github.com/greenpau/go-authcrunch@v1.1.4/pkg/ids/ldap/store_test.go (about) 1 // Copyright 2022 Paul Greenberg greenpau@outlook.com 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package ldap 16 17 import ( 18 "fmt" 19 "github.com/greenpau/go-authcrunch/internal/tests" 20 // "github.com/greenpau/go-authcrunch/internal/testutils" 21 // "github.com/greenpau/go-authcrunch/pkg/authn/enums/operator" 22 "github.com/greenpau/go-authcrunch/pkg/errors" 23 // "github.com/greenpau/go-authcrunch/pkg/requests" 24 logutil "github.com/greenpau/go-authcrunch/pkg/util/log" 25 "go.uber.org/zap" 26 "testing" 27 ) 28 29 var ( 30 testConfig1 = &Config{ 31 Name: "contoso.com", 32 Realm: "contoso.com", 33 SearchBaseDN: "DC=CONTOSO,DC=COM", 34 Servers: []AuthServer{ 35 { 36 Address: "ldaps://localhost:636", 37 IgnoreCertErrors: true, 38 }, 39 }, 40 BindUsername: "CN=authzsvc,OU=Service Accounts,OU=Administrative Accounts,DC=CONTOSO,DC=COM", 41 BindPassword: "P@ssW0rd123", 42 Groups: []UserGroup{ 43 { 44 GroupDN: "CN=Admins,OU=Security,OU=Groups,DC=CONTOSO,DC=COM", 45 Roles: []string{"admin"}, 46 }, 47 { 48 GroupDN: "CN=Editors,OU=Security,OU=Groups,DC=CONTOSO,DC=COM", 49 Roles: []string{"editor"}, 50 }, 51 { 52 GroupDN: "CN=Viewers,OU=Security,OU=Groups,DC=CONTOSO,DC=COM", 53 Roles: []string{"viewer"}, 54 }, 55 }, 56 } 57 ) 58 59 func TestNewIdentityStore(t *testing.T) { 60 testcases := []struct { 61 name string 62 config *Config 63 logger *zap.Logger 64 testRequests bool 65 publicKeysEnabled bool 66 want map[string]interface{} 67 68 errPhase string 69 shouldErr bool 70 err error 71 }{ 72 { 73 name: "test ldap store", 74 config: testConfig1, 75 logger: logutil.NewLogger(), 76 want: map[string]interface{}{ 77 "name": "contoso.com", 78 "kind": "ldap", 79 "realm": "contoso.com", 80 "config": map[string]interface{}{ 81 "name": "contoso.com", 82 "realm": "contoso.com", 83 "bind_password": "**masked**", 84 "bind_username": "CN=authzsvc,OU=Service Accounts,OU=Administrative Accounts,DC=CONTOSO,DC=COM", 85 "search_base_dn": "DC=CONTOSO,DC=COM", 86 "search_group_filter": "(&(uniqueMember=%s)(objectClass=groupOfUniqueNames))", 87 "search_user_filter": "(&(|(sAMAccountName=%s)(mail=%s))(objectclass=user))", 88 "attributes": map[string]interface{}{ 89 "email": "mail", 90 "member_of": "memberOf", 91 "name": "givenName", 92 "surname": "sn", 93 "username": "sAMAccountName", 94 }, 95 "servers": []interface{}{ 96 map[string]interface{}{ 97 "address": "ldaps://localhost:636", 98 "ignore_cert_errors": true, 99 }, 100 }, 101 "groups": []interface{}{ 102 map[string]interface{}{ 103 "dn": "CN=Admins,OU=Security,OU=Groups,DC=CONTOSO,DC=COM", 104 "roles": []interface{}{"admin"}, 105 }, 106 map[string]interface{}{ 107 "dn": "CN=Editors,OU=Security,OU=Groups,DC=CONTOSO,DC=COM", 108 "roles": []interface{}{"editor"}, 109 }, 110 map[string]interface{}{ 111 "dn": "CN=Viewers,OU=Security,OU=Groups,DC=CONTOSO,DC=COM", 112 "roles": []interface{}{"viewer"}, 113 }, 114 }, 115 "login_icon": map[string]interface{}{ 116 "background_color": string("#324960"), 117 "class_name": string("las la-shield-alt la-2x"), 118 "color": string("white"), 119 "text_color": string("#37474f"), 120 }, 121 }, 122 "configured": true, 123 }, 124 }, 125 { 126 name: "test empty config name", 127 config: &Config{ 128 Realm: "contoso.com", 129 }, 130 logger: logutil.NewLogger(), 131 shouldErr: true, 132 errPhase: "initialize", 133 err: errors.ErrIdentityStoreConfigureNameEmpty, 134 }, 135 { 136 name: "test empty config realm", 137 config: &Config{ 138 Name: "ldap_store", 139 }, 140 logger: logutil.NewLogger(), 141 shouldErr: true, 142 errPhase: "initialize", 143 err: errors.ErrIdentityStoreConfigureRealmEmpty, 144 }, 145 { 146 name: "test empty logger", 147 config: &Config{ 148 Name: "ldap_store", 149 Realm: "contoso.com", 150 }, 151 shouldErr: true, 152 errPhase: "initialize", 153 err: errors.ErrIdentityStoreConfigureLoggerNotFound, 154 }, 155 } 156 for _, tc := range testcases { 157 t.Run(tc.name, func(t *testing.T) { 158 got := make(map[string]interface{}) 159 msgs := []string{fmt.Sprintf("test name: %s", tc.name)} 160 // msgs = append(msgs, fmt.Sprintf("db path: %v", tc.config.Path)) 161 msgs = append(msgs, fmt.Sprintf("config:\n%v", tc.config)) 162 163 st, err := NewIdentityStore(tc.config, tc.logger) 164 if tc.errPhase == "initialize" { 165 if tests.EvalErrWithLog(t, err, "NewIdentityStore", tc.shouldErr, tc.err, msgs) { 166 return 167 } 168 } else { 169 if tests.EvalErrWithLog(t, err, "NewIdentityStore", false, nil, msgs) { 170 return 171 } 172 } 173 174 err = st.Configure() 175 if tc.errPhase == "configure" { 176 if tests.EvalErrWithLog(t, err, "IdentityStore.Configure", tc.shouldErr, tc.err, msgs) { 177 return 178 } 179 } else { 180 if tests.EvalErrWithLog(t, err, "IdentityStore.Configure", false, nil, msgs) { 181 return 182 } 183 } 184 185 got["name"] = st.GetName() 186 got["realm"] = st.GetRealm() 187 got["kind"] = st.GetKind() 188 got["config"] = st.GetConfig() 189 got["configured"] = st.Configured() 190 191 tests.EvalObjectsWithLog(t, "config", tc.want, got, msgs) 192 }) 193 } 194 }