|
892 + | use crate::client::auth::http::{ApiKeyAuthScheme, ApiKeyLocation, BasicAuthScheme};
|
893 + | use aws_smithy_runtime_api::client::auth::http::{
|
894 + | HTTP_API_KEY_AUTH_SCHEME_ID, HTTP_BASIC_AUTH_SCHEME_ID,
|
895 + | };
|
896 + | use aws_smithy_runtime_api::client::identity::http::Token;
|
897 + | use aws_smithy_runtime_api::client::runtime_components::RuntimeComponentsBuilder;
|
898 + |
|
899 + | #[derive(Debug)]
|
900 + | struct Cache;
|
901 + | impl ResolveCachedIdentity for Cache {
|
902 + | fn resolve_cached_identity<'a>(
|
903 + | &'a self,
|
904 + | identity_resolver: SharedIdentityResolver,
|
905 + | rc: &'a RuntimeComponents,
|
906 + | cfg: &'a ConfigBag,
|
907 + | ) -> IdentityFuture<'a> {
|
908 + | IdentityFuture::new(
|
909 + | async move { identity_resolver.resolve_identity(rc, cfg).await },
|
910 + | )
|
911 + | }
|
912 + | }
|
913 + |
|
914 + | let mut layer = Layer::new("test");
|
915 + | layer.store_put(AuthSchemeAndEndpointOrchestrationV2);
|
916 + | layer.store_put(AuthSchemeOptionResolverParams::new("doesntmatter"));
|
917 + | let mut cfg = ConfigBag::of_layers(vec![layer]);
|
918 + |
|
919 + | let runtime_components_builder = RuntimeComponentsBuilder::for_tests()
|
920 + | .with_auth_scheme(SharedAuthScheme::new(BasicAuthScheme::new()))
|
921 + | .with_auth_scheme(SharedAuthScheme::new(ApiKeyAuthScheme::new(
|
922 + | "result:",
|
923 + | ApiKeyLocation::Header,
|
924 + | "Authorization",
|
925 + | )))
|
926 + | .with_auth_scheme_option_resolver(Some(SharedAuthSchemeOptionResolver::new(
|
927 + | StaticAuthSchemeOptionResolver::new(vec![
|
928 + | HTTP_BASIC_AUTH_SCHEME_ID,
|
929 + | HTTP_API_KEY_AUTH_SCHEME_ID,
|
930 + | ]),
|
931 + | )))
|
932 + | .with_identity_cache(Some(Cache));
|
933 + |
|
934 + | struct TestCase {
|
935 + | builder_updater: Box<dyn Fn(RuntimeComponentsBuilder) -> RuntimeComponents>,
|
936 + | resolved_auth_scheme: AuthSchemeId,
|
937 + | should_error: bool,
|
938 + | }
|
939 + |
|
940 + | for test_case in [
|
941 + | TestCase {
|
942 + | builder_updater: Box::new(|rcb: RuntimeComponentsBuilder| {
|
943 + | rcb.with_identity_resolver(
|
944 + | HTTP_BASIC_AUTH_SCHEME_ID,
|
945 + | SharedIdentityResolver::new(Token::new("basic", None)),
|
946 + | )
|
947 + | .with_identity_resolver(
|
948 + | HTTP_API_KEY_AUTH_SCHEME_ID,
|
949 + | SharedIdentityResolver::new(Token::new("api-key", None)),
|
950 + | )
|
951 + | .build()
|
952 + | .unwrap()
|
953 + | }),
|
954 + | resolved_auth_scheme: HTTP_BASIC_AUTH_SCHEME_ID,
|
955 + | should_error: false,
|
956 + | },
|
957 + | TestCase {
|
958 + | builder_updater: Box::new(|rcb: RuntimeComponentsBuilder| {
|
959 + | rcb.with_identity_resolver(
|
960 + | HTTP_BASIC_AUTH_SCHEME_ID,
|
961 + | SharedIdentityResolver::new(Token::new("basic", None)),
|
962 + | )
|
963 + | .build()
|
964 + | .unwrap()
|
965 + | }),
|
966 + | resolved_auth_scheme: HTTP_BASIC_AUTH_SCHEME_ID,
|
967 + | should_error: false,
|
968 + | },
|
969 + | TestCase {
|
970 + | builder_updater: Box::new(|rcb: RuntimeComponentsBuilder| {
|
971 + | rcb.with_identity_resolver(
|
972 + | HTTP_API_KEY_AUTH_SCHEME_ID,
|
973 + | SharedIdentityResolver::new(Token::new("api-key", None)),
|
974 + | )
|
975 + | .build()
|
976 + | .unwrap()
|
977 + | }),
|
978 + | resolved_auth_scheme: HTTP_API_KEY_AUTH_SCHEME_ID,
|
979 + | should_error: false,
|
980 + | },
|
981 + | TestCase {
|
982 + | builder_updater: Box::new(|rcb: RuntimeComponentsBuilder| rcb.build().unwrap()),
|
983 + | resolved_auth_scheme: HTTP_API_KEY_AUTH_SCHEME_ID,
|
984 + | should_error: true,
|
985 + | },
|
986 + | ]
|
987 + | .into_iter()
|
988 + | {
|
989 + | let runtime_components =
|
990 + | (test_case.builder_updater)(runtime_components_builder.clone());
|
991 + | match resolve_identity(&runtime_components, &mut cfg).await {
|
992 + | Ok(resolved) => assert_eq!(test_case.resolved_auth_scheme, resolved.0),
|
993 + | Err(e) if test_case.should_error => {
|
994 + | assert!(e.downcast_ref::<NoMatchingAuthSchemeError>().is_some());
|
995 + | }
|
996 + | _ => {
|
997 + | panic!("`resolve_identity` returned an `Err` when no error was expected in the test.");
|
998 + | }
|
999 + | }
|
1000 + | }
|
1001 + | }
|
888 1002 | }
|