Mock auth clients in tests

author: Martin Polden <mpolden@mpolden.no> 2023-03-23 10:26:57 +0100
committer: Martin Polden <mpolden@mpolden.no> 2023-03-23 10:28:15 +0100
commit: c279604ee49d22f15b64003a1b8f7de4db4781e3 (patch)
tree: a4eae1c179e2eced3f11b5a452a776e326640623 /client/go/internal
parent: a9a6d2275c49f5690791cbb50648589ea800a146 (diff)
13 files changed, 133 insertions, 99 deletions
diff --git a/client/go/internal/cli/auth/auth0/auth0.go b/client/go/internal/cli/auth/auth0/auth0.go
index 36dc0b8871c..5f7612d4d2e 100644
--- a/client/go/internal/cli/auth/auth0/auth0.go
+++ b/client/go/internal/cli/auth/auth0/auth0.go
@@ -33,12 +33,16 @@ type Credentials struct {
 type Client struct {
 	httpClient    util.HTTPClient
 	Authenticator *auth.Authenticator // TODO: Make this private
-	configPath    string
-	systemName    string
-	systemURL     string
+	options       Options
 	provider      auth0Provider
 }
 
+type Options struct {
+	ConfigPath string
+	SystemName string
+	SystemURL  string
+}
+
 // config is the root type of the persisted config
 type config struct {
 	Version   int       `json:"version"`
@@ -74,12 +78,12 @@ func cancelOnInterrupt() context.Context {
 	return ctx
 }
 
-func newClient(httpClient util.HTTPClient, configPath, systemName, systemURL string) (*Client, error) {
+// NewClient constructs a new Auth0 client, storing configuration in the given configPath. The client will be configured for
+// use in the given Vespa system.
+func NewClient(httpClient util.HTTPClient, options Options) (*Client, error) {
 	a := Client{}
 	a.httpClient = httpClient
-	a.configPath = configPath
-	a.systemName = systemName
-	a.systemURL = systemURL
+	a.options = options
 	c, err := a.getDeviceFlowConfig()
 	if err != nil {
 		return nil, err
@@ -90,7 +94,7 @@ func newClient(httpClient util.HTTPClient, configPath, systemName, systemURL str
 		DeviceCodeEndpoint: c.DeviceCodeEndpoint,
 		OauthTokenEndpoint: c.OauthTokenEndpoint,
 	}
-	provider, err := readConfig(configPath)
+	provider, err := readConfig(options.ConfigPath)
 	if err != nil {
 		return nil, err
 	}
@@ -98,14 +102,8 @@ func newClient(httpClient util.HTTPClient, configPath, systemName, systemURL str
 	return &a, nil
 }
 
-// New constructs a new Auth0 client, storing configuration in the given configPath. The client will be configured for
-// use in the given Vespa system.
-func New(configPath string, systemName, systemURL string) (*Client, error) {
-	return newClient(util.CreateClient(time.Second*30), configPath, systemName, systemURL)
-}
-
 func (a *Client) getDeviceFlowConfig() (flowConfig, error) {
-	url := a.systemURL + "/auth0/v1/device-flow-config"
+	url := a.options.SystemURL + "/auth0/v1/device-flow-config"
 	req, err := http.NewRequest("GET", url, nil)
 	if err != nil {
 		return flowConfig{}, err
@@ -125,11 +123,11 @@ func (a *Client) getDeviceFlowConfig() (flowConfig, error) {
 	return cfg, nil
 }
 
