TypeDB Cluster Authentication Behaviour Tests (#408)

## What is the goal of this PR?

We've added behaviour tests for password policy complexity and expiration to TypeDB Cluster.

Following new methodology which isolates the test runners made in typedb-common, we've increased the Bazel test timeout to 30 minutes. Previously this wasn't necessary as we would re-use the runners between runs following a 'cleaning' step, but not rebooting the runner. Given each boot of TypeDB takes 3-4 seconds, the 97 scenarios in the match behaviour file would take ~339.5 seconds in booting time alone, exhausting the default Bazel test limit of 300 seconds.

Now we take a more comprehensive approach, deleting all of the state stored in TypeDB between runs and allowing runners to be reset. This is more correct, but it takes more time.

## What are the changes implemented in this PR?

Many new steps have been declared in `UserSteps`:
* `users get user: {word}`
* `users get all`
* `users contains: {word}`
* `users not contains: {word}`
* `users create: {word}, {word}`
* `users delete: {word}`
* `user password update: {word}, {word}`
* `user expiry-seconds`
* `users password set: {word}, {word}`
* All of the above with the extension `; throws exception` 

We've also declared the following steps for `ConnectionStepsCluster`:
* `typedb has configuration` 
* `typedb starts`
* `typedb stops`
* `user connect: {word}, {word}`
* `user disconnect`

