github.com/mhilton/juju-juju@v0.0.0-20150901100907-a94dd2c73455/apiserver/authentication/agent_test.go

github.com/mhilton/juju-juju@v0.0.0-20150901100907-a94dd2c73455/apiserver/authentication/agent_test.go (about)

     1  // Copyright 2014 Canonical Ltd. All rights reserved.
     2  // Licensed under the AGPLv3, see LICENCE file for details.
     3  
     4  package authentication_test
     5  
     6  import (
     7  	jc "github.com/juju/testing/checkers"
     8  	"github.com/juju/utils"
     9  	gc "gopkg.in/check.v1"
    10  
    11  	"github.com/juju/juju/apiserver/authentication"
    12  	"github.com/juju/juju/juju/testing"
    13  	"github.com/juju/juju/state"
    14  	"github.com/juju/juju/testing/factory"
    15  )
    16  
    17  type agentAuthenticatorSuite struct {
    18  	testing.JujuConnSuite
    19  	machinePassword string
    20  	machineNonce    string
    21  	unitPassword    string
    22  	machine         *state.Machine
    23  	user            *state.User
    24  	unit            *state.Unit
    25  	relation        *state.Relation
    26  }
    27  
    28  var _ = gc.Suite(&agentAuthenticatorSuite{})
    29  
    30  func (s *agentAuthenticatorSuite) SetUpTest(c *gc.C) {
    31  	s.JujuConnSuite.SetUpTest(c)
    32  
    33  	s.user = s.Factory.MakeUser(c, &factory.UserParams{
    34  		Name:        "bobbrown",
    35  		DisplayName: "Bob Brown",
    36  		Password:    "password",
    37  	})
    38  
    39  	// add machine for testing machine agent authentication
    40  	machine, err := s.State.AddMachine("quantal", state.JobHostUnits)
    41  	c.Assert(err, jc.ErrorIsNil)
    42  	nonce, err := utils.RandomPassword()
    43  	c.Assert(err, jc.ErrorIsNil)
    44  	err = machine.SetProvisioned("foo", nonce, nil)
    45  	c.Assert(err, jc.ErrorIsNil)
    46  	password, err := utils.RandomPassword()
    47  	c.Assert(err, jc.ErrorIsNil)
    48  	err = machine.SetPassword(password)
    49  	c.Assert(err, jc.ErrorIsNil)
    50  	s.machine = machine
    51  	s.machinePassword = password
    52  	s.machineNonce = nonce
    53  
    54  	// add a unit for testing unit agent authentication
    55  	wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress"))
    56  	c.Assert(err, jc.ErrorIsNil)
    57  	unit, err := wordpress.AddUnit()
    58  	c.Assert(err, jc.ErrorIsNil)
    59  	s.unit = unit
    60  	password, err = utils.RandomPassword()
    61  	c.Assert(err, jc.ErrorIsNil)
    62  	err = unit.SetPassword(password)
    63  	c.Assert(err, jc.ErrorIsNil)
    64  	s.unitPassword = password
    65  
    66  	// add relation
    67  	wordpressEP, err := wordpress.Endpoint("db")
    68  	c.Assert(err, jc.ErrorIsNil)
    69  	mysql := s.AddTestingService(c, "mysql", s.AddTestingCharm(c, "mysql"))
    70  	mysqlEP, err := mysql.Endpoint("server")
    71  	c.Assert(err, jc.ErrorIsNil)
    72  	s.relation, err = s.State.AddRelation(wordpressEP, mysqlEP)
    73  	c.Assert(err, jc.ErrorIsNil)
    74  }
    75  
    76  // testCase is used for structured table based tests
    77  type testCase struct {
    78  	entity       state.Entity
    79  	credentials  string
    80  	nonce        string
    81  	about        string
    82  	errorMessage string
    83  }
    84  
    85  func (s *agentAuthenticatorSuite) TestValidLogins(c *gc.C) {
    86  	testCases := []testCase{{
    87  		entity:      s.user,
    88  		credentials: "password",
    89  		about:       "user login",
    90  	}, {
    91  		entity:      s.machine,
    92  		credentials: s.machinePassword,
    93  		nonce:       s.machineNonce,
    94  		about:       "machine login",
    95  	}, {
    96  		entity:      s.unit,
    97  		credentials: s.unitPassword,
    98  		about:       "unit login",
    99  	}}
   100  
   101  	for i, t := range testCases {
   102  		c.Logf("test %d: %s", i, t.about)
   103  		var authenticator authentication.AgentAuthenticator
   104  		err := authenticator.Authenticate(t.entity, t.credentials, t.nonce)
   105  		c.Check(err, jc.ErrorIsNil)
   106  	}
   107  }
   108  
   109  func (s *agentAuthenticatorSuite) TestInvalidLogins(c *gc.C) {
   110  	testCases := []testCase{{
   111  		entity:       s.relation,
   112  		credentials:  "dummy-secret",
   113  		about:        "relation login",
   114  		errorMessage: "invalid request",
   115  	}, {
   116  		entity:       s.user,
   117  		credentials:  "wrongpassword",
   118  		about:        "user login for nonexistant user",
   119  		errorMessage: "invalid entity name or password",
   120  	}, {
   121  		entity:       s.machine,
   122  		credentials:  s.machinePassword,
   123  		nonce:        "123",
   124  		about:        "machine login",
   125  		errorMessage: "machine 0 not provisioned",
   126  	}, {
   127  		entity:       s.user,
   128  		credentials:  "wrong-secret",
   129  		about:        "user login for nonexistant user",
   130  		errorMessage: "invalid entity name or password",
   131  	}}
   132  
   133  	for i, t := range testCases {
   134  		c.Logf("test %d: %s", i, t.about)
   135  		var authenticator authentication.AgentAuthenticator
   136  		err := authenticator.Authenticate(t.entity, t.credentials, t.nonce)
   137  		c.Check(err, gc.ErrorMatches, t.errorMessage)
   138  	}
   139  }