63 lines
2.4 KiB
Python
63 lines
2.4 KiB
Python
|
# Copyright 2023 The Matrix.org Foundation C.I.C.
|
||
|
#
|
||
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
||
|
# you may not use this file except in compliance with the License.
|
||
|
# You may obtain a copy of the License at
|
||
|
#
|
||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||
|
#
|
||
|
# Unless required by applicable law or agreed to in writing, software
|
||
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
||
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||
|
# See the License for the specific language governing permissions and
|
||
|
# limitations under the License.
|
||
|
|
||
|
from typing import Any, Dict
|
||
|
|
||
|
import synapse.rest.admin._base
|
||
|
|
||
|
from tests.replication._base import BaseMultiWorkerStreamTestCase
|
||
|
|
||
|
|
||
|
class IntrospectionTokenCacheInvalidationTestCase(BaseMultiWorkerStreamTestCase):
|
||
|
servlets = [synapse.rest.admin.register_servlets]
|
||
|
|
||
|
def default_config(self) -> Dict[str, Any]:
|
||
|
config = super().default_config()
|
||
|
config["disable_registration"] = True
|
||
|
config["experimental_features"] = {
|
||
|
"msc3861": {
|
||
|
"enabled": True,
|
||
|
"issuer": "some_dude",
|
||
|
"client_id": "ID",
|
||
|
"client_auth_method": "client_secret_post",
|
||
|
"client_secret": "secret",
|
||
|
}
|
||
|
}
|
||
|
return config
|
||
|
|
||
|
def test_stream_introspection_token_invalidation(self) -> None:
|
||
|
worker_hs = self.make_worker_hs("synapse.app.generic_worker")
|
||
|
auth = worker_hs.get_auth()
|
||
|
store = self.hs.get_datastores().main
|
||
|
|
||
|
# add a token to the cache on the worker
|
||
|
auth._token_cache["open_sesame"] = "intro_token" # type: ignore[attr-defined]
|
||
|
|
||
|
# stream the invalidation from the master
|
||
|
self.get_success(
|
||
|
store.stream_introspection_token_invalidation(("open_sesame",))
|
||
|
)
|
||
|
|
||
|
# check that the cache on the worker was invalidated
|
||
|
self.assertEqual(auth._token_cache.get("open_sesame"), None) # type: ignore[attr-defined]
|
||
|
|
||
|
# test invalidating whole cache
|
||
|
for i in range(0, 5):
|
||
|
auth._token_cache[f"open_sesame_{i}"] = f"intro_token_{i}" # type: ignore[attr-defined]
|
||
|
self.assertEqual(len(auth._token_cache), 5) # type: ignore[attr-defined]
|
||
|
|
||
|
self.get_success(store.stream_introspection_token_invalidation((None,)))
|
||
|
|
||
|
self.assertEqual(len(auth._token_cache), 0) # type: ignore[attr-defined]
|