github.com/prysmaticlabs/prysm@v1.4.4/validator/rpc/auth_test.go

github.com/prysmaticlabs/prysm@v1.4.4/validator/rpc/auth_test.go (about)

     1  package rpc
     2  
     3  import (
     4  	"context"
     5  	"os"
     6  	"path/filepath"
     7  	"testing"
     8  
     9  	"github.com/form3tech-oss/jwt-go"
    10  	"github.com/golang/protobuf/ptypes/empty"
    11  	pb "github.com/prysmaticlabs/prysm/proto/validator/accounts/v2"
    12  	"github.com/prysmaticlabs/prysm/shared/event"
    13  	"github.com/prysmaticlabs/prysm/shared/fileutil"
    14  	"github.com/prysmaticlabs/prysm/shared/testutil/assert"
    15  	"github.com/prysmaticlabs/prysm/shared/testutil/require"
    16  	"github.com/prysmaticlabs/prysm/validator/accounts"
    17  	"github.com/prysmaticlabs/prysm/validator/accounts/wallet"
    18  	dbtest "github.com/prysmaticlabs/prysm/validator/db/testing"
    19  	"github.com/prysmaticlabs/prysm/validator/keymanager"
    20  )
    21  
    22  func setupWalletDir(t testing.TB) string {
    23  	walletDir := filepath.Join(t.TempDir(), "wallet")
    24  	require.NoError(t, os.MkdirAll(walletDir, os.ModePerm))
    25  	return walletDir
    26  }
    27  
    28  func TestServer_SignupAndLogin_RoundTrip(t *testing.T) {
    29  	valDB := dbtest.SetupDB(t, [][48]byte{})
    30  	ctx := context.Background()
    31  
    32  	localWalletDir := setupWalletDir(t)
    33  	defaultWalletPath = localWalletDir
    34  
    35  	ss := &Server{
    36  		valDB:                 valDB,
    37  		walletInitializedFeed: new(event.Feed),
    38  		walletDir:             defaultWalletPath,
    39  	}
    40  	weakPass := "password"
    41  	_, err := ss.Signup(ctx, &pb.AuthRequest{
    42  		Password:             weakPass,
    43  		PasswordConfirmation: weakPass,
    44  	})
    45  	require.ErrorContains(t, "Could not validate RPC password input", err)
    46  
    47  	// We assert we are able to signup with a strong password.
    48  	_, err = ss.Signup(ctx, &pb.AuthRequest{
    49  		Password:             strongPass,
    50  		PasswordConfirmation: strongPass,
    51  	})
    52  	require.NoError(t, err)
    53  
    54  	// Assert we stored the hashed password.
    55  	passwordHashExists := fileutil.FileExists(filepath.Join(defaultWalletPath, HashedRPCPassword))
    56  	assert.Equal(t, true, passwordHashExists)
    57  
    58  	// We attempt to create the wallet.
    59  	_, err = accounts.CreateWalletWithKeymanager(ctx, &accounts.CreateWalletConfig{
    60  		WalletCfg: &wallet.Config{
    61  			WalletDir:      defaultWalletPath,
    62  			KeymanagerKind: keymanager.Derived,
    63  			WalletPassword: strongPass,
    64  		},
    65  		SkipMnemonicConfirm: true,
    66  	})
    67  	require.NoError(t, err)
    68  
    69  	// We assert we are able to login.
    70  	_, err = ss.Login(ctx, &pb.AuthRequest{
    71  		Password: strongPass,
    72  	})
    73  	require.NoError(t, err)
    74  }
    75  
    76  func TestServer_Logout(t *testing.T) {
    77  	key, err := createRandomJWTKey()
    78  	require.NoError(t, err)
    79  	ss := &Server{
    80  		jwtKey: key,
    81  	}
    82  	tokenString, _, err := ss.createTokenString()
    83  	require.NoError(t, err)
    84  	checkParsedKey := func(*jwt.Token) (interface{}, error) {
    85  		return ss.jwtKey, nil
    86  	}
    87  	_, err = jwt.Parse(tokenString, checkParsedKey)
    88  	assert.NoError(t, err)
    89  
    90  	_, err = ss.Logout(context.Background(), &empty.Empty{})
    91  	require.NoError(t, err)
    92  
    93  	// Attempting to validate the same token string after logout should fail.
    94  	_, err = jwt.Parse(tokenString, checkParsedKey)
    95  	assert.ErrorContains(t, "signature is invalid", err)
    96  }
    97  
    98  func TestServer_ChangePassword_Preconditions(t *testing.T) {
    99  	localWalletDir := setupWalletDir(t)
   100  	defaultWalletPath = localWalletDir
   101  	ctx := context.Background()
   102  	ss := &Server{
   103  		walletDir: defaultWalletPath,
   104  	}
   105  	require.NoError(t, ss.SaveHashedPassword(strongPass))
   106  	_, err := ss.ChangePassword(ctx, &pb.ChangePasswordRequest{
   107  		CurrentPassword: strongPass,
   108  		Password:        "",
   109  	})
   110  	assert.ErrorContains(t, "Could not validate password input", err)
   111  	_, err = ss.ChangePassword(ctx, &pb.ChangePasswordRequest{
   112  		CurrentPassword:      strongPass,
   113  		Password:             "abc",
   114  		PasswordConfirmation: "def",
   115  	})
   116  	assert.ErrorContains(t, "does not match", err)
   117  }
   118  
   119  func TestServer_ChangePassword_OK(t *testing.T) {
   120  	localWalletDir := setupWalletDir(t)
   121  	defaultWalletPath = localWalletDir
   122  	ss := &Server{
   123  		walletDir: defaultWalletPath,
   124  	}
   125  	password := "Passw0rdz%%%%pass"
   126  	newPassword := "NewPassw0rdz%%%%pass"
   127  	ctx := context.Background()
   128  	require.NoError(t, ss.SaveHashedPassword(password))
   129  	_, err := ss.ChangePassword(ctx, &pb.ChangePasswordRequest{
   130  		CurrentPassword:      password,
   131  		Password:             newPassword,
   132  		PasswordConfirmation: newPassword,
   133  	})
   134  	require.NoError(t, err)
   135  	_, err = ss.Login(ctx, &pb.AuthRequest{
   136  		Password: newPassword,
   137  	})
   138  	require.NoError(t, err)
   139  }