-// GetAccessToken returns an access token for the configured system, refreshing it if necessary.
-func (a *Client) GetAccessToken() (string, error) {
-	creds, ok := a.provider.Systems[a.systemName]
+// AccessToken returns an access token for the configured system, refreshing it if necessary.
+func (a *Client) AccessToken() (string, error) {
+	creds, ok := a.provider.Systems[a.options.SystemName]
 	if !ok {
-		return "", fmt.Errorf("system %s is not configured", a.systemName)
+		return "", fmt.Errorf("system %s is not configured", a.options.SystemName)
 	} else if creds.AccessToken == "" {
 		return "", fmt.Errorf("access token missing: %s", reauthMessage)
 	} else if scopesChanged(creds) {
@@ -142,7 +140,7 @@ func (a *Client) GetAccessToken() (string, error) {
 			Secrets:       &auth.Keyring{},
 			Client:        http.DefaultClient,
 		}
-		resp, err := tr.Refresh(cancelOnInterrupt(), a.systemName)
+		resp, err := tr.Refresh(cancelOnInterrupt(), a.options.SystemName)
 		if err != nil {
 			return "", fmt.Errorf("failed to renew access token: %w: %s", err, reauthMessage)
 		} else {
@@ -177,7 +175,7 @@ func scopesChanged(s Credentials) bool {
 
 // HasCredentials returns true if this client has retrived credentials for the configured system.
 func (a *Client) HasCredentials() bool {
-	_, ok := a.provider.Systems[a.systemName]
+	_, ok := a.provider.Systems[a.options.SystemName]
 	return ok
 }
 
@@ -186,8 +184,8 @@ func (a *Client) WriteCredentials(credentials Credentials) error {
 	if a.provider.Systems == nil {
 		a.provider.Systems = make(map[string]Credentials)
 	}
-	a.provider.Systems[a.systemName] = credentials
-	if err := writeConfig(a.provider, a.configPath); err != nil {
+	a.provider.Systems[a.options.SystemName] = credentials
+	if err := writeConfig(a.provider, a.options.ConfigPath); err != nil {
 		return fmt.Errorf("failed to write config: %w", err)
 	}
 	return nil
@@ -196,11 +194,11 @@ func (a *Client) WriteCredentials(credentials Credentials) error {
 // RemoveCredentials removes credentials for the system configured in this client.
 func (a *Client) RemoveCredentials() error {
 	tr := &auth.TokenRetriever{Secrets: &auth.Keyring{}}
-	if err := tr.Delete(a.systemName); err != nil {
-		return fmt.Errorf("failed to remove system %s from secret storage: %w", a.systemName, err)
+	if err := tr.Delete(a.options.SystemName); err != nil {
+		return fmt.Errorf("failed to remove system %s from secret storage: %w", a.options.SystemName, err)
 	}
-	delete(a.provider.Systems, a.systemName)
-	if err := writeConfig(a.provider, a.configPath); err != nil {
+	delete(a.provider.Systems, a.options.SystemName)
+	if err := writeConfig(a.provider, a.options.ConfigPath); err != nil {
 		return fmt.Errorf("failed to write config: %w", err)
 	}
 	return nil
diff --git a/client/go/internal/cli/auth/auth0/auth0_test.go b/client/go/internal/cli/auth/auth0/auth0_test.go
index 39393bbdfc1..b4bd34eb6d6 100644
--- a/client/go/internal/cli/auth/auth0/auth0_test.go
+++ b/client/go/internal/cli/auth/auth0/auth0_test.go
@@ -21,7 +21,7 @@ func TestConfigWriting(t *testing.T) {
   "oauth-token-endpoint": "https://example.com/oauth/token"
 }`
 	httpClient.NextResponseString(200, flowConfigResponse)
-	client, err := newClient(&httpClient, configPath, "public", "http://example.com")
+	client, err := NewClient(&httpClient, Options{ConfigPath: configPath, SystemName: "public", SystemURL: "http://example.com"})
 	require.Nil(t, err)
 	assert.Equal(t, "https://example.com/api/v2/", client.Authenticator.Audience)
 	assert.Equal(t, "some-id", client.Authenticator.ClientID)
@@ -56,7 +56,7 @@ func TestConfigWriting(t *testing.T) {
 
 	// Switch to another system
 	httpClient.NextResponseString(200, flowConfigResponse)
-	client, err = newClient(&httpClient, configPath, "publiccd", "http://example.com")
+	client, err = NewClient(&httpClient, Options{ConfigPath: configPath, SystemName: "publiccd", SystemURL: "http://example.com"})
 	require.Nil(t, err)
 	creds2 := Credentials{
 		AccessToken: "another-token",
diff --git a/client/go/internal/cli/auth/zts/zts.go b/client/go/internal/cli/auth/zts/zts.go
index 9fabe219209..0ca815a61e8 100644
--- a/client/go/internal/cli/auth/zts/zts.go
+++ b/client/go/internal/cli/auth/zts/zts.go
@@ -21,7 +21,7 @@ type Client struct {
 }
 
