public void TestEC2InstanceMetadataSecureCredentialsRetry()
{
var token = "ValidToken";
var responses = new List <MultipleResponseServlet.Response>();
responses.Add(TokenFetchResponse(string.Empty, HttpStatusCode.ServiceUnavailable));
responses.Add(TokenFetchResponse(token, HttpStatusCode.OK));
responses.Add(MetadataGetSecurityCredentialsResponse("Item1", token, HttpStatusCode.ServiceUnavailable));
responses.Add(MetadataGetSecurityCredentialsResponse("Item1", token, HttpStatusCode.OK));
responses.Add(TokenFetchResponse(token, HttpStatusCode.OK));
responses.Add(MetadataGetSecurityCredentialsResponse("{\"AccessKeyId\": \"value1\", \"SecretAccessKey\": \"value2\", \"Token\": \"value3\"}",
token, HttpStatusCode.OK));
using (var servlet = new MultipleResponseServlet())
{
SetupResponseHandler(servlet, responses);
var metadata = GetSecurityCredentials(servlet);
Assert.IsNotNull(metadata);
Assert.AreEqual(1, metadata.Count);
Assert.IsTrue(metadata.ContainsKey("Item1"));
var creds = metadata["Item1"];
Assert.AreEqual("value1", creds.AccessKeyId);
Assert.AreEqual("value2", creds.SecretAccessKey);
Assert.AreEqual("value3", creds.Token);
}
}
public void TestEC2InstanceMetadataInsecureCredentialsFallbackToken()
{
var failFastStatusCodes = new HttpStatusCode[]
{
HttpStatusCode.NotFound,
HttpStatusCode.Forbidden,
HttpStatusCode.MethodNotAllowed
};
for (var statusCodeIndex = 0; statusCodeIndex < failFastStatusCodes.Length; statusCodeIndex++)
{
ResetUseNullToken();
var token = string.Empty;
var responses = new List <MultipleResponseServlet.Response>();
responses.Add(TokenFetchResponse(token, failFastStatusCodes[statusCodeIndex]));
responses.Add(MetadataGetSecurityCredentialsResponse("Item1", token, HttpStatusCode.OK));
responses.Add(MetadataGetSecurityCredentialsResponse("{\"AccessKeyId\": \"value1\", \"SecretAccessKey\": \"value2\", \"Token\": \"value3\"}",
token, HttpStatusCode.OK));
using (var servlet = new MultipleResponseServlet())
{
SetupResponseHandler(servlet, responses);
var metadata = GetSecurityCredentials(servlet);
Assert.IsNotNull(metadata);
Assert.AreEqual(1, metadata.Count);
Assert.IsTrue(metadata.ContainsKey("Item1"));
var creds = metadata["Item1"];
Assert.AreEqual("value1", creds.AccessKeyId);
Assert.AreEqual("value2", creds.SecretAccessKey);
Assert.AreEqual("value3", creds.Token);
}
}
}
public void TestEC2InstanceMetadataAPIToken400BadRequest()
{
var responses = new List <MultipleResponseServlet.Response>();
//DEFAULT_RETRIES of 3 for the metadata call for getting a token when BadRequest is used.
responses.Add(TokenFetchResponse(string.Empty, HttpStatusCode.BadRequest));
responses.Add(TokenFetchResponse(string.Empty, HttpStatusCode.BadRequest));
responses.Add(TokenFetchResponse(string.Empty, HttpStatusCode.BadRequest));
using (var servlet = new MultipleResponseServlet())
{
SetupResponseHandler(servlet, responses);
try
{
var metadata = GetSecurityCredentials(servlet);
}
catch (WebException wex)
{
var response = wex.Response as HttpWebResponse;
Assert.IsNotNull(response);
Assert.AreEqual(HttpStatusCode.BadRequest, response.StatusCode);
throw;
}
}
}
/// <summary>
/// Background Info:- Each retry request requires 5 capacity. On successful retry response 5 would be put back into the
/// capacity. On a successful response which is not a retry request 1 is added to the capacity. The capacity has a max cap
/// that is not exceeded.
