diff --git a/internal/brokers/broker_test.go b/internal/brokers/broker_test.go index 6707b7199..9daeb2ac7 100644 --- a/internal/brokers/broker_test.go +++ b/internal/brokers/broker_test.go @@ -105,13 +105,13 @@ func TestGetAuthenticationModes(t *testing.T) { "Get authentication modes and generate validators": {sessionID: "success", supportedUILayouts: []string{"required-entry", "optional-entry"}}, "Get authentication modes and generate validator ignoring whitespaces in supported values": {sessionID: "success", supportedUILayouts: []string{"layout-with-spaces"}}, "Get authentication modes and ignores invalid UI layout": {sessionID: "success", supportedUILayouts: []string{"required-entry", "missing-type"}}, - "Get multiple authentication modes and generate validators": {sessionID: "GAM_multiple_modes", supportedUILayouts: []string{"required-entry", "optional-entry"}}, + "Get multiple authentication modes and generate validators": {sessionID: "gam_multiple_modes", supportedUILayouts: []string{"required-entry", "optional-entry"}}, - "Does not error out when no authentication modes are returned": {sessionID: "GAM_empty"}, + "Does not error out when no authentication modes are returned": {sessionID: "gam_empty"}, // broker errors - "Error when getting authentication modes": {sessionID: "GAM_error", wantErr: true}, - "Error when broker returns invalid modes": {sessionID: "GAM_invalid", wantErr: true}, + "Error when getting authentication modes": {sessionID: "gam_error", wantErr: true}, + "Error when broker returns invalid modes": {sessionID: "gam_invalid", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -153,23 +153,23 @@ func TestSelectAuthenticationMode(t *testing.T) { wantErr bool }{ - "Successfully select mode with required value": {sessionID: "SAM_success_required_entry"}, - "Successfully select mode with optional value": {sessionID: "SAM_success_optional_entry", supportedUILayouts: []string{"optional-entry"}}, - "Successfully select mode with missing optional value": {sessionID: "SAM_missing_optional_entry", supportedUILayouts: []string{"optional-entry"}}, + "Successfully select mode with required value": {sessionID: "sam_success_required_entry"}, + "Successfully select mode with optional value": {sessionID: "sam_success_optional_entry", supportedUILayouts: []string{"optional-entry"}}, + "Successfully select mode with missing optional value": {sessionID: "sam_missing_optional_entry", supportedUILayouts: []string{"optional-entry"}}, // broker errors - "Error when selecting invalid auth mode": {sessionID: "SAM_error", wantErr: true}, + "Error when selecting invalid auth mode": {sessionID: "sam_error", wantErr: true}, "Error when no validators were generated for session": {sessionID: "no-validators", wantErr: true}, /* Layout errors */ - "Error when returns no layout": {sessionID: "SAM_no_layout", wantErr: true}, - "Error when returns empty layout": {sessionID: "SAM_empty_layout", wantErr: true}, - "Error when returns layout with no type": {sessionID: "SAM_no_layout_type", wantErr: true}, - "Error when returns layout with invalid type": {sessionID: "SAM_invalid_layout_type", wantErr: true}, - "Error when returns layout without required value": {sessionID: "SAM_missing_required_entry", wantErr: true}, - "Error when returns layout with unknown field": {sessionID: "SAM_unknown_field", wantErr: true}, - "Error when returns layout with invalid required value": {sessionID: "SAM_invalid_required_entry", wantErr: true}, - "Error when returns layout with invalid optional value": {sessionID: "SAM_invalid_optional_entry", wantErr: true}, + "Error when returns no layout": {sessionID: "sam_no_layout", wantErr: true}, + "Error when returns empty layout": {sessionID: "sam_empty_layout", wantErr: true}, + "Error when returns layout with no type": {sessionID: "sam_no_layout_type", wantErr: true}, + "Error when returns layout with invalid type": {sessionID: "sam_invalid_layout_type", wantErr: true}, + "Error when returns layout without required value": {sessionID: "sam_missing_required_entry", wantErr: true}, + "Error when returns layout with unknown field": {sessionID: "sam_unknown_field", wantErr: true}, + "Error when returns layout with invalid required value": {sessionID: "sam_invalid_required_entry", wantErr: true}, + "Error when returns layout with invalid optional value": {sessionID: "sam_invalid_optional_entry", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -213,30 +213,30 @@ func TestIsAuthenticated(t *testing.T) { cancelFirstCall bool }{ "Successfully authenticate": {sessionID: "success"}, - "Successfully authenticate after cancelling first call": {sessionID: "IA_second_call", secondCall: true}, - "Denies authentication when broker times out": {sessionID: "IA_timeout"}, - "Adds default groups even if broker did not set them": {sessionID: "IA_info_empty_groups"}, - "No error when auth.Next and no data": {sessionID: "IA_next"}, - "No error when broker returns userinfo with empty gecos": {sessionID: "IA_info_empty_gecos"}, - "No error when broker returns userinfo with group with empty UGID": {sessionID: "IA_info_empty_ugid"}, - "No error when broker returns userinfo with mismatching username": {sessionID: "IA_info_mismatching_user_name"}, + "Successfully authenticate after cancelling first call": {sessionID: "ia_second_call", secondCall: true}, + "Denies authentication when broker times out": {sessionID: "ia_timeout"}, + "Adds default groups even if broker did not set them": {sessionID: "ia_info_empty_groups"}, + "No error when auth.Next and no data": {sessionID: "ia_next"}, + "No error when broker returns userinfo with empty gecos": {sessionID: "ia_info_empty_gecos"}, + "No error when broker returns userinfo with group with empty UGID": {sessionID: "ia_info_empty_ugid"}, + "No error when broker returns userinfo with mismatching username": {sessionID: "ia_info_mismatching_user_name"}, // broker errors - "Error when authenticating": {sessionID: "IA_error"}, - "Error on empty data even if granted": {sessionID: "IA_empty_data"}, - "Error when broker returns invalid data": {sessionID: "IA_invalid_data"}, - "Error when broker returns invalid access": {sessionID: "IA_invalid_access"}, - "Error when broker returns invalid userinfo": {sessionID: "IA_invalid_userinfo"}, - "Error when broker returns userinfo with empty username": {sessionID: "IA_info_empty_user_name"}, - "Error when broker returns userinfo with empty group name": {sessionID: "IA_info_empty_group_name"}, - "Error when broker returns userinfo with empty UUID": {sessionID: "IA_info_empty_uuid"}, - "Error when broker returns userinfo with invalid homedir": {sessionID: "IA_info_invalid_home"}, - "Error when broker returns userinfo with invalid shell": {sessionID: "IA_info_invalid_shell"}, - "Error when broker returns data on auth.Next": {sessionID: "IA_next_with_data"}, - "Error when broker returns data on auth.Cancelled": {sessionID: "IA_cancelled_with_data"}, - "Error when broker returns no data on auth.Denied": {sessionID: "IA_denied_without_data"}, - "Error when broker returns no data on auth.Retry": {sessionID: "IA_retry_without_data"}, - "Error when calling IsAuthenticated a second time without cancelling": {sessionID: "IA_second_call", secondCall: true, cancelFirstCall: true}, + "Error when authenticating": {sessionID: "ia_error"}, + "Error on empty data even if granted": {sessionID: "ia_empty_data"}, + "Error when broker returns invalid data": {sessionID: "ia_invalid_data"}, + "Error when broker returns invalid access": {sessionID: "ia_invalid_access"}, + "Error when broker returns invalid userinfo": {sessionID: "ia_invalid_userinfo"}, + "Error when broker returns userinfo with empty username": {sessionID: "ia_info_empty_user_name"}, + "Error when broker returns userinfo with empty group name": {sessionID: "ia_info_empty_group_name"}, + "Error when broker returns userinfo with empty UUID": {sessionID: "ia_info_empty_uuid"}, + "Error when broker returns userinfo with invalid homedir": {sessionID: "ia_info_invalid_home"}, + "Error when broker returns userinfo with invalid shell": {sessionID: "ia_info_invalid_shell"}, + "Error when broker returns data on auth.Next": {sessionID: "ia_next_with_data"}, + "Error when broker returns data on auth.Cancelled": {sessionID: "ia_cancelled_with_data"}, + "Error when broker returns no data on auth.Denied": {sessionID: "ia_denied_without_data"}, + "Error when broker returns no data on auth.Retry": {sessionID: "ia_retry_without_data"}, + "Error when calling IsAuthenticated a second time without cancelling": {sessionID: "ia_second_call", secondCall: true, cancelFirstCall: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -289,8 +289,8 @@ func TestCancelIsAuthenticated(t *testing.T) { wantAnswer string }{ - "Successfully cancels IsAuthenticated": {sessionID: "IA_wait", wantAnswer: auth.Cancelled}, - "Call returns denied if not cancelled": {sessionID: "IA_timeout", wantAnswer: auth.Denied}, + "Successfully cancels IsAuthenticated": {sessionID: "ia_wait", wantAnswer: auth.Cancelled}, + "Call returns denied if not cancelled": {sessionID: "ia_timeout", wantAnswer: auth.Denied}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -305,7 +305,7 @@ func TestCancelIsAuthenticated(t *testing.T) { }() defer cancel() - if tc.sessionID == "IA_wait" { + if tc.sessionID == "ia_wait" { // Give some time for the IsAuthenticated routine to start. time.Sleep(time.Second) cancel() diff --git a/internal/brokers/manager_test.go b/internal/brokers/manager_test.go index ff36b57e8..948fbe1fe 100644 --- a/internal/brokers/manager_test.go +++ b/internal/brokers/manager_test.go @@ -185,8 +185,8 @@ func TestNewSession(t *testing.T) { "Successfully start a new session with the correct broker": {username: "success", configuredBrokers: []string{t.Name() + "_Broker1.conf", t.Name() + "_Broker2.conf"}}, "Error when broker does not exist": {brokerID: "does_not_exist", wantErr: true}, - "Error when broker does not provide an ID": {username: "NS_no_id", wantErr: true}, - "Error when starting a new session": {username: "NS_error", wantErr: true}, + "Error when broker does not provide an ID": {username: "ns_no_id", wantErr: true}, + "Error when starting a new