 // NewClient creates a new client for an Athenz ZTS service located at serviceURL.
-func NewClient(serviceURL string, client util.HTTPClient) (*Client, error) {
+func NewClient(client util.HTTPClient, serviceURL string) (*Client, error) {
 	tokenURL, err := url.Parse(serviceURL)
 	if err != nil {
 		return nil, err
diff --git a/client/go/internal/cli/auth/zts/zts_test.go b/client/go/internal/cli/auth/zts/zts_test.go
index 6c6ced9bb33..d0cc7ea9f9d 100644
--- a/client/go/internal/cli/auth/zts/zts_test.go
+++ b/client/go/internal/cli/auth/zts/zts_test.go
@@ -9,7 +9,7 @@ import (
 
 func TestAccessToken(t *testing.T) {
 	httpClient := mock.HTTPClient{}
-	client, err := NewClient("http://example.com", &httpClient)
+	client, err := NewClient(&httpClient, "http://example.com")
 	if err != nil {
 		t.Fatal(err)
 	}
diff --git a/client/go/internal/cli/cmd/config.go b/client/go/internal/cli/cmd/config.go
index e5124962831..fd049864096 100644
--- a/client/go/internal/cli/cmd/config.go
+++ b/client/go/internal/cli/cmd/config.go
@@ -490,7 +490,7 @@ func (c *Config) readAPIKey(cli *CLI, system vespa.System, tenantName string) ([
 		return nil, nil // Vespa Cloud CI only talks to data plane and does not have an API key
 	}
 	if !cli.isCI() {
-		client, err := auth0.New(c.authConfigPath(), system.Name, system.URL)
+		client, err := cli.auth0Factory(cli.httpClient, auth0.Options{ConfigPath: c.authConfigPath(), SystemName: system.Name, SystemURL: system.URL})
 		if err == nil && client.HasCredentials() {
 			return nil, nil // use Auth0
 		}
diff --git a/client/go/internal/cli/cmd/config_test.go b/client/go/internal/cli/cmd/config_test.go
index c76277119a0..612904061de 100644
--- a/client/go/internal/cli/cmd/config_test.go
+++ b/client/go/internal/cli/cmd/config_test.go
@@ -8,7 +8,9 @@ import (
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/auth0"
 	"github.com/vespa-engine/vespa/client/go/internal/mock"
+	"github.com/vespa-engine/vespa/client/go/internal/util"
 	"github.com/vespa-engine/vespa/client/go/internal/vespa"
 )
 
@@ -184,24 +186,10 @@ func TestReadAPIKey(t *testing.T) {
 	assert.Equal(t, []byte("baz"), key)
 
 	// Auth0 is preferred when configured
-	authContent := `
-{
-    "version": 1,
-    "providers": {
-        "auth0": {
-            "version": 1,
-            "systems": {
-                "public": {
-					"access_token": "...",
-					"scopes": ["openid", "offline_access"],
-					"expires_at": "2030-01-01T01:01:01.000001+01:00"
-				}
-			}
-		}
-	}
-}`
 	cli, _, _ = newTestCLI(t)
-	require.Nil(t, os.WriteFile(filepath.Join(cli.config.homeDir, "auth.json"), []byte(authContent), 0600))
+	cli.auth0Factory = func(httpClient util.HTTPClient, options auth0.Options) (auth0Client, error) {
+		return &mockAuth0{hasCredentials: true}, nil
+	}
 	key, err = cli.config.readAPIKey(cli, vespa.PublicSystem, "t1")
 	require.Nil(t, err)
 	assert.Nil(t, key)
diff --git a/client/go/internal/cli/cmd/login.go b/client/go/internal/cli/cmd/login.go
index aa6a18b3b38..9ac2262e78d 100644
--- a/client/go/internal/cli/cmd/login.go
+++ b/client/go/internal/cli/cmd/login.go
@@ -35,7 +35,7 @@ func newLoginCmd(cli *CLI) *cobra.Command {
 			if err != nil {
 				return err
 			}
-			a, err := auth0.New(cli.config.authConfigPath(), system.Name, system.URL)
+			a, err := auth0.NewClient(cli.httpClient, auth0.Options{ConfigPath: cli.config.authConfigPath(), SystemName: system.Name, SystemURL: system.URL})
 			if err != nil {
 				return err
 			}
@@ -68,16 +68,14 @@ func newLoginCmd(cli *CLI) *cobra.Command {
 				return fmt.Errorf("login error: %w", err)
 			}
 
