github.com/go-kivik/kivik/v4@v4.3.2/x/kivikd/authdb/usersdb/usersdb_test.go (about) 1 // Licensed under the Apache License, Version 2.0 (the "License"); you may not 2 // use this file except in compliance with the License. You may obtain a copy of 3 // the License at 4 // 5 // http://www.apache.org/licenses/LICENSE-2.0 6 // 7 // Unless required by applicable law or agreed to in writing, software 8 // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 9 // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 10 // License for the specific language governing permissions and limitations under 11 // the License. 12 13 package usersdb 14 15 import ( 16 "context" 17 "fmt" 18 "net/http" 19 "reflect" 20 "testing" 21 22 "github.com/go-kivik/kivik/v4" 23 _ "github.com/go-kivik/kivik/v4/couchdb" 24 "github.com/go-kivik/kivik/v4/kiviktest/kt" 25 "github.com/go-kivik/kivik/v4/x/kivikd/authdb" 26 ) 27 28 type tuser struct { 29 ID string `json:"_id"` 30 Name string `json:"name"` 31 Type string `json:"type"` 32 Roles []string `json:"roles"` 33 Password string `json:"password"` 34 } 35 36 func TestCouchAuth(t *testing.T) { 37 t.Skip("Reconfigure test not to require Docker") 38 client := kt.GetClient(t) 39 db := client.DB("_users") 40 if err := db.Err(); err != nil { 41 t.Fatalf("Failed to connect to db: %s", err) 42 } 43 name := kt.TestDBName(t) 44 user := &tuser{ 45 ID: kivik.UserPrefix + name, 46 Name: name, 47 Type: "user", 48 Roles: []string{"coolguy"}, 49 Password: "abc123", 50 } 51 rev, err := db.Put(context.Background(), user.ID, user) 52 if err != nil { 53 t.Fatalf("Failed to create user: %s", err) 54 } 55 defer db.Delete(context.Background(), user.ID, rev) // nolint:errcheck 56 auth := New(db) 57 t.Run("sync", func(t *testing.T) { 58 t.Run("Validate", func(t *testing.T) { 59 t.Parallel() 60 t.Run("ValidUser", func(t *testing.T) { 61 uCtx, err := auth.Validate(context.Background(), user.Name, "abc123") 62 if err != nil { 63 t.Errorf("Validation failure for good password: %s", err) 64 } 65 if uCtx == nil { 66 t.Errorf("User should have been validated") 67 } 68 }) 69 t.Run("WrongPassword", func(t *testing.T) { 70 uCtx, err := auth.Validate(context.Background(), user.Name, "foobar") 71 if kivik.HTTPStatus(err) != http.StatusUnauthorized { 72 t.Errorf("Expected Unauthorized password, got %s", err) 73 } 74 if uCtx != nil { 75 t.Errorf("User should not have been validated with wrong password") 76 } 77 }) 78 t.Run("MissingUser", func(t *testing.T) { 79 t.Parallel() 80 uCtx, err := auth.Validate(context.Background(), "nobody", "foo") 81 if kivik.HTTPStatus(err) != http.StatusUnauthorized { 82 t.Errorf("Expected Unauthorized for bad username, got %s", err) 83 } 84 if uCtx != nil { 85 t.Errorf("User should not have been validated with wrong username") 86 } 87 }) 88 }) 89 90 t.Run("Context", func(t *testing.T) { 91 t.Parallel() 92 t.Run("ValidUser", func(t *testing.T) { 93 t.Parallel() 94 uCtx, err := auth.UserCtx(context.Background(), user.Name) 95 if err != nil { 96 t.Errorf("Failed to get roles: %s", err) 97 } 98 uCtx.Salt = "" // It's random, so remove it 99 if !reflect.DeepEqual(uCtx, &authdb.UserContext{Name: user.Name, Roles: []string{"coolguy"}}) { 100 t.Errorf("Got unexpected output: %v", uCtx) 101 } 102 }) 103 t.Run("MissingUser", func(t *testing.T) { 104 t.Parallel() 105 _, err := auth.UserCtx(context.Background(), "nobody") 106 if kivik.HTTPStatus(err) != http.StatusNotFound { 107 var msg string 108 if err != nil { 109 msg = fmt.Sprintf(" Got: %s", err) 110 } 111 t.Errorf("Expected Not Found fetching roles: %s", msg) 112 } 113 }) 114 }) 115 }) 116 }