feat(batch6-task8): port t3 monitoring mqtt tls tests
This commit is contained in:
Joseph Doherty
@@ -1,3 +1,5 @@
|
||||
using System.Security.Cryptography;
|
||||
using System.Security.Cryptography.X509Certificates;
|
||||
using Shouldly;
|
||||
using ZB.MOM.NatsNet.Server;
|
||||
using ZB.MOM.NatsNet.Server.Internal;
|
||||
@@ -6,6 +8,112 @@ namespace ZB.MOM.NatsNet.Server.Tests.ImplBacklog;
|
||||
|
||||
public sealed partial class MqttHandlerTests
|
||||
{
|
||||
[Fact] // T:2178
|
||||
public void MQTTTLS_ShouldSucceed()
|
||||
{
|
||||
var (certFile, keyFile, tempDir) = CreatePemCertificate();
|
||||
|
||||
try
|
||||
{
|
||||
var errors = new List<Exception>();
|
||||
var warnings = new List<Exception>();
|
||||
var options = new ServerOptions();
|
||||
|
||||
var parseError = ServerOptions.ParseMQTT(
|
||||
new Dictionary<string, object?>
|
||||
{
|
||||
["tls"] = new Dictionary<string, object?>
|
||||
{
|
||||
["cert_file"] = certFile,
|
||||
["key_file"] = keyFile,
|
||||
["timeout"] = 2.0d,
|
||||
},
|
||||
},
|
||||
options,
|
||||
errors,
|
||||
warnings);
|
||||
|
||||
parseError.ShouldBeNull();
|
||||
errors.ShouldBeEmpty();
|
||||
options.Mqtt.TlsConfig.ShouldNotBeNull();
|
||||
options.Mqtt.TlsConfig!.ServerCertificate.ShouldNotBeNull();
|
||||
options.Mqtt.TlsConfig.ClientCertificateRequired.ShouldBeFalse();
|
||||
options.Mqtt.TlsTimeout.ShouldBe(2.0d);
|
||||
|
||||
errors.Clear();
|
||||
warnings.Clear();
|
||||
options = new ServerOptions();
|
||||
parseError = ServerOptions.ParseMQTT(
|
||||
new Dictionary<string, object?>
|
||||
{
|
||||
["tls"] = new Dictionary<string, object?>
|
||||
{
|
||||
["cert_file"] = certFile,
|
||||
["key_file"] = keyFile,
|
||||
["verify"] = true,
|
||||
["timeout"] = 2.0d,
|
||||
},
|
||||
},
|
||||
options,
|
||||
errors,
|
||||
warnings);
|
||||
|
||||
parseError.ShouldBeNull();
|
||||
errors.ShouldBeEmpty();
|
||||
options.Mqtt.TlsConfig.ShouldNotBeNull();
|
||||
options.Mqtt.TlsConfig!.ClientCertificateRequired.ShouldBeTrue();
|
||||
options.Mqtt.TlsTimeout.ShouldBe(2.0d);
|
||||
|
||||
errors.Clear();
|
||||
warnings.Clear();
|
||||
options = new ServerOptions();
|
||||
parseError = ServerOptions.ParseMQTT(
|
||||
new Dictionary<string, object?>
|
||||
{
|
||||
["tls"] = new Dictionary<string, object?>
|
||||
{
|
||||
["cert_file"] = certFile,
|
||||
["key_file"] = keyFile,
|
||||
["timeout"] = 0.001d,
|
||||
},
|
||||
},
|
||||
options,
|
||||
errors,
|
||||
warnings);
|
||||
|
||||
parseError.ShouldBeNull();
|
||||
errors.ShouldBeEmpty();
|
||||
options.Mqtt.TlsTimeout.ShouldBe(0.001d);
|
||||
}
|
||||
finally
|
||||
{
|
||||
Directory.Delete(tempDir, recursive: true);
|
||||
}
|
||||
}
|
||||
|
||||
private static (string CertFile, string KeyFile, string TempDir) CreatePemCertificate()
|
||||
{
|
||||
var tempDir = Path.Combine(Path.GetTempPath(), Path.GetRandomFileName());
|
||||
Directory.CreateDirectory(tempDir);
|
||||
|
||||
using var rsa = RSA.Create(2048);
|
||||
var request = new CertificateRequest(
|
||||
"CN=localhost",
|
||||
rsa,
|
||||
HashAlgorithmName.SHA256,
|
||||
RSASignaturePadding.Pkcs1);
|
||||
using var certificate = request.CreateSelfSigned(
|
||||
DateTimeOffset.UtcNow.AddMinutes(-5),
|
||||
DateTimeOffset.UtcNow.AddMinutes(30));
|
||||
|
||||
var certFile = Path.Combine(tempDir, "mqtt-cert.pem");
|
||||
var keyFile = Path.Combine(tempDir, "mqtt-key.pem");
|
||||
File.WriteAllText(certFile, certificate.ExportCertificatePem());
|
||||
File.WriteAllText(keyFile, rsa.ExportPkcs8PrivateKeyPem());
|
||||
|
||||
return (certFile, keyFile, tempDir);
|
||||
}
|
||||
|
||||
[Fact] // T:2179
|
||||
public void MQTTRequiresJSEnabled_ShouldSucceed()
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user