Mercurial > go > multipass

view auth/auth_test.go @ 14:4368a377ff64

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
gofmt.
author Paul Fisher <paul@pfish.zone>
date Thu, 29 Oct 2015 21:31:28 -0400
parents 1c194fa9bbf4
children bfc035bd5132
line wrap: on
line source

package auth

import (
	"regexp"
	"testing"
)

var passPattern *regexp.Regexp = regexp.MustCompile(`^(?:[a-z]{4}-){3}[a-z]{4}$`)

const basicShadow = "9999:$2a$12$tcv2MrtXgibAJHsSwVfHiOevXBFmiGy0HTNoOB8QzIhEh46iWS1uC:YW55dGhpbmcgbW9yZSB0aGFuIDUgcmVwcyBpcyBjYXJkaW8="
const anotherShadow = "1:$2a$12$lINQdYWHOcLKoqhNOr3mNOpZSAu5JOBS2F7T/VDfYn2rvv6qUJehG:"

func TestEntryFromShadow(t *testing.T) {
	cases := []struct {
		shadow      string
		wantErr     bool
		username    string
		id          uint64
		hash        string
		description string
		rest        []string
	}{
		{
			shadow: "1234:$2a$12$apFtWGXKtWBavVy5eo.22Ohs43GudT5IYTqyQkIBX9LpS7YtvKBpa:",
			id:     1234,
			hash:   "$2a$12$apFtWGXKtWBavVy5eo.22Ohs43GudT5IYTqyQkIBX9LpS7YtvKBpa",
		},
		{
			shadow:      basicShadow,
			id:          9999,
			hash:        "$2a$12$tcv2MrtXgibAJHsSwVfHiOevXBFmiGy0HTNoOB8QzIhEh46iWS1uC",
			description: "anything more than 5 reps is cardio",
		},
		{
			shadow: anotherShadow,
			id:     1,
			hash:   "$2a$12$lINQdYWHOcLKoqhNOr3mNOpZSAu5JOBS2F7T/VDfYn2rvv6qUJehG",
		},
		{
			shadow:  "one:bogushash:",
			wantErr: true,
		},
		{
			shadow:  "-1:bogushash:",
			wantErr: true,
		},
		{
			shadow:  "0:tooshort",
			wantErr: true,
		},
		{
			shadow:  "0:bogushash:invalid base64",
			wantErr: true,
		},
		{
			shadow:  "1:bogushash::more things",
			wantErr: true,
		},
	}
	for _, c := range cases {
		entry, err := EntryFromShadow(c.shadow)
		if c.wantErr {
			if err == nil {
				t.Errorf("EntryFromShadow(%q) == _, nil; want non-nil err", c.shadow)
			}
			continue
		}
		if err != nil {
			t.Errorf("EntryFromShadow(%q) == _, %q; want nil err", c.shadow, err)
		}
		if c.id != entry.id {
			t.Errorf("EntryFromShadow(%q).id = %q; want %q", c.shadow, entry.id, c.id)
		}
		if c.hash != string(entry.hash) {
			t.Errorf("EntryFromShadow(%q).password = %q; want %q", c.shadow, entry.hash, c.hash)
		}
		if c.description != entry.description {
			t.Errorf("EntryFromShadow(%q).description = %q; want %q", c.shadow, entry.description, c.description)
		}
	}
}

func TestNewEntry(t *testing.T) {
	cases := []struct {
		description string
		wantErr     bool
	}{
		{"one", false},
		{"the other", false},
		{string(make([]byte, 1000)), true},
	}
	for _, c := range cases {
		entry, password, err := NewEntry(c.description)
		if c.wantErr {
			if err == nil {
				t.Errorf("NewEntry(%q) = _, _, nil; want non-nil err", c.description)
			}
			continue
		}
		if err != nil {
			t.Errorf("NewEntry(%q) = _, _, %q; want nil err", c.description, err)
		}
		if entry.id == 0 {
			// This test has a 1/(2**64) chance of failing! :o
			t.Errorf("NewEntry(_).id == 0, want nonzero")
		}
		if c.description != entry.description {
			t.Errorf("NewEntry(%q).description = %q, want %q",
				c.description, entry.description, c.description)
		}
		if !passPattern.MatchString(password) {
			t.Errorf("NewEntry(_) = _, %q, _; wanted to match xxxx-xxxx-xxxx-xxxx", password)
		}
		if !entry.Authenticate(password) {
			t.Errorf("NewEntry(%q).Authenticate(%q, %q) failed",
				c.description, password)
		}
	}
}

func TestGenPassword(t *testing.T) {
	p := genPassword()
	if !passPattern.MatchString(string(p)) {
		t.Errorf("genPassword() = %q; wanted to match xxxx-xxxx-xxxx-xxxx", p)
	}
}

func TestAuthenticate(t *testing.T) {
	entry, password, err := NewEntry("")
	if err != nil {
		t.Errorf("Error building entry")
	}
	type testcase struct {
		password string
		want     bool
	}

	cases := []testcase{
		{password, true},
		{"not the password", false},
	}
	for _, c := range cases {
		got := entry.Authenticate(c.password)
		if got != c.want {
			t.Errorf("entry.Authenticate(%q) == %q, want %q",
				c.password, got, c.want)
		}
	}

	entry, err = EntryFromShadow(basicShadow)
	if err != nil {
		t.Errorf("Error loading valid shadow")
	}

	cases = []testcase{
		{"nocardio", true},
		{"not the password", false},
	}
	for _, c := range cases {
		got := entry.Authenticate(c.password)
		if got != c.want {
			t.Errorf("entry.Authenticate(%q, %q) == %q, want %q",
				c.password, got, c.want)
		}
	}
}

func TestEncode(t *testing.T) {
	// Crafted entry
	shadowed, err := EntryFromShadow(basicShadow)
	if err != nil {
		t.Errorf("Error loading valid shadow")
	}
	anotherShadowed, err := EntryFromShadow(anotherShadow)
	if err != nil {
		t.Errorf("Error loading valid shadow")
	}
	cases := []struct {
		entry *Entry
		want  string
	}{
		{
			&Entry{
				id:          6775,
				hash:        "bogushash",
				description: "something",
			},
			"6775:bogushash:c29tZXRoaW5n",
		},
		{shadowed, basicShadow},
		{anotherShadowed, anotherShadow},
	}
	for _, c := range cases {
		got := string(c.entry.Encode())
		if got != c.want {
			t.Errorf("entry.Encode() = %q, want %q", got, c.want)
		}
	}
}