github.com/mhilton/juju-juju@v0.0.0-20150901100907-a94dd2c73455/apiserver/authentication/user_test.go (about) 1 // Copyright 2014 Canonical Ltd. All rights reserved. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package authentication_test 5 6 import ( 7 jc "github.com/juju/testing/checkers" 8 "github.com/juju/utils" 9 gc "gopkg.in/check.v1" 10 11 "github.com/juju/juju/apiserver/authentication" 12 jujutesting "github.com/juju/juju/juju/testing" 13 "github.com/juju/juju/state" 14 "github.com/juju/juju/testing/factory" 15 ) 16 17 type userAuthenticatorSuite struct { 18 jujutesting.JujuConnSuite 19 } 20 21 var _ = gc.Suite(&userAuthenticatorSuite{}) 22 23 func (s *userAuthenticatorSuite) TestMachineLoginFails(c *gc.C) { 24 // add machine for testing machine agent authentication 25 machine, err := s.State.AddMachine("quantal", state.JobHostUnits) 26 c.Assert(err, jc.ErrorIsNil) 27 nonce, err := utils.RandomPassword() 28 c.Assert(err, jc.ErrorIsNil) 29 err = machine.SetProvisioned("foo", nonce, nil) 30 c.Assert(err, jc.ErrorIsNil) 31 password, err := utils.RandomPassword() 32 c.Assert(err, jc.ErrorIsNil) 33 err = machine.SetPassword(password) 34 c.Assert(err, jc.ErrorIsNil) 35 machinePassword := password 36 37 // attempt machine login 38 authenticator := &authentication.UserAuthenticator{} 39 err = authenticator.Authenticate(machine, machinePassword, nonce) 40 c.Assert(err, gc.ErrorMatches, "invalid request") 41 } 42 43 func (s *userAuthenticatorSuite) TestUnitLoginFails(c *gc.C) { 44 // add a unit for testing unit agent authentication 45 wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress")) 46 unit, err := wordpress.AddUnit() 47 c.Assert(err, jc.ErrorIsNil) 48 password, err := utils.RandomPassword() 49 c.Assert(err, jc.ErrorIsNil) 50 err = unit.SetPassword(password) 51 c.Assert(err, jc.ErrorIsNil) 52 unitPassword := password 53 54 // Attempt unit login 55 authenticator := &authentication.UserAuthenticator{} 56 err = authenticator.Authenticate(unit, unitPassword, "") 57 c.Assert(err, gc.ErrorMatches, "invalid request") 58 } 59 60 func (s *userAuthenticatorSuite) TestValidUserLogin(c *gc.C) { 61 user := s.Factory.MakeUser(c, &factory.UserParams{ 62 Name: "bobbrown", 63 DisplayName: "Bob Brown", 64 Password: "password", 65 }) 66 67 // User login 68 authenticator := &authentication.UserAuthenticator{} 69 err := authenticator.Authenticate(user, "password", "") 70 c.Assert(err, jc.ErrorIsNil) 71 } 72 73 func (s *userAuthenticatorSuite) TestUserLoginWrongPassword(c *gc.C) { 74 user := s.Factory.MakeUser(c, &factory.UserParams{ 75 Name: "bobbrown", 76 DisplayName: "Bob Brown", 77 Password: "password", 78 }) 79 80 // User login 81 authenticator := &authentication.UserAuthenticator{} 82 err := authenticator.Authenticate(user, "wrongpassword", "") 83 c.Assert(err, gc.ErrorMatches, "invalid entity name or password") 84 85 } 86 87 func (s *userAuthenticatorSuite) TestInvalidRelationLogin(c *gc.C) { 88 89 // add relation 90 wordpress := s.AddTestingService(c, "wordpress", s.AddTestingCharm(c, "wordpress")) 91 wordpressEP, err := wordpress.Endpoint("db") 92 c.Assert(err, jc.ErrorIsNil) 93 mysql := s.AddTestingService(c, "mysql", s.AddTestingCharm(c, "mysql")) 94 mysqlEP, err := mysql.Endpoint("server") 95 c.Assert(err, jc.ErrorIsNil) 96 relation, err := s.State.AddRelation(wordpressEP, mysqlEP) 97 c.Assert(err, jc.ErrorIsNil) 98 99 // Attempt relation login 100 authenticator := &authentication.UserAuthenticator{} 101 err = authenticator.Authenticate(relation, "dummy-secret", "") 102 c.Assert(err, gc.ErrorMatches, "invalid request") 103 104 }