serval-dna/tests/keyringrestful

272 lines
9.3 KiB
Plaintext
Raw Normal View History

#!/bin/bash
# Tests for Serval DNA HTTP RESTful interface
#
# Copyright 2013-2014 Serval Project, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
source "${0%/*}/../testframework.sh"
source "${0%/*}/../testdefs.sh"
source "${0%/*}/../testdefs_json.sh"
shopt -s extglob
setup() {
setup_curl 7
setup_json
setup_servald
set_instance +A
2015-08-10 08:38:42 +00:00
set_keyring_config
executeOk_servald config \
set api.restful.users.harry.password potter \
set api.restful.users.ron.password weasley \
set api.restful.users.hermione.password grainger
set_extra_config
if [ -z "$IDENTITY_COUNT" ]; then
create_single_identity
else
create_identities $IDENTITY_COUNT
fi
start_servald_instances +A
wait_until servald_restful_http_server_started +A
get_servald_restful_http_server_port PORTA +A
}
finally() {
stop_all_servald_servers
}
teardown() {
kill_all_servald_processes
assert_no_servald_processes
report_all_servald_servers
}
set_extra_config() {
:
}
set_keyring_config() {
executeOk_servald config \
set debug.httpd on \
set debug.keyring on \
set debug.verbose on \
set log.console.level debug
}
2015-08-10 08:38:42 +00:00
doc_keyringList="HTTP RESTful list keyring identities as JSON"
setup_keyringList() {
IDENTITY_COUNT=10
setup
}
2015-08-10 08:38:42 +00:00
test_keyringList() {
executeOk curl \
--silent --fail --show-error \
2015-08-10 08:38:42 +00:00
--output list.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/identities.json"
2015-08-10 08:38:42 +00:00
tfw_cat http.headers list.json
tfw_preserve list.json
assert [ "$(jq '.rows | length' list.json)" = $IDENTITY_COUNT ]
# TODO: these tests only work because the listed order of identities is the
# order of creation, which makes locked identities easy to attack. When the
# random search TODO in keyring.c:find_free_slot() is done, then these tests
# should fail.
2015-08-10 08:38:42 +00:00
assert [ "$(jq -r '.rows[0][0]' list.json)" = $SIDA1 ]
assert [ "$(jq -r '.rows[4][0]' list.json)" = $SIDA5 ]
assert [ "$(jq -r '.rows[9][0]' list.json)" = $SIDA10 ]
}
doc_keyringListPin="HTTP RESTful list keyring identities as JSON, with PIN"
setup_keyringListPin() {
IDENTITY_COUNT=3
PINA1='wif waf'
setup
}
test_keyringListPin() {
# First, list without supplying the PIN
executeOk curl \
--silent --fail --show-error \
--output list1.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/identities.json"
tfw_cat http.headers list1.json
tfw_preserve list1.json
transform_list_json list1.json ids1.json
assert [ "$(jq 'length' ids1.json)" = $((IDENTITY_COUNT-1)) ]
assertJq ids1.json 'contains([{"sid": "'$SIDA1'"}]) | not'
assertJq ids1.json 'contains([{"sid": "'$SIDA2'"}])'
assertJq ids1.json 'contains([{"sid": "'$SIDA3'"}])'
# Then, list supplying the PIN
executeOk curl \
--silent --fail --show-error \
--output list2.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/identities.json?pin=wif+waf"
tfw_cat http.headers list2.json
tfw_preserve list2.json
transform_list_json list2.json ids2.json
assert [ "$(jq 'length' ids2.json)" = $IDENTITY_COUNT ]
assertJq ids2.json 'contains([{"sid": "'$SIDA1'"}])'
assertJq ids2.json 'contains([{"sid": "'$SIDA2'"}])'
assertJq ids2.json 'contains([{"sid": "'$SIDA3'"}])'
}
doc_keyringAdd="HTTP RESTful add keyring identity"
2015-08-10 08:38:42 +00:00
setup_keyringAdd() {
IDENTITY_COUNT=2
setup
}
test_keyringAdd() {
executeOk curl \
--silent --show-error --write-out '%{http_code}' \
--output add.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/add"
tfw_cat http.headers add.json
tfw_preserve add.json
assertStdoutIs '200'
SID="$(jq -r '.identity.sid' add.json)"
ID="$(jq -r '.identity.identity' add.json)"
2015-08-10 08:38:42 +00:00
assert matches_rexp "^${rexp_sid}$" "$SID"
assert matches_rexp "^${rexp_id}$" "$ID"
2015-08-10 08:38:42 +00:00
executeOk_servald keyring list
