comparison auth/auth_test.go @ 12:1c194fa9bbf4

Fix auth tests.
author Paul Fisher <paul@pfish.zone>
date Thu, 29 Oct 2015 21:25:12 -0400
parents c18bc7b9d1d9
children 4368a377ff64
comparison
equal deleted inserted replaced
11:e246c8a4d28e 12:1c194fa9bbf4
5 "testing" 5 "testing"
6 ) 6 )
7 7
8 var passPattern *regexp.Regexp = regexp.MustCompile(`^(?:[a-z]{4}-){3}[a-z]{4}$`) 8 var passPattern *regexp.Regexp = regexp.MustCompile(`^(?:[a-z]{4}-){3}[a-z]{4}$`)
9 9
10 const basicShadow = "jhh:9999:$2a$12$tcv2MrtXgibAJHsSwVfHiOevXBFmiGy0HTNoOB8QzIhEh46iWS1uC:YW55dGhpbmcgbW9yZSB0aGFuIDUgcmVwcyBpcyBjYXJkaW8=" 10 const basicShadow = "9999:$2a$12$tcv2MrtXgibAJHsSwVfHiOevXBFmiGy0HTNoOB8QzIhEh46iWS1uC:YW55dGhpbmcgbW9yZSB0aGFuIDUgcmVwcyBpcyBjYXJkaW8="
11 const extraDataShadow = "skw:1:$2a$12$lINQdYWHOcLKoqhNOr3mNOpZSAu5JOBS2F7T/VDfYn2rvv6qUJehG::additional:fields" 11 const anotherShadow = "1:$2a$12$lINQdYWHOcLKoqhNOr3mNOpZSAu5JOBS2F7T/VDfYn2rvv6qUJehG:"
12 12
13 func TestEntryFromShadow(t *testing.T) { 13 func TestEntryFromShadow(t *testing.T) {
14 cases := []struct { 14 cases := []struct {
15 shadow string 15 shadow string
16 wantErr bool 16 wantErr bool
19 hash string 19 hash string
20 description string 20 description string
21 rest []string 21 rest []string
22 }{ 22 }{
23 { 23 {
24 shadow: "pfish:1234:$2a$12$apFtWGXKtWBavVy5eo.22Ohs43GudT5IYTqyQkIBX9LpS7YtvKBpa", 24 shadow: "1234:$2a$12$apFtWGXKtWBavVy5eo.22Ohs43GudT5IYTqyQkIBX9LpS7YtvKBpa:",
25 username: "pfish",
26 id: 1234, 25 id: 1234,
27 hash: "$2a$12$apFtWGXKtWBavVy5eo.22Ohs43GudT5IYTqyQkIBX9LpS7YtvKBpa", 26 hash: "$2a$12$apFtWGXKtWBavVy5eo.22Ohs43GudT5IYTqyQkIBX9LpS7YtvKBpa",
28 }, 27 },
29 { 28 {
30 shadow: basicShadow, 29 shadow: basicShadow,
31 username: "jhh",
32 id: 9999, 30 id: 9999,
33 hash: "$2a$12$tcv2MrtXgibAJHsSwVfHiOevXBFmiGy0HTNoOB8QzIhEh46iWS1uC", 31 hash: "$2a$12$tcv2MrtXgibAJHsSwVfHiOevXBFmiGy0HTNoOB8QzIhEh46iWS1uC",
34 description: "anything more than 5 reps is cardio", 32 description: "anything more than 5 reps is cardio",
35 }, 33 },
36 { 34 {
37 shadow: extraDataShadow, 35 shadow: anotherShadow,
38 username: "skw",
39 id: 1, 36 id: 1,
40 hash: "$2a$12$lINQdYWHOcLKoqhNOr3mNOpZSAu5JOBS2F7T/VDfYn2rvv6qUJehG", 37 hash: "$2a$12$lINQdYWHOcLKoqhNOr3mNOpZSAu5JOBS2F7T/VDfYn2rvv6qUJehG",
41 rest: []string{"additional", "fields"},
42 }, 38 },
43 { 39 {
44 shadow: "user:one:bogushash", 40 shadow: "one:bogushash:",
45 wantErr: true, 41 wantErr: true,
46 }, 42 },
47 { 43 {
48 shadow: "user:-1:bogushash", 44 shadow: "-1:bogushash:",
49 wantErr: true, 45 wantErr: true,
50 }, 46 },
51 { 47 {
52 shadow: "tooshort", 48 shadow: "0:tooshort",
53 wantErr: true, 49 wantErr: true,
54 }, 50 },
55 { 51 {
56 shadow: "test:0:bogushash:invalid base64", 52 shadow: "0:bogushash:invalid base64",
53 wantErr: true,
54 },
55 {
56 shadow: "1:bogushash::more things",
57 wantErr: true, 57 wantErr: true,
58 }, 58 },
59 } 59 }
60 for _, c := range cases { 60 for _, c := range cases {
61 entry, err := EntryFromShadow(c.shadow) 61 entry, err := EntryFromShadow(c.shadow)
66 continue 66 continue
67 } 67 }
68 if err != nil { 68 if err != nil {
69 t.Errorf("EntryFromShadow(%q) == _, %q; want nil err", c.shadow, err) 69 t.Errorf("EntryFromShadow(%q) == _, %q; want nil err", c.shadow, err)
70 } 70 }
71 if c.username != entry.username { 71 if c.id != entry.id {
72 t.Errorf("EntryFromShadow(%q).username = %q; want %q", c.shadow, entry.username, c.username) 72 t.Errorf("EntryFromShadow(%q).id = %q; want %q", c.shadow, entry.id, c.id)
73 } 73 }
74 if c.hash != string(entry.hash) { 74 if c.hash != string(entry.hash) {
75 t.Errorf("EntryFromShadow(%q).password = %q; want %q", c.shadow, entry.hash, c.hash) 75 t.Errorf("EntryFromShadow(%q).password = %q; want %q", c.shadow, entry.hash, c.hash)
76 } 76 }
77 if c.description != entry.description { 77 if c.description != entry.description {
