From aea1880386d8801e9988be8c5177b41bdc043e81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michael=20Mur=C3=A9?= Date: Wed, 20 Nov 2024 14:55:48 +0100 Subject: [PATCH] tests: lots of small asjustement --- did/didtest/crypto.go | 114 ++++----- pkg/policy/policytest/policy.go | 20 -- .../data/TokenCarolDanInvalidExpired.dagcbor | Bin 337 -> 0 bytes ...enCarolDan_InvalidExpandedCommand.dagcbor} | Bin .../data/TokenCarolDan_InvalidExpired.dagcbor | Bin 0 -> 337 bytes ... => TokenCarolDan_InvalidInactive.dagcbor} | Bin ...r => TokenCarolDan_InvalidSubject.dagcbor} | Bin ...enCarolDan_ValidAttenuatedCommand.dagcbor} | Bin .../data/TokenDanErinInvalidExpired.dagcbor | Bin 337 -> 0 bytes ...kenDanErin_InvalidExpandedCommand.dagcbor} | Bin .../data/TokenDanErin_InvalidExpired.dagcbor | Bin 0 -> 337 bytes ...r => TokenDanErin_InvalidInactive.dagcbor} | Bin ...or => TokenDanErin_InvalidSubject.dagcbor} | Bin ...kenDanErin_ValidAttenuatedCommand.dagcbor} | Bin .../data/TokenErinFrankInvalidExpired.dagcbor | Bin 337 -> 0 bytes ...nErinFrank_InvalidExpandedCommand.dagcbor} | Bin .../TokenErinFrank_InvalidExpired.dagcbor | Bin 0 -> 337 bytes ...=> TokenErinFrank_InvalidInactive.dagcbor} | Bin ... => TokenErinFrank_InvalidSubject.dagcbor} | Bin ...nErinFrank_ValidAttenuatedCommand.dagcbor} | Bin token/delegation/delegationtest/doc.go | 8 +- token/delegation/delegationtest/generator.go | 227 ++++++++++++++++++ .../delegationtest/generator_test.go | 204 +--------------- token/delegation/delegationtest/token.go | 28 +-- token/delegation/delegationtest/token_gen.go | 150 ++++++------ token/delegation/delegationtest/token_test.go | 2 - token/invocation/invocation_test.go | 19 +- 27 files changed, 376 insertions(+), 396 deletions(-) delete mode 100644 pkg/policy/policytest/policy.go delete mode 100644 token/delegation/delegationtest/data/TokenCarolDanInvalidExpired.dagcbor rename token/delegation/delegationtest/data/{TokenCarolDanInvalidExpandedCommand.dagcbor => TokenCarolDan_InvalidExpandedCommand.dagcbor} (100%) create mode 100644 token/delegation/delegationtest/data/TokenCarolDan_InvalidExpired.dagcbor rename token/delegation/delegationtest/data/{TokenCarolDanInvalidInactive.dagcbor => TokenCarolDan_InvalidInactive.dagcbor} (100%) rename token/delegation/delegationtest/data/{TokenCarolDanInvalidSubject.dagcbor => TokenCarolDan_InvalidSubject.dagcbor} (100%) rename token/delegation/delegationtest/data/{TokenCarolDanValidAttenuatedCommand.dagcbor => TokenCarolDan_ValidAttenuatedCommand.dagcbor} (100%) delete mode 100644 token/delegation/delegationtest/data/TokenDanErinInvalidExpired.dagcbor rename token/delegation/delegationtest/data/{TokenDanErinInvalidExpandedCommand.dagcbor => TokenDanErin_InvalidExpandedCommand.dagcbor} (100%) create mode 100644 token/delegation/delegationtest/data/TokenDanErin_InvalidExpired.dagcbor rename token/delegation/delegationtest/data/{TokenDanErinInvalidInactive.dagcbor => TokenDanErin_InvalidInactive.dagcbor} (100%) rename token/delegation/delegationtest/data/{TokenDanErinInvalidSubject.dagcbor => TokenDanErin_InvalidSubject.dagcbor} (100%) rename token/delegation/delegationtest/data/{TokenDanErinValidAttenuatedCommand.dagcbor => TokenDanErin_ValidAttenuatedCommand.dagcbor} (100%) delete mode 100644 token/delegation/delegationtest/data/TokenErinFrankInvalidExpired.dagcbor rename token/delegation/delegationtest/data/{TokenErinFrankInvalidExpandedCommand.dagcbor => TokenErinFrank_InvalidExpandedCommand.dagcbor} (100%) create mode 100644 token/delegation/delegationtest/data/TokenErinFrank_InvalidExpired.dagcbor rename token/delegation/delegationtest/data/{TokenErinFrankInvalidInactive.dagcbor => TokenErinFrank_InvalidInactive.dagcbor} (100%) rename token/delegation/delegationtest/data/{TokenErinFrankInvalidSubject.dagcbor => TokenErinFrank_InvalidSubject.dagcbor} (100%) rename token/delegation/delegationtest/data/{TokenErinFrankValidAttenuatedCommand.dagcbor => TokenErinFrank_ValidAttenuatedCommand.dagcbor} (100%) create mode 100644 token/delegation/delegationtest/generator.go diff --git a/did/didtest/crypto.go b/did/didtest/crypto.go index b06928e..3d9de8d 100644 --- a/did/didtest/crypto.go +++ b/did/didtest/crypto.go @@ -4,27 +4,28 @@ package didtest import ( - "sync" + "fmt" "testing" "github.com/libp2p/go-libp2p/core/crypto" "github.com/stretchr/testify/require" + "github.com/ucan-wg/go-ucan/did" ) const ( - alicePrivKeyCfg = "CAESQHdNJLBBiuc1AdwPHBkubB2KS1p0cv2JEF7m8tfwtrcm5ajaYPm+XmVCmtcHOF2lGDlmaiDA7emfwD3IrcyES0M=" - bobPrivKeyCfg = "CAESQHBz+AIop1g+9iBDj+ufUc/zm9/ry7c6kDFO8Wl/D0+H63V9hC6s9l4npf3pYEFCjBtlR0AMNWMoFQKSlYNKo20=" - carolPrivKeyCfg = "CAESQPrCgkcHnYFXDT9AlAydhPECBEivEuuVx9dJxLjVvDTmJIVNivfzg6H4mAiPfYS+5ryVVUZTHZBzvMuvvvG/Ks0=" - danPrivKeyCfg = "CAESQCgNhzofKhC+7hW6x+fNd7iMPtQHeEmKRhhlduf/I7/TeOEFYAEflbJ0sAhMeDJ/HQXaAvsWgHEbJ3ZLhP8q2B0=" - erinPrivKeyCfg = "CAESQKhCJo5UBpQcthko8DKMFsbdZ+qqQ5oc01CtLCqrE90dF2GfRlrMmot3WPHiHGCmEYi5ZMEHuiSI095e/6O4Bpw=" - frankPrivKeyCfg = "CAESQDlXPKsy3jHh7OWTWQqyZF95Ueac5DKo7xD0NOBE5F2BNr1ZVxRmJ2dBELbOt8KP9sOACcO9qlCB7uMA1UQc7sk=" + alicePrivKeyB64 = "CAESQHdNJLBBiuc1AdwPHBkubB2KS1p0cv2JEF7m8tfwtrcm5ajaYPm+XmVCmtcHOF2lGDlmaiDA7emfwD3IrcyES0M=" + bobPrivKeyB64 = "CAESQHBz+AIop1g+9iBDj+ufUc/zm9/ry7c6kDFO8Wl/D0+H63V9hC6s9l4npf3pYEFCjBtlR0AMNWMoFQKSlYNKo20=" + carolPrivKeyB64 = "CAESQPrCgkcHnYFXDT9AlAydhPECBEivEuuVx9dJxLjVvDTmJIVNivfzg6H4mAiPfYS+5ryVVUZTHZBzvMuvvvG/Ks0=" + danPrivKeyB64 = "CAESQCgNhzofKhC+7hW6x+fNd7iMPtQHeEmKRhhlduf/I7/TeOEFYAEflbJ0sAhMeDJ/HQXaAvsWgHEbJ3ZLhP8q2B0=" + erinPrivKeyB64 = "CAESQKhCJo5UBpQcthko8DKMFsbdZ+qqQ5oc01CtLCqrE90dF2GfRlrMmot3WPHiHGCmEYi5ZMEHuiSI095e/6O4Bpw=" + frankPrivKeyB64 = "CAESQDlXPKsy3jHh7OWTWQqyZF95Ueac5DKo7xD0NOBE5F2BNr1ZVxRmJ2dBELbOt8KP9sOACcO9qlCB7uMA1UQc7sk=" ) // Persona is a generic participant used for cryptographic testing. type Persona int -// The provided Personas were selected from the first few generic +// The provided Personas were selected from the first few generic // participants listed in this [table]. // // [table]: https://en.wikipedia.org/wiki/Alice_and_Bob#Cryptographic_systems @@ -37,26 +38,36 @@ const ( PersonaFrank ) -var ( - once sync.Once +var privKeys map[Persona]crypto.PrivKey + +func init() { privKeys = make(map[Persona]crypto.PrivKey, 6) - err error -) + for persona, privKeyCfg := range privKeyB64() { + privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg) + if err != nil { + return + } + + privKey, err := crypto.UnmarshalPrivateKey(privKeyMar) + if err != nil { + return + } + + privKeys[persona] = privKey + } +} // DID returns a did.DID based on the Persona's Ed25519 public key. -func (p Persona) DID(t *testing.T) did.DID { - t.Helper() - - did, err := did.FromPrivKey(p.PrivKey(t)) - require.NoError(t, err) - - return did +func (p Persona) DID() did.DID { + d, err := did.FromPrivKey(p.PrivKey()) + if err != nil { + panic(err) + } + return d } // Name returns the username of the Persona. -func (p Persona) Name(t *testing.T) string { - t.Helper() - +func (p Persona) Name() string { name, ok := map[Persona]string{ PersonaAlice: "Alice", PersonaBob: "Bob", @@ -66,78 +77,45 @@ func (p Persona) Name(t *testing.T) string { PersonaFrank: "Frank", }[p] if !ok { - t.Fatal("Unknown persona:", p) + panic(fmt.Sprintf("Unknown persona: %v", p)) } return name } // PrivKey returns the Ed25519 private key for the Persona. -func (p Persona) PrivKey(t *testing.T) crypto.PrivKey { - t.Helper() - - once.Do(func() { - for persona, privKeyCfg := range privKeyCfgs(t) { - privKeyMar, err := crypto.ConfigDecodeKey(privKeyCfg) - if err != nil { - return - } - - privKey, err := crypto.UnmarshalPrivateKey(privKeyMar) - if err != nil { - return - } - - privKeys[persona] = privKey - } - }) - require.NoError(t, err) - +func (p Persona) PrivKey() crypto.PrivKey { return privKeys[p] } -// PrivKeyConfig returns the marshaled and encoded Ed25519 private key -// for the Persona. -func (p Persona) PrivKeyConfig(t *testing.T) string { - t.Helper() - - return privKeyCfgs(t)[p] -} - // PubKey returns the Ed25519 public key for the Persona. -func (p Persona) PubKey(t *testing.T) crypto.PubKey { - t.Helper() - - return p.PrivKey(t).GetPublic() +func (p Persona) PubKey() crypto.PubKey { + return p.PrivKey().GetPublic() } // PubKeyConfig returns the marshaled and encoded Ed25519 public key // for the Persona. func (p Persona) PubKeyConfig(t *testing.T) string { - pubKeyMar, err := crypto.MarshalPublicKey(p.PrivKey(t).GetPublic()) + pubKeyMar, err := crypto.MarshalPublicKey(p.PrivKey().GetPublic()) require.NoError(t, err) return crypto.ConfigEncodeKey(pubKeyMar) } -func privKeyCfgs(t *testing.T) map[Persona]string { - t.Helper() - +func privKeyB64() map[Persona]string { return map[Persona]string{ - PersonaAlice: alicePrivKeyCfg, - PersonaBob: bobPrivKeyCfg, - PersonaCarol: carolPrivKeyCfg, - PersonaDan: danPrivKeyCfg, - PersonaErin: erinPrivKeyCfg, - PersonaFrank: frankPrivKeyCfg, + PersonaAlice: alicePrivKeyB64, + PersonaBob: bobPrivKeyB64, + PersonaCarol: carolPrivKeyB64, + PersonaDan: danPrivKeyB64, + PersonaErin: erinPrivKeyB64, + PersonaFrank: frankPrivKeyB64, } } // Personas returns an (alphabetically) ordered list of the defined // Persona values. -func Personas(t *testing.T) []Persona { - t.Helper() - +func Personas() []Persona { return []Persona{ PersonaAlice, PersonaBob, diff --git a/pkg/policy/policytest/policy.go b/pkg/policy/policytest/policy.go deleted file mode 100644 index 4afd5f3..0000000 --- a/pkg/policy/policytest/policy.go +++ /dev/null @@ -1,20 +0,0 @@ -// Package policytest provides values and functions that are useful when -// testing code that relies on Policies. -package policytest - -import ( - "testing" - - "github.com/stretchr/testify/require" - "github.com/ucan-wg/go-ucan/pkg/policy" -) - -// EmptyPolicy provides a policy with no statements for testing purposes. -func EmptyPolicy(t *testing.T) policy.Policy { - t.Helper() - - pol, err := policy.FromDagJson("[]") - require.NoError(t, err) - - return pol -} diff --git a/token/delegation/delegationtest/data/TokenCarolDanInvalidExpired.dagcbor b/token/delegation/delegationtest/data/TokenCarolDanInvalidExpired.dagcbor deleted file mode 100644 index 09d95dcca90d7ecd2474493649d8c9d752dc9e7e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 337 zcmZpQaF}#CL`ctjOY+TQU8>tEK6312Ub@t<=;>Pb@7o^NF8WzyI8&ne-1oM{n)?kB zjV6Em^~`qJ3grWOpS7GHz21I*3g@E43>TBPjD^Le$%%RTDLLs5hI$5i2D(MbdWOrB z6H8MnEK)L4tg=%pt*Xp?v-6V7E3vularHkQwsG{D+&_xQc_d&^YU{u^AdBCfdW$LHkb60GmDE+4NosENY2PG z^(Zg(NX!T}k1VcqwMg$S z+o(9(CBi2#&)m=3*fqm4%Qr72GOf(TsiGpgB)uRr#mliU$=uhtAT=*PFFDnRfsu)s Mg_Vt+gOiIJ0Ajs?3IG5A diff --git a/token/delegation/delegationtest/data/TokenCarolDanInvalidExpandedCommand.dagcbor b/token/delegation/delegationtest/data/TokenCarolDan_InvalidExpandedCommand.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenCarolDanInvalidExpandedCommand.dagcbor rename to token/delegation/delegationtest/data/TokenCarolDan_InvalidExpandedCommand.dagcbor diff --git a/token/delegation/delegationtest/data/TokenCarolDan_InvalidExpired.dagcbor b/token/delegation/delegationtest/data/TokenCarolDan_InvalidExpired.dagcbor new file mode 100644 index 0000000000000000000000000000000000000000..c67b5e2230da340ac9a723647aba761bd0ef6416 GIT binary patch literal 337 zcmZpQaCm=rW5#p2-6YzA^jn)idp@_c*RQcuVDvb;P8-hvQDl-??Bg zpKZ5GldCV^mgR17-`HmdMVM%&GA~NZa4~tySXf+|oS3Jdl9TRWsAr&Opj(uzXSh5$ zu{5Q^A|*4$Dm%5(s>;kaJ1@z+GRr4FvC`B%(aR^>qSDaS%q%}3+u6}9HOn~L(L6QV zBFi*4$h06kIXO8urBFY$q98FZB{fAqFF!XkFEJ+>C?J(?