Author: James Williams

.factory/automation.yml

@@ -53,7 +53,7 @@ build:
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
         bazel build //...
         bazel run @vaticle_dependencies//tool/checkstyle:test-coverage
-        bazel test $(bazel query 'kind(checkstyle_test, //...)') --test_output=errors
+        bazel test $(bazel query 'kind(checkstyle_test, //...)') --test_output=errors --test_timeout=1800
     build-dependency:
       image: vaticle-ubuntu-22.04
       command: |
@@ -66,30 +66,30 @@ build:
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        bazel test //test/integration/... --test_output=errors
+        bazel test //test/integration/... --test_output=errors --test_timeout=1800
     test-behaviour-connection-core:
       image: vaticle-ubuntu-22.04
       command: |
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-core.sh //test/behaviour/connection/... --test_output=errors --jobs=1
+        .factory/test-core.sh //test/behaviour/connection/... --test_output=errors --jobs=1 --test_timeout=1800
     # TODO: delete --jobs=1 if we fix the issue with excess memory usage
-#    test-behaviour-connection-cluster:
-#      image: vaticle-ubuntu-22.04
-#      command: |
-#        export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
-#        export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
-#        bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-#        .factory/test-cluster.sh //test/behaviour/connection/... --test_output=errors --jobs=1
+    test-behaviour-connection-cluster:
+      image: vaticle-ubuntu-22.04
+      command: |
+        export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
+        export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
+        bazel run @vaticle_dependencies//distribution/artifact:create-netrc
+        .factory/test-cluster.sh //test/behaviour/connection/... --test_output=errors --jobs=1 --test_timeout=1800
     # TODO: delete --jobs=1 if we fix the issue with excess memory usage
     test-behaviour-concept-core:
       image: vaticle-ubuntu-22.04
       command: |
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-core.sh //test/behaviour/concept/... --test_output=errors
+        .factory/test-core.sh //test/behaviour/concept/... --test_output=errors --test_timeout=1800
 #    test-behaviour-concept-cluster:
 #      image: vaticle-ubuntu-22.04
 #      command: |
@@ -103,8 +103,8 @@ build:
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-core.sh //test/behaviour/typeql/language/match/... --test_output=errors
-        .factory/test-core.sh //test/behaviour/typeql/language/get/... --test_output=errors
+        .factory/test-core.sh //test/behaviour/typeql/language/match/... --test_output=errors --test_timeout=1800
+        .factory/test-core.sh //test/behaviour/typeql/language/get/... --test_output=errors --test_timeout=1800
 #    test-behaviour-match-cluster:
 #      image: vaticle-ubuntu-22.04
 #      command: |
@@ -119,34 +119,34 @@ build:
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-core.sh //test/behaviour/typeql/language/insert/... --test_output=errors
-        .factory/test-core.sh //test/behaviour/typeql/language/delete/... --test_output=errors
-        .factory/test-core.sh //test/behaviour/typeql/language/update/... --test_output=errors
+        .factory/test-core.sh //test/behaviour/typeql/language/insert/... --test_output=errors --test_timeout=1800
+        .factory/test-core.sh //test/behaviour/typeql/language/delete/... --test_output=errors --test_timeout=1800
+        .factory/test-core.sh //test/behaviour/typeql/language/update/... --test_output=errors --test_timeout=1800
     test-behaviour-writable-cluster:
       image: vaticle-ubuntu-22.04
       command: |
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-cluster.sh //test/behaviour/typeql/language/insert/... --test_output=errors
-        .factory/test-cluster.sh //test/behaviour/typeql/language/delete/... --test_output=errors
-        .factory/test-cluster.sh //test/behaviour/typeql/language/update/... --test_output=errors
+        .factory/test-cluster.sh //test/behaviour/typeql/language/insert/... --test_output=errors --test_timeout=1800
+        .factory/test-cluster.sh //test/behaviour/typeql/language/delete/... --test_output=errors --test_timeout=1800
+        .factory/test-cluster.sh //test/behaviour/typeql/language/update/... --test_output=errors --test_timeout=1800
     test-behaviour-definable-core:
       image: vaticle-ubuntu-22.04
       command: |
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-core.sh //test/behaviour/typeql/language/define/... --test_output=errors
-        .factory/test-core.sh //test/behaviour/typeql/language/undefine/... --test_output=errors
+        .factory/test-core.sh //test/behaviour/typeql/language/define/... --test_output=errors --test_timeout=1800
+        .factory/test-core.sh //test/behaviour/typeql/language/undefine/... --test_output=errors --test_timeout=1800
     test-behaviour-definable-cluster:
       image: vaticle-ubuntu-22.04
       command: |
         export ARTIFACT_USERNAME=$REPO_VATICLE_USERNAME
         export ARTIFACT_PASSWORD=$REPO_VATICLE_PASSWORD
         bazel run @vaticle_dependencies//distribution/artifact:create-netrc
-        .factory/test-cluster.sh //test/behaviour/typeql/language/define/... --test_output=errors
-        .factory/test-cluster.sh //test/behaviour/typeql/language/undefine/... --test_output=errors
+        .factory/test-cluster.sh //test/behaviour/typeql/language/define/... --test_output=errors --test_timeout=1800
+        .factory/test-cluster.sh //test/behaviour/typeql/language/undefine/... --test_output=errors --test_timeout=1800
     deploy-maven-snapshot:
       image: vaticle-ubuntu-22.04
       dependencies: [

common/exception/ErrorMessage.java

@@ -60,6 +60,8 @@ public static class Client extends ErrorMessage {
                 new Client(15, "The user '%s' does not exist.");
         public static final ErrorMessage CLUSTER_TOKEN_CREDENTIAL_INVALID =
                 new Client(16, "Invalid token credential.");
+        public static final ErrorMessage CLUSTER_PASSWORD_CREDENTIAL_EXPIRED =
+                new Client(17, "Expired password credential.");
 
         private static final String codePrefix = "CLI";
         private static final String messagePrefix = "Client Error";

common/exception/TypeDBClientException.java

@@ -31,6 +31,7 @@ public class TypeDBClientException extends RuntimeException {
     // TODO: propagate exception from the server side in a less-brittle way
     private static final String CLUSTER_REPLICA_NOT_PRIMARY_ERROR_CODE = "[RPL01]";
     private static final String CLUSTER_TOKEN_CREDENTIAL_INVALID_ERROR_CODE = "[CLS08]";
+    private static final String CLUSTER_PASSWORD_CREDENTIAL_EXPIRED_ERROR_CODE = "[CLS10]";
 