-			log.Print("\n")
-			log.Println("Successfully logged in.")
-			log.Print("\n")
+			cli.printSuccess("Logged in")
 
 			// store the refresh token
 			secretsStore := &auth.Keyring{}
 			err = secretsStore.Set(auth.SecretsNamespace, system.Name, res.RefreshToken)
 			if err != nil {
 				// log the error but move on
-				log.Println("Could not store the refresh token locally, please expect to login again once your access token expired.")
+				cli.printWarning("Could not store the refresh token locally. You may need to login again once your access token expires")
 			}
 
 			creds := auth0.Credentials{
diff --git a/client/go/internal/cli/cmd/logout.go b/client/go/internal/cli/cmd/logout.go
index f2ee6e87ac7..32e7cd9783b 100644
--- a/client/go/internal/cli/cmd/logout.go
+++ b/client/go/internal/cli/cmd/logout.go
@@ -1,8 +1,6 @@
 package cmd
 
 import (
-	"log"
-
 	"github.com/spf13/cobra"
 	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/auth0"
 )
@@ -24,17 +22,14 @@ func newLogoutCmd(cli *CLI) *cobra.Command {
 			if err != nil {
 				return err
 			}
-			a, err := auth0.New(cli.config.authConfigPath(), system.Name, system.URL)
+			a, err := auth0.NewClient(cli.httpClient, auth0.Options{ConfigPath: cli.config.authConfigPath(), SystemName: system.Name, SystemURL: system.URL})
 			if err != nil {
 				return err
 			}
 			if err := a.RemoveCredentials(); err != nil {
 				return err
 			}
-
-			log.Print("\n")
-			log.Println("Successfully logged out.")
-			log.Print("\n")
+			cli.printSuccess("Logged out")
 			return nil
 		},
 	}
diff --git a/client/go/internal/cli/cmd/root.go b/client/go/internal/cli/cmd/root.go
index 70e0afbcd32..4dc8d45bd59 100644
--- a/client/go/internal/cli/cmd/root.go
+++ b/client/go/internal/cli/cmd/root.go
@@ -2,6 +2,7 @@
 package cmd
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -16,6 +17,8 @@ import (
 	"github.com/mattn/go-isatty"
 	"github.com/spf13/cobra"
 	"github.com/spf13/pflag"
+	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/auth0"
+	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/zts"
 	"github.com/vespa-engine/vespa/client/go/internal/cli/build"
 	"github.com/vespa-engine/vespa/client/go/internal/util"
 	"github.com/vespa-engine/vespa/client/go/internal/version"
@@ -45,10 +48,13 @@ type CLI struct {
 	config  *Config
 	version version.Version
 
-	httpClient util.HTTPClient
-	exec       executor
-	isTerminal func() bool
-	spinner    func(w io.Writer, message string, fn func() error) error
+	httpClient   util.HTTPClient
+	auth0Factory auth0Factory
+	ztsFactory   ztsFactory
+	exec         executor
+	isTerminal   func() bool
+	spinner      func(w io.Writer, message string, fn func() error) error
+	now          func() time.Time
 }
 
 // ErrCLI is an error returned to the user. It wraps an exit status, a regular error and optional hints for resolving
@@ -82,6 +88,19 @@ func (c *execSubprocess) Run(name string, args ...string) ([]byte, error) {
 	return exec.Command(name, args...).Output()
 }
 