`_eZ#v$z=5@buDxBHLT{A4ReDhKw)5=_&Dk`!|(hD+Eyc`RY%zcduQuFfjl2d&c7@3$^ LSlQS)IJvk16f=Iw literal 0 HcmV?d00001 diff --git a/token/delegation/delegationtest/data/TokenCarolDanInvalidInactive.dagcbor b/token/delegation/delegationtest/data/TokenCarolDan_InvalidInactive.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenCarolDanInvalidInactive.dagcbor rename to token/delegation/delegationtest/data/TokenCarolDan_InvalidInactive.dagcbor diff --git a/token/delegation/delegationtest/data/TokenCarolDanInvalidSubject.dagcbor b/token/delegation/delegationtest/data/TokenCarolDan_InvalidSubject.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenCarolDanInvalidSubject.dagcbor rename to token/delegation/delegationtest/data/TokenCarolDan_InvalidSubject.dagcbor diff --git a/token/delegation/delegationtest/data/TokenCarolDanValidAttenuatedCommand.dagcbor b/token/delegation/delegationtest/data/TokenCarolDan_ValidAttenuatedCommand.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenCarolDanValidAttenuatedCommand.dagcbor rename to token/delegation/delegationtest/data/TokenCarolDan_ValidAttenuatedCommand.dagcbor diff --git a/token/delegation/delegationtest/data/TokenDanErinInvalidExpired.dagcbor b/token/delegation/delegationtest/data/TokenDanErinInvalidExpired.dagcbor deleted file mode 100644 index ba90840528194bed2e6f34278b25790b0b0cf819..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 337 zcmZpQaHz{%VJ!2j-chUWZP($%8&5b5rG8zSQ2$l5BW+#9p44?umWx)`-kJV*`6N~E z_%~nosRw=U)A?FIMe+1g8>60h&P9nCE+%go3yVvW6Z7;_a?%|P^$he3bc>Sp43{S- zmZnr#q-3U8Wv5nJRhju_ryE7&8k<)-g_Zi|=I6Oaltw0-o0KL+dOPM;R8{y!m6zZo|6eQ-Qq^9WS<>zMRCFUdp1*Fn#F6kv_78j!$o|j}^ndOt8 zSZV5>=;f1bQEBLEW|kk2?d)ilnq{2rXr7vFk!6}2WLl7&oLrEf(~w+TnuKaZX=!%0 zQE|3Qgim0exu3VOYldZ(Z(d4dTA7PeMMZW=dO>E2mt$d)xvz0SYF>U`a;gslBNH3j(FG|dCF?q{aSX`Q%n5UnTlkQ-sXP{@GTa>J4xI8(r zG^N5KB{Rh;JGIiP%FH)A-6$g0*u2sytkgF*KhHIyG&0%Tq%lelFQ06SN<&vOv;2T;XGgQtEaPlP^VDpMEYsW|(}L{eVGhCjW zSejB{k&>BWm7Q8?Rb}RzooP`X;T9TRXlWdpRGt->SXdG1?BGBt{IkDzIiE;X=N@>6&2Yf=>?f7UXF!H=Dx-Ssd@Q%$*DdJj7-cd LtZeKYoLt-h2%UcO diff --git a/token/delegation/delegationtest/data/TokenErinFrankInvalidExpandedCommand.dagcbor b/token/delegation/delegationtest/data/TokenErinFrank_InvalidExpandedCommand.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenErinFrankInvalidExpandedCommand.dagcbor rename to token/delegation/delegationtest/data/TokenErinFrank_InvalidExpandedCommand.dagcbor diff --git a/token/delegation/delegationtest/data/TokenErinFrank_InvalidExpired.dagcbor b/token/delegation/delegationtest/data/TokenErinFrank_InvalidExpired.dagcbor new file mode 100644 index 0000000000000000000000000000000000000000..ef55b22ca20ba3d320764a8b914a88eb4c0027de GIT binary patch literal 337 zcmZpQa5%j^+gjtV-l>g?7xc_r!FbH8^^}4Ui$wIFx4i~iVk;QzPi}Xab+FEKrNKGV z_IbO%@y+9Stp2^_+uz(ZmbzB=7#1aFxR|_UEG#ZfPR!F!$w_xG)HBdC&@D>VGhCjW zSejB{k&>BWm7Q8?Rb}RzooP`X;T9TRXlWdpRGt->SXdG1?BGBt{IkDzIiE;X=N@>6&2Yf=>?f7UXF!H=Dx-Ssd@Q%$*DdJj7-cd LtZeKYoLt-hqBwrL literal 0 HcmV?d00001 diff --git a/token/delegation/delegationtest/data/TokenErinFrankInvalidInactive.dagcbor b/token/delegation/delegationtest/data/TokenErinFrank_InvalidInactive.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenErinFrankInvalidInactive.dagcbor rename to token/delegation/delegationtest/data/TokenErinFrank_InvalidInactive.dagcbor diff --git a/token/delegation/delegationtest/data/TokenErinFrankInvalidSubject.dagcbor b/token/delegation/delegationtest/data/TokenErinFrank_InvalidSubject.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenErinFrankInvalidSubject.dagcbor rename to token/delegation/delegationtest/data/TokenErinFrank_InvalidSubject.dagcbor diff --git a/token/delegation/delegationtest/data/TokenErinFrankValidAttenuatedCommand.dagcbor b/token/delegation/delegationtest/data/TokenErinFrank_ValidAttenuatedCommand.dagcbor similarity index 100% rename from token/delegation/delegationtest/data/TokenErinFrankValidAttenuatedCommand.dagcbor rename to token/delegation/delegationtest/data/TokenErinFrank_ValidAttenuatedCommand.dagcbor diff --git a/token/delegation/delegationtest/doc.go b/token/delegation/delegationtest/doc.go index be389d1..cb54e64 100644 --- a/token/delegation/delegationtest/doc.go +++ b/token/delegation/delegationtest/doc.go @@ -7,14 +7,14 @@ // // Delegation proof-chain names contain each didtest.Persona name in // order starting with the root delegation (which will always be generated -// by Alice.) This is opposite of the list of cic.Cids that represent the +// by Alice). This is the opposite of the list of cic.Cids that represent the // proof chain. // // For both the generated delegation tokens granted to Carol's Persona and // the proof chains containing Carol's delegations to Dan, if there is no // suffix, the proof chain will be deemed valid. If there is a suffix, it // will consist of either the word "Valid" or "Invalid" and the name of the -// field that has been altered. Only optional fields will generate proof +// field that has been altered. Only optional fields will generate proof // chains with Valid suffixes. // // If changes are made to the list of Personas included in the chain, or @@ -25,9 +25,9 @@ // go test . -update // // Generated delegation Tokens are stored in the data/ directory and loaded -// into the DelegationLoader on the first call to GetDelegationLoader. +// into the delegation.Loader. // Generated references to these tokens and the tokens themselves are -// created in the token_gen.go file. See /token/invocation/invocation_test.go +// created in the token_gen.go file. See /token/invocation/invocation_test.go // for an example of how these delegation tokens and proof-chains can // be used during testing. package delegationtest diff --git a/token/delegation/delegationtest/generator.go b/token/delegation/delegationtest/generator.go new file mode 100644 index 0000000..06fcdc4 --- /dev/null +++ b/token/delegation/delegationtest/generator.go @@ -0,0 +1,227 @@ +package delegationtest + +import ( + "os" + "path/filepath" + "slices" + "time" + + "github.com/dave/jennifer/jen" + "github.com/ipfs/go-cid" + "github.com/libp2p/go-libp2p/core/crypto" + + "github.com/ucan-wg/go-ucan/did" + "github.com/ucan-wg/go-ucan/did/didtest" + "github.com/ucan-wg/go-ucan/pkg/command" + "github.com/ucan-wg/go-ucan/pkg/policy" + "github.com/ucan-wg/go-ucan/token/delegation" +) + +const ( + tokenNamePrefix = "Token" + proorChainNamePrefix = "Proof" +) + +var constantNonce = []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b} + +type newDelegationParams struct { + privKey crypto.PrivKey + aud did.DID + sub did.DID + cmd command.Command + pol policy.Policy + opts []delegation.Option +} + +type token struct { + name string + id cid.Cid +} + +type proof struct { + name string + prf []cid.Cid +} + +type acc struct { + name string + chain []cid.Cid +} + +type variant struct { + name string + variant func(*newDelegationParams) +} + +func noopVariant() variant { + return variant{ + name: "", + variant: func(_ *newDelegationParams) {}, + } +} + +type generator struct { + dlgs []token + chains []proof +} + +func (g *generator) chainPersonas(personas []didtest.Persona, acc acc, vari variant) error { + acc.name += personas[0].Name() + + proofName := acc.name + if len(vari.name) > 0 { + proofName += "_" + vari.name + } + g.createProofChain(proofName, acc.chain) + + if len(personas) < 2 { + return nil + } + + name := personas[0].Name() + personas[1].Name() + + params := newDelegationParams{ + privKey: personas[0].PrivKey(), + aud: personas[1].DID(), + cmd: NominalCommand, + pol: policy.Policy{}, + opts: []delegation.Option{ + delegation.WithSubject(didtest.PersonaAlice.DID()), + delegation.WithNonce(constantNonce), + }, + } + + // Create each nominal token and continue the chain + id, err := g.createDelegation(params, name, vari) + if err != nil { + return err + } + acc.chain = append(acc.chain, id) + err = g.chainPersonas(personas[1:], acc, vari) + if err != nil { + return err + } + + // If the user is Carol, create variants for each invalid and/or optional + // parameter and also continue the chain + if personas[0] == didtest.PersonaCarol { + variants := []variant{ + {name: "InvalidExpandedCommand", variant: func(p *newDelegationParams) { + p.cmd = ExpandedCommand + }}, + {name: "ValidAttenuatedCommand", variant: func(p *newDelegationParams) { + p.cmd = AttenuatedCommand + }}, + {name: "InvalidSubject", variant: func(p *newDelegationParams) { + p.opts = append(p.opts, delegation.WithSubject(didtest.PersonaBob.DID())) + }}, + {name: "InvalidExpired", variant: func(p *newDelegationParams) { + // Note: this makes the generator not deterministic + p.opts = append(p.opts, delegation.WithExpiration(time.Now().Add(time.Second))) + }}, + {name: "InvalidInactive", variant: func(p *newDelegationParams) { + nbf, err := time.Parse(time.RFC3339, "2070-01-01T00:00:00Z") + if err != nil { + panic(err) + } + p.opts = append(p.opts, delegation.WithNotBefore(nbf)) + }}, + } + + // Start a branch in the recursion for each of the variants + for _, v := range variants { + id, err := g.createDelegation(params, name, v) + if err != nil { + return err + } + + // replace the previous Carol token id with the one from the variant + acc.chain[len(acc.chain)-1] = id + err = g.chainPersonas(personas[1:], acc, v) + if err != nil { + return err + } + } + } + return nil +} + +func (g *generator) createDelegation(params newDelegationParams, name string, vari variant) (cid.Cid, error) { + vari.variant(¶ms) + + tkn, err := delegation.New(params.privKey, params.aud, params.cmd, params.pol, params.opts...) + if err != nil { + return cid.Undef, err + } + + data, id, err := tkn.ToSealed(params.privKey) + if err != nil { + return cid.Undef, err + } + + dlgName := tokenNamePrefix + name + if len(vari.name) > 0 { + dlgName += "_" + vari.name + } + + err = os.WriteFile(filepath.Join(tokenDir, dlgName+tokenExt), data, 0o644) + if err != nil { + return cid.Undef, err + } + + g.dlgs = append(g.dlgs, token{ + name: dlgName, + id: id, + }) + + return id, nil +} + +func (g *generator) createProofChain(name string, prf []cid.Cid) { + if len(prf) < 1 { + return + } + + clone := make([]cid.Cid, len(prf)) + copy(clone, prf) + + g.chains = append(g.chains, proof{ + name: proorChainNamePrefix + name, + prf: clone, + }) +} + +func (g *generator) writeGoFile() error { + file := jen.NewFile("delegationtest") + file.HeaderComment("Code generated by delegationtest - DO NOT EDIT.") + + refs := map[cid.Cid]string{} + + for _, d := range g.dlgs { + refs[d.id] = d.name + "CID" + + file.Var().Defs( + jen.Id(d.name+"CID").Op("=").Qual("github.com/ipfs/go-cid", "MustParse").Call(jen.Lit(d.id.String())), + jen.Id(d.name).Op("=").Id("mustGetDelegation").Call(jen.Id(d.name+"CID")), + ) + file.Line() + } + + for _, c := range g.chains { + g := jen.CustomFunc(jen.Options{ + Multi: true, + Separator: ",", + Close: "\n", + }, func(g *jen.Group) { + slices.Reverse(c.prf) + for _, p := range c.prf { + g.Id(refs[p]) + } + }) + + file.Var().Id(c.name).Op("=").Index().Qual("github.com/ipfs/go-cid", "Cid").Values(g) + file.Line() + } + + return file.Save("token_gen.go") +} diff --git