     @Nullable
     private final ErrorMessage errorMessage;
@@ -53,6 +54,8 @@ public static TypeDBClientException of(StatusRuntimeException sre) {
             return new TypeDBClientException(ErrorMessage.Client.CLUSTER_REPLICA_NOT_PRIMARY);
         } else if (isTokenCredentialInvalid(sre)) {
             return new TypeDBClientException(ErrorMessage.Client.CLUSTER_TOKEN_CREDENTIAL_INVALID);
+         } else if (isPasswordCredentialExpired(sre)) {
+            return new TypeDBClientException(ErrorMessage.Client.CLUSTER_PASSWORD_CREDENTIAL_EXPIRED);
         } else {
             return new TypeDBClientException(sre.getStatus().getDescription(), sre);
         }
@@ -77,6 +80,11 @@ private static boolean isTokenCredentialInvalid(StatusRuntimeException statusRun
                 statusRuntimeException.getStatus().getDescription().contains(CLUSTER_TOKEN_CREDENTIAL_INVALID_ERROR_CODE);
     }
 
+    private static boolean isPasswordCredentialExpired(StatusRuntimeException statusRuntimeException) {
+        return statusRuntimeException.getStatus().getCode() == Status.Code.UNAUTHENTICATED &&
+                statusRuntimeException.getStatus().getDescription() != null &&
+                statusRuntimeException.getStatus().getDescription().contains(CLUSTER_PASSWORD_CREDENTIAL_EXPIRED_ERROR_CODE);
+    }
     public String getName() {
         return this.getClass().getName();
     }

dependencies/vaticle/artifacts.bzl

@@ -29,7 +29,7 @@ def vaticle_typedb_artifact():
         artifact_name = "typedb-server-{platform}-{version}.{ext}",
         tag_source = deployment["artifact.release"],
         commit_source = deployment["artifact.snapshot"],
-        commit = "ab258158efd6f608fe6df2fb4ebf6e5d9f710765",
+        commit = "de6c2e8054b5c0fc6d8bc6e0071bc1a7c276efe6",
     )
 
 def vaticle_typedb_cluster_artifact():
@@ -39,5 +39,5 @@ def vaticle_typedb_cluster_artifact():
         artifact_name = "typedb-cluster-all-{platform}-{version}.{ext}",
         tag_source = deployment_private["artifact.release"],
         commit_source = deployment_private["artifact.snapshot"],
-        commit = "ff021f6201db41c1f81af1dfec5c90b8b9803efe",
+        commit = "302c0db2a29d515b75b7ef219ddfe3b85edbf9c8",
     )

dependencies/vaticle/repositories.bzl

@@ -31,8 +31,8 @@ def vaticle_typeql():
 def vaticle_typedb_common():
     git_repository(
         name = "vaticle_typedb_common",
-        remote = "https://github.com/vaticle/typedb-common",
-        commit = "01420b86213dc931ff97188daa06b9ecf06f3932" # sync-marker: do not remove this comment, this is used for sync-dependencies by @vaticle_typedb_common
+        remote = "https://github.com/jamesreprise/typedb-common",
+        commit = "a5d4ddf53e0f3bed3d73fa10137edf1a3732595e", # sync-marker: do not remove this comment, this is used for sync-dependencies by @vaticle_typedb_common
     )
 
 def vaticle_dependencies():
@@ -53,7 +53,7 @@ def vaticle_typedb_behaviour():
     git_repository(
         name = "vaticle_typedb_behaviour",
         remote = "https://github.com/vaticle/typedb-behaviour",
-        commit = "ff4f58b4db2200b907c60b28a2b8ee661449e9c0" # sync-marker: do not remove this comment, this is used for sync-dependencies by @vaticle_typedb_behaviour
+        commit = "a8c2bd79c4e440d4682e68bb15b4578456eefd2a" # sync-marker: do not remove this comment, this is used for sync-dependencies by @vaticle_typedb_behaviour
     )
 
 def vaticle_factory_tracing():

test/behaviour/BehaviourTest.java

@@ -21,7 +21,6 @@
 
 package com.vaticle.typedb.client.test.behaviour;
 