session": {username: "ns_error", wantErr: true}, "Error when broker is not available on dbus": {unavailableBroker: true, wantErr: true}, } for name, tc := range tests { @@ -269,7 +269,7 @@ func TestEndSession(t *testing.T) { "Successfully end session on the correct broker": {sessionID: "success", configuredBrokers: []string{t.Name() + "_Broker1", t.Name() + "_Broker2"}}, "Error when broker does not exist": {brokerID: "does not exist", sessionID: "dont matter", wantErr: true}, - "Error when ending session": {sessionID: "ES_error", wantErr: true}, + "Error when ending session": {sessionID: "es_error", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { diff --git a/internal/brokers/testdata/golden/TestIsAuthenticated/Adds_default_groups_even_if_broker_did_not_set_them b/internal/brokers/testdata/golden/TestIsAuthenticated/Adds_default_groups_even_if_broker_did_not_set_them index 7e85a8d3a..45f177b9c 100644 --- a/internal/brokers/testdata/golden/TestIsAuthenticated/Adds_default_groups_even_if_broker_did_not_set_them +++ b/internal/brokers/testdata/golden/TestIsAuthenticated/Adds_default_groups_even_if_broker_did_not_set_them @@ -1,4 +1,4 @@ FIRST CALL: access: granted - data: {"Name":"TestIsAuthenticated/Adds_default_groups_even_if_broker_did_not_set_them_separator_IA_info_empty_groups","UID":0,"Gecos":"gecos for IA_info_empty_groups","Dir":"/home/IA_info_empty_groups","Shell":"/bin/sh/IA_info_empty_groups","Groups":[]} + data: {"Name":"TestIsAuthenticated/Adds_default_groups_even_if_broker_did_not_set_them_separator_ia_info_empty_groups","UID":0,"Gecos":"gecos for ia_info_empty_groups","Dir":"/home/ia_info_empty_groups","Shell":"/bin/sh/ia_info_empty_groups","Groups":[]} err: diff --git a/internal/brokers/testdata/golden/TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling b/internal/brokers/testdata/golden/TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling index 4e78954a1..08b13f8ea 100644 --- a/internal/brokers/testdata/golden/TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling +++ b/internal/brokers/testdata/golden/TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling @@ -1,8 +1,8 @@ FIRST CALL: access: granted - data: {"Name":"TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling_separator_IA_second_call","UID":0,"Gecos":"gecos for IA_second_call","Dir":"/home/IA_second_call","Shell":"/bin/sh/IA_second_call","Groups":[{"Name":"group-IA_second_call","GID":null,"UGID":"ugid-IA_second_call"}]} + data: {"Name":"TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling_separator_ia_second_call","UID":0,"Gecos":"gecos for ia_second_call","Dir":"/home/ia_second_call","Shell":"/bin/sh/ia_second_call","Groups":[{"Name":"group-ia_second_call","GID":null,"UGID":"ugid-ia_second_call"}]} err: SECOND CALL: access: data: - err: broker "TestIsAuthenticated": IsAuthenticated already running for session "TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling_separator_IA_second_call" + err: broker "TestIsAuthenticated": IsAuthenticated already running for session "TestIsAuthenticated/Error_when_calling_IsAuthenticated_a_second_time_without_cancelling_separator_ia_second_call" diff --git a/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_empty_gecos b/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_empty_gecos index ca1ae691e..9935dc506 100644 --- a/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_empty_gecos +++ b/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_empty_gecos @@ -1,4 +1,4 @@ FIRST CALL: access: granted - data: {"Name":"TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_empty_gecos_separator_IA_info_empty_gecos","UID":0,"Gecos":"","Dir":"/home/IA_info_empty_gecos","Shell":"/bin/sh/IA_info_empty_gecos","Groups":[{"Name":"group-IA_info_empty_gecos","GID":null,"UGID":"ugid-IA_info_empty_gecos"}]} + data: {"Name":"TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_empty_gecos_separator_ia_info_empty_gecos","UID":0,"Gecos":"","Dir":"/home/ia_info_empty_gecos","Shell":"/bin/sh/ia_info_empty_gecos","Groups":[{"Name":"group-ia_info_empty_gecos","GID":null,"UGID":"ugid-ia_info_empty_gecos"}]} err: diff --git a/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_group_with_empty_UGID b/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_group_with_empty_UGID index 23b21def8..465fe734f 100644 --- a/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_group_with_empty_UGID +++ b/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_group_with_empty_UGID @@ -1,4 +1,4 @@ FIRST CALL: access: granted - data: {"Name":"TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_group_with_empty_UGID_separator_IA_info_empty_ugid","UID":0,"Gecos":"gecos for IA_info_empty_ugid","Dir":"/home/IA_info_empty_ugid","Shell":"/bin/sh/IA_info_empty_ugid","Groups":[{"Name":"group-IA_info_empty_ugid","GID":null,"UGID":""}]} + data: {"Name":"TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_group_with_empty_UGID_separator_ia_info_empty_ugid","UID":0,"Gecos":"gecos for ia_info_empty_ugid","Dir":"/home/ia_info_empty_ugid","Shell":"/bin/sh/ia_info_empty_ugid","Groups":[{"Name":"group-ia_info_empty_ugid","GID":null,"UGID":""}]} err: diff --git a/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_mismatching_username b/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_mismatching_username index d2a16f334..8d6b55633 100644 --- a/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_mismatching_username +++ b/internal/brokers/testdata/golden/TestIsAuthenticated/No_error_when_broker_returns_userinfo_with_mismatching_username @@ -1,4 +1,4 @@ FIRST CALL: access: granted - data: {"Name":"different_username","UID":0,"Gecos":"gecos for IA_info_mismatching_user_name","Dir":"/home/IA_info_mismatching_user_name","Shell":"/bin/sh/IA_info_mismatching_user_name","Groups":[{"Name":"group-IA_info_mismatching_user_name","GID":null,"UGID":"ugid-IA_info_mismatching_user_name"}]} + data: {"Name":"different_username","UID":0,"Gecos":"gecos for ia_info_mismatching_user_name","Dir":"/home/ia_info_mismatching_user_name","Shell":"/bin/sh/ia_info_mismatching_user_name","Groups":[{"Name":"group-ia_info_mismatching_user_name","GID":null,"UGID":"ugid-ia_info_mismatching_user_name"}]} err: diff --git a/internal/brokers/testdata/golden/TestIsAuthenticated/Successfully_authenticate_after_cancelling_first_call b/internal/brokers/testdata/golden/TestIsAuthenticated/Successfully_authenticate_after_cancelling_first_call index b7e54277a..e85276ef5 100644 --- a/internal/brokers/testdata/golden/TestIsAuthenticated/Successfully_authenticate_after_cancelling_first_call +++ b/internal/brokers/testdata/golden/TestIsAuthenticated/Successfully_authenticate_after_cancelling_first_call @@ -4,5 +4,5 @@ FIRST CALL: err: SECOND CALL: access: granted - data: {"Name":"TestIsAuthenticated/Successfully_authenticate_after_cancelling_first_call_separator_IA_second_call","UID":0,"Gecos":"gecos for IA_second_call","Dir":"/home/IA_second_call","Shell":"/bin/sh/IA_second_call","Groups":[{"Name":"group-IA_second_call","GID":null,"UGID":"ugid-IA_second_call"}]} + data: {"Name":"TestIsAuthenticated/Successfully_authenticate_after_cancelling_first_call_separator_ia_second_call","UID":0,"Gecos":"gecos for ia_second_call","Dir":"/home/ia_second_call","Shell":"/bin/sh/ia_second_call","Groups":[{"Name":"group-ia_second_call","GID":null,"UGID":"ugid-ia_second_call"}]} err: diff --git a/internal/services/pam/pam.go b/internal/services/pam/pam.go index fa9130d8d..479dc4d5a 100644 --- a/internal/services/pam/pam.go +++ b/internal/services/pam/pam.go @@ -7,6 +7,7 @@ import ( "errors" "fmt" "os/user" + "strings" "github.com/ubuntu/authd/internal/brokers" "github.com/ubuntu/authd/internal/brokers/auth" @@ -127,6 +128,9 @@ func (s Service) SelectBroker(ctx context.Context, req *authd.SBRequest) (resp * brokerID := req.GetBrokerId() lang := req.GetLang() + // authd usernames are lowercase + username = strings.ToLower(username) + if username == "" { return nil, status.Error(codes.InvalidArgument, "no user name provided") } diff --git a/internal/services/pam/pam_test.go b/internal/services/pam/pam_test.go index b1b9dafe2..b2ec316b5 100644 --- a/internal/services/pam/pam_test.go +++ b/internal/services/pam/pam_test.go @@ -205,8 +205,8 @@ func TestSelectBroker(t *testing.T) { "Error when mode does not exist": {sessionMode: "does not exist", wantErr: true}, "Error when brokerID is empty": {username: "empty broker", brokerID: "-", wantErr: true}, "Error when broker does not exist": {username: "no broker", brokerID: "does not exist", wantErr: true}, - "Error when broker does not provide a session ID": {username: "NS_no_id", wantErr: true}, - "Error when starting the session": {username: "NS_error", wantErr: true}, + "Error when broker does not provide a session ID": {username: "ns_no_id", wantErr: true}, + "Error when starting the session": {username: "ns_error", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -269,14 +269,14 @@ func TestGetAuthenticationModes(t *testing.T) { wantErr bool }{ "Successfully get authentication modes": {}, - "Successfully get multiple authentication modes": {username: "GAM_multiple_modes"}, + "Successfully get multiple authentication modes": {username: "gam_multiple_modes"}, "Error when not root": {currentUserNotRoot: true, wantErr: true}, "Error when sessionID is empty": {sessionID: "-", wantErr: true}, "Error when passing invalid layout": {supportedUILayouts: []*authd.UILayout{emptyType}, wantErr: true}, "Error when sessionID is invalid": {sessionID: "invalid-session", wantErr: true}, - "Error when getting authentication modes": {username: "GAM_error", wantErr: true}, - "Error when broker returns invalid modes": {username: "GAM_invalid", wantErr: true}, + "Error when getting authentication modes": {username: "gam_error", wantErr: true}, + "Error when broker returns invalid modes": {username: "gam_invalid", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -334,24 +334,24 @@ func TestSelectAuthenticationMode(t *testing.T) { wantErr bool }{ - "Successfully select mode with required value": {username: "SAM_success_required_entry", supportedUILayouts: []*authd.UILayout{requiredEntry}}, - "Successfully select mode