Add a couple more tests for more complete coverage.

2025-01-31 16:36:20 +00:00 · 2021-06-14 11:48:24 -04:00 · 2021-06-14 11:48:24 -04:00 · aa809669db
commit aa809669db
parent 59b09b60d3
1 changed files with 32 additions and 3 deletions
--- a/src/allmydata/test/test_auth.py
+++ b/src/allmydata/test/test_auth.py
@ -39,8 +39,10 @@ dBSD8940XU3YW+oeq8e+p3yQ2GinHfeJ3BYQyNQLuMAJ
 """)

 DUMMY_ACCOUNTS = u"""\
-alice password URI:DIR2:aaaaaaaaaaaaaaaaaaaaaaaaaa:1111111111111111111111111111111111111111111111111111
+alice herpassword URI:DIR2:aaaaaaaaaaaaaaaaaaaaaaaaaa:1111111111111111111111111111111111111111111111111111
 bob sekrit URI:DIR2:bbbbbbbbbbbbbbbbbbbbbbbbbb:2222222222222222222222222222222222222222222222222222
+
+# dennis password URI:DIR2:aaaaaaaaaaaaaaaaaaaaaaaaaa:1111111111111111111111111111111111111111111111111111
 carol {key} URI:DIR2:cccccccccccccccccccccccccc:3333333333333333333333333333333333333333333333333333
 """.format(key=str(DUMMY_KEY.public().toString("openssh"), "ascii")).encode("ascii")

@ -54,7 +56,7 @@ class AccountFileCheckerKeyTests(unittest.TestCase):
        abspath = abspath_expanduser_unicode(str(self.account_file.path))
        self.checker = auth.AccountFileChecker(None, abspath)

-    def test_unknown_user(self):
+    def test_unknown_user_ssh(self):
        """
        AccountFileChecker.requestAvatarId returns a Deferred that fires with
        UnauthorizedLogin if called with an SSHPrivateKey object with a
@ -65,6 +67,19 @@ class AccountFileCheckerKeyTests(unittest.TestCase):
        avatarId = self.checker.requestAvatarId(key_credentials)
        return self.assertFailure(avatarId, error.UnauthorizedLogin)

+    def test_unknown_user_password(self):
+        """
+        AccountFileChecker.requestAvatarId returns a Deferred that fires with
+        UnauthorizedLogin if called with an SSHPrivateKey object with a
+        username not present in the account file.
+
+        We use a commented out user, so we're also checking that comments are
+        skipped.
+        """
+        key_credentials = credentials.UsernamePassword(b"dennis", b"password")
+        d = self.checker.requestAvatarId(key_credentials)
+        return self.assertFailure(d, error.UnauthorizedLogin)
+
    def test_password_auth_user_with_ssh_key(self):
        """
        AccountFileChecker.requestAvatarId returns a Deferred that fires with
@ -81,7 +96,21 @@ class AccountFileCheckerKeyTests(unittest.TestCase):
        AccountFileChecker.requestAvatarId returns a Deferred that fires with
        the user if the correct password is given.
        """
-        key_credentials = credentials.UsernamePassword(b"alice", b"password")
+        key_credentials = credentials.UsernamePassword(b"alice", b"herpassword")
+        d = self.checker.requestAvatarId(key_credentials)
+        def authenticated(avatarId):
+            self.assertEqual(
+                (b"alice",
+                 b"URI:DIR2:aaaaaaaaaaaaaaaaaaaaaaaaaa:1111111111111111111111111111111111111111111111111111"),
+                (avatarId.username, avatarId.rootcap))
+        return d
+
+    def test_password_auth_user_with_correct_hashed_password(self):
+        """
+        AccountFileChecker.requestAvatarId returns a Deferred that fires with
+        the user if the correct password is given in hashed form.
+        """
+        key_credentials = credentials.UsernameHashedPassword(b"alice", b"herpassword")
        d = self.checker.requestAvatarId(key_credentials)
        def authenticated(avatarId):
            self.assertEqual(