1package sarama 2 3import ( 4 "errors" 5 "testing" 6 7 krbcfg "gopkg.in/jcmturner/gokrb5.v7/config" 8 "gopkg.in/jcmturner/gokrb5.v7/test/testdata" 9) 10 11/* 12 * Minimum requirement for client creation 13 * we are not testing the client itself, we only test that the client is created 14 * properly. 15 * 16 */ 17 18func TestFaildToCreateKerberosConfig(t *testing.T) { 19 expectedErr := errors.New("configuration file could not be opened: krb5.conf open krb5.conf: no such file or directory") 20 clientConfig := NewConfig() 21 clientConfig.Net.SASL.Mechanism = SASLTypeGSSAPI 22 clientConfig.Net.SASL.Enable = true 23 clientConfig.Net.SASL.GSSAPI.ServiceName = "kafka" 24 clientConfig.Net.SASL.GSSAPI.Realm = "EXAMPLE.COM" 25 clientConfig.Net.SASL.GSSAPI.Username = "client" 26 clientConfig.Net.SASL.GSSAPI.AuthType = KRB5_USER_AUTH 27 clientConfig.Net.SASL.GSSAPI.Password = "qwerty" 28 clientConfig.Net.SASL.GSSAPI.KerberosConfigPath = "krb5.conf" 29 _, err := NewKerberosClient(&clientConfig.Net.SASL.GSSAPI) 30 // Expect to create client with password 31 if err.Error() != expectedErr.Error() { 32 t.Errorf("Expected error:%s, got:%s.", err, expectedErr) 33 } 34} 35 36func TestCreateWithPassword(t *testing.T) { 37 kerberosConfig, err := krbcfg.NewConfigFromString(testdata.TEST_KRB5CONF) 38 if err != nil { 39 t.Fatal(err) 40 } 41 expectedDoman := "EXAMPLE.COM" 42 expectedCName := "client" 43 44 clientConfig := NewConfig() 45 clientConfig.Net.SASL.Mechanism = SASLTypeGSSAPI 46 clientConfig.Net.SASL.Enable = true 47 clientConfig.Net.SASL.GSSAPI.ServiceName = "kafka" 48 clientConfig.Net.SASL.GSSAPI.Realm = "EXAMPLE.COM" 49 clientConfig.Net.SASL.GSSAPI.Username = "client" 50 clientConfig.Net.SASL.GSSAPI.AuthType = KRB5_USER_AUTH 51 clientConfig.Net.SASL.GSSAPI.Password = "qwerty" 52 clientConfig.Net.SASL.GSSAPI.KerberosConfigPath = "/etc/krb5.conf" 53 client, _ := createClient(&clientConfig.Net.SASL.GSSAPI, kerberosConfig) 54 // Expect to create client with password 55 if client == nil { 56 t.Errorf("Expected client not nil") 57 } 58 if client.Domain() != expectedDoman { 59 t.Errorf("Client domain: %s, got: %s", expectedDoman, client.Domain()) 60 } 61 if client.CName().NameString[0] != expectedCName { 62 t.Errorf("Client domain:%s, got: %s", expectedCName, client.CName().NameString[0]) 63 } 64} 65 66func TestCreateWithKeyTab(t *testing.T) { 67 kerberosConfig, err := krbcfg.NewConfigFromString(testdata.TEST_KRB5CONF) 68 if err != nil { 69 t.Fatal(err) 70 } 71 // Expect to try to create a client with keytab and fails with "o such file or directory" error 72 expectedErr := errors.New("open nonexist.keytab: no such file or directory") 73 clientConfig := NewConfig() 74 clientConfig.Net.SASL.Mechanism = SASLTypeGSSAPI 75 clientConfig.Net.SASL.Enable = true 76 clientConfig.Net.SASL.GSSAPI.ServiceName = "kafka" 77 clientConfig.Net.SASL.GSSAPI.Realm = "EXAMPLE.COM" 78 clientConfig.Net.SASL.GSSAPI.Username = "client" 79 clientConfig.Net.SASL.GSSAPI.AuthType = KRB5_KEYTAB_AUTH 80 clientConfig.Net.SASL.GSSAPI.KeyTabPath = "nonexist.keytab" 81 clientConfig.Net.SASL.GSSAPI.KerberosConfigPath = "/etc/krb5.conf" 82 _, err = createClient(&clientConfig.Net.SASL.GSSAPI, kerberosConfig) 83 if err.Error() != expectedErr.Error() { 84 t.Errorf("Expected error:%s, got:%s.", err, expectedErr) 85 } 86} 87