deb.open-vault/api/auth_test.go

// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0

package api

import (
	"context"
	"testing"
)

type mockAuthMethod struct {
	mockedSecret *Secret
	mockedError  error
}

func (m *mockAuthMethod) Login(_ context.Context, _ *Client) (*Secret, error) {
	return m.mockedSecret, m.mockedError
}

func TestAuth_Login(t *testing.T) {
	a := &Auth{
		c: &Client{},
	}

	m := mockAuthMethod{
		mockedSecret: &Secret{
			Auth: &SecretAuth{
				ClientToken: "a-client-token",
			},
		},
		mockedError: nil,
	}

	t.Run("Login should set token on success", func(t *testing.T) {
		if a.c.Token() != "" {
			t.Errorf("client token was %v expected to be unset", a.c.Token())
		}

		_, err := a.Login(context.Background(), &m)
		if err != nil {
			t.Errorf("Login() error = %v", err)
			return
		}

		if a.c.Token() != m.mockedSecret.Auth.ClientToken {
			t.Errorf("client token was %v expected %v", a.c.Token(), m.mockedSecret.Auth.ClientToken)
			return
		}
	})
}

func TestAuth_MFALoginSinglePhase(t *testing.T) {
	t.Run("MFALogin() should succeed if credentials are passed in", func(t *testing.T) {
		a := &Auth{
			c: &Client{},
		}

		m := mockAuthMethod{
			mockedSecret: &Secret{
				Auth: &SecretAuth{
					ClientToken: "a-client-token",
				},
			},
			mockedError: nil,
		}

		_, err := a.MFALogin(context.Background(), &m, "testMethod:testPasscode")
		if err != nil {
			t.Errorf("MFALogin() error %v", err)
			return
		}
		if a.c.Token() != m.mockedSecret.Auth.ClientToken {
			t.Errorf("client token was %v expected %v", a.c.Token(), m.mockedSecret.Auth.ClientToken)
			return
		}
	})
}

func TestAuth_MFALoginTwoPhase(t *testing.T) {
	tests := []struct {
		name    string
		a       *Auth
		m       *mockAuthMethod
		creds   *string
		wantErr bool
	}{
		{
			name: "return MFARequirements",
			a: &Auth{
				c: &Client{},
			},
			m: &mockAuthMethod{
				mockedSecret: &Secret{
					Auth: &SecretAuth{
						MFARequirement: &MFARequirement{
							MFARequestID:   "a-req-id",
							MFAConstraints: nil,
						},
					},
				},
			},
			wantErr: false,
		},
		{
			name: "error if no MFARequirements",
			a: &Auth{
				c: &Client{},
			},
			m: &mockAuthMethod{
				mockedSecret: &Secret{
					Auth: &SecretAuth{},
				},
			},
			wantErr: true,
		},
	}
	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			secret, err := tt.a.MFALogin(context.Background(), tt.m)
			if (err != nil) != tt.wantErr {
				t.Errorf("MFALogin() error = %v, wantErr %v", err, tt.wantErr)
				return
			}

			if secret.Auth.MFARequirement != tt.m.mockedSecret.Auth.MFARequirement {
				t.Errorf("MFALogin() returned %v, expected %v", secret.Auth.MFARequirement, tt.m.mockedSecret.Auth.MFARequirement)
				return
			}
		})
	}
}
New upstream version 1.14.8 2024-04-20 12:23:50 +00:00			`// Copyright (c) HashiCorp, Inc.`
			`// SPDX-License-Identifier: MPL-2.0`

			`package api`

			`import (`
			`"context"`
			`"testing"`
			`)`

			`type mockAuthMethod struct {`
			`mockedSecret *Secret`
			`mockedError error`
			`}`

			`func (m mockAuthMethod) Login(_ context.Context, _ Client) (*Secret, error) {`
			`return m.mockedSecret, m.mockedError`
			`}`

			`func TestAuth_Login(t *testing.T) {`
			`a := &Auth{`
			`c: &Client{},`
			`}`

			`m := mockAuthMethod{`
			`mockedSecret: &Secret{`
			`Auth: &SecretAuth{`
			`ClientToken: "a-client-token",`
			`},`
			`},`
			`mockedError: nil,`
			`}`

			`t.Run("Login should set token on success", func(t *testing.T) {`
			`if a.c.Token() != "" {`
			`t.Errorf("client token was %v expected to be unset", a.c.Token())`
			`}`

			`_, err := a.Login(context.Background(), &m)`
			`if err != nil {`
			`t.Errorf("Login() error = %v", err)`
			`return`
			`}`

			`if a.c.Token() != m.mockedSecret.Auth.ClientToken {`
			`t.Errorf("client token was %v expected %v", a.c.Token(), m.mockedSecret.Auth.ClientToken)`
			`return`
			`}`
			`})`
			`}`

			`func TestAuth_MFALoginSinglePhase(t *testing.T) {`
			`t.Run("MFALogin() should succeed if credentials are passed in", func(t *testing.T) {`
			`a := &Auth{`
			`c: &Client{},`
			`}`

			`m := mockAuthMethod{`
			`mockedSecret: &Secret{`
			`Auth: &SecretAuth{`
			`ClientToken: "a-client-token",`
			`},`
			`},`
			`mockedError: nil,`
			`}`

			`_, err := a.MFALogin(context.Background(), &m, "testMethod:testPasscode")`
			`if err != nil {`
			`t.Errorf("MFALogin() error %v", err)`
			`return`
			`}`
			`if a.c.Token() != m.mockedSecret.Auth.ClientToken {`
			`t.Errorf("client token was %v expected %v", a.c.Token(), m.mockedSecret.Auth.ClientToken)`
			`return`
			`}`
			`})`
			`}`

			`func TestAuth_MFALoginTwoPhase(t *testing.T) {`
			`tests := []struct {`
			`name string`
			`a *Auth`
			`m *mockAuthMethod`
			`creds *string`
			`wantErr bool`
			`}{`
			`{`
			`name: "return MFARequirements",`
			`a: &Auth{`
			`c: &Client{},`
			`},`
			`m: &mockAuthMethod{`
			`mockedSecret: &Secret{`
			`Auth: &SecretAuth{`
			`MFARequirement: &MFARequirement{`
			`MFARequestID: "a-req-id",`
			`MFAConstraints: nil,`
			`},`
			`},`
			`},`
			`},`
			`wantErr: false,`
			`},`
			`{`
			`name: "error if no MFARequirements",`
			`a: &Auth{`
			`c: &Client{},`
			`},`
			`m: &mockAuthMethod{`
			`mockedSecret: &Secret{`
			`Auth: &SecretAuth{},`
			`},`
			`},`
			`wantErr: true,`
			`},`
			`}`
			`for _, tt := range tests {`
			`t.Run(tt.name, func(t *testing.T) {`
			`secret, err := tt.a.MFALogin(context.Background(), tt.m)`
			`if (err != nil) != tt.wantErr {`
			`t.Errorf("MFALogin() error = %v, wantErr %v", err, tt.wantErr)`
			`return`
			`}`

			`if secret.Auth.MFARequirement != tt.m.mockedSecret.Auth.MFARequirement {`
			`t.Errorf("MFALogin() returned %v, expected %v", secret.Auth.MFARequirement, tt.m.mockedSecret.Auth.MFARequirement)`
			`return`
			`}`
			`})`
			`}`
			`}`