auth

Paddy 2014-11-20 Parent:a9936cf794ba Child:dfb10e19de87

79:eb3f2938a319 Go to Latest

auth/oauth2_test.go

Test authentication helper, fix bugs with authentication. Authentication needs to be hex encoded to be stored, so it only makes sense to decode the hex string stored to get the bytes we'll be comparing. Check for ErrLoginNotFound in addition to ErrProfileNotFound. ErrLoginNotFound is more likely to occur, anyways. Add unit tests for our authentication helper to verify it functions as expected.

Download raw file
View source Diff to previous Annotate
History 
     1.1 --- a/oauth2_test.go	Wed Nov 19 00:17:34 2014 -0500
     1.2 +++ b/oauth2_test.go	Thu Nov 20 01:01:22 2014 -0500
     1.3 @@ -670,3 +670,70 @@
     1.4  		t.Errorf(`Expected result string to be "%s", was "%s"`, expectation, result)
     1.5  	}
     1.6  }
     1.7 +
     1.8 +func TestAuthenticateHelper(t *testing.T) {
     1.9 +	t.Parallel()
    1.10 +	store := NewMemstore()
    1.11 +	context := Context{
    1.12 +		profiles: store,
    1.13 +	}
    1.14 +	profile := Profile{
    1.15 +		ID:                     uuid.NewID(),
    1.16 +		Name:                   "Test User",
    1.17 +		Passphrase:             "55d87acb9adff90a0d8e4c9b77f239c2d6e3a1945dbd09b0270467411198db25",
    1.18 +		Iterations:             4096,
    1.19 +		Salt:                   "this is a super secure random salt",
    1.20 +		PassphraseScheme:       1,
    1.21 +		Compromised:            false,
    1.22 +		LockedUntil:            time.Time{},
    1.23 +		PassphraseReset:        "",
    1.24 +		PassphraseResetCreated: time.Time{},
    1.25 +		Created:                time.Now(),
    1.26 +		LastSeen:               time.Time{},
    1.27 +	}
    1.28 +	login := Login{
    1.29 +		Type:      "email",
    1.30 +		Value:     "test@example.com",
    1.31 +		ProfileID: profile.ID,
    1.32 +		Created:   time.Now(),
    1.33 +		LastUsed:  time.Time{},
    1.34 +	}
    1.35 +	err := context.SaveProfile(profile)
    1.36 +	if err != nil {
    1.37 +		t.Error("Error saving profile:", err)
    1.38 +	}
    1.39 +	err = context.AddLogin(login)
    1.40 +	if err != nil {
    1.41 +		t.Error("Error adding login:", err)
    1.42 +	}
    1.43 +	response, err := authenticate("test@example.com", "a really secure password", context)
    1.44 +	if err != nil {
    1.45 +		t.Error("Unexpected error:", err)
    1.46 +	}
    1.47 +	success, field, expectation, result := compareProfiles(profile, response)
    1.48 +	if !success {
    1.49 +		t.Errorf(`Expected field %s to be "%v", got "%v"`, field, expectation, result)
    1.50 +	}
    1.51 +	response, err = authenticate("test2@example.com", "a really secure password", context)
    1.52 +	if err != ErrIncorrectAuth {
    1.53 +		t.Error("Expected ErrIncorrectAuth, got", err)
    1.54 +	}
    1.55 +	response, err = authenticate("test@example.com", "not the right password", context)
    1.56 +	if err != ErrIncorrectAuth {
    1.57 +		t.Error("Expected ErrIncorrectAuth, got", err)
    1.58 +	}
    1.59 +	scheme := 1000
    1.60 +	phrase := "doesn't really matter, the scheme doesn't exist"
    1.61 +	change := ProfileChange{
    1.62 +		PassphraseScheme: &scheme,
    1.63 +		Passphrase:       &phrase,
    1.64 +	}
    1.65 +	err = context.UpdateProfile(profile.ID, change)
    1.66 +	if err != nil {
    1.67 +		t.Error("Unexpected error:", err)
    1.68 +	}
    1.69 +	response, err = authenticate("test@example.com", "not the right password", context)
    1.70 +	if err != ErrInvalidPassphraseScheme {
    1.71 +		t.Error("Expected ErrIncorrectAuth, got", err)
    1.72 +	}
    1.73 +}