github.com/resonatecoop/id@v1.1.0-43/oauth/user_test.go (about) 1 package oauth_test 2 3 import ( 4 "context" 5 "database/sql" 6 7 "github.com/resonatecoop/id/oauth" 8 "github.com/resonatecoop/id/util" 9 pass "github.com/resonatecoop/id/util/password" 10 "github.com/resonatecoop/user-api/model" 11 "github.com/stretchr/testify/assert" 12 ) 13 14 func (suite *OauthTestSuite) TestUserExistsFindsValidUser() { 15 validUsername := suite.users[0].Username 16 assert.True(suite.T(), suite.service.UserExists(validUsername)) 17 } 18 19 func (suite *OauthTestSuite) TestUserExistsDoesntFindInvalidUser() { 20 invalidUsername := "bogus_name" 21 assert.False(suite.T(), suite.service.UserExists(invalidUsername)) 22 } 23 24 /* 25 func (suite *OauthTestSuite) TestUpdateUsernameWorksWithValidEntry() { 26 ctx := context.Background() 27 28 user, err := suite.service.CreateUser( 29 int32(model.UserRole), // role ID 30 "test@newuser.com", // username 31 "C0mpl3xPa$$w0rdAr3U5", // password 32 ) 33 34 assert.NoError(suite.T(), err) 35 assert.NotNil(suite.T(), user) 36 assert.Equal(suite.T(), "test@newuser.com", user.Username) 37 38 newUsername := "mynew@email.com" 39 40 err = suite.service.UpdateUsername(user, newUsername) 41 42 assert.NoError(suite.T(), err) 43 44 err = suite.db.NewSelect(). 45 Model(user). 46 WherePK(). 47 Scan(ctx) 48 49 assert.NoError(suite.T(), err) 50 51 assert.Equal(suite.T(), newUsername, user.Username) 52 } 53 */ 54 55 /* 56 func (suite *OauthTestSuite) TestUpdateUsernameTxWorksWithValidEntry() { 57 ctx := context.Background() 58 59 user, err := suite.service.CreateUser( 60 int32(model.UserRole), // role ID 61 "test@newuser.com", // username 62 "C0mpl3xPa$$w0rdAr3U5", // password 63 ) 64 65 assert.NoError(suite.T(), err) 66 assert.NotNil(suite.T(), user) 67 assert.Equal(suite.T(), "test@newuser.com", user.Username) 68 69 newUsername := "mynew@email.com" 70 71 err = suite.service.UpdateUsernameTx(suite.db, user, newUsername) 72 73 assert.NoError(suite.T(), err) 74 75 err = suite.db.NewSelect(). 76 Model(user). 77 WherePK(). 78 Scan(ctx) 79 80 assert.NoError(suite.T(), err) 81 82 assert.Equal(suite.T(), newUsername, user.Username) 83 } 84 */ 85 86 /* 87 func (suite *OauthTestSuite) TestUpdateUsernameFailsWithABlankEntry() { 88 user, err := suite.service.CreateUser( 89 int32(model.UserRole), // role ID 90 "test@newuser.com", // username 91 "C0mpl3xPa$$w0rdAr3U5", // password 92 ) 93 94 assert.NoError(suite.T(), err) 95 assert.NotNil(suite.T(), user) 96 assert.Equal(suite.T(), "test@newuser.com", user.Username) 97 98 newUsername := "" 99 100 err = suite.service.UpdateUsername(user, newUsername) 101 102 assert.EqualError(suite.T(), err, oauth.ErrCannotSetEmptyUsername.Error()) 103 104 assert.NotEqual(suite.T(), newUsername, user.Username) 105 } 106 */ 107 108 func (suite *OauthTestSuite) TestFindUserByUsername() { 109 var ( 110 user *model.User 111 err error 112 ) 113 114 // When we try to find a user with a bogus username 115 user, err = suite.service.FindUserByUsername("bogus") 116 117 // User object should be nil 118 assert.Nil(suite.T(), user) 119 120 // Correct error should be returned 121 if assert.NotNil(suite.T(), err) { 122 assert.Equal(suite.T(), oauth.ErrUserNotFound, err) 123 } 124 125 // When we try to find a user with a valid username 126 user, err = suite.service.FindUserByUsername("test@user.com") 127 128 // Error should be nil 129 assert.Nil(suite.T(), err) 130 131 // Correct user object should be returned 132 if assert.NotNil(suite.T(), user) { 133 assert.Equal(suite.T(), "test@user.com", user.Username) 134 } 135 136 // Test username case insensitiviness 137 user, err = suite.service.FindUserByUsername("TeSt@UsEr.CoM") 138 139 // Error should be nil 140 assert.Nil(suite.T(), err) 141 142 // Correct user object should be returned 143 if assert.NotNil(suite.T(), user) { 144 assert.Equal(suite.T(), "test@user.com", user.Username) 145 } 146 } 147 148 /* 149 func (suite *OauthTestSuite) TestCreateUser() { 150 var ( 151 user *model.User 152 err error 153 ) 154 155 // We try to insert a non unique user 156 user, err = suite.service.CreateUser( 157 int32(model.UserRole), // role ID 158 "test@user.com", // username 159 "C0mpl3xPa$$w0rdAr3U5", // password 160 ) 161 162 // User object should be nil 163 assert.Nil(suite.T(), user) 164 165 // Correct error should be returned 166 if assert.NotNil(suite.T(), err) { 167 assert.Equal(suite.T(), oauth.ErrUsernameTaken.Error(), err.Error()) 168 } 169 170 // We try to insert a unique user 171 user, err = suite.service.CreateUser( 172 int32(model.UserRole), // role ID 173 "test@newuser.com", // username 174 "C0mpl3xPa$$w0rdAr3U5", // password 175 ) 176 177 // Error should be nil 178 assert.Nil(suite.T(), err) 179 180 // Correct user object should be returned 181 if assert.NotNil(suite.T(), user) { 182 assert.Equal(suite.T(), "test@newuser.com", user.Username) 183 } 184 185 // Test username case insensitivity 186 user, err = suite.service.CreateUser( 187 int32(model.UserRole), // role ID 188 "TeStinG@hOtMaIl.com", // username 189 "C0mpl3xPa$$w0rdAr3U5", // password 190 ) 191 192 // Error should be nil 193 assert.Nil(suite.T(), err) 194 195 // Correct user object should be returned 196 if assert.NotNil(suite.T(), user) { 197 assert.Equal(suite.T(), "testing@hotmail.com", user.Username) 198 } 199 } 200 */ 201 202 func (suite *OauthTestSuite) TestSetPassword() { 203 var ( 204 ctx context.Context 205 user *model.User 206 err error 207 ) 208 209 // Insert a test user without a password 210 user = &model.User{ 211 RoleID: int32(model.UserRole), 212 Username: "test@user_nopass.com", 213 Password: util.StringOrNull(""), 214 } 215 216 ctx = context.Background() 217 218 _, err = suite.db.NewInsert(). 219 Model(user). 220 Exec(ctx) 221 222 assert.Nil(suite.T(), err) 223 224 // Try changing the password 225 err = suite.service.SetPassword(user, "C0mpl3xPa$$w0rdAr3U5") 226 227 // Error should be nil 228 assert.Nil(suite.T(), err) 229 230 suite.db.NewSelect(). 231 Model(user). 232 WherePK(). 233 Scan(ctx) 234 235 // User object should have been updated 236 assert.Equal(suite.T(), "test@user_nopass.com", user.Username) 237 assert.Nil(suite.T(), pass.VerifyPassword(user.Password.String, "C0mpl3xPa$$w0rdAr3U5")) 238 } 239 240 func (suite *OauthTestSuite) TestAuthUser() { 241 var ( 242 ctx context.Context 243 user *model.User 244 err error 245 ) 246 247 // Insert a test user without a password 248 user = &model.User{ 249 RoleID: int32(model.UserRole), 250 Username: "test@user_nopass", 251 Password: util.StringOrNull(""), 252 } 253 254 ctx = context.Background() 255 256 _, err = suite.db.NewInsert(). 257 Model(user). 258 Exec(ctx) 259 260 assert.Nil(suite.T(), err) 261 262 // When we try to authenticate a user without a password 263 user, err = suite.service.AuthUser("test@user_nopass", "bogus") 264 265 // User object should be nil 266 assert.Nil(suite.T(), user) 267 268 // Correct error should be returned 269 if assert.NotNil(suite.T(), err) { 270 assert.Equal(suite.T(), oauth.ErrUserPasswordNotSet, err) 271 } 272 273 // When we try to authenticate with a bogus username 274 user, err = suite.service.AuthUser("bogus", "test_password") 275 276 // User object should be nil 277 assert.Nil(suite.T(), user) 278 279 // Correct error should be returned 280 if assert.NotNil(suite.T(), err) { 281 assert.Equal(suite.T(), oauth.ErrUserNotFound, err) 282 } 283 284 // Insert a test user without a password 285 user = &model.User{ 286 RoleID: int32(model.UserRole), 287 Username: "test@user", 288 Password: sql.NullString{String: "$2a$10$4J4t9xuWhOKhfjN0bOKNReS9sL3BVSN9zxIr2.VaWWQfRBWh1dQIS", Valid: true}, 289 } 290 291 ctx = context.Background() 292 293 _, err = suite.db.NewInsert(). 