-import com.vaticle.typedb.common.test.TypeDBRunner;
 import com.vaticle.typedb.common.test.TypeDBSingleton;
 import org.junit.AfterClass;
 
@@ -33,8 +32,6 @@ public abstract class BehaviourTest {
 
     @AfterClass
     public static void afterAll() {
-        TypeDBRunner server = TypeDBSingleton.getTypeDBRunner();
-        assert server != null;
-        server.stop();
+        TypeDBSingleton.deleteTypeDBRunner();
     }
 }

test/behaviour/connection/BUILD

@@ -66,6 +66,7 @@ java_library(
         ":steps-base",
         "//:client-java",
         "//api:api",
+        "//test/behaviour/util:util",
         "@vaticle_typedb_common//test:typedb-runner",
 
         # External dependencies from Maven

test/behaviour/connection/ConnectionStepsBase.java

@@ -25,7 +25,6 @@
 import com.vaticle.typedb.client.api.TypeDBOptions;
 import com.vaticle.typedb.client.api.TypeDBSession;
 import com.vaticle.typedb.client.api.TypeDBTransaction;
-import com.vaticle.typedb.client.api.database.Database;
 import com.vaticle.typedb.common.test.TypeDBSingleton;
 
 import java.util.ArrayList;
@@ -40,9 +39,7 @@
 
 import static com.vaticle.typedb.common.collection.Collections.map;
 import static com.vaticle.typedb.common.collection.Collections.pair;
-import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 
 public abstract class ConnectionStepsBase {
@@ -68,7 +65,9 @@ public static TypeDBTransaction tx() {
         return sessionsToTransactions.get(sessions.get(0)).get(0);
     }
 
-    abstract void beforeAll();
+    void beforeAll() {
+        TypeDBSingleton.deleteTypeDBRunner();
+    }
 
     void before() {
         if (!isBeforeAllRan) {
@@ -78,13 +77,10 @@ void before() {
                 isBeforeAllRan = true;
             }
         }
-        assertNull(client);
-        String address = TypeDBSingleton.getTypeDBRunner().address();
-        assertNotNull(address);
-        client = createTypeDBClient(address);
-        client.databases().all().forEach(Database::delete);
         sessionOptions = createOptions().infer(true);
         transactionOptions = createOptions().infer(true);
+        TypeDBSingleton.resetTypeDBRunner();
+
         System.out.println("ConnectionSteps.before");
     }
 
@@ -105,21 +101,20 @@ void after() {
                 }));
         CompletableFuture.allOf(closures.toArray(CompletableFuture[]::new)).join();
         sessionsParallel.clear();
-
         sessionsToTransactions.clear();
         sessionsToTransactionsParallel.clear();
         sessionsParallelToTransactionsParallel.clear();
-        client.databases().all().forEach(Database::delete);
-        client.close();
-        assertFalse(client.isOpen());
-        client = null;
+
+        TypeDBSingleton.resetTypeDBRunner();
         System.out.println("ConnectionSteps.after");
     }
 
     abstract TypeDBClient createTypeDBClient(String address);
 
     abstract TypeDBOptions createOptions();
 
+    abstract void open_connection();
+
     void connection_has_been_opened() {
         assertNotNull(client);
         assertTrue(client.isOpen());
@@ -128,6 +123,6 @@ void connection_has_been_opened() {
     void connection_does_not_have_any_database() {
         assertNotNull(client);
         assertTrue(client.isOpen());
+        assertTrue(client.databases().all().isEmpty());
     }
-
 }

test/behaviour/connection/ConnectionStepsCluster.java

@@ -25,23 +25,25 @@
 import com.vaticle.typedb.client.api.TypeDBClient;
 import com.vaticle.typedb.client.api.TypeDBCredential;
 import com.vaticle.typedb.client.api.TypeDBOptions;
+import com.vaticle.typedb.common.test.TypeDBRunner;
 import com.vaticle.typedb.common.test.cluster.TypeDBClusterRunner;
 import com.vaticle.typedb.common.test.TypeDBSingleton;
 import io.cucumber.java.After;
 import io.cucumber.java.Before;
 import io.cucumber.java.en.Given;
+import io.cucumber.java.en.When;
 