assert_keyring_list 3
assertStdoutGrep --stderr --matches=1 "^$SID:$ID::\$"
}
2015-08-24 13:09:58 +00:00
doc_keyringAddPin="HTTP RESTful add keyring identity with PIN"
setup_keyringAddPin() {
IDENTITY_COUNT=2
setup
}
test_keyringAddPin() {
executeOk curl \
2015-08-24 13:09:58 +00:00
--silent --show-error --write-out '%{http_code}' \
--output add.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/add?pin=1234"
tfw_cat http.headers add.json
tfw_preserve add.json
2015-08-24 13:09:58 +00:00
assertStdoutIs '200'
SID="$(jq -r '.identity.sid' add.json)"
ID="$(jq -r '.identity.identity' add.json)"
executeOk_servald keyring list
assert_keyring_list 2
assertStdoutGrep --stderr --matches=0 "^$SID:$ID::\$"
executeOk_servald keyring list --entry-pin=1234
assert_keyring_list 3
assertStdoutGrep --stderr --matches=1 "^$SID:$ID::\$"
2015-08-24 13:09:58 +00:00
# Now the server has internalised the PIN, so the new identity appears in the
# list
executeOk curl \
--silent --fail --show-error \
--output list.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/identities.json"
tfw_cat http.headers list.json
tfw_preserve list.json
transform_list_json list.json ids.json
assertJq ids.json 'contains([{"sid": "'$SIDA1'"}])'
}
doc_keyringSetDidName="HTTP RESTful set DID and name"
setup_keyringSetDidName() {
IDENTITY_COUNT=2
setup
}
test_keyringSetDidName() {
executeOk curl \
--silent --show-error --write-out '%{http_code}' \
--output set.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/$SIDA1/set?did=987654321&name=Joe%20Bloggs"
tfw_cat http.headers set.json
tfw_preserve set.json
assertStdoutIs '200'
assertJq set.json 'contains({"identity": {"sid": "'$SIDA1'", "did": "987654321", "name": "Joe Bloggs"}})'
executeOk_servald keyring list
assert_keyring_list 2
assertStdoutGrep --stderr --matches=1 "^$SIDA1:$IDA1:987654321:Joe Bloggs\$"
}
doc_keyringSetDidNamePin="HTTP RESTful set DID and name with PIN"
setup_keyringSetDidNamePin() {
IDENTITY_COUNT=2
PINA1=xyzabc
setup
}
test_keyringSetDidNamePin() {
# First try with no PIN, and make sure it fails
executeOk curl \
--silent --show-error --write-out '%{http_code}' \
--output set1.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/$SIDA1/set?did=111222333&name=Nobody"
tfw_cat http.headers set1.json
tfw_preserve set1.json
assertStdoutIs '404'
# Enter incorrect PIN, and make sure it fails
executeOk curl \
--silent --show-error --write-out '%{http_code}' \
--output set2.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/$SIDA1/set?did=444555666&name=Anybody"
tfw_cat http.headers set2.json
tfw_preserve set2.json
assertStdoutIs '404'
# Then try with correct PIN, and make sure it succeeds
executeOk curl \
--silent --show-error --write-out '%{http_code}' \
--output set3.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/$SIDA1/set?did=987654321&name=Joe%20Bloggs&pin=xyzabc"
tfw_cat http.headers set3.json
tfw_preserve set3.json
assertStdoutIs '200'
assertJq set3.json 'contains({"identity": {"sid": "'$SIDA1'", "did": "987654321", "name": "Joe Bloggs"}})'
executeOk_servald keyring list --entry-pin=xyzabc
assert_keyring_list 2
assertStdoutGrep --stderr --matches=1 "^$SIDA1:$IDA1:987654321:Joe Bloggs\$"
# Finally, try again with no PIN, and make sure it succeeds (server has
# internalised the PIN supplied in the last request)
executeOk curl \
--silent --show-error --write-out '%{http_code}' \
--output set4.json \
--dump-header http.headers \
--basic --user harry:potter \
"http://$addr_localhost:$PORTA/restful/keyring/$SIDA1/set?did=321321321&name=Fred+Nurks"
tfw_cat http.headers set4.json
tfw_preserve set4.json
assertStdoutIs '200'
assertJq set4.json 'contains({"identity": {"sid": "'$SIDA1'", "did": "321321321", "name": "Fred Nurks"}})'
executeOk_servald keyring list --entry-pin=xyzabc
assert_keyring_list 2
assertStdoutGrep --stderr --matches=1 "^$SIDA1:$IDA1:321321321:Fred Nurks\$"
}
runTests "$@"