78 t.Errorf("EntryFromShadow(%q).description = %q; want %q", c.shadow, entry.description, c.description) 78 t.Errorf("EntryFromShadow(%q).description = %q; want %q", c.shadow, entry.description, c.description)
79 } 79 }
80 restEqual := false
81 if len(c.rest) == len(entry.rest) {
82 restEqual = true
83 for i := range c.rest {
84 if c.rest[i] != entry.rest[i] {
85 restEqual = false
86 break
87 }
88 }
89 }
90 if !restEqual {
91 t.Errorf("EntryFromShadow(%q).rest = %q; want %q", c.shadow, entry.rest, c.rest)
92 }
93 } 80 }
94 } 81 }
95 82
96 func TestNewEntry(t *testing.T) { 83 func TestNewEntry(t *testing.T) {
97 cases := []struct { 84 cases := []struct {
98 username string
99 description string 85 description string
100 wantErr bool 86 wantErr bool
101 }{ 87 }{
102 {"pfish", "one", false}, 88 {"one", false},
103 {"pfish", "the other", false}, 89 {"the other", false},
104 {"with:colons", "", true}, 90 {string(make([]byte, 1000)), true},
105 {"pfish", string(make([]byte, 1000)), true},
106 } 91 }
107 for _, c := range cases { 92 for _, c := range cases {
108 entry, password, err := NewEntry(c.username, c.description) 93 entry, password, err := NewEntry(c.description)
109 if c.wantErr { 94 if c.wantErr {
110 if err == nil { 95 if err == nil {
111 t.Errorf("NewEntry(%q, %q) = _, _, nil; want non-nil err", c.username, c.description) 96 t.Errorf("NewEntry(%q) = _, _, nil; want non-nil err", c.description)
112 } 97 }
113 continue 98 continue
114 } 99 }
115 if err != nil { 100 if err != nil {
116 t.Errorf("NewEntry(%q, %q) = _, _, %q; want nil err", c.username, c.description, err) 101 t.Errorf("NewEntry(%q) = _, _, %q; want nil err", c.description, err)
117 }
118 if c.username != entry.username {
119 t.Errorf("NewEntry(%q, %q).username = %q, want %q",
120 c.username, c.description, entry.username, c.username)
121 } 102 }
122 if entry.id == 0 { 103 if entry.id == 0 {
123 // This test has a 1/(2**64) chance of failing! :o 104 // This test has a 1/(2**64) chance of failing! :o
124 t.Errorf("NewEntry(_, _).id == 0, want nonzero") 105 t.Errorf("NewEntry(_).id == 0, want nonzero")
125 } 106 }
126 if c.description != entry.description { 107 if c.description != entry.description {
127 t.Errorf("NewEntry(%q, %q).description = %q, want %q", 108 t.Errorf("NewEntry(%q).description = %q, want %q",
128 c.username, c.description, entry.description, c.description) 109 c.description, entry.description, c.description)
129 } 110 }
130 if !passPattern.MatchString(password) { 111 if !passPattern.MatchString(password) {
131 t.Errorf("NewEntry(_, _) = _, %q, _; wanted to match xxxx-xxxx-xxxx-xxxx", password) 112 t.Errorf("NewEntry(_) = _, %q, _; wanted to match xxxx-xxxx-xxxx-xxxx", password)
132 } 113 }
133 if !entry.Authenticate(c.username, password) { 114 if !entry.Authenticate(password) {
134 t.Errorf("NewEntry(%q, %q).Authenticate(%q, %q) failed", 115 t.Errorf("NewEntry(%q).Authenticate(%q, %q) failed",
135 c.username, c.description, c.username, password) 116 c.description, password)
136 } 117 }
137 } 118 }
138 } 119 }
139 120
140 func TestGenPassword(t *testing.T) { 121 func TestGenPassword(t *testing.T) {
143 t.Errorf("genPassword() = %q; wanted to match xxxx-xxxx-xxxx-xxxx", p) 124 t.Errorf("genPassword() = %q; wanted to match xxxx-xxxx-xxxx-xxxx", p)
144 } 125 }
145 } 126 }
146 127
147 func TestAuthenticate(t *testing.T) { 128 func TestAuthenticate(t *testing.T) {
148 entry, password, err := NewEntry("pfish", "") 129 entry, password, err := NewEntry("")
149 if err != nil { 130 if err != nil {
150 t.Errorf("Error building entry") 131 t.Errorf("Error building entry")
151 } 132 }
152 type testcase struct { 133 type testcase struct {
153 username, password string 134 password string
154 want bool 135 want bool
155 } 136 }
156 137