/// Dependency:- This test depends on the file ListObjectsResponse.xml which contains a sample success ListObject response.
/// This Integration test works in three phases.
/// Phase 1. Keeping in mind that we can make a 100 requests with the current set configurations, 500 requests are made
/// to a mock servlet which returns back a 500 error which leads to 500 retry requests. As the capacity can only handle
/// a 100, this leads to the capacity getting depleted. An assert proves the number of retry requests that was made.
/// Phase 2. With the capacity completely entry, phase 2 makes 500 requests for which the mock servlet returns a success
/// response. This puts back enough capacity to make a 100 retry requests.
/// Phase 3. Phase 1 is repeated again with an assert to prove that Phase 2 added the said capacity.
/// </summary>
public void S3CapacityManagerIntegrationTest()
{
int TotalRequests = 500;
int RetryRequests = 100;
int ExtraRequests = TotalRequests - RetryRequests;
requestCount = 0;
var retryFlag = true;
using (MultipleResponseServlet servlet = new MultipleResponseServlet())
{
servlet.OnRequest += path =>
{
requestCount++;
if (retryFlag)
{
return(new MultipleResponseServlet.Response
{
Contents = "foo",
Headers = new Dictionary <string, string>(),
StatusCode = 500
});
}
else
{
var xmlDoc = UtilityMethods.GetResourceText("ListObjectsResponse.xml");
XmlDocument myxml = new XmlDocument();
myxml.LoadXml(xmlDoc);
string contents = myxml.InnerXml;
return(new MultipleResponseServlet.Response
{
Contents = contents,
Headers = new Dictionary <string, string>(),
StatusCode = 200
});
}
};
string server = "http://localhost:" + servlet.Port;
using (var client = new AmazonS3Client(new AmazonS3Config
{
ServiceURL = server,
MaxErrorRetry = 1
}))
{
retryFlag = true;
FailureRetryRequests(TotalRequests, RetryRequests, ExtraRequests, client);
retryFlag = false;
requestCount = 0;
for (int i = 0; i < TotalRequests; i++)
{
var response = client.ListObjects("CapacityManagerTests");
}
retryFlag = true;
requestCount = 0;
FailureRetryRequests(TotalRequests, RetryRequests, ExtraRequests, client);
}
}
}
/// <summary>
/// Background Info:- Each retry request requires 5 capacity. On successful retry response 5 would be put back into the
/// capacity. On a successful response which is not a retry request 1 is added to the capacity. The capacity has a max cap
/// that is not exceeded.
/// Dependency:- This test depends on the file ListObjectsResponse.xml which contains a sample success ListObject response.
/// This Integration test works in three phases.
/// Phase 1. Keeping in mind that we can make a 100 requests with the current set configurations, 500 requests are made
/// to a mock servlet which returns back a 500 error which leads to 500 retry requests. As the capacity can only handle
/// a 100, this leads to the capacity getting depleted. An assert proves the number of retry requests that was made.
/// Phase 2. With the capacity completely entry, phase 2 makes 500 requests for which the mock servlet returns a success
/// response. This puts back enough capacity to make a 100 retry requests.
/// Phase 3. Phase 1 is repeated again with an assert to prove that Phase 2 added the said capacity.