a/token/delegation/delegationtest/generator_test.go b/token/delegation/delegationtest/generator_test.go index f5878c2..2c79608 100644 --- a/token/delegation/delegationtest/generator_test.go +++ b/token/delegation/delegationtest/generator_test.go @@ -1,32 +1,14 @@ package delegationtest import ( - "os" - "path/filepath" - "slices" "testing" - "time" - "github.com/dave/jennifer/jen" - "github.com/ipfs/go-cid" - "github.com/libp2p/go-libp2p/core/crypto" "github.com/stretchr/testify/require" - "github.com/ucan-wg/go-ucan/did" - "github.com/ucan-wg/go-ucan/did/didtest" - "github.com/ucan-wg/go-ucan/pkg/command" - "github.com/ucan-wg/go-ucan/pkg/policy" - "github.com/ucan-wg/go-ucan/pkg/policy/policytest" - "github.com/ucan-wg/go-ucan/token/delegation" "gotest.tools/v3/golden" -) -const ( - tokenNamePrefix = "Token" - proorChainNamePrefix = "Proof" + "github.com/ucan-wg/go-ucan/did/didtest" ) -var constantNonce = []byte{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b} - // TestUpdate doesn't actually run a test but uses the Go testing library // to trigger generation of the delegation tokens and associated Go file. func TestUpdate(t *testing.T) { @@ -35,190 +17,10 @@ func TestUpdate(t *testing.T) { } } -type newDelegationParams struct { - privKey crypto.PrivKey - aud did.DID - sub did.DID - cmd command.Command - pol policy.Policy - opts []delegation.Option -} - -type newDelegationParamsVariant func(*newDelegationParams) - -type token struct { - name string - id cid.Cid -} - -type proof struct { - name string - prf []cid.Cid -} - -type generator struct { - dlgs []token - chains []proof -} - -type acc struct { - name string - chain []cid.Cid -} - -type variant struct { - name string - variant func(*newDelegationParams) -} - -func noopVariant() variant { - return variant{ - name: "", - variant: func(_ *newDelegationParams) {}, - } -} - func update(t *testing.T) { t.Helper() gen := &generator{} - gen.chainPersonas(t, didtest.Personas(t), acc{}, noopVariant()) - gen.writeGoFile(t) -} - -func (g *generator) chainPersonas(t *testing.T, personas []didtest.Persona, acc acc, vari variant) { - t.Helper() - - acc.name += personas[0].Name(t) - g.createProofChain(t, acc.name+vari.name, acc.chain) - - if len(personas) < 2 { - return - } - - name := personas[0].Name(t) + personas[1].Name(t) - - params := newDelegationParams{ - privKey: personas[0].PrivKey(t), - aud: personas[1].DID(t), - cmd: NominalCommand, - pol: policytest.EmptyPolicy(t), - opts: []delegation.Option{ - delegation.WithSubject(didtest.PersonaAlice.DID(t)), - delegation.WithNonce(constantNonce), - }, - } - - // Create each nominal token and continue the chain - id := g.createDelegation(t, params, name, vari) - acc.chain = append(acc.chain, id) - g.chainPersonas(t, personas[1:], acc, vari) - - // If the user is Carol, create variants for each invalid and/or optional - // parameter and also continue the chain - if personas[0] == didtest.PersonaCarol { - variants := []variant{ - {name: "InvalidExpandedCommand", variant: func(p *newDelegationParams) { - p.cmd = ExpandedCommand - }}, - {name: "ValidAttenuatedCommand", variant: func(p *newDelegationParams) { - p.cmd = AttenuatedCommand - }}, - {name: "InvalidSubject", variant: func(p *newDelegationParams) { - p.opts = append(p.opts, delegation.WithSubject(didtest.PersonaBob.DID(t))) - }}, - {name: "InvalidExpired", variant: func(p *newDelegationParams) { - p.opts = append(p.opts, delegation.WithExpiration(time.Now().Add(time.Second))) - }}, - {name: "InvalidInactive", variant: func(p *newDelegationParams) { - nbf, err := time.Parse(time.RFC3339, "2070-01-01T00:00:00Z") - require.NoError(t, err) - - p.opts = append(p.opts, delegation.WithNotBefore(nbf)) - }}, - } - - // Start a branch in the recursion for each of the variants - for _, v := range variants { - id := g.createDelegation(t, params, name, v) - - // replace the previous Carol token id with the one from the variant - acc.chain[len(acc.chain)-1] = id - g.chainPersonas(t, personas[1:], acc, v) - } - } -} - -func (g *generator) createDelegation(t *testing.T, params newDelegationParams, name string, vari variant) cid.Cid { - t.Helper() - - vari.variant(¶ms) - - tkn, err := delegation.New(params.privKey, params.aud, params.cmd, params.pol, params.opts...) - require.NoError(t, err) - - data, id, err := tkn.ToSealed(params.privKey) - require.NoError(t, err) - - require.NoError(t, os.WriteFile(filepath.Join(tokenDir, tokenNamePrefix+name+vari.name+tokenExt), data, 0o644)) - - g.dlgs = append(g.dlgs, token{ - name: tokenNamePrefix + name + vari.name, - id: id, - }) - - return id -} - -func (g *generator) createProofChain(t *testing.T, name string, prf []cid.Cid) { - t.Helper() - - if len(prf) < 1 { - return - } - - clone := make([]cid.Cid, len(prf)) - copy(clone, prf) - - g.chains = append(g.chains, proof{ - name: proorChainNamePrefix + name, - prf: clone, - }) -} - -func (g *generator) writeGoFile(t *testing.T) { - t.Helper() - - file := jen.NewFile("delegationtest") - file.HeaderComment("Code generated by delegationtest - DO NOT EDIT.") - - refs := map[cid.Cid]string{} - - for _, d := range g.dlgs { - refs[d.id] = d.name + "CID" - - file.Var().Defs( - jen.Id(d.name+"CID").Op("=").Qual("github.com/ipfs/go-cid", "MustParse").Call(jen.Lit(d.id.String())), - jen.Id(d.name).Op("=").Id("mustGetDelegation").Call(jen.Id(d.name+"CID")), - ) - file.Line() - } - - for _, c := range g.chains { - g := jen.CustomFunc(jen.Options{ - Multi: true, - Separator: ",", - Close: "\n", - }, func(g *jen.Group) { - slices.Reverse(c.prf) - for _, p := range c.prf { - g.Id(refs[p]) - } - }) - - file.Var().Id(c.name).Op("=").Index().Qual("github.com/ipfs/go-cid", "Cid").Values(g) - file.Line() - } - - require.NoError(t, file.Save("token_gen.go")) + require.NoError(t, gen.chainPersonas(didtest.Personas(), acc{}, noopVariant())) + require.NoError(t, gen.writeGoFile()) } diff --git a/token/delegation/delegationtest/token.go b/token/delegation/delegationtest/token.go index 47a77fd..7f3eb7b 100644 --- a/token/delegation/delegationtest/token.go +++ b/token/delegation/delegationtest/token.go @@ -38,27 +38,29 @@ var ProofEmpty = []cid.Cid{} //go:embed data var fs embed.FS -var ( - once sync.Once - ldr delegation.Loader - err error -) - var _ delegation.Loader = (*delegationLoader)(nil) type delegationLoader struct { tokens map[cid.Cid]*delegation.Token } +var ( + once sync.Once + ldr delegation.Loader +) + // GetDelegationLoader returns a singleton instance of a test // DelegationLoader containing all the tokens present in the data/ // directory. -func GetDelegationLoader() (delegation.Loader, error) { +func GetDelegationLoader() delegation.Loader { once.Do(func() { + var err error ldr, err = loadDelegations() + if err != nil { + panic(err) + } }) - - return ldr, err + return ldr } // GetDelegation implements invocation.DelegationLoader. @@ -101,12 +103,7 @@ func loadDelegations() (delegation.Loader, error) { // GetDelegation is a shortcut that gets (or creates) the DelegationLoader // and attempts to return the token referenced by the provided CID. func GetDelegation(id cid.Cid) (*delegation.Token, error) { - ldr, err := GetDelegationLoader() - if err != nil { - return nil, err - } - - return ldr.GetDelegation(id) + return GetDelegationLoader().GetDelegation(id) } func mustGetDelegation(id cid.Cid) *delegation.Token { @@ -114,6 +111,5 @@ func mustGetDelegation(id cid.Cid) *delegation.Token { if err != nil { panic(err) } - return tkn } diff --git a/token/delegation/delegationtest/token_gen.go b/token/delegation/delegationtest/token_gen.go index 469f385..2a24424 100644 --- a/token/delegation/delegationtest/token_gen.go +++ b/token/delegation/delegationtest/token_gen.go @@ -30,78 +30,78 @@ var ( ) var ( - TokenCarolDanInvalidExpandedCommandCID = gocid.MustParse("bafyreid3m3pk53gqgp5rlzqhvpedbwsqbidqlp4yz64vknwbzj7bxrmsr4") - TokenCarolDanInvalidExpandedCommand = mustGetDelegation(TokenCarolDanInvalidExpandedCommandCID) + TokenCarolDan_InvalidExpandedCommandCID = gocid.MustParse("bafyreid3m3pk53gqgp5rlzqhvpedbwsqbidqlp4yz64vknwbzj7bxrmsr4") + TokenCarolDan_InvalidExpandedCommand = mustGetDelegation(TokenCarolDan_InvalidExpandedCommandCID) ) var ( - TokenDanErinInvalidExpandedCommandCID = gocid.MustParse("bafyreifn4sy5onwajx3kqvot5mib6m6xarzrqjozqbzgmzpmc5ox3g2uzm") - TokenDanErinInvalidExpandedCommand = mustGetDelegation(TokenDanErinInvalidExpandedCommandCID) + TokenDanErin_InvalidExpandedCommandCID = gocid.MustParse("bafyreifn4sy5onwajx3kqvot5mib6m6xarzrqjozqbzgmzpmc5ox3g2uzm") + TokenDanErin_InvalidExpandedCommand = mustGetDelegation(TokenDanErin_InvalidExpandedCommandCID) ) var ( - TokenErinFrankInvalidExpandedCommandCID = gocid.MustParse("bafyreidmpgd36jznmq42bs34o4qi3fcbrsh4idkg6ejahudejzwb76fwxe") - TokenErinFrankInvalidExpandedCommand = mustGetDelegation(TokenErinFrankInvalidExpandedCommandCID) + TokenErinFrank_InvalidExpandedCommandCID = gocid.MustParse("bafyreidmpgd36jznmq42bs34o4qi3fcbrsh4idkg6ejahudejzwb76fwxe") + TokenErinFrank_InvalidExpandedCommand = mustGetDelegation(TokenErinFrank_InvalidExpandedCommandCID) ) var ( - TokenCarolDanValidAttenuatedCommandCID = gocid.MustParse("bafyreiekhtm237vyapk3c6voeb5lnz54crebqdqi3x4wn4u4cbrrhzsqfe") - TokenCarolDanValidAttenuatedCommand = mustGetDelegation(TokenCarolDanValidAttenuatedCommandCID) + TokenCarolDan_ValidAttenuatedCommandCID = gocid.MustParse("bafyreiekhtm237vyapk3c6voeb5lnz54crebqdqi3x4wn4u4cbrrhzsqfe") + TokenCarolDan_ValidAttenuatedCommand = mustGetDelegation(TokenCarolDan_ValidAttenuatedCommandCID) ) var ( - TokenDanErinValidAttenuatedCommandCID = gocid.MustParse("bafyreicrvzqferyy7rgo75l5rn6r2nl7zyeexxjmu3dm4ff7rn2coblj4y") - TokenDanErinValidAttenuatedCommand = mustGetDelegation(TokenDanErinValidAttenuatedCommandCID) + TokenDanErin_ValidAttenuatedCommandCID = gocid.MustParse("bafyreicrvzqferyy7rgo75l5rn6r2nl7zyeexxjmu3dm4ff7rn2coblj4y") + TokenDanErin_ValidAttenuatedCommand = mustGetDelegation(TokenDanErin_ValidAttenuatedCommandCID) ) var ( - TokenErinFrankValidAttenuatedCommandCID = gocid.MustParse("bafyreie6fhspk53kplcc2phla3e7z7fzldlbmmpuwk6nbow5q6s2zjmw2q") - TokenErinFrankValidAttenuatedCommand = mustGetDelegation(TokenErinFrankValidAttenuatedCommandCID) + TokenErinFrank_ValidAttenuatedCommandCID = gocid.MustParse("bafyreie6fhspk53kplcc2phla3e7z7fzldlbmmpuwk6nbow5q6s2zjmw2q") + TokenErinFrank_ValidAttenuatedCommand = mustGetDelegation(TokenErinFrank_ValidAttenuatedCommandCID) ) var ( - TokenCarolDanInvalidSubjectCID = gocid.MustParse("bafyreifgksz6756if42tnc6rqsnbaa2u3fdrveo7ek44lnj2d64d5sw26u") - TokenCarolDanInvalidSubject = mustGetDelegation(TokenCarolDanInvalidSubjectCID) + TokenCarolDan_InvalidSubjectCID = gocid.MustParse("bafyreifgksz6756if42tnc6rqsnbaa2u3fdrveo7ek44lnj2d64d5sw26u") + TokenCarolDan_InvalidSubject = mustGetDelegation(TokenCarolDan_InvalidSubjectCID) ) var ( - TokenDanErinInvalidSubjectCID = gocid.MustParse("bafyreibdwew5nypsxrm4fq73wu6hw3lgwwiolj3bi33xdrbgcf3ogm6fty") - TokenDanErinInvalidSubject = mustGetDelegation(TokenDanErinInvalidSubjectCID) + TokenDanErin_InvalidSubjectCID = gocid.MustParse("bafyreibdwew5nypsxrm4fq73wu6hw3lgwwiolj3bi33xdrbgcf3ogm6fty") + TokenDanErin_InvalidSubject = mustGetDelegation(TokenDanErin_InvalidSubjectCID) ) var ( - TokenErinFrankInvalidSubjectCID = gocid.MustParse("bafyreicr364mj3n7x4iyhcksxypelktcqkkw3ptg7ggxtqegw3p3mr6zc4") - TokenErinFrankInvalidSubject = mustGetDelegation(TokenErinFrankInvalidSubjectCID) + TokenErinFrank_InvalidSubjectCID = gocid.MustParse("bafyreicr364mj3n7x4iyhcksxypelktcqkkw3ptg7ggxtqegw3p3mr6zc4") + TokenErinFrank_InvalidSubject = mustGetDelegation(TokenErinFrank_InvalidSubjectCID) ) var ( - TokenCarolDanInvalidExpiredCID = gocid.MustParse("bafyreibgtlioorouqpwr6olk6boc3pprl5tx5xs6zpfnv3pvxtggueofii") - TokenCarolDanInvalidExpired = mustGetDelegation(TokenCarolDanInvalidExpiredCID) + TokenCarolDan_InvalidExpiredCID = gocid.MustParse("bafyreigenypixaxvhzlry5rjnywvjyl4xvzlzxz2ui74uzys7qdhos4bbu") + TokenCarolDan_InvalidExpired = mustGetDelegation(TokenCarolDan_InvalidExpiredCID) ) var ( - TokenDanErinInvalidExpiredCID = gocid.MustParse("bafyreidhq3hjsfrucbecgcjf2nkcgmq3sh3m5gjxz23vzcaynozs5p3uh4") - TokenDanErinInvalidExpired = mustGetDelegation(TokenDanErinInvalidExpiredCID) + TokenDanErin_InvalidExpiredCID = gocid.MustParse("bafyreifvnfb7zqocpdysedcvjkb4y7tqfuziuqjhbbdoay4zg33pwpbzqi") + TokenDanErin_InvalidExpired = mustGetDelegation(TokenDanErin_InvalidExpiredCID) ) var ( - TokenErinFrankInvalidExpiredCID = gocid.MustParse("bafyreido4om3y3ttkmp4c4gxm6pqug76vu3aekb666vdp6zewpvir5zs7u") - TokenErinFrankInvalidExpired = mustGetDelegation(TokenErinFrankInvalidExpiredCID) + TokenErinFrank_InvalidExpiredCID = gocid.MustParse("bafyreicvydzt3obkqx7krmoi3zu4tlirlksibxfks5jc7vlvjxjamv2764") + TokenErinFrank_InvalidExpired = mustGetDelegation(TokenErinFrank_InvalidExpiredCID) ) var ( - TokenCarolDanInvalidInactiveCID = gocid.MustParse("bafyreicea5y2nvlitvxijkupeavtg23i7ktjk3uejnaquguurzptiabk4u") - TokenCarolDanInvalidInactive = mustGetDelegation(TokenCarolDanInvalidInactiveCID) + TokenCarolDan_InvalidInactiveCID = gocid.MustParse("bafyreicea5y2nvlitvxijkupeavtg23i7ktjk3uejnaquguurzptiabk4u") + TokenCarolDan_InvalidInactive = mustGetDelegation(TokenCarolDan_InvalidInactiveCID) ) var ( - TokenDanErinInvalidInactiveCID = gocid.MustParse("bafyreifsgqzkmxj2vexuts3z766mwcjreiisjg2jykyzf7tbj5sclutpvq") - TokenDanErinInvalidInactive = mustGetDelegation(TokenDanErinInvalidInactiveCID) + TokenDanErin_InvalidInactiveCID = gocid.MustParse("bafyreifsgqzkmxj2vexuts3z766mwcjreiisjg2jykyzf7tbj5sclutpvq") + TokenDanErin_InvalidInactive = mustGetDelegation(TokenDanErin_InvalidInactiveCID) ) var ( - TokenErinFrankInvalidInactiveCID = gocid.MustParse("bafyreifbfegon24c6dndiqyktahzs65vhyasrygbw7nhsvojn6distsdre") - TokenErinFrankInvalidInactive = mustGetDelegation(TokenErinFrankInvalidInactiveCID) + TokenErinFrank_InvalidInactiveCID = gocid.MustParse("bafyreifbfegon24c6dndiqyktahzs65vhyasrygbw7nhsvojn6distsdre") + TokenErinFrank_InvalidInactive = mustGetDelegation(TokenErinFrank_InvalidInactiveCID) ) var ProofAliceBob = []gocid.Cid{ @@ -134,107 +134,107 @@ var ProofAliceBobCarolDanErinFrank = []gocid.Cid{ TokenAliceBobCID, } -var ProofAliceBobCarolDanInvalidExpandedCommand = []gocid.Cid{ - TokenCarolDanInvalidExpandedCommandCID, +var ProofAliceBobCarolDan_InvalidExpandedCommand = []gocid.Cid{ + TokenCarolDan_InvalidExpandedCommandCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinInvalidExpandedCommand = []gocid.Cid{ - TokenDanErinInvalidExpandedCommandCID, - TokenCarolDanInvalidExpandedCommandCID, +var ProofAliceBobCarolDanErin_InvalidExpandedCommand = []gocid.Cid{ + TokenDanErin_InvalidExpandedCommandCID, + TokenCarolDan_InvalidExpandedCommandCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinFrankInvalidExpandedCommand = []gocid.Cid{ - TokenErinFrankInvalidExpandedCommandCID, - TokenDanErinInvalidExpandedCommandCID, - TokenCarolDanInvalidExpandedCommandCID, +var ProofAliceBobCarolDanErinFrank_InvalidExpandedCommand = []gocid.Cid{ + TokenErinFrank_InvalidExpandedCommandCID, + TokenDanErin_InvalidExpandedCommandCID, + TokenCarolDan_InvalidExpandedCommandCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanValidAttenuatedCommand = []gocid.Cid{ - TokenCarolDanValidAttenuatedCommandCID, +var ProofAliceBobCarolDan_ValidAttenuatedCommand = []gocid.Cid{ + TokenCarolDan_ValidAttenuatedCommandCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinValidAttenuatedCommand = []gocid.Cid{ - TokenDanErinValidAttenuatedCommandCID, - TokenCarolDanValidAttenuatedCommandCID, +var ProofAliceBobCarolDanErin_ValidAttenuatedCommand = []gocid.Cid{ + TokenDanErin_ValidAttenuatedCommandCID, + TokenCarolDan_ValidAttenuatedCommandCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinFrankValidAttenuatedCommand = []gocid.Cid{ - TokenErinFrankValidAttenuatedCommandCID, - TokenDanErinValidAttenuatedCommandCID, - TokenCarolDanValidAttenuatedCommandCID, +var ProofAliceBobCarolDanErinFrank_ValidAttenuatedCommand = []gocid.Cid{ + TokenErinFrank_ValidAttenuatedCommandCID, + TokenDanErin_ValidAttenuatedCommandCID, + TokenCarolDan_ValidAttenuatedCommandCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanInvalidSubject = []gocid.Cid{ - TokenCarolDanInvalidSubjectCID, +var ProofAliceBobCarolDan_InvalidSubject = []gocid.Cid{ + TokenCarolDan_InvalidSubjectCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinInvalidSubject = []gocid.Cid{ - TokenDanErinInvalidSubjectCID, - TokenCarolDanInvalidSubjectCID, +var ProofAliceBobCarolDanErin_InvalidSubject = []gocid.Cid{ + TokenDanErin_InvalidSubjectCID, + TokenCarolDan_InvalidSubjectCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinFrankInvalidSubject = []gocid.Cid{ - TokenErinFrankInvalidSubjectCID, - TokenDanErinInvalidSubjectCID, - TokenCarolDanInvalidSubjectCID, +var ProofAliceBobCarolDanErinFrank_InvalidSubject = []gocid.Cid{ + TokenErinFrank_InvalidSubjectCID, + TokenDanErin_InvalidSubjectCID, + TokenCarolDan_InvalidSubjectCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanInvalidExpired = []gocid.Cid{ - TokenCarolDanInvalidExpiredCID, +var ProofAliceBobCarolDan_InvalidExpired = []gocid.Cid{ + TokenCarolDan_InvalidExpiredCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinInvalidExpired = []gocid.Cid{ - TokenDanErinInvalidExpiredCID, - TokenCarolDanInvalidExpiredCID, +var ProofAliceBobCarolDanErin_InvalidExpired = []gocid.Cid{ + TokenDanErin_InvalidExpiredCID, + TokenCarolDan_InvalidExpiredCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinFrankInvalidExpired = []gocid.Cid{ - TokenErinFrankInvalidExpiredCID, - TokenDanErinInvalidExpiredCID, - TokenCarolDanInvalidExpiredCID, +var ProofAliceBobCarolDanErinFrank_InvalidExpired = []gocid.Cid{ + TokenErinFrank_InvalidExpiredCID, + TokenDanErin_InvalidExpiredCID, + TokenCarolDan_InvalidExpiredCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanInvalidInactive = []gocid.Cid{ - TokenCarolDanInvalidInactiveCID, +var ProofAliceBobCarolDan_InvalidInactive = []gocid.Cid{ + TokenCarolDan_InvalidInactiveCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinInvalidInactive = []gocid.Cid{ - TokenDanErinInvalidInactiveCID, - TokenCarolDanInvalidInactiveCID, +var ProofAliceBobCarolDanErin_InvalidInactive = []gocid.Cid{ + TokenDanErin_InvalidInactiveCID, + TokenCarolDan_InvalidInactiveCID, TokenBobCarolCID, TokenAliceBobCID, } -var ProofAliceBobCarolDanErinFrankInvalidInactive = []gocid.Cid{ - TokenErinFrankInvalidInactiveCID, - TokenDanErinInvalidInactiveCID, - TokenCarolDanInvalidInactiveCID, +var ProofAliceBobCarolDanErinFrank_InvalidInactive = []gocid.Cid{ + TokenErinFrank_InvalidInactiveCID, + TokenDanErin_InvalidInactiveCID, + TokenCarolDan_InvalidInactiveCID, TokenBobCarolCID, TokenAliceBobCID, } diff --git a/token/delegation/delegationtest/token_test.go b/token/delegation/delegationtest/token_test.go index fde6749..b24a02c 100644 --- a/token/delegation/delegationtest/token_test.go +++ b/token/delegation/delegationtest/token_test.go @@ -12,8 +12,6 @@ import ( ) func TestGetDelegation(t *testing.T) { - t.Parallel() - t.Run("passes with valid CID", func(t *testing.T) { t.Parallel() diff --git a/token/invocation/invocation_test.go b/token/invocation/invocation_test.go index ea0ba2a..20ce554 100644 --- a/token/invocation/invocation_test.go +++ b/token/invocation/invocation_test.go @@ -39,7 +39,7 @@ func TestToken_ExecutionAllowed(t *testing.T) { t.Run("passes - proof chain attenuates command", func(t *testing.T) { t.Parallel() - testPasses(t, didtest.PersonaFrank, delegationtest.AttenuatedCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrankValidAttenuatedCommand) + testPasses(t, didtest.PersonaFrank, delegationtest.AttenuatedCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrank_ValidAttenuatedCommand) }) t.Run("passes - invocation attenuates command", func(t *testing.T) { @@ -67,14 +67,14 @@ func TestToken_ExecutionAllowed(t *testing.T) { t.Run("fails - referenced delegation expired", func(t *testing.T) { t.Parallel() - testFails(t, invocation.ErrTokenInvalidNow, didtest.PersonaFrank, delegationtest.NominalCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrankInvalidExpired) + testFails(t, invocation.ErrTokenInvalidNow, didtest.PersonaFrank, delegationtest.NominalCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrank_InvalidExpired) }) t.Run("fails - referenced delegation inactive", func(t *testing.T) { t.Parallel() - testFails(t, invocation.ErrTokenInvalidNow, didtest.PersonaFrank, delegationtest.NominalCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrankInvalidInactive) + testFails(t, invocation.ErrTokenInvalidNow, didtest.PersonaFrank, delegationtest.NominalCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrank_InvalidInactive) }) t.Run("fails - last (or only) delegation not root", func(t *testing.T) { @@ -101,7 +101,7 @@ func TestToken_ExecutionAllowed(t *testing.T) { t.Run("fails - proof chain expands command", func(t *testing.T) { t.Parallel() - testFails(t, invocation.ErrCommandNotCovered, didtest.PersonaFrank, delegationtest.NominalCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrankInvalidExpandedCommand) + testFails(t, invocation.ErrCommandNotCovered, didtest.PersonaFrank, delegationtest.NominalCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrank_InvalidExpandedCommand) }) t.Run("fails - invocation expands command", func(t *testing.T) { @@ -113,20 +113,19 @@ func TestToken_ExecutionAllowed(t *testing.T) { t.Run("fails - inconsistent subject", func(t *testing.T) { t.Parallel() - testFails(t, invocation.ErrWrongSub, didtest.PersonaFrank, delegationtest.ExpandedCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrankInvalidSubject) + testFails(t, invocation.ErrWrongSub, didtest.PersonaFrank, delegationtest.ExpandedCommand, emptyArguments, delegationtest.ProofAliceBobCarolDanErinFrank_InvalidSubject) }) } func test(t *testing.T, persona didtest.Persona, cmd command.Command, args *args.Args, prf []cid.Cid, opts ...invocation.Option) error { t.Helper() - tkn, err := invocation.New(persona.DID(t), didtest.PersonaAlice.DID(t), cmd, prf, opts...) + // TODO: use the args and add minimal test to check that they are verified against the policy + + tkn, err := invocation.New(persona.DID(), didtest.PersonaAlice.DID(), cmd, prf, opts...) require.NoError(t, err) - ldr, err := delegationtest.GetDelegationLoader() - require.NoError(t, err) - - return tkn.ExecutionAllowed(ldr) + return tkn.ExecutionAllowed(delegationtest.GetDelegationLoader()) } func testFails(t *testing.T, expErr error, persona didtest.Persona, cmd command.Command, args *args.Args, prf []cid.Cid, opts ...invocation.Option) {