with missing optional value": {username: "SAM_missing_optional_entry", supportedUILayouts: []*authd.UILayout{optionalEntry}}, + "Successfully select mode with required value": {username: "sam_success_required_entry", supportedUILayouts: []*authd.UILayout{requiredEntry}}, + "Successfully select mode with missing optional value": {username: "sam_missing_optional_entry", supportedUILayouts: []*authd.UILayout{optionalEntry}}, // service errors - "Error when not root": {username: "SAM_success_required_entry", currentUserNotRoot: true, wantErr: true}, + "Error when not root": {username: "sam_success_required_entry", currentUserNotRoot: true, wantErr: true}, "Error when sessionID is empty": {sessionID: "-", wantErr: true}, "Error when session ID is invalid": {sessionID: "invalid-session", wantErr: true}, "Error when no authmode is selected": {sessionID: "no auth mode", authMode: "-", wantErr: true}, // broker errors - "Error when selecting invalid auth mode": {username: "SAM_error", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, + "Error when selecting invalid auth mode": {username: "sam_error", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, "Error when broker does not have validators for the session": {username: "does not matter", noValidators: true, wantErr: true}, /* Layout errors */ - "Error when returns no layout": {username: "SAM_no_layout", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, - "Error when returns layout with no type": {username: "SAM_no_layout_type", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, - "Error when returns layout without required value": {username: "SAM_missing_required_entry", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, - "Error when returns layout with unknown field": {username: "SAM_unknown_field", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, + "Error when returns no layout": {username: "sam_no_layout", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, + "Error when returns layout with no type": {username: "sam_no_layout_type", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, + "Error when returns layout without required value": {username: "sam_missing_required_entry", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, + "Error when returns layout with unknown field": {username: "sam_unknown_field", supportedUILayouts: []*authd.UILayout{requiredEntry}, wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -378,8 +378,8 @@ func TestSelectAuthenticationMode(t *testing.T) { tc.authMode = "" } - // If the username does not have a SAM_something, it means we don't care about the broker answer and we don't need the validators. - if !tc.noValidators && strings.HasPrefix(tc.username, "SAM_") { + // If the username does not have a sam_something, it means we don't care about the broker answer and we don't need the validators. + if !tc.noValidators && strings.HasPrefix(tc.username, "sam_") { // We need to call GetAuthenticationModes to generate the layout validators on the broker. gamReq := &authd.GAMRequest{ SessionId: tc.sessionID, @@ -423,8 +423,8 @@ func TestIsAuthenticated(t *testing.T) { // There is no wantErr as it's stored in the golden file. }{ "Successfully authenticate": {username: "success"}, - "Successfully authenticate if first call is canceled": {username: "IA_second_call", secondCall: true, cancelFirstCall: true}, - "Denies authentication when broker times out": {username: "IA_timeout"}, + "Successfully authenticate if first call is canceled": {username: "ia_second_call", secondCall: true, cancelFirstCall: true}, + "Denies authentication when broker times out": {username: "ia_timeout"}, "Update existing DB on success": {username: "success", existingDB: "cache-with-user.db"}, "Update local groups": {username: "success_with_local_groups", localGroupsFile: "valid.group"}, @@ -436,12 +436,12 @@ func TestIsAuthenticated(t *testing.T) { "Error when there is no broker": {sessionID: "invalid-session"}, // broker errors - "Error when authenticating": {username: "IA_error"}, - "Error on empty data even if granted": {username: "IA_empty_data"}, - "Error when broker returns invalid access": {username: "IA_invalid_access"}, - "Error when broker returns invalid data": {username: "IA_invalid_data"}, - "Error when broker returns invalid userinfo": {username: "IA_invalid_userinfo"}, - "Error when calling second time without cancelling": {username: "IA_second_call", secondCall: true}, + "Error when authenticating": {username: "ia_error"}, + "Error on empty data even if granted": {username: "ia_empty_data"}, + "Error when broker returns invalid access": {username: "ia_invalid_access"}, + "Error when broker returns invalid data": {username: "ia_invalid_data"}, + "Error when broker returns invalid userinfo": {username: "ia_invalid_userinfo"}, + "Error when calling second time without cancelling": {username: "ia_second_call", secondCall: true}, // local group error "Error on updating local groups with unexisting file": {username: "success_with_local_groups", localGroupsFile: "does_not_exists.group"}, @@ -648,7 +648,7 @@ func TestEndSession(t *testing.T) { "Error when not root": {username: "success", currentUserNotRoot: true, wantErr: true}, "Error when sessionID is empty": {sessionID: "-", wantErr: true}, "Error when sessionID is invalid": {sessionID: "invalid-session", wantErr: true}, - "Error when ending session": {username: "ES_error", wantErr: true}, + "Error when ending session": {username: "es_error", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { diff --git a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_on_updating_local_groups_with_unexisting_file/IsAuthenticated b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_on_updating_local_groups_with_unexisting_file/IsAuthenticated index 9aca3b87d..bfed5941b 100644 --- a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_on_updating_local_groups_with_unexisting_file/IsAuthenticated +++ b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_on_updating_local_groups_with_unexisting_file/IsAuthenticated @@ -1,4 +1,4 @@ FIRST CALL: access: msg: - err: can't check authentication: failed to update user "TestIsAuthenticated/Error_on_updating_local_groups_with_unexisting_file_separator_success_with_local_groups": could not update local groups for user "testisauthenticated/error_on_updating_local_groups_with_unexisting_file_separator_success_with_local_groups": could not fetch existing local group: open testdata/TestIsAuthenticated/does_not_exists.group: no such file or directory + err: can't check authentication: failed to update user "testisauthenticated/error_on_updating_local_groups_with_unexisting_file_separator_success_with_local_groups": could not update local groups for user "testisauthenticated/error_on_updating_local_groups_with_unexisting_file_separator_success_with_local_groups": could not fetch existing local group: open testdata/TestIsAuthenticated/does_not_exists.group: no such file or directory diff --git a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_GID_conflicts_with_existing_different_group/IsAuthenticated b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_GID_conflicts_with_existing_different_group/IsAuthenticated index f0e2ea274..3d534dd1d 100644 --- a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_GID_conflicts_with_existing_different_group/IsAuthenticated +++ b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_GID_conflicts_with_existing_different_group/IsAuthenticated @@ -1,4 +1,4 @@ FIRST CALL: access: msg: - err: can't check authentication: failed to update user "TestIsAuthenticated/Error_when_GID_conflicts_with_existing_different_group_separator_conflicting-gid": GID for group "group-conflicting-gid" already in use by a different group + err: can't check authentication: failed to update user "testisauthenticated/error_when_gid_conflicts_with_existing_different_group_separator_conflicting-gid": GID for group "group-conflicting-gid" already in use by a different group diff --git a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_UID_conflicts_with_existing_different_user/IsAuthenticated b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_UID_conflicts_with_existing_different_user/IsAuthenticated index 2fc797031..8ee9fe9a7 100644 --- a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_UID_conflicts_with_existing_different_user/IsAuthenticated +++ b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_UID_conflicts_with_existing_different_user/IsAuthenticated @@ -1,4 +1,4 @@ FIRST CALL: access: msg: - err: can't check authentication: failed to update user "TestIsAuthenticated/Error_when_UID_conflicts_with_existing_different_user_separator_conflicting-uid": UID already in use by a different user + err: can't check authentication: failed to update user "testisauthenticated/error_when_uid_conflicts_with_existing_different_user_separator_conflicting-uid": UID already in use by a different user diff --git a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/IsAuthenticated b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/IsAuthenticated index f8b7ee2fc..c21d0db68 100644 --- a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/IsAuthenticated +++ b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/IsAuthenticated @@ -5,4 +5,4 @@ FIRST CALL: SECOND CALL: access: msg: - err: broker "BrokerMock": IsAuthenticated already running for session "TestIsAuthenticated/Error_when_calling_second_time_without_cancelling_separator_IA_second_call-session_id" + err: broker "BrokerMock": IsAuthenticated already running for session "testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call-session_id" diff --git a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/cache.db b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/cache.db index 6187ad826..0a9c56c4b 100644 --- a/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/cache.db +++ b/internal/services/pam/testdata/golden/TestIsAuthenticated/Error_when_calling_second_time_without_cancelling/cache.db @@ -1,19 +1,19 @@ GroupByID: - "1369382419": '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-IA_second_call"}' + "1369382419": '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-ia_second_call"}' "1556535091": '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","GID":1556535091,"UGID":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call"}' GroupByName: - group-ia_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-IA_second_call"}' + group-ia_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-ia_second_call"}' testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call: '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","GID":1556535091,"UGID":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call"}' GroupByUGID: testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call: '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","GID":1556535091,"UGID":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call"}' - ugid-IA_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-IA_second_call"}' + ugid-ia_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-ia_second_call"}' GroupToUsers: "1369382419": '{"GID":1369382419,"UIDs":[1556535091]}' "1556535091": '{"GID":1556535091,"UIDs":[1556535091]}' UserByID: - "1556535091": '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","UID":1556535091,"GID":1556535091,"Gecos":"gecos for IA_second_call","Dir":"/home/IA_second_call","Shell":"/bin/sh/IA_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' + "1556535091": '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","UID":1556535091,"GID":1556535091,"Gecos":"gecos for ia_second_call","Dir":"/home/ia_second_call","Shell":"/bin/sh/ia_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' UserByName: - testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call: '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","UID":1556535091,"GID":1556535091,"Gecos":"gecos for IA_second_call","Dir":"/home/IA_second_call","Shell":"/bin/sh/IA_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' + testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call: '{"Name":"testisauthenticated/error_when_calling_second_time_without_cancelling_separator_ia_second_call","UID":1556535091,"GID":1556535091,"Gecos":"gecos for ia_second_call","Dir":"/home/ia_second_call","Shell":"/bin/sh/ia_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' UserToBroker: {} UserToGroups: "1556535091": '{"UID":1556535091,"GIDs":[1556535091,1369382419]}' diff --git a/internal/services/pam/testdata/golden/TestIsAuthenticated/Successfully_authenticate_if_first_call_is_canceled/cache.db b/internal/services/pam/testdata/golden/TestIsAuthenticated/Successfully_authenticate_if_first_call_is_canceled/cache.db index c9e515aef..ec0305389 100644 --- a/internal/services/pam/testdata/golden/TestIsAuthenticated/Successfully_authenticate_if_first_call_is_canceled/cache.db +++ b/internal/services/pam/testdata/golden/TestIsAuthenticated/Successfully_authenticate_if_first_call_is_canceled/cache.db @@ -1,19 +1,19 @@ GroupByID: - "1369382419": '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-IA_second_call"}' + "1369382419": '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-ia_second_call"}' "1569396774": '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","GID":1569396774,"UGID":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call"}' GroupByName: - group-ia_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-IA_second_call"}' + group-ia_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-ia_second_call"}' testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call: '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","GID":1569396774,"UGID":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call"}' GroupByUGID: testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call: '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","GID":1569396774,"UGID":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call"}' - ugid-IA_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-IA_second_call"}' + ugid-ia_second_call: '{"Name":"group-ia_second_call","GID":1369382419,"UGID":"ugid-ia_second_call"}' GroupToUsers: "1369382419": '{"GID":1369382419,"UIDs":[1569396774]}' "1569396774": '{"GID":1569396774,"UIDs":[1569396774]}' UserByID: - "1569396774": '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","UID":1569396774,"GID":1569396774,"Gecos":"gecos for IA_second_call","Dir":"/home/IA_second_call","Shell":"/bin/sh/IA_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' + "1569396774": '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","UID":1569396774,"GID":1569396774,"Gecos":"gecos for ia_second_call","Dir":"/home/ia_second_call","Shell":"/bin/sh/ia_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' UserByName: - testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call: '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","UID":1569396774,"GID":1569396774,"Gecos":"gecos for IA_second_call","Dir":"/home/IA_second_call","Shell":"/bin/sh/IA_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' + testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call: '{"Name":"testisauthenticated/successfully_authenticate_if_first_call_is_canceled_separator_ia_second_call","UID":1569396774,"GID":1569396774,"Gecos":"gecos