/// </summary>
public void S3CapacityManagerIntegrationTest()
{
int TotalRequests = 500;
int RetryRequests = 100;
int ExtraRequests = TotalRequests-RetryRequests;
requestCount = 0;
var retryFlag = true;
using (MultipleResponseServlet servlet = new MultipleResponseServlet())
{
servlet.OnRequest += path =>
{
requestCount++;
if (retryFlag)
{
return new MultipleResponseServlet.Response
{
Contents = "foo",
Headers = new Dictionary<string, string>(),
StatusCode = 500
};
}
else
{
var xmlDoc = UtilityMethods.GetResourceText("ListObjectsResponse.xml");
XmlDocument myxml = new XmlDocument();
myxml.LoadXml(xmlDoc);
string contents = myxml.InnerXml;
return new MultipleResponseServlet.Response
{
Contents = contents,
Headers = new Dictionary<string, string>(),
StatusCode = 200
};
}
};
string server = "http://localhost:" + servlet.Port;
using (var client = new AmazonS3Client(new AmazonS3Config
{
ServiceURL = server,
MaxErrorRetry = 1
}))
{
retryFlag = true;
FailureRetryRequests(TotalRequests, RetryRequests, ExtraRequests, client);
retryFlag = false;
requestCount = 0;
for (int i = 0; i < TotalRequests; i++)
{
var response = client.ListObjects("CapacityManagerTests");
}
retryFlag = true;
requestCount = 0;
FailureRetryRequests(TotalRequests, RetryRequests, ExtraRequests, client);
}
}
}
private static void SetupResponseHandler(MultipleResponseServlet servlet, List <MultipleResponseServlet.Response> responses)
{
int requestCount = -1;
servlet.OnRequest += path =>
{
requestCount++;
if (requestCount >= responses.Count)
{
Assert.Fail($"Number or responses requested {requestCount + 1} exceeds the number of mocked responses {responses.Count}.");
}
return(responses[requestCount]);
};
}
public void TestEC2InstanceMetadataInsecureCredentialsFallbackNotFound()
{
var token = string.Empty;
var responses = new List <MultipleResponseServlet.Response>();
responses.Add(TokenFetchResponse(token, HttpStatusCode.NotFound));
responses.Add(MetadataGetSecurityCredentialsResponse("Item1", token, HttpStatusCode.NotFound));
using (var servlet = new MultipleResponseServlet())
{
SetupResponseHandler(servlet, responses);
var metadata = GetSecurityCredentials(servlet);
Assert.IsNull(metadata);
}
}
public void TestEC2InstanceMetadata401Unauthorized()
{
var token = "ValidToken";
var responses = new List <MultipleResponseServlet.Response>();
responses.Add(TokenFetchResponse(token, HttpStatusCode.OK));
responses.Add(MetadataGetSecurityCredentialsResponse(string.Empty, token, HttpStatusCode.Unauthorized));
using (var servlet = new MultipleResponseServlet())
{
SetupResponseHandler(servlet, responses);
try
{
var metadata = GetSecurityCredentials(servlet);
}
catch (WebException wex)
{
var response = wex.Response as HttpWebResponse;
Assert.IsNotNull(response);
Assert.AreEqual(HttpStatusCode.Unauthorized, response.StatusCode);
throw;
}
}
}
private static IDictionary <string, IAMSecurityCredentialMetadata> GetSecurityCredentials(MultipleResponseServlet servlet)
{
var metadataType = typeof(EC2InstanceMetadata);
var currentEMSValue = GetField(metadataType, "EC2_METADATA_SVC");
Action setEMSAction = () => SetEC2InstanceMetadataFields(metadataType, servlet.ServiceURL);
Action resetEMSAction = () => SetEC2InstanceMetadataFields(metadataType, currentEMSValue);
using (new DisposableSwitch(setEMSAction, resetEMSAction))
{
var metadata = EC2InstanceMetadata.IAMSecurityCredentials;
return(metadata);
}
}
private static IDictionary <string, IAMSecurityCredentialMetadata> GetSecurityCredentials(MultipleResponseServlet servlet)
{
var currentEMSValue = Environment.GetEnvironmentVariable(endpointEnvVar);
Action setEMSAction = () => SetEC2InstanceMetadataEndpoint(servlet.ServiceURL);
Action resetEMSAction = () => SetEC2InstanceMetadataEndpoint(currentEMSValue);
using (new DisposableSwitch(setEMSAction, resetEMSAction))
{
var metadata = EC2InstanceMetadata.IAMSecurityCredentials;
return(metadata);
}
}
