github.com/ablease/cli@v6.37.1-0.20180613014814-3adbb7d7fb19+incompatible/integration/isolated/auth_command_test.go (about) 1 package isolated 2 3 import ( 4 "code.cloudfoundry.org/cli/integration/helpers" 5 6 . "github.com/onsi/ginkgo" 7 . "github.com/onsi/gomega" 8 . "github.com/onsi/gomega/gbytes" 9 . "github.com/onsi/gomega/gexec" 10 ) 11 12 var _ = Describe("auth command", func() { 13 Context("Help", func() { 14 It("displays the help information", func() { 15 session := helpers.CF("auth", "--help") 16 Eventually(session).Should(Say("NAME:")) 17 Eventually(session).Should(Say("auth - Authenticate non-interactively\n\n")) 18 19 Eventually(session).Should(Say("USAGE:")) 20 Eventually(session).Should(Say("cf auth USERNAME PASSWORD\n")) 21 Eventually(session).Should(Say("cf auth CLIENT_ID CLIENT_SECRET --client-credentials\n\n")) 22 23 Eventually(session).Should(Say("ENVIRONMENT VARIABLES:")) 24 Eventually(session).Should(Say("CF_USERNAME=user\\s+Authenticating user. Overridden if USERNAME argument is provided.")) 25 Eventually(session).Should(Say("CF_PASSWORD=password\\s+Password associated with user. Overriden if PASSWORD argument is provided.")) 26 27 Eventually(session).Should(Say("WARNING:")) 28 Eventually(session).Should(Say("Providing your password as a command line option is highly discouraged")) 29 Eventually(session).Should(Say("Your password may be visible to others and may be recorded in your shell history\n")) 30 Eventually(session).Should(Say("Consider using the CF_PASSWORD environment variable instead\n\n")) 31 32 Eventually(session).Should(Say("EXAMPLES:")) 33 Eventually(session).Should(Say("cf auth name@example\\.com \"my password\" \\(use quotes for passwords with a space\\)")) 34 Eventually(session).Should(Say("cf auth name@example\\.com \\\"\\\\\"password\\\\\"\\\" \\(escape quotes if used in password\\)\n\n")) 35 36 Eventually(session).Should(Say("OPTIONS:")) 37 Eventually(session).Should(Say("--client-credentials\\s+Use \\(non-user\\) service account \\(also called client credentials\\)\n\n")) 38 39 Eventually(session).Should(Say("SEE ALSO:")) 40 Eventually(session).Should(Say("api, login, target")) 41 42 Eventually(session).Should(Exit(0)) 43 }) 44 }) 45 46 Context("when no positional arguments are provided", func() { 47 Context("and no env variables are provided", func() { 48 It("errors-out with the help information", func() { 49 session := helpers.CF("auth") 50 Eventually(session.Err).Should(Say("Username and password not provided.")) 51 Eventually(session).Should(Say("NAME:")) 52 53 Eventually(session).Should(Exit(1)) 54 }) 55 }) 56 57 Context("when env variables are provided", func() { 58 It("authenticates the user", func() { 59 username, password := helpers.GetCredentials() 60 env := map[string]string{ 61 "CF_USERNAME": username, 62 "CF_PASSWORD": password, 63 } 64 session := helpers.CFWithEnv(env, "auth") 65 66 Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI())) 67 Eventually(session).Should(Say("Authenticating\\.\\.\\.")) 68 Eventually(session).Should(Say("OK")) 69 Eventually(session).Should(Say("Use 'cf target' to view or set your target org and space")) 70 71 Eventually(session).Should(Exit(0)) 72 }) 73 }) 74 }) 75 76 Context("when only a username is provided", func() { 77 It("errors-out with a password required error and the help information", func() { 78 session := helpers.CF("auth", "some-user") 79 Eventually(session.Err).Should(Say("Password not provided.")) 80 Eventually(session).Should(Say("NAME:")) 81 82 Eventually(session).Should(Exit(1)) 83 }) 84 }) 85 86 Context("when only a password is provided", func() { 87 It("errors-out with a username required error and the help information", func() { 88 env := map[string]string{ 89 "CF_PASSWORD": "some-pass", 90 } 91 session := helpers.CFWithEnv(env, "auth") 92 Eventually(session.Err).Should(Say("Username not provided.")) 93 Eventually(session).Should(Say("NAME:")) 94 95 Eventually(session).Should(Exit(1)) 96 }) 97 }) 98 99 Context("when too many arguments are provided", func() { 100 It("displays an 'unknown flag' error message", func() { 101 session := helpers.CF("auth", "some-username", "some-password", "-a", "api.bosh-lite.com") 102 103 Eventually(session.Err).Should(Say("Incorrect Usage: unknown flag `a'")) 104 Eventually(session).Should(Say("NAME:")) 105 106 Eventually(session).Should(Exit(1)) 107 }) 108 }) 109 110 Context("when the API endpoint is not set", func() { 111 BeforeEach(func() { 112 helpers.UnsetAPI() 113 }) 114 115 It("displays an error message", func() { 116 session := helpers.CF("auth", "some-username", "some-password") 117 118 Eventually(session).Should(Say("FAILED")) 119 Eventually(session.Err).Should(Say("No API endpoint set\\. Use 'cf login' or 'cf api' to target an endpoint\\.")) 