-import java.io.IOException;
 import java.nio.file.Paths;
-import java.util.concurrent.TimeoutException;
+import java.util.HashMap;
+import java.util.Map;
+
+import static com.vaticle.typedb.client.test.behaviour.util.Util.assertThrows;
 
 public class ConnectionStepsCluster extends ConnectionStepsBase {
 
     @Override
-    void beforeAll() {
-        TypeDBClusterRunner cluster = TypeDBClusterRunner.create(Paths.get("."), 1);
-        cluster.start();
-        TypeDBSingleton.setTypeDBRunner(cluster);
+    public void beforeAll() {
+        super.beforeAll();
     }
 
     @Before
@@ -56,22 +58,80 @@ public synchronized void after() {
 
     @Override
     TypeDBClient createTypeDBClient(String address) {
-        return TypeDB.clusterClient(address, new TypeDBCredential("admin", "password", false));
+        return createTypeDBClient(address, "admin", "password", false);
+    }
+
+    TypeDBClient createTypeDBClient(String address, String username, String password, boolean tlsEnabled) {
+        return TypeDB.clusterClient(address, new TypeDBCredential(username, password, tlsEnabled));
     }
 
     @Override
     TypeDBOptions createOptions() {
         return TypeDBOptions.cluster();
     }
 
+    @Override
+    @When("open connection")
+    public void open_connection() {
+        client = createTypeDBClient(TypeDBSingleton.getTypeDBRunner().address());
+    }
+
     @Given("connection has been opened")
     public void connection_has_been_opened() {
         super.connection_has_been_opened();
     }
 
+    @Given("typedb has configuration")
+    public void typedb_has_configuration(Map<String, String> map) {
+        TypeDBSingleton.deleteTypeDBRunner();
+        Map<String, String> serverOpts = new HashMap<>();
+        for (Map.Entry<String, String> entry : map.entrySet()) {
+            serverOpts.put("--" + entry.getKey(), entry.getValue());
+        }
+        TypeDBClusterRunner clusterRunner = TypeDBClusterRunner.create(Paths.get("."), 1, serverOpts);
+        TypeDBSingleton.setTypeDBRunner(clusterRunner);
+    }
+
+    @When("typedb starts")
+    public void typedb_starts() {
+        TypeDBRunner runner = TypeDBSingleton.getTypeDBRunner();
+        if (runner != null && runner.isStopped()) {
+            runner.start();
+        } else {
+            TypeDBClusterRunner clusterRunner = TypeDBClusterRunner.create(Paths.get("."), 1);
+            TypeDBSingleton.setTypeDBRunner(clusterRunner);
+            clusterRunner.start();
+        }
+    }
+
+    @When("typedb stops")
+    public void typedb_stops() {
+        TypeDBSingleton.getTypeDBRunner().stop();
+    }
+
+    @When("user connect: {word}, {word}")
+    public void user_connect(String username, String password) {
+        if (client != null) {
+            client.close();
+            client = null;
+        }
+
+        client = createTypeDBClient(TypeDBSingleton.getTypeDBRunner().address(), username, password, false);
+    }
+
+    @When("user disconnect")
+    public void disconnect_current_user() {
+        client.close();
+        client = null;
+    }
+
+    @When("user connect: {word}, {word}; throws exception")
+    public void user_connect_throws_exception(String username, String password) {
+        assertThrows(() -> createTypeDBClient(TypeDBSingleton.getTypeDBRunner().address(), username, password, false));
+    }
+
     @Given("connection does not have any database")
     public void connection_does_not_have_any_database() {
         super.connection_does_not_have_any_database();
     }
-
 }