github.com/ablease/cli@v6.37.1-0.20180613014814-3adbb7d7fb19+incompatible/integration/isolated/auth_command_test.go (about)

     1  package isolated
     2  
     3  import (
     4  	"code.cloudfoundry.org/cli/integration/helpers"
     5  
     6  	. "github.com/onsi/ginkgo"
     7  	. "github.com/onsi/gomega"
     8  	. "github.com/onsi/gomega/gbytes"
     9  	. "github.com/onsi/gomega/gexec"
    10  )
    11  
    12  var _ = Describe("auth command", func() {
    13  	Context("Help", func() {
    14  		It("displays the help information", func() {
    15  			session := helpers.CF("auth", "--help")
    16  			Eventually(session).Should(Say("NAME:"))
    17  			Eventually(session).Should(Say("auth - Authenticate non-interactively\n\n"))
    18  
    19  			Eventually(session).Should(Say("USAGE:"))
    20  			Eventually(session).Should(Say("cf auth USERNAME PASSWORD\n"))
    21  			Eventually(session).Should(Say("cf auth CLIENT_ID CLIENT_SECRET --client-credentials\n\n"))
    22  
    23  			Eventually(session).Should(Say("ENVIRONMENT VARIABLES:"))
    24  			Eventually(session).Should(Say("CF_USERNAME=user\\s+Authenticating user. Overridden if USERNAME argument is provided."))
    25  			Eventually(session).Should(Say("CF_PASSWORD=password\\s+Password associated with user. Overriden if PASSWORD argument is provided."))
    26  
    27  			Eventually(session).Should(Say("WARNING:"))
    28  			Eventually(session).Should(Say("Providing your password as a command line option is highly discouraged"))
    29  			Eventually(session).Should(Say("Your password may be visible to others and may be recorded in your shell history\n"))
    30  			Eventually(session).Should(Say("Consider using the CF_PASSWORD environment variable instead\n\n"))
    31  
    32  			Eventually(session).Should(Say("EXAMPLES:"))
    33  			Eventually(session).Should(Say("cf auth name@example\\.com \"my password\" \\(use quotes for passwords with a space\\)"))
    34  			Eventually(session).Should(Say("cf auth name@example\\.com \\\"\\\\\"password\\\\\"\\\" \\(escape quotes if used in password\\)\n\n"))
    35  
    36  			Eventually(session).Should(Say("OPTIONS:"))
    37  			Eventually(session).Should(Say("--client-credentials\\s+Use \\(non-user\\) service account \\(also called client credentials\\)\n\n"))
    38  
    39  			Eventually(session).Should(Say("SEE ALSO:"))
    40  			Eventually(session).Should(Say("api, login, target"))
    41  
    42  			Eventually(session).Should(Exit(0))
    43  		})
    44  	})
    45  
    46  	Context("when no positional arguments are provided", func() {
    47  		Context("and no env variables are provided", func() {
    48  			It("errors-out with the help information", func() {
    49  				session := helpers.CF("auth")
    50  				Eventually(session.Err).Should(Say("Username and password not provided."))
    51  				Eventually(session).Should(Say("NAME:"))
    52  
    53  				Eventually(session).Should(Exit(1))
    54  			})
    55  		})
    56  
    57  		Context("when env variables are provided", func() {
    58  			It("authenticates the user", func() {
    59  				username, password := helpers.GetCredentials()
    60  				env := map[string]string{
    61  					"CF_USERNAME": username,
    62  					"CF_PASSWORD": password,
    63  				}
    64  				session := helpers.CFWithEnv(env, "auth")
    65  
    66  				Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI()))
    67  				Eventually(session).Should(Say("Authenticating\\.\\.\\."))
    68  				Eventually(session).Should(Say("OK"))
    69  				Eventually(session).Should(Say("Use 'cf target' to view or set your target org and space"))
    70  
    71  				Eventually(session).Should(Exit(0))
    72  			})
    73  		})
    74  	})
    75  
    76  	Context("when only a username is provided", func() {
    77  		It("errors-out with a password required error and the help information", func() {
    78  			session := helpers.CF("auth", "some-user")
    79  			Eventually(session.Err).Should(Say("Password not provided."))
    80  			Eventually(session).Should(Say("NAME:"))
    81  
    82  			Eventually(session).Should(Exit(1))
    83  		})
    84  	})
    85  
    86  	Context("when only a password is provided", func() {
    87  		It("errors-out with a username required error and the help information", func() {
    88  			env := map[string]string{
    89  				"CF_PASSWORD": "some-pass",
    90  			}
    91  			session := helpers.CFWithEnv(env, "auth")
    92  			Eventually(session.Err).Should(Say("Username not provided."))
    93  			Eventually(session).Should(Say("NAME:"))
    94  
    95  			Eventually(session).Should(Exit(1))
    96  		})
    97  	})
    98  
    99  	Context("when too many arguments are provided", func() {
   100  		It("displays an 'unknown flag' error message", func() {
   101  			session := helpers.CF("auth", "some-username", "some-password", "-a", "api.bosh-lite.com")
   102  
   103  			Eventually(session.Err).Should(Say("Incorrect Usage: unknown flag `a'"))
   104  			Eventually(session).Should(Say("NAME:"))
   105  
   106  			Eventually(session).Should(Exit(1))
   107  		})
   108  	})
   109  
   110  	Context("when the API endpoint is not set", func() {
   111  		BeforeEach(func() {
   112  			helpers.UnsetAPI()
   113  		})
   114  
   115  		It("displays an error message", func() {
   116  			session := helpers.CF("auth", "some-username", "some-password")
   117  
   118  			Eventually(session).Should(Say("FAILED"))
   119  			Eventually(session.Err).Should(Say("No API endpoint set\\. Use 'cf login' or 'cf api' to target an endpoint\\."))