+type ztsClient interface {
+	AccessToken(domain string, certficiate tls.Certificate) (string, error)
+}
+
+type auth0Client interface {
+	AccessToken() (string, error)
+	HasCredentials() bool
+}
+
+type auth0Factory func(httpClient util.HTTPClient, options auth0.Options) (auth0Client, error)
+
+type ztsFactory func(httpClient util.HTTPClient, url string) (ztsClient, error)
+
 // New creates the Vespa CLI, writing output to stdout and stderr, and reading environment variables from environment.
 func New(stdout, stderr io.Writer, environment []string) (*CLI, error) {
 	cmd := &cobra.Command{
@@ -123,6 +142,13 @@ For detailed description of flags and configuration, see 'vespa help config'.
 		cmd:        cmd,
 		httpClient: util.CreateClient(time.Second * 10),
 		exec:       &execSubprocess{},
+		now:        time.Now,
+		auth0Factory: func(httpClient util.HTTPClient, options auth0.Options) (auth0Client, error) {
+			return auth0.NewClient(httpClient, options)
+		},
+		ztsFactory: func(httpClient util.HTTPClient, url string) (ztsClient, error) {
+			return zts.NewClient(httpClient, url)
+		},
 	}
 	cli.isTerminal = func() bool { return isTerminal(cli.Stdout) && isTerminal(cli.Stderr) }
 	if err := cli.loadConfig(); err != nil {
@@ -359,10 +385,9 @@ func (c *CLI) createCloudTarget(targetType string, opts targetOptions) (vespa.Ta
 		return nil, fmt.Errorf("invalid cloud target: %s", targetType)
 	}
 	apiOptions := vespa.APIOptions{
-		System:         system,
-		TLSOptions:     apiTLSOptions,
-		APIKey:         apiKey,
-		AuthConfigPath: authConfigPath,
+		System:     system,
+		TLSOptions: apiTLSOptions,
+		APIKey:     apiKey,
 	}
 	deploymentOptions := vespa.CloudDeploymentOptions{
 		Deployment:  deployment,
@@ -377,7 +402,15 @@ func (c *CLI) createCloudTarget(targetType string, opts targetOptions) (vespa.Ta
 		Writer: c.Stdout,
 		Level:  vespa.LogLevel(logLevel),
 	}
-	return vespa.CloudTarget(c.httpClient, apiOptions, deploymentOptions, logOptions)
+	auth0, err := c.auth0Factory(c.httpClient, auth0.Options{ConfigPath: authConfigPath, SystemName: apiOptions.System.Name, SystemURL: apiOptions.System.URL})
+	if err != nil {
+		return nil, err
+	}
+	zts, err := c.ztsFactory(c.httpClient, zts.DefaultURL)
+	if err != nil {
+		return nil, err
+	}
+	return vespa.CloudTarget(c.httpClient, zts, auth0, apiOptions, deploymentOptions, logOptions)
 }
 
 // system returns the appropiate system for the target configured in this CLI.
diff --git a/client/go/internal/cli/cmd/testutil_test.go b/client/go/internal/cli/cmd/testutil_test.go
index 6eade6edd86..61f8dab2264 100644
--- a/client/go/internal/cli/cmd/testutil_test.go
+++ b/client/go/internal/cli/cmd/testutil_test.go
@@ -3,10 +3,13 @@ package cmd
 
 import (
 	"bytes"
+	"crypto/tls"
 	"path/filepath"
 	"testing"
 
+	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/auth0"
 	"github.com/vespa-engine/vespa/client/go/internal/mock"
+	"github.com/vespa-engine/vespa/client/go/internal/util"
 )
 
