From e10187f3d7fae99e5bc7c0baa0e5984dfb5104fd Mon Sep 17 00:00:00 2001
From: Sarvani Vakkalanka <vakkalanka@google.com>
Date: Thu, 16 Feb 2017 10:45:01 -0800
Subject: [PATCH] t-test changes to check that x-endpoint-api-userinfo is
 received by grpc service.

---
 src/nginx/t/grpc_auth_pkey.t       |  5 ++++
 src/nginx/t/transcoding_metadata.t | 43 +++++++++++++++++++++++++++++-
 test/grpc/client-test-lib.cc       |  7 +++++
 test/grpc/grpc-test.proto          |  6 +++++
 4 files changed, 60 insertions(+), 1 deletion(-)

diff --git a/src/nginx/t/grpc_auth_pkey.t b/src/nginx/t/grpc_auth_pkey.t
index 00184ad41..b47b444d0 100644
--- a/src/nginx/t/grpc_auth_pkey.t
+++ b/src/nginx/t/grpc_auth_pkey.t
@@ -134,6 +134,7 @@ plans {
     request {
       text: "Hello, world!"
     }
+    expected_metadata_keys: ["x-endpoint-api-userinfo"]
   }
 }
 EOF
@@ -157,6 +158,10 @@ results {
   echo {
     text: "Hello, world!"
   }
+  additional_metadata {
+    key: "x-endpoint-api-userinfo"
+    value: "eyJpc3N1ZXIiOiI2Mjg2NDU3NDE4ODEtbm9hYml1MjNmNWE4bThvdmQ4dWN2Njk4bGo3OHZ2MGxAZGV2ZWxvcGVyLmdzZXJ2aWNlYWNjb3VudC5jb20iLCJpZCI6IjYyODY0NTc0MTg4MS1ub2FiaXUyM2Y1YThtOG92ZDh1Y3Y2OThsajc4dnYwbEBkZXZlbG9wZXIuZ3NlcnZpY2VhY2NvdW50LmNvbSJ9"
+  }
 }
 EOF
 is($test_results, $test_results_expected, 'Client tests completed as expected.');
diff --git a/src/nginx/t/transcoding_metadata.t b/src/nginx/t/transcoding_metadata.t
index 92edbbf1d..b8fb1d23e 100644
--- a/src/nginx/t/transcoding_metadata.t
+++ b/src/nginx/t/transcoding_metadata.t
@@ -30,6 +30,7 @@ use warnings;
 ################################################################################
 
 use src::nginx::t::ApiManager;   # Must be first (sets up import path to the Nginx test module)
+use src::nginx::t::Auth;
 use src::nginx::t::HttpServer;
 use src::nginx::t::ServiceControl;
 use Test::Nginx;  # Imports Nginx's test module
@@ -42,8 +43,9 @@ use JSON::PP;
 my $NginxPort = ApiManager::pick_port();
 my $ServiceControlPort = ApiManager::pick_port();
 my $GrpcServerPort = ApiManager::pick_port();
+my $PubkeyPort = ApiManager::pick_port();
 
-my $t = Test::Nginx->new()->has(qw/http proxy/)->plan(7);
+my $t = Test::Nginx->new()->has(qw/http proxy/)->plan(8);
 
 $t->write_file('service.pb.txt',
         ApiManager::get_grpc_test_service_config($GrpcServerPort) .
@@ -51,6 +53,20 @@ $t->write_file('service.pb.txt',
 control {
   environment: "http://127.0.0.1:${ServiceControlPort}"
 }
+authentication {
+  providers {
+    id: "test_auth"
+    issuer: "628645741881-noabiu23f5a8m8ovd8ucv698lj78vv0l\@developer.gserviceaccount.com"
+    jwks_uri: "http://127.0.0.1:${PubkeyPort}/pubkey"
+  }
+  rules {
+    selector: "test.grpc.Test.Echo"
+    requirements {
+      provider_id: "test_auth"
+      audiences: "ok_audience_1,ok_audience_2"
+    }
+  }
+}
 EOF
 
 $t->write_file_expand('nginx.conf', <<EOF);
@@ -76,6 +92,10 @@ http {
 }
 EOF
 
+my $pkey_jwk = Auth::get_public_key_jwk;
+my $auth_token = Auth::get_auth_token('./src/nginx/t/matching-client-secret.json', 'ok_audience_1');
+
+$t->run_daemon(\&pubkey, $t, $PubkeyPort, $pkey_jwk, 'pubkey.log');
 $t->run_daemon(\&service_control, $t, $ServiceControlPort, 'servicecontrol.log');
 $t->run_daemon(\&ApiManager::grpc_test_server, $t, "127.0.0.1:${GrpcServerPort}");
 