   120  
   121  			Eventually(session).Should(Exit(1))
   122  		})
   123  	})
   124  
   125  	Context("when no flags are set (logging in with password grant type)", func() {
   126  		Context("when the user provides an invalid username/password combo", func() {
   127  			BeforeEach(func() {
   128  				helpers.LoginCF()
   129  				helpers.TargetOrgAndSpace(ReadOnlyOrg, ReadOnlySpace)
   130  			})
   131  
   132  			It("clears the cached tokens and target info, then displays an error message", func() {
   133  				session := helpers.CF("auth", "some-username", "some-password")
   134  
   135  				Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI()))
   136  				Eventually(session).Should(Say("Authenticating\\.\\.\\."))
   137  				Eventually(session).Should(Say("FAILED"))
   138  				Eventually(session.Err).Should(Say("Credentials were rejected, please try again\\."))
   139  				Eventually(session).Should(Exit(1))
   140  
   141  				// Verify that the user is not logged-in
   142  				targetSession1 := helpers.CF("target")
   143  				Eventually(targetSession1.Err).Should(Say("Not logged in\\. Use 'cf login' to log in\\."))
   144  				Eventually(targetSession1).Should(Say("FAILED"))
   145  				Eventually(targetSession1).Should(Exit(1))
   146  
   147  				// Verify that neither org nor space is targeted
   148  				helpers.LoginCF()
   149  				targetSession2 := helpers.CF("target")
   150  				Eventually(targetSession2).Should(Say("No org or space targeted, use 'cf target -o ORG -s SPACE'"))
   151  				Eventually(targetSession2).Should(Exit(0))
   152  			})
   153  		})
   154  
   155  		Context("when the username and password are valid", func() {
   156  			It("authenticates the user", func() {
   157  				username, password := helpers.GetCredentials()
   158  				session := helpers.CF("auth", username, password)
   159  
   160  				Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI()))
   161  				Eventually(session).Should(Say("Authenticating\\.\\.\\."))
   162  				Eventually(session).Should(Say("OK"))
   163  				Eventually(session).Should(Say("Use 'cf target' to view or set your target org and space"))
   164  
   165  				Eventually(session).Should(Exit(0))
   166  			})
   167  		})
   168  	})
   169  
   170  	Context("when the 'client-credentials' flag is set", func() {
   171  		Context("when the user provides an invalid client id/secret combo", func() {
   172  			BeforeEach(func() {
   173  				helpers.LoginCF()
   174  				helpers.TargetOrgAndSpace(ReadOnlyOrg, ReadOnlySpace)
   175  			})
   176  
   177  			It("clears the cached tokens and target info, then displays an error message", func() {
   178  				session := helpers.CF("auth", "some-client-id", "some-client-secret", "--client-credentials")
   179  
   180  				Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI()))
   181  				Eventually(session).Should(Say("Authenticating\\.\\.\\."))
   182  				Eventually(session).Should(Say("FAILED"))
   183  				Eventually(session.Err).Should(Say("Credentials were rejected, please try again\\."))
   184  				Eventually(session).Should(Exit(1))
   185  
   186  				// Verify that the user is not logged-in
   187  				targetSession1 := helpers.CF("target")
   188  				Eventually(targetSession1.Err).Should(Say("Not logged in\\. Use 'cf login' to log in\\."))
   189  				Eventually(targetSession1).Should(Say("FAILED"))
   190  				Eventually(targetSession1).Should(Exit(1))
   191  
   192  				// Verify that neither org nor space is targeted
   193  				helpers.LoginCF()
   194  				targetSession2 := helpers.CF("target")
   195  				Eventually(targetSession2).Should(Say("No org or space targeted, use 'cf target -o ORG -s SPACE'"))
   196  				Eventually(targetSession2).Should(Exit(0))
   197  			})
   198  		})
   199  
   200  		Context("when the client id and client secret are valid", func() {
   201  			It("authenticates the user", func() {
   202  				clientID, clientSecret := helpers.SkipIfClientCredentialsNotSet()
   203  				session := helpers.CF("auth", clientID, clientSecret, "--client-credentials")
   204  
   205  				Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI()))
   206  				Eventually(session).Should(Say("Authenticating\\.\\.\\."))
   207  				Eventually(session).Should(Say("OK"))
   208  				Eventually(session).Should(Say("Use 'cf target' to view or set your target org and space"))
   209  
   210  				Eventually(session).Should(Exit(0))
   211  			})
   212  		})
   213  	})
   214  
   215  	Context("when a user authenticates with valid client credentials", func() {
   216  		BeforeEach(func() {
   217  			clientID, clientSecret := helpers.SkipIfClientCredentialsNotSet()
   218  			session := helpers.CF("auth", clientID, clientSecret, "--client-credentials")
   219  			Eventually(session).Should(Exit(0))
   220  		})
   221  
   222  		Context("when a different user authenticates with valid password credentials", func() {
   223  			It("should fail authentication and display an error informing the user they need to log out", func() {
   224  				username, password := helpers.GetCredentials()
   225  				session := helpers.CF("auth", username, password)
   226  
   227  				Eventually(session).Should(Say("FAILED"))
   228  				Eventually(session.Err).Should(Say("Service account currently logged in\\. Use 'cf logout' to log out service account and try again\\."))
   229  				Eventually(session).Should(Exit(1))
   230  			})
   231  		})
   232  	})
   233  })