294 Model(user). 295 Exec(ctx) 296 297 assert.Nil(suite.T(), err) 298 299 // When we try to authenticate with an invalid password 300 user, err = suite.service.AuthUser("test@user", "bogus") 301 302 // User object should be nil 303 assert.Nil(suite.T(), user) 304 305 // Correct error should be returned 306 if assert.NotNil(suite.T(), err) { 307 assert.Equal(suite.T(), oauth.ErrInvalidUserPassword, err) 308 } 309 310 // When we try to authenticate with valid username and password 311 user, err = suite.service.AuthUser("test@user", "test_password") 312 313 // Error should be nil 314 assert.Nil(suite.T(), err) 315 316 // Correct user object should be returned 317 if assert.NotNil(suite.T(), user) { 318 assert.Equal(suite.T(), "test@user", user.Username) 319 } 320 321 // Test username case insensitivity 322 user, err = suite.service.AuthUser("TeSt@UsEr", "test_password") 323 324 // Error should be nil 325 assert.Nil(suite.T(), err) 326 327 // Correct user object should be returned 328 if assert.NotNil(suite.T(), user) { 329 assert.Equal(suite.T(), "test@user", user.Username) 330 } 331 } 332 333 /* 334 func (suite *OauthTestSuite) TestBlankPassword() { 335 var ( 336 //user *model.User 337 err error 338 ) 339 340 _, err = suite.service.CreateUser( 341 int32(model.UserRole), // role ID 342 "test@user_nopass", // username 343 "", // password, "Password is required" ErrPasswordRequired 344 ) 345 346 // Error should be nil 347 //assert.Nil(suite.T(), err) 348 349 // Actually, password is required 350 if assert.NotNil(suite.T(), err) { 351 assert.Equal(suite.T(), oauth.ErrPasswordRequired, err) 352 } 353 354 // user, _ = suite.service.CreateUser( 355 // int32(model.UserRole), // role ID 356 // "test@user_somepass", // username 357 // "somepassword", // password, 358 // ) 359 360 // // Correct user object should be returned 361 // if assert.NotNil(suite.T(), user) { 362 // assert.Equal(suite.T(), "test@user_somepass", user.Username) 363 // } 364 365 // // When we try to authenticate 366 // user, err = suite.service.AuthUser("test@user_nopass", "") 367 368 // // User object should be nil 369 // assert.Nil(suite.T(), user) 370 371 // // Correct error should be returned 372 // if assert.NotNil(suite.T(), err) { 373 // assert.Equal(suite.T(), oauth.ErrUserPasswordNotSet, err) 374 // } 375 } 376 */ 377 378 /* 379 func (suite *OauthTestSuite) TestDeleteUser() { 380 var ( 381 user *model.User 382 err error 383 ) 384 385 // We try to insert a unique user 386 user, err = suite.service.CreateUser( 387 int32(model.UserRole), // role ID 388 "temporary@newuser.com", // username 389 "C0mpl3xPa$$w0rdAr3U5", // password 390 ) 391 392 // Error should be nil 393 assert.Nil(suite.T(), err) 394 395 // Correct user object should be returned 396 if assert.NotNil(suite.T(), user) { 397 assert.Equal(suite.T(), "temporary@newuser.com", user.Username) 398 } 399 400 // Delete the user 401 err = suite.service.DeleteUser(user, "C0mpl3xPa$$w0rdAr3U5") 402 403 // Error should be nil 404 assert.Nil(suite.T(), err) 405 406 // Check it exists but has been soft deleted 407 exists := suite.service.UserExists("temporary@newuser.com") 408 409 // Error should be nil 410 assert.False(suite.T(), exists) 411 } 412 */