@@ -100,6 +120,7 @@ my $content_length = length($request);
 my $response = ApiManager::http($NginxPort,<<EOF . $request);
 POST /echo?key=api-key HTTP/1.0
 Host: 127.0.0.1:${NginxPort}
+Authorization: Bearer $auth_token
 Content-Type: application/json
 Content-Length: $content_length
 client-text: text
@@ -112,9 +133,12 @@ $t->stop_daemons();
 my ($headers, $actual_body) = split /\r\n\r\n/, $response, 2;
 
 my $json_response = decode_json($actual_body);
+my $expected_userinfo = "ZXlKcGMzTjFaWElpT2lJMk1qZzJORFUzTkRFNE9ERXRibTloWW1sMU1qTm1OV0U0YlRodmRtUTRkV04yTmprNGJHbzNPSFoyTUd4QVpHVjJaV3h2Y0dWeUxtZHpaWEoyYVdObFlXTmpiM1Z1ZEM1amIyMGlMQ0pwWkNJNklqWXlPRFkwTlRjME1UZzRNUzF1YjJGaWFYVXlNMlkxWVRodE9HOTJaRGgxWTNZMk9UaHNhamM0ZG5Zd2JFQmtaWFpsYkc5d1pYSXVaM05sY25acFkyVmhZMk52ZFc1MExtTnZiU0o5";
 
 is('dGV4dA==', $json_response->{receivedMetadata}->{'client-text'}, "Received client-text metadata");
 is('YmluYXJ5', $json_response->{receivedMetadata}->{'client-binary-bin'}, "Received client-binary metadata");
+is($expected_userinfo, $json_response->{receivedMetadata}->{'x-endpoint-api-userinfo'}, "Received x-endpoint-api-userinfo");
+
 like($headers, qr/initial-text: text/, "Server returns initial text metadata");
 like($headers, qr/initial-binary-bin: YmluYXJ5/, "Server returns initial binary metadata");
 
@@ -143,3 +167,20 @@ EOF
 }
 
 ################################################################################
+
+sub pubkey {
+  my ($t, $port, $pkey, $file) = @_;
+  my $server = HttpServer->new($port, $t->testdir() . '/' . $file)
+    or die "Can't create test server socket: $!\n";
+  local $SIG{PIPE} = 'IGNORE';
+
+  $server->on('GET', '/pubkey', <<"EOF");
+HTTP/1.1 200 OK
+Connection: close
+
+$pkey
+EOF
+
+  $server->run();
+}
+
diff --git a/test/grpc/client-test-lib.cc b/test/grpc/client-test-lib.cc
index f638b2296..6af06ef56 100644
--- a/test/grpc/client-test-lib.cc
+++ b/test/grpc/client-test-lib.cc
@@ -197,6 +197,13 @@ class Echo {
             result.mutable_echo()->set_verified_metadata(verified_metadata);
             ok &= metadata_results->size() == 0;
           }
+
+          for (auto key : echo->desc_.expected_metadata_keys()) {
+            auto it = echo->response_.received_metadata().find(key);
+            if (it != echo->response_.received_metadata().end()) {
+              (*(result.mutable_additional_metadata()))[key] = it->second;
+            }
+          }
           done(ok, result);
         }));
   }
diff --git a/test/grpc/grpc-test.proto b/test/grpc/grpc-test.proto
index c9ada43fc..08f755538 100644
--- a/test/grpc/grpc-test.proto
+++ b/test/grpc/grpc-test.proto
@@ -102,6 +102,9 @@ message EchoTest {
 
   // The final RPC status to expect in the response.
   CallStatus expected_status = 3;
+
+  // The expected metadata keys that the grpc server should receive.
+  repeated string expected_metadata_keys = 4;
 }
 
 message EchoResult {
@@ -347,6 +350,9 @@ message TestResult {
     ProbeUpstreamMessageLimitResult probe_upstream_message_limit = 7;
     EchoReportResult echo_report = 8;
   }
+
+  // Additional metadata that can be added by ESP during the Check processing.
+  map<string, bytes> additional_metadata = 9;
 }
 
 // Test results.