github.com/nats-io/nsc@v0.0.0-20221206222106-35db9400b257/cmd/importuser_test.go (about) 1 /* 2 * Copyright 2020-2020 The NATS Authors 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS, 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License. 14 */ 15 16 package cmd 17 18 import ( 19 "os" 20 "path/filepath" 21 "testing" 22 23 "github.com/nats-io/jwt" 24 "github.com/nats-io/nkeys" 25 "github.com/stretchr/testify/require" 26 ) 27 28 func Test_ImportUserCreds(t *testing.T) { 29 ts := NewTestStore(t, "O") 30 defer ts.Done(t) 31 32 _, _, err := ExecuteCmd(CreateAddAccountCmd(), "--name", "acc") 33 require.NoError(t, err) 34 aClaim, _ := ts.Store.ReadAccountClaim("acc") 35 aKp, err := ts.KeyStore.GetKeyPair(aClaim.Subject) 36 require.NoError(t, err) 37 38 uKp, _ := nkeys.CreateUser() 39 pk, _ := uKp.PublicKey() 40 uc := jwt.NewUserClaims(pk) 41 uc.Name = uc.Subject 42 theJWT, err := uc.Encode(aKp) 43 require.NoError(t, err) 44 require.False(t, ts.KeyStore.HasPrivateKey(pk)) 45 46 check := func() { 47 t.Helper() 48 _, err := ts.Store.ReadUserClaim("acc", pk) 49 require.NoError(t, err) 50 require.True(t, ts.KeyStore.HasPrivateKey(pk)) 51 } 52 53 seed, err := uKp.Seed() 54 require.NoError(t, err) 55 creds, err := jwt.FormatUserConfig(theJWT, seed) 56 require.NoError(t, err) 57 58 file := filepath.Join(ts.Dir, "user.creds") 59 err = os.WriteFile(file, creds, 0666) 60 require.NoError(t, err) 61 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file) 62 require.NoError(t, err) 63 check() 64 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file) 65 require.Error(t, err) 66 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file, "--overwrite") 67 require.NoError(t, err) 68 check() 69 } 70 71 func Test_ImportUserJWT(t *testing.T) { 72 ts := NewTestStore(t, "O") 73 defer ts.Done(t) 74 _, _, err := ExecuteCmd(CreateAddAccountCmd(), "--name", "acc") 75 require.NoError(t, err) 76 77 aClaim, _ := ts.Store.ReadAccountClaim("acc") 78 aKp, err := ts.KeyStore.GetKeyPair(aClaim.Subject) 79 require.NoError(t, err) 80 81 uKp, _ := nkeys.CreateUser() 82 pk, _ := uKp.PublicKey() 83 uc := jwt.NewUserClaims(pk) 84 uc.Name = uc.Subject 85 theJWT, err := uc.Encode(aKp) 86 require.NoError(t, err) 87 88 check := func() { 89 t.Helper() 90 _, err := ts.Store.ReadUserClaim("acc", pk) 91 require.NoError(t, err) 92 } 93 94 file := filepath.Join(ts.Dir, "user.jwt") 95 err = os.WriteFile(file, []byte(theJWT), 0666) 96 require.NoError(t, err) 97 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file) 98 require.NoError(t, err) 99 check() 100 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file) 101 require.Error(t, err) 102 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file, "--overwrite") 103 require.NoError(t, err) 104 check() 105 } 106 107 func Test_ImportUserOtherAccount(t *testing.T) { 108 ts := NewTestStore(t, "O") 109 defer ts.Done(t) 110 aKp, _ := nkeys.CreateAccount() 111 uKp, _ := nkeys.CreateUser() 112 pk, _ := uKp.PublicKey() 113 uc := jwt.NewUserClaims(pk) 114 uc.Name = uc.Subject 115 theJWT, err := uc.Encode(aKp) 116 require.NoError(t, err) 117 file := filepath.Join(ts.Dir, "user.jwt") 118 err = os.WriteFile(file, []byte(theJWT), 0666) 119 require.NoError(t, err) 120 _, _, err = ExecuteCmd(createImportUserCmd(), "--file", file) 121 require.Error(t, err) 122 }