157 cases := []testcase{ 138 cases := []testcase{
158 {"pfish", password, true}, 139 {password, true},
159 {"jhh", password, false}, 140 {"not the password", false},
160 {"pfish", "not the password", false},
161 {"jhh", "not the password", false},
162 } 141 }
163 for _, c := range cases { 142 for _, c := range cases {
164 got := entry.Authenticate(c.username, c.password) 143 got := entry.Authenticate(c.password)
165 if got != c.want { 144 if got != c.want {
166 t.Errorf("entry.Authenticate(%q, %q) == %q, want %q", 145 t.Errorf("entry.Authenticate(%q) == %q, want %q",
167 c.username, c.password, got, c.want) 146 c.password, got, c.want)
168 } 147 }
169 } 148 }
170 149
171 entry, err = EntryFromShadow(basicShadow) 150 entry, err = EntryFromShadow(basicShadow)
172 if err != nil { 151 if err != nil {
173 t.Errorf("Error loading valid shadow") 152 t.Errorf("Error loading valid shadow")
174 } 153 }
175 154
176 cases = []testcase{ 155 cases = []testcase{
177 {"jhh", "nocardio", true}, 156 {"nocardio", true},
178 {"pfish", "nocardio", false}, 157 {"not the password", false},
179 {"jhh", "not the password", false},
180 {"pfish", "not the password", false},
181 } 158 }
182 for _, c := range cases { 159 for _, c := range cases {
183 got := entry.Authenticate(c.username, c.password) 160 got := entry.Authenticate(c.password)
184 if got != c.want { 161 if got != c.want {
185 t.Errorf("entry.Authenticate(%q, %q) == %q, want %q", 162 t.Errorf("entry.Authenticate(%q, %q) == %q, want %q",
186 c.username, c.password, got, c.want) 163 c.password, got, c.want)
187 }
188 }
189 }
190
191 func testMatchesID(t *testing.T) {
192 entry, err := EntryFromShadow(basicShadow)
193 if err != nil {
194 t.Errorf("Error loading valid shadow")
195 }
196 cases := []struct {
197 username string
198 id uint64
199 want bool
200 }{
201 {"jhh", 1234, true},
202 {"pfish", 1234, false},
203 {"jhh", 9999, false},
204 {"pfish", 9999, false},
205 }
206 for _, c := range cases {
207 got := entry.MatchesID(c.username, c.id)
208 if got != c.want {
209 t.Errorf("entry.MatchesID(%q, %q) == %q, want %q",
210 c.username, c.id, got, c.want)
211 } 164 }
212 } 165 }
213 } 166 }
214 167
215 func TestEncode(t *testing.T) { 168 func TestEncode(t *testing.T) {
216 // Crafted entry 169 // Crafted entry
217 shadowed, err := EntryFromShadow(basicShadow) 170 shadowed, err := EntryFromShadow(basicShadow)
218 if err != nil { 171 if err != nil {
219 t.Errorf("Error loading valid shadow") 172 t.Errorf("Error loading valid shadow")
220 } 173 }
221 extraShadowed, err := EntryFromShadow(extraDataShadow) 174 anotherShadowed, err := EntryFromShadow(anotherShadow)
222 if err != nil { 175 if err != nil {
223 t.Errorf("Error loading valid shadow") 176 t.Errorf("Error loading valid shadow")
224 } 177 }
225 cases := []struct { 178 cases := []struct {
226 entry *Entry 179 entry *Entry
227 want string 180 want string
228 }{ 181 }{
229 { 182 {
230 &Entry{ 183 &Entry{
231 username: "testuser",
232 id: 6775, 184 id: 6775,
233 hash: "bogushash", 185 hash: "bogushash",
234 description: "something", 186 description: "something",
235 }, 187 },
236 "testuser:6775:bogushash:c29tZXRoaW5n", 188 "6775:bogushash:c29tZXRoaW5n",
237 },
238 {
239 &Entry{
240 username: "testuser",
241 id: 6775,
242 hash: "bogushash",
243 description: "something",
244 rest: []string{"a", "B"},
245 },
246 "testuser:6775:bogushash:c29tZXRoaW5n:a:B",
247 }, 189 },
248 {shadowed, basicShadow}, 190 {shadowed, basicShadow},
249 {extraShadowed, extraDataShadow}, 191 {anotherShadowed, anotherShadow},
250 } 192 }
251 for _, c := range cases { 193 for _, c := range cases {
252 got := string(c.entry.Encode()) 194 got := string(c.entry.Encode())
253 if got != c.want { 195 if got != c.want {
254 t.Errorf("entry.Encode() = %q, want %q", got, c.want) 196 t.Errorf("entry.Encode() = %q, want %q", got, c.want)