github.com/mysteriumnetwork/node@v0.0.0-20240516044423-365054f76801/services/openvpn/service/auth_handler_test.go (about) 1 /* 2 * Copyright (C) 2017 The "MysteriumNetwork/node" Authors. 3 * 4 * This program is free software: you can redistribute it and/or modify 5 * it under the terms of the GNU General Public License as published by 6 * the Free Software Foundation, either version 3 of the License, or 7 * (at your option) any later version. 8 * 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * 14 * You should have received a copy of the GNU General Public License 15 * along with this program. If not, see <http://www.gnu.org/licenses/>. 16 */ 17 18 package service 19 20 import ( 21 "testing" 22 23 "github.com/mysteriumnetwork/go-openvpn/openvpn/management" 24 "github.com/mysteriumnetwork/node/core/service" 25 "github.com/mysteriumnetwork/node/identity" 26 "github.com/mysteriumnetwork/node/pb" 27 "github.com/mysteriumnetwork/node/trace" 28 "github.com/stretchr/testify/assert" 29 ) 30 31 var ( 32 identityExisting = identity.FromAddress("deadbeef") 33 sessionExisting, _ = service.NewSession( 34 &service.Instance{}, 35 &pb.SessionRequest{Consumer: &pb.ConsumerInfo{Id: identityExisting.Address}}, 36 trace.NewTracer(""), 37 ) 38 sessionExistingString = string(sessionExisting.ID) 39 ) 40 41 func TestValidateReturnsFalseWhenNoSessionFound(t *testing.T) { 42 validator := createAuthHandler(identity.Identity{}).validate 43 44 authenticated, err := validator(1, "not important", "not important") 45 46 assert.NoError(t, err) 47 assert.False(t, authenticated) 48 } 49 50 func TestValidateReturnsFalseWhenSignatureIsInvalid(t *testing.T) { 51 validator := createAuthHandlerWithSession(identity.FromAddress("wrongsignature"), sessionExisting).validate 52 53 authenticated, err := validator(1, sessionExistingString, "not important") 54 55 assert.NoError(t, err) 56 assert.False(t, authenticated) 57 } 58 59 func TestValidateReturnsTrueWhenSessionExistsAndSignatureIsValid(t *testing.T) { 60 validator := createAuthHandlerWithSession(identityExisting, sessionExisting).validate 61 62 authenticated, err := validator(1, sessionExistingString, "not important") 63 64 assert.NoError(t, err) 65 assert.True(t, authenticated) 66 } 67 68 func TestValidateReturnsTrueWhenSessionExistsAndSignatureIsValidAndClientIDDiffers(t *testing.T) { 69 validator := createAuthHandlerWithSession(identityExisting, sessionExisting).validate 70 71 validator(1, sessionExistingString, "not important") 72 authenticated, err := validator(2, sessionExistingString, "not important") 73 74 assert.NoError(t, err) 75 assert.True(t, authenticated) 76 } 77 78 func TestValidateReturnsTrueWhenSessionExistsAndSignatureIsValidAndClientIDMatches(t *testing.T) { 79 validator := createAuthHandlerWithSession(identityExisting, sessionExisting).validate 80 81 validator(1, sessionExistingString, "not important") 82 authenticated, err := validator(1, sessionExistingString, "not important") 83 84 assert.NoError(t, err) 85 assert.True(t, authenticated) 86 } 87 88 func TestSecondClientIsNotDisconnectedWhenFirstClientDisconnects(t *testing.T) { 89 var firstClientConnected = []string{ 90 ">CLIENT:CONNECT,1,4", 91 ">CLIENT:ENV,username=client1", 92 ">CLIENT:ENV,password=passwd1", 93 ">CLIENT:ENV,END", 94 } 95 96 var secondClientConnected = []string{ 97 ">CLIENT:CONNECT,2,4", 98 ">CLIENT:ENV,username=client2", 99 ">CLIENT:ENV,password=passwd2", 100 ">CLIENT:ENV,END", 101 } 102 103 var firstClientDisconnected = []string{ 104 ">CLIENT:DISCONNECT,1,4", 105 ">CLIENT:ENV,username=client1", 106 ">CLIENT:ENV,password=passwd1", 107 ">CLIENT:ENV,END", 108 } 109 110 mockMangement := &management.MockConnection{CommandResult: "SUCCESS"} 111 middleware := createAuthHandlerWithSession(identityExisting, sessionExisting) 112 middleware.Start(mockMangement) 113 114 feedLinesToMiddleware(middleware, firstClientConnected) 115 assert.Equal(t, "client-auth-nt 1 4", mockMangement.LastLine) 116 117 feedLinesToMiddleware(middleware, secondClientConnected) 118 assert.Equal(t, "client-auth-nt 2 4", mockMangement.LastLine) 119 120 mockMangement.LastLine = "" 121 feedLinesToMiddleware(middleware, firstClientDisconnected) 122 assert.Empty(t, mockMangement.LastLine) 123 124 } 125 126 func TestSecondClientWithTheSameCredentialsIsConnected(t *testing.T) { 127 var firstClientConnected = []string{ 128 ">CLIENT:CONNECT,1,4", 129 ">CLIENT:ENV,username=Boop!", 130 ">CLIENT:ENV,password=V6ifmvLuAT+hbtLBX/0xm3C0afywxTIdw1HqLmA4onpwmibHbxVhl50Gr3aRUZMqw1WxkfSIVdhpbCluHGBKsgE=", 131 ">CLIENT:ENV,END", 132 } 133 134 var secondClientDisconnected = []string{ 135 ">CLIENT:CONNECT,2,4", 136 ">CLIENT:ENV,username=Boop!", 137 ">CLIENT:ENV,password=V6ifmvLuAT+hbtLBX/0xm3C0afywxTIdw1HqLmA4onpwmibHbxVhl50Gr3aRUZMqw1WxkfSIVdhpbCluHGBKsgE=", 138 ">CLIENT:ENV,END", 139 } 140 141 mockMangement := &management.MockConnection{CommandResult: "SUCCESS"} 142 middleware := createAuthHandlerWithSession(identityExisting, sessionExisting) 143 middleware.Start(mockMangement) 144 145 feedLinesToMiddleware(middleware, firstClientConnected) 146 assert.Equal(t, "client-auth-nt 1 4", mockMangement.LastLine) 147 148 feedLinesToMiddleware(middleware, secondClientDisconnected) 149 assert.Equal(t, 150 "client-auth-nt 2 4", 151 mockMangement.LastLine, 152 "second authentication with the same credentials but with different clientID should succeed", 153 ) 154 } 155 156 func feedLinesToMiddleware(middleware management.Middleware, lines []string) { 157 for _, line := range lines { 158 middleware.ConsumeLine(line) 159 } 160 }