提供接入码配对、配置查询、本地策略修改、验证、激活、回滚、禁用和公开运行时状态接口。写操作强制 Idempotency-Key 与 If-Match,后台 Exchange 支持重启恢复和过期收敛,并记录脱敏 Trace 与审计。\n\n验证:go test 相关 identity、store、identityruntime、httpapi 包;go vet ./apps/api/...
34 lines
1.1 KiB
Go
34 lines
1.1 KiB
Go
package httpapi
|
|
|
|
import (
|
|
"net/http"
|
|
"net/http/httptest"
|
|
"testing"
|
|
)
|
|
|
|
func TestRequiredIdentityWriteHeaders(t *testing.T) {
|
|
request := httptest.NewRequest(http.MethodPost, "/identity", nil)
|
|
recorder := httptest.NewRecorder()
|
|
if _, ok := requiredIdentityVersion(recorder, request); ok || recorder.Code != http.StatusPreconditionRequired {
|
|
t.Fatalf("missing If-Match status=%d", recorder.Code)
|
|
}
|
|
|
|
request.Header.Set("If-Match", `W/"7"`)
|
|
recorder = httptest.NewRecorder()
|
|
version, ok := requiredIdentityVersion(recorder, request)
|
|
if !ok || version != 7 {
|
|
t.Fatalf("weak ETag version=%d ok=%v", version, ok)
|
|
}
|
|
}
|
|
|
|
func TestIdentityErrorProjectionProtectsInternalDetails(t *testing.T) {
|
|
status, message, code := identityErrorProjection(assertionError("upstream response contained secret-token"))
|
|
if status != http.StatusBadGateway || code != "IDENTITY_SERVICE_UNAVAILABLE" || message == "upstream response contained secret-token" {
|
|
t.Fatalf("unsafe error projection status=%d code=%q message=%q", status, code, message)
|
|
}
|
|
}
|
|
|
|
type assertionError string
|
|
|
|
func (err assertionError) Error() string { return string(err) }
|