 func newTestCLI(t *testing.T, envVars ...string) (*CLI, *bytes.Buffer, *bytes.Buffer) {
@@ -23,7 +26,24 @@ func newTestCLI(t *testing.T, envVars ...string) (*CLI, *bytes.Buffer, *bytes.Bu
 	if err != nil {
 		t.Fatal(err)
 	}
-	cli.httpClient = &mock.HTTPClient{}
+	httpClient := &mock.HTTPClient{}
+	cli.httpClient = httpClient
 	cli.exec = &mock.Exec{}
+	cli.auth0Factory = func(httpClient util.HTTPClient, options auth0.Options) (auth0Client, error) {
+		return &mockAuth0{}, nil
+	}
+	cli.ztsFactory = func(httpClient util.HTTPClient, url string) (ztsClient, error) {
+		return &mockZTS{}, nil
+	}
 	return cli, &stdout, &stderr
 }
+
+type mockZTS struct{}
+
+func (z *mockZTS) AccessToken(domain string, cert tls.Certificate) (string, error) { return "", nil }
+
+type mockAuth0 struct{ hasCredentials bool }
+
+func (a *mockAuth0) AccessToken() (string, error) { return "", nil }
+
+func (a *mockAuth0) HasCredentials() bool { return a.hasCredentials }
diff --git a/client/go/internal/vespa/target.go b/client/go/internal/vespa/target.go
index 446b02c05cf..719b37012d5 100644
--- a/client/go/internal/vespa/target.go
+++ b/client/go/internal/vespa/target.go
@@ -43,7 +43,8 @@ type Service struct {
 	BaseURL    string
 	Name       string
 	TLSOptions TLSOptions
-	ztsClient  ztsClient
+
+	zts        zts
 	httpClient util.HTTPClient
 }
 
@@ -95,7 +96,7 @@ func (s *Service) Do(request *http.Request, timeout time.Duration) (*http.Respon
 		s.httpClient.UseCertificate([]tls.Certificate{s.TLSOptions.KeyPair})
 	}
 	if s.TLSOptions.AthenzDomain != "" {
-		accessToken, err := s.ztsClient.AccessToken(s.TLSOptions.AthenzDomain, s.TLSOptions.KeyPair)
+		accessToken, err := s.zts.AccessToken(s.TLSOptions.AthenzDomain, s.TLSOptions.KeyPair)
 		if err != nil {
 			return nil, err
 		}
diff --git a/client/go/internal/vespa/target_cloud.go b/client/go/internal/vespa/target_cloud.go
index eb9cc41014a..5d9e6d9272a 100644
--- a/client/go/internal/vespa/target_cloud.go
+++ b/client/go/internal/vespa/target_cloud.go
@@ -12,18 +12,15 @@ import (
 	"strings"
 	"time"
 
-	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/auth0"
-	"github.com/vespa-engine/vespa/client/go/internal/cli/auth/zts"
 	"github.com/vespa-engine/vespa/client/go/internal/util"
 	"github.com/vespa-engine/vespa/client/go/internal/version"
 )
 
 // CloudOptions configures URL and authentication for a cloud target.
 type APIOptions struct {
-	System         System
-	TLSOptions     TLSOptions
-	APIKey         []byte
-	AuthConfigPath string
+	System     System
+	TLSOptions TLSOptions
+	APIKey     []byte
 }
 
 // CloudDeploymentOptions configures the deployment to manage through a cloud target.
@@ -38,7 +35,8 @@ type cloudTarget struct {
 	deploymentOptions CloudDeploymentOptions
 	logOptions        LogOptions
 	httpClient        util.HTTPClient
-	ztsClient         ztsClient
+	zts               zts
+	auth0             auth0
 }
 
 type deploymentEndpoint struct {
@@ -64,22 +62,23 @@ type logMessage struct {
 	Message string `json:"message"`
 }
 
-type ztsClient interface {
+type zts interface {
 	AccessToken(domain string, certficiate tls.Certificate) (string, error)
 }
 
+type auth0 interface {
+	AccessToken() (string, error)
+}
+
 // CloudTarget creates a Target for the Vespa Cloud or hosted Vespa platform.
-func CloudTarget(httpClient util.HTTPClient, apiOptions APIOptions, deploymentOptions CloudDeploymentOptions, logOptions LogOptions) (Target, error) {
-	ztsClient, err := zts.NewClient(zts.DefaultURL, httpClient)
-	if err != nil {
-		return nil, err
-	}
+func CloudTarget(httpClient util.HTTPClient, ztsClient zts, auth0Client auth0, apiOptions APIOptions, deploymentOptions CloudDeploymentOptions, logOptions LogOptions) (Target, error) {
 	return &cloudTarget{
 		httpClient:        httpClient,
 		apiOptions:        apiOptions,
 		deploymentOptions: deploymentOptions,
 		logOptions:        logOptions,
-		ztsClient:         ztsClient,
+		zts:               ztsClient,
+		auth0:             auth0Client,
 	}, nil
 }
 
