coop-cloud-chaos-patchs
/
go-ssb-room
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
go-ssb-room/roomdb/sqlite/auth_fallback_test.go

177 lines
5.5 KiB
Go
Raw Blame History

// SPDX-FileCopyrightText: 2021 The NGI Pointer Secure-Scuttlebutt Team of 2020/2021
//
// SPDX-License-Identifier: MIT
package sqlite
import (
"bytes"
"context"
"crypto/rand"
"os"
"path/filepath"
"testing"
refs "github.com/ssbc/go-ssb-refs"
"github.com/ssbc/go-ssb-room/v2/internal/repo"
"github.com/ssbc/go-ssb-room/v2/roomdb"
"github.com/stretchr/testify/require"
)
func TestFallbackAuth(t *testing.T) {
r := require.New(t)
ctx := context.Background()
testRepo := filepath.Join("testrun", t.Name())
os.RemoveAll(testRepo)
tr := repo.New(testRepo)
// fake feed for testing, looks ok at least
newMember, err := refs.NewFeedRefFromBytes(bytes.Repeat([]byte("acab"), 8), refs.RefAlgoFeedSSB1)
if err != nil {
r.Error(err)
}
db, err := Open(tr)
r.NoError(err, "failed to open database")
memberID, err := db.Members.Add(ctx, newMember, roomdb.RoleMember)
r.NoError(err, "failed to create member")
testPassword := "super-secure-and-secret-password"
err = db.AuthFallback.SetPassword(ctx, memberID, testPassword)
r.NoError(err, "failed to create password")
cookieVal, err := db.AuthFallback.Check(newMember.String(), string(testPassword))
r.NoError(err, "failed to check password")
gotID, ok := cookieVal.(int64)
r.True(ok, "unexpected cookie value: %T", cookieVal)
r.Equal(memberID, gotID, "unexpected member ID value")
// now check we can also use an alias
testAliasLogin := "test-alias-login"
// 64 bytes of random for testing (validation is handled by the handlers)
testSig := make([]byte, 64)
rand.Read(testSig)
err = db.Aliases.Register(ctx, testAliasLogin, newMember, testSig)
r.NoError(err, "failed to register the test alias")
cookieVal2, err := db.AuthFallback.Check(testAliasLogin, string(testPassword))
r.NoError(err, "failed to check password via alias")
gotIDforAlias, ok := cookieVal2.(int64)
r.True(ok, "unexpected cookie value: %T", cookieVal)
r.Equal(memberID, gotIDforAlias, "unexpected member ID value")
r.NoError(db.Close())
}
func TestFallbackAuthSetPassword(t *testing.T) {
r := require.New(t)
ctx := context.Background()
testRepo := filepath.Join("testrun", t.Name())
os.RemoveAll(testRepo)
tr := repo.New(testRepo)
// fake feed for testing, looks ok at least
newMember, err := refs.NewFeedRefFromBytes(bytes.Repeat([]byte("acab"), 8), refs.RefAlgoFeedSSB1)
if err != nil {
r.Error(err)
}
db, err := Open(tr)
r.NoError(err, "failed to open database")
memberID, err := db.Members.Add(ctx, newMember, roomdb.RoleMember)
r.NoError(err, "failed to create member")
testPassword := "super-secure-and-secret-password"
err = db.AuthFallback.SetPassword(ctx, memberID, testPassword)
r.NoError(err, "failed to set password")
// use the password
cookieVal, err := db.AuthFallback.Check(newMember.String(), string(testPassword))
r.NoError(err, "failed to check password")
gotID, ok := cookieVal.(int64)
r.True(ok, "unexpected cookie value: %T", cookieVal)
r.Equal(memberID, gotID, "unexpected member ID value")
// use a wrong password
cookieVal, err = db.AuthFallback.Check(newMember.String(), string(testPassword)+"nope-nope-nope")
r.Error(err, "wrong password actually worked?!")
r.Nil(cookieVal)
// set it to something different
changedTestPassword := "some-different-super-secure-password"
err = db.AuthFallback.SetPassword(ctx, memberID, changedTestPassword)
r.NoError(err, "failed to update password")
// now try to use old and new
cookieVal, err = db.AuthFallback.Check(newMember.String(), string(testPassword))
r.Error(err, "old password actually worked?!")
r.Nil(cookieVal)
cookieVal, err = db.AuthFallback.Check(newMember.String(), string(changedTestPassword))
r.NoError(err, "new password didnt work")
gotID, ok = cookieVal.(int64)
r.True(ok, "unexpected cookie value: %T", cookieVal)
r.Equal(memberID, gotID, "unexpected member ID value")
}
func TestFallbackAuthSetPasswordWithToken(t *testing.T) {
r := require.New(t)
ctx := context.Background()
testRepo := filepath.Join("testrun", t.Name())
os.RemoveAll(testRepo)
tr := repo.New(testRepo)
// two fake feeds for testing, looks ok at least
alf, err := refs.NewFeedRefFromBytes(bytes.Repeat([]byte("whyy"), 8), refs.RefAlgoFeedSSB1)
if err != nil {
r.Error(err)
}
carl, err := refs.NewFeedRefFromBytes(bytes.Repeat([]byte("carl"), 8), refs.RefAlgoFeedSSB1)
if err != nil {
r.Error(err)
}
db, err := Open(tr)
r.NoError(err, "failed to open database")
alfID, err := db.Members.Add(ctx, alf, roomdb.RoleModerator)
r.NoError(err, "failed to create member")
carlID, err := db.Members.Add(ctx, carl, roomdb.RoleModerator)
r.NoError(err, "failed to create member")
err = db.AuthFallback.SetPassword(ctx, carlID, "i swear i wont forgettt thiszzz91238129e812hjejahsdkasdhaksjdh")
r.NoError(err, "failed to update password")
// and he does... so lets create a token for him
resetTok, err := db.AuthFallback.CreateResetToken(ctx, alfID, carlID)
r.NoError(err)
// has to be a from valid user tho
noToken, err := db.AuthFallback.CreateResetToken(ctx, 666, carlID)
r.Error(err)
r.Equal("", noToken)
// change carls password by using the token
newPassword := "marry had a little lamp"
err = db.AuthFallback.SetPasswordWithToken(ctx, resetTok, newPassword)
r.NoError(err, "setPassword with token failed")
// now use the new password
cookieVal, err := db.AuthFallback.Check(carl.String(), newPassword)
r.NoError(err, "new password didnt work")
gotID, ok := cookieVal.(int64)
r.True(ok, "unexpected cookie value: %T", cookieVal)
r.Equal(carlID, gotID, "unexpected member ID value")
}
Reference in New Issue View Git Blame Copy Permalink