github.com/cloudfoundry/cli@v7.1.0+incompatible/actor/v3action/auth_test.go (about) 1 package v3action_test 2 3 import ( 4 "errors" 5 6 . "github.com/onsi/ginkgo" 7 . "github.com/onsi/gomega" 8 9 "code.cloudfoundry.org/cli/actor/actionerror" 10 . "code.cloudfoundry.org/cli/actor/v3action" 11 "code.cloudfoundry.org/cli/actor/v3action/v3actionfakes" 12 "code.cloudfoundry.org/cli/api/uaa/constant" 13 "code.cloudfoundry.org/cli/cf/configuration/coreconfig" 14 ) 15 16 var _ = Describe("Auth Actions", func() { 17 var ( 18 actor *Actor 19 fakeUAAClient *v3actionfakes.FakeUAAClient 20 fakeConfig *v3actionfakes.FakeConfig 21 creds map[string]string 22 ) 23 24 BeforeEach(func() { 25 fakeUAAClient = new(v3actionfakes.FakeUAAClient) 26 fakeConfig = new(v3actionfakes.FakeConfig) 27 actor = NewActor(nil, fakeConfig, nil, fakeUAAClient) 28 creds = map[string]string{ 29 "client_id": "some-username", 30 "client_secret": "some-password", 31 "origin": "uaa", 32 } 33 }) 34 35 Describe("Authenticate", func() { 36 var ( 37 grantType constant.GrantType 38 actualErr error 39 ) 40 41 JustBeforeEach(func() { 42 actualErr = actor.Authenticate(creds, "uaa", grantType) 43 }) 44 45 When("no API errors occur", func() { 46 BeforeEach(func() { 47 fakeUAAClient.AuthenticateReturns( 48 "some-access-token", 49 "some-refresh-token", 50 nil, 51 ) 52 }) 53 54 When("the grant type is a password grant", func() { 55 BeforeEach(func() { 56 grantType = constant.GrantTypePassword 57 }) 58 59 It("authenticates the user and returns access and refresh tokens", func() { 60 Expect(actualErr).NotTo(HaveOccurred()) 61 62 Expect(fakeUAAClient.AuthenticateCallCount()).To(Equal(1)) 63 creds, origin, passedGrantType := fakeUAAClient.AuthenticateArgsForCall(0) 64 Expect(creds["client_id"]).To(Equal("some-username")) 65 Expect(creds["client_secret"]).To(Equal("some-password")) 66 Expect(origin).To(Equal("uaa")) 67 Expect(passedGrantType).To(Equal(constant.GrantTypePassword)) 68 69 Expect(fakeConfig.SetTokenInformationCallCount()).To(Equal(1)) 70 accessToken, refreshToken, sshOAuthClient := fakeConfig.SetTokenInformationArgsForCall(0) 71 Expect(accessToken).To(Equal("bearer some-access-token")) 72 Expect(refreshToken).To(Equal("some-refresh-token")) 73 Expect(sshOAuthClient).To(BeEmpty()) 74 75 Expect(fakeConfig.UnsetOrganizationAndSpaceInformationCallCount()).To(Equal(1)) 76 Expect(fakeConfig.SetUAAGrantTypeCallCount()).To(Equal(1)) 77 Expect(fakeConfig.SetUAAGrantTypeArgsForCall(0)).To(Equal("")) 78 }) 79 80 When("a previous user authenticated with a client grant type", func() { 81 BeforeEach(func() { 82 fakeConfig.UAAGrantTypeReturns("client_credentials") 83 }) 84 It("returns a PasswordGrantTypeLogoutRequiredError", func() { 85 Expect(actualErr).To(MatchError(actionerror.PasswordGrantTypeLogoutRequiredError{})) 86 Expect(fakeConfig.UAAGrantTypeCallCount()).To(Equal(1)) 87 }) 88 }) 89 }) 90 91 When("the grant type is not password", func() { 92 BeforeEach(func() { 93 grantType = constant.GrantTypeClientCredentials 94 }) 95 96 It("stores the grant type and the client id", func() { 97 Expect(fakeConfig.SetUAAClientCredentialsCallCount()).To(Equal(1)) 98 client, clientSecret := fakeConfig.SetUAAClientCredentialsArgsForCall(0) 99 Expect(client).To(Equal("some-username")) 100 Expect(clientSecret).To(BeEmpty()) 101 Expect(fakeConfig.SetUAAGrantTypeCallCount()).To(Equal(1)) 102 Expect(fakeConfig.SetUAAGrantTypeArgsForCall(0)).To(Equal(string(constant.GrantTypeClientCredentials))) 103 }) 104 }) 105 106 When("extra information is needed to authenticate, e.g., MFA", func() { 107 BeforeEach(func() { 108 creds = map[string]string{ 109 "username": "some-username", 110 "password": "some-password", 111 "mfaCode": "some-one-time-code", 112 } 113 }) 114 115 It("passes the extra information on to the UAA client", func() { 116 uaaCredentials, _, _ := fakeUAAClient.AuthenticateArgsForCall(0) 117 Expect(uaaCredentials).To(BeEquivalentTo(map[string]string{ 118 "username": "some-username", 119 "password": "some-password", 120 "mfaCode": "some-one-time-code", 121 })) 122 }) 123 }) 124 }) 125 126 When("an API error occurs", func() { 127 var expectedErr error 128 129 BeforeEach(func() { 130 expectedErr = errors.New("some error") 131 fakeUAAClient.AuthenticateReturns( 132 "", 133 "", 134 expectedErr, 135 ) 136 }) 137 138 It("returns the error", func() { 139 Expect(actualErr).To(MatchError(expectedErr)) 140 141 Expect(fakeConfig.SetTokenInformationCallCount()).To(Equal(1)) 142 accessToken, refreshToken, sshOAuthClient := fakeConfig.SetTokenInformationArgsForCall(0) 143 Expect(accessToken).To(BeEmpty()) 144 Expect(refreshToken).To(BeEmpty()) 145 Expect(sshOAuthClient).To(BeEmpty()) 146 147 Expect(fakeConfig.UnsetOrganizationAndSpaceInformationCallCount()).To(Equal(1)) 148 }) 149 }) 150 }) 151 152 Describe("GetLoginPrompts", func() { 153 When("getting login prompts info from UAA", func() { 154 var ( 155 prompts map[string]coreconfig.AuthPrompt 156 ) 157 158 BeforeEach(func() { 159 fakeUAAClient.LoginPromptsReturns(map[string][]string{ 160 "username": {"text", "Email"}, 161 "pin": {"password", "PIN Number"}, 162 }) 163 prompts = actor.GetLoginPrompts() 164 }) 165 166 It("gets the login prompts", func() { 167 Expect(prompts).To(Equal(map[string]coreconfig.AuthPrompt{ 168 "username": { 169 DisplayName: "Email", 170 Type: coreconfig.AuthPromptTypeText, 171 }, 172 "pin": { 173 DisplayName: "PIN Number", 174 Type: coreconfig.AuthPromptTypePassword, 175 }, 176 })) 177 }) 178 }) 179 }) 180 })