apisix/t/plugin/aws-lambda.t

300 lines
8.4 KiB
Perl
Vendored

#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
use t::APISIX 'no_plan';
repeat_each(1);
no_long_string();
no_root_location();
no_shuffle();
add_block_preprocessor(sub {
my ($block) = @_;
my $inside_lua_block = $block->inside_lua_block // "";
chomp($inside_lua_block);
my $http_config = $block->http_config // <<_EOC_;
server {
listen 8765;
location /httptrigger {
content_by_lua_block {
ngx.req.read_body()
local msg = "aws lambda invoked"
ngx.header['Content-Length'] = #msg + 1
ngx.header['Connection'] = "Keep-Alive"
ngx.say(msg)
}
}
location /generic {
content_by_lua_block {
$inside_lua_block
}
}
}
_EOC_
$block->set_value("http_config", $http_config);
if (!$block->request) {
$block->set_value("request", "GET /t");
}
if (!$block->no_error_log && !$block->error_log) {
$block->set_value("no_error_log", "[error]\n[alert]");
}
});
run_tests;
__DATA__
=== TEST 1: checking iam schema
--- config
location /t {
content_by_lua_block {
local plugin = require("apisix.plugins.aws-lambda")
local ok, err = plugin.check_schema({
function_uri = "https://api.amazonaws.com",
authorization = {
iam = {
accesskey = "key1",
secretkey = "key2"
}
}
})
if not ok then
ngx.say(err)
else
ngx.say("done")
end
}
}
--- response_body
done
=== TEST 2: missing fields in iam schema
--- config
location /t {
content_by_lua_block {
local plugin = require("apisix.plugins.aws-lambda")
local ok, err = plugin.check_schema({
function_uri = "https://api.amazonaws.com",
authorization = {
iam = {
secretkey = "key2"
}
}
})
if not ok then
ngx.say(err)
else
ngx.say("done")
end
}
}
--- response_body
property "authorization" validation failed: property "iam" validation failed: property "accesskey" is required
=== TEST 3: create route with aws plugin enabled
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"plugins": {
"aws-lambda": {
"function_uri": "http://localhost:8765/httptrigger",
"authorization": {
"apikey" : "testkey"
}
}
},
"uri": "/aws"
}]],
[[{
"node": {
"value": {
"plugins": {
"aws-lambda": {
"keepalive": true,
"timeout": 3000,
"ssl_verify": true,
"keepalive_timeout": 60000,
"keepalive_pool": 5,
"function_uri": "http://localhost:8765/httptrigger",
"authorization": {
"apikey": "testkey"
}
}
},
"uri": "/aws"
},
"key": "/apisix/routes/1"
},
"action": "set"
}]]
)
if code >= 300 then
ngx.status = code
ngx.say("fail")
return
end
ngx.say(body)
}
}
--- response_body
passed
=== TEST 4: test plugin endpoint
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local core = require("apisix.core")
local code, _, body, headers = t("/aws", "GET")
if code >= 300 then
ngx.status = code
ngx.say(body)
return
end
-- headers proxied 2 times -- one by plugin, another by this test case
core.response.set_header(headers)
ngx.print(body)
}
}
--- response_body
aws lambda invoked
--- response_headers
Content-Length: 19
=== TEST 5: check authz header - apikey
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
-- passing an apikey
local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"plugins": {
"aws-lambda": {
"function_uri": "http://localhost:8765/generic",
"authorization": {
"apikey": "test_key"
}
}
},
"uri": "/aws"
}]]
)
if code >= 300 then
ngx.status = code
ngx.say("fail")
return
end
ngx.say(body)
local code, _, body = t("/aws", "GET")
if code >= 300 then
ngx.status = code
ngx.say(body)
return
end
ngx.print(body)
}
}
--- inside_lua_block
local headers = ngx.req.get_headers() or {}
ngx.say("Authz-Header - " .. headers["x-api-key"] or "")
--- response_body
passed
Authz-Header - test_key
=== TEST 6: check authz header - IAM v4 signing
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
-- passing the iam access and secret keys
local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"plugins": {
"aws-lambda": {
"function_uri": "http://localhost:8765/generic",
"authorization": {
"iam": {
"accesskey": "KEY1",
"secretkey": "KeySecret"
}
}
}
},
"uri": "/aws"
}]]
)
if code >= 300 then
ngx.status = code
ngx.say("fail")
return
end
ngx.say(body)
local code, _, body, headers = t("/aws", "GET")
if code >= 300 then
ngx.status = code
ngx.say(body)
return
end
ngx.print(body)
}
}
--- inside_lua_block
local headers = ngx.req.get_headers() or {}
ngx.say("Authz-Header - " .. headers["Authorization"] or "")
ngx.say("AMZ-Date - " .. headers["X-Amz-Date"] or "")
ngx.print("invoked")
--- response_body eval
qr/passed
Authz-Header - AWS4-HMAC-SHA256 [ -~]*
AMZ-Date - [\d]+T[\d]+Z
invoked/