120 121 Eventually(session).Should(Exit(1)) 122 }) 123 }) 124 125 Context("when no flags are set (logging in with password grant type)", func() { 126 Context("when the user provides an invalid username/password combo", func() { 127 BeforeEach(func() { 128 helpers.LoginCF() 129 helpers.TargetOrgAndSpace(ReadOnlyOrg, ReadOnlySpace) 130 }) 131 132 It("clears the cached tokens and target info, then displays an error message", func() { 133 session := helpers.CF("auth", "some-username", "some-password") 134 135 Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI())) 136 Eventually(session).Should(Say("Authenticating\\.\\.\\.")) 137 Eventually(session).Should(Say("FAILED")) 138 Eventually(session.Err).Should(Say("Credentials were rejected, please try again\\.")) 139 Eventually(session).Should(Exit(1)) 140 141 // Verify that the user is not logged-in 142 targetSession1 := helpers.CF("target") 143 Eventually(targetSession1.Err).Should(Say("Not logged in\\. Use 'cf login' to log in\\.")) 144 Eventually(targetSession1).Should(Say("FAILED")) 145 Eventually(targetSession1).Should(Exit(1)) 146 147 // Verify that neither org nor space is targeted 148 helpers.LoginCF() 149 targetSession2 := helpers.CF("target") 150 Eventually(targetSession2).Should(Say("No org or space targeted, use 'cf target -o ORG -s SPACE'")) 151 Eventually(targetSession2).Should(Exit(0)) 152 }) 153 }) 154 155 Context("when the username and password are valid", func() { 156 It("authenticates the user", func() { 157 username, password := helpers.GetCredentials() 158 session := helpers.CF("auth", username, password) 159 160 Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI())) 161 Eventually(session).Should(Say("Authenticating\\.\\.\\.")) 162 Eventually(session).Should(Say("OK")) 163 Eventually(session).Should(Say("Use 'cf target' to view or set your target org and space")) 164 165 Eventually(session).Should(Exit(0)) 166 }) 167 }) 168 }) 169 170 Context("when the 'client-credentials' flag is set", func() { 171 Context("when the user provides an invalid client id/secret combo", func() { 172 BeforeEach(func() { 173 helpers.LoginCF() 174 helpers.TargetOrgAndSpace(ReadOnlyOrg, ReadOnlySpace) 175 }) 176 177 It("clears the cached tokens and target info, then displays an error message", func() { 178 session := helpers.CF("auth", "some-client-id", "some-client-secret", "--client-credentials") 179 180 Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI())) 181 Eventually(session).Should(Say("Authenticating\\.\\.\\.")) 182 Eventually(session).Should(Say("FAILED")) 183 Eventually(session.Err).Should(Say("Credentials were rejected, please try again\\.")) 184 Eventually(session).Should(Exit(1)) 185 186 // Verify that the user is not logged-in 187 targetSession1 := helpers.CF("target") 188 Eventually(targetSession1.Err).Should(Say("Not logged in\\. Use 'cf login' to log in\\.")) 189 Eventually(targetSession1).Should(Say("FAILED")) 190 Eventually(targetSession1).Should(Exit(1)) 191 192 // Verify that neither org nor space is targeted 193 helpers.LoginCF() 194 targetSession2 := helpers.CF("target") 195 Eventually(targetSession2).Should(Say("No org or space targeted, use 'cf target -o ORG -s SPACE'")) 196 Eventually(targetSession2).Should(Exit(0)) 197 }) 198 }) 199 200 Context("when the client id and client secret are valid", func() { 201 It("authenticates the user", func() { 202 clientID, clientSecret := helpers.SkipIfClientCredentialsNotSet() 203 session := helpers.CF("auth", clientID, clientSecret, "--client-credentials") 204 205 Eventually(session).Should(Say("API endpoint: %s", helpers.GetAPI())) 206 Eventually(session).Should(Say("Authenticating\\.\\.\\.")) 207 Eventually(session).Should(Say("OK")) 208 Eventually(session).Should(Say("Use 'cf target' to view or set your target org and space")) 209 210 Eventually(session).Should(Exit(0)) 211 }) 212 }) 213 }) 214 215 Context("when a user authenticates with valid client credentials", func() { 216 BeforeEach(func() { 217 clientID, clientSecret := helpers.SkipIfClientCredentialsNotSet() 218 session := helpers.CF("auth", clientID, clientSecret, "--client-credentials") 219 Eventually(session).Should(Exit(0)) 220 }) 221 222 Context("when a different user authenticates with valid password credentials", func() { 223 It("should fail authentication and display an error informing the user they need to log out", func() { 224 username, password := helpers.GetCredentials() 225 session := helpers.CF("auth", username, password) 226 227 Eventually(session).Should(Say("FAILED")) 228 Eventually(session.Err).Should(Say("Service account currently logged in\\. Use 'cf logout' to log out service account and try again\\.")) 229 Eventually(session).Should(Exit(1)) 230 }) 231 }) 232 }) 233 })