github.com/keybase/client/go@v0.0.0-20240309051027-028f7c731f8b/ephemeral/selfprovision_test.go

github.com/keybase/client/go@v0.0.0-20240309051027-028f7c731f8b/ephemeral/selfprovision_test.go (about)

     1  package ephemeral
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/keybase/client/go/engine"
     7  	"github.com/keybase/client/go/kbtest"
     8  	"github.com/keybase/client/go/libkb"
     9  	"github.com/stretchr/testify/require"
    10  )
    11  
    12  func TestEphemeralSelfProvision(t *testing.T) {
    13  	tc, mctx, user := ephemeralKeyTestSetup(t)
    14  	defer tc.Cleanup()
    15  
    16  	g := tc.G
    17  	teamID := createTeam(tc)
    18  
    19  	ekLib := g.GetEKLib()
    20  	teamEK1, created, err := ekLib.GetOrCreateLatestTeamEK(mctx, teamID)
    21  	require.NoError(t, err)
    22  	require.True(t, created)
    23  
    24  	// Publish a few deviceEKs on the cloned account and make sure the self
    25  	// provision goes through successfully and we can continue to generate
    26  	// deviceEKs after.
    27  	merkleRootPtr, err := g.GetMerkleClient().FetchRootFromServer(mctx, libkb.EphemeralKeyMerkleFreshness)
    28  	require.NoError(t, err)
    29  	merkleRoot := *merkleRootPtr
    30  	_, err = publishNewDeviceEK(mctx, merkleRoot)
    31  	require.NoError(t, err)
    32  	_, err = publishNewDeviceEK(mctx, merkleRoot)
    33  	require.NoError(t, err)
    34  	deviceEKStorage := g.GetDeviceEKStorage()
    35  	maxGen, err := deviceEKStorage.MaxGeneration(mctx, false)
    36  	require.NoError(t, err)
    37  	require.EqualValues(t, 3, maxGen)
    38  
    39  	// Now self provision the user and make sure she can still access the teamEK
    40  	secUI := user.NewSecretUI()
    41  	provLoginUI := &libkb.TestLoginUI{Username: user.Username}
    42  	uis := libkb.UIs{
    43  		ProvisionUI: &kbtest.TestProvisionUI{},
    44  		LogUI:       g.Log,
    45  		SecretUI:    secUI,
    46  		LoginUI:     provLoginUI,
    47  	}
    48  
    49  	mctx = mctx.WithUIs(uis)
    50  	libkb.CreateClonedDevice(tc, mctx)
    51  	newName := "uncloneme"
    52  	eng := engine.NewSelfProvisionEngine(g, newName)
    53  	err = engine.RunEngine2(mctx, eng)
    54  	require.NoError(t, err)
    55  	require.Equal(t, mctx.ActiveDevice().Name(), newName)
    56  
    57  	teamEK2, err := g.GetTeamEKBoxStorage().Get(mctx, teamID, teamEK1.Generation(), nil)
    58  	require.NoError(t, err)
    59  	require.Equal(t, teamEK1, teamEK2)
    60  
    61  	// After self provisioning we should only have a single deviceEK, and have
    62  	// no issues producing new ones.
    63  	maxGen, err = deviceEKStorage.MaxGeneration(mctx, false)
    64  	require.NoError(t, err)
    65  	require.EqualValues(t, 1, maxGen)
    66  
    67  	_, err = publishNewDeviceEK(mctx, merkleRoot)
    68  	require.NoError(t, err)
    69  	maxGen, err = deviceEKStorage.MaxGeneration(mctx, false)
    70  	require.NoError(t, err)
    71  	require.EqualValues(t, 2, maxGen)
    72  }