@@ -125,7 +124,7 @@ func (t *cloudTarget) Service(name string, timeout time.Duration, runID int64, c
 			Name:       name,
 			BaseURL:    t.apiOptions.System.URL,
 			TLSOptions: t.apiOptions.TLSOptions,
-			ztsClient:  t.ztsClient,
+			zts:        t.zts,
 			httpClient: t.httpClient,
 		}
 		if timeout > 0 {
@@ -153,7 +152,7 @@ func (t *cloudTarget) Service(name string, timeout time.Duration, runID int64, c
 			Name:       name,
 			BaseURL:    url,
 			TLSOptions: t.deploymentOptions.TLSOptions,
-			ztsClient:  t.ztsClient,
+			zts:        t.zts,
 			httpClient: t.httpClient,
 		}, nil
 	}
@@ -207,11 +206,7 @@ func (t *cloudTarget) CheckVersion(clientVersion version.Version) error {
 }
 
 func (t *cloudTarget) addAuth0AccessToken(request *http.Request) error {
-	client, err := auth0.New(t.apiOptions.AuthConfigPath, t.apiOptions.System.Name, t.apiOptions.System.URL)
-	if err != nil {
-		return err
-	}
-	accessToken, err := client.GetAccessToken()
+	accessToken, err := t.auth0.AccessToken()
 	if err != nil {
 		return err
 	}
diff --git a/client/go/internal/vespa/target_test.go b/client/go/internal/vespa/target_test.go
index f7731611deb..4f2e361fb39 100644
--- a/client/go/internal/vespa/target_test.go
+++ b/client/go/internal/vespa/target_test.go
@@ -164,6 +164,8 @@ func createCloudTarget(t *testing.T, url string, logWriter io.Writer) Target {
 
 	target, err := CloudTarget(
 		util.CreateClient(time.Second*10),
+		&mockZTS{},
+		&mockAuth0{},
 		APIOptions{APIKey: apiKey, System: PublicSystem},
 		CloudDeploymentOptions{
 			Deployment: Deployment{
@@ -179,7 +181,7 @@ func createCloudTarget(t *testing.T, url string, logWriter io.Writer) Target {
 	}
 	if ct, ok := target.(*cloudTarget); ok {
 		ct.apiOptions.System.URL = url
-		ct.ztsClient = &mockZTSClient{token: "foo bar"}
+		ct.zts = &mockZTS{token: "foo bar"}
 	} else {
 		t.Fatalf("Wrong target type %T", ct)
 	}
@@ -201,10 +203,14 @@ func assertServiceWait(t *testing.T, expectedStatus int, target Target, service
 	assert.Equal(t, expectedStatus, status)
 }
 
-type mockZTSClient struct {
-	token string
-}
+type mockZTS struct{ token string }
 
-func (c *mockZTSClient) AccessToken(domain string, certificate tls.Certificate) (string, error) {
+func (c *mockZTS) AccessToken(domain string, certificate tls.Certificate) (string, error) {
 	return c.token, nil
 }
+
+type mockAuth0 struct{}
+
+func (a *mockAuth0) AccessToken() (string, error) { return "", nil }
+
+func (a *mockAuth0) HasCredentials() bool { return true }
author	Martin Polden <mpolden@mpolden.no>	2023-03-23 10:26:57 +0100
committer	Martin Polden <mpolden@mpolden.no>	2023-03-23 10:28:15 +0100
commit	c279604ee49d22f15b64003a1b8f7de4db4781e3 (patch)
tree	a4eae1c179e2eced3f11b5a452a776e326640623 /client/go/internal
parent	a9a6d2275c49f5690791cbb50648589ea800a146 (diff)