for ia_second_call","Dir":"/home/ia_second_call","Shell":"/bin/sh/ia_second_call","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' UserToBroker: {} UserToGroups: "1569396774": '{"UID":1569396774,"GIDs":[1569396774,1369382419]}' diff --git a/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_auth_session b/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_auth_session index 621299849..3741ebd1b 100644 --- a/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_auth_session +++ b/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_auth_session @@ -1,2 +1,2 @@ -ID: BROKER_ID-TestSelectBroker/Successfully_select_a_broker_and_creates_auth_session_separator_success-session_id +ID: BROKER_ID-testselectbroker/successfully_select_a_broker_and_creates_auth_session_separator_success-session_id Encryption Key: BrokerMock-key diff --git a/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_passwd_session b/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_passwd_session index 829cba568..07deb7584 100644 --- a/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_passwd_session +++ b/internal/services/pam/testdata/golden/TestSelectBroker/Successfully_select_a_broker_and_creates_passwd_session @@ -1,2 +1,2 @@ -ID: BROKER_ID-TestSelectBroker/Successfully_select_a_broker_and_creates_passwd_session_separator_success-session_id +ID: BROKER_ID-testselectbroker/successfully_select_a_broker_and_creates_passwd_session_separator_success-session_id Encryption Key: BrokerMock-key diff --git a/internal/testutils/broker.go b/internal/testutils/broker.go index 64b91720e..6eb747749 100644 --- a/internal/testutils/broker.go +++ b/internal/testutils/broker.go @@ -124,10 +124,10 @@ func writeConfig(cfgDir, name string) (string, error) { // NewSession returns default values to be used in tests or an error if requested. func (b *BrokerBusMock) NewSession(username, lang, mode string) (sessionID, encryptionKey string, dbusErr *dbus.Error) { parsedUsername := parseSessionID(username) - if parsedUsername == "NS_error" { + if parsedUsername == "ns_error" { return "", "", dbus.MakeFailedError(fmt.Errorf("broker %q: NewSession errored out", b.name)) } - if parsedUsername == "NS_no_id" { + if parsedUsername == "ns_no_id" { return "", username + "_key", nil } return GenerateSessionID(username), GenerateEncryptionKey(b.name), nil @@ -137,15 +137,15 @@ func (b *BrokerBusMock) NewSession(username, lang, mode string) (sessionID, encr func (b *BrokerBusMock) GetAuthenticationModes(sessionID string, supportedUILayouts []map[string]string) (authenticationModes []map[string]string, dbusErr *dbus.Error) { sessionID = parseSessionID(sessionID) switch sessionID { - case "GAM_invalid": + case "gam_invalid": return []map[string]string{ {"invalid": "invalid"}, }, nil - case "GAM_empty": + case "gam_empty": return nil, nil - case "GAM_error": + case "gam_error": return nil, dbus.MakeFailedError(fmt.Errorf("broker %q: GetAuthenticationModes errored out", b.name)) - case "GAM_multiple_modes": + case "gam_multiple_modes": return []map[string]string{ {layouts.ID: "mode1", layouts.Label: "Mode 1"}, {layouts.ID: "mode2", layouts.Label: "Mode 2"}, @@ -161,49 +161,49 @@ func (b *BrokerBusMock) GetAuthenticationModes(sessionID string, supportedUILayo func (b *BrokerBusMock) SelectAuthenticationMode(sessionID, authenticationModeName string) (uiLayoutInfo map[string]string, dbusErr *dbus.Error) { sessionID = parseSessionID(sessionID) switch sessionID { - case "SAM_success_required_entry": + case "sam_success_required_entry": return map[string]string{ layouts.Type: "required-entry", layouts.Entry: "entry_type", }, nil - case "SAM_success_optional_entry": + case "sam_success_optional_entry": return map[string]string{ layouts.Type: "optional-entry", layouts.Entry: "entry_type", }, nil - case "SAM_missing_optional_entry": + case "sam_missing_optional_entry": return map[string]string{ layouts.Type: "optional-entry", }, nil - case "SAM_invalid_layout_type": + case "sam_invalid_layout_type": return map[string]string{ "invalid": "invalid", }, nil - case "SAM_missing_required_entry": + case "sam_missing_required_entry": return map[string]string{ layouts.Type: "required-entry", }, nil - case "SAM_invalid_required_entry": + case "sam_invalid_required_entry": return map[string]string{ layouts.Type: "required-entry", layouts.Entry: "invalid entry", }, nil - case "SAM_invalid_optional_entry": + case "sam_invalid_optional_entry": return map[string]string{ layouts.Type: "optional-entry", layouts.Entry: "invalid entry", }, nil - case "SAM_unknown_field": + case "sam_unknown_field": return map[string]string{ layouts.Type: "required-entry", layouts.Entry: "entry_type", "unknown_field": "unknown", }, nil - case "SAM_error": + case "sam_error": return nil, dbus.MakeFailedError(fmt.Errorf("broker %q: SelectAuthenticationMode errored out", b.name)) - case "SAM_no_layout": + case "sam_no_layout": return nil, nil - case "SAM_empty_layout": + case "sam_empty_layout": return map[string]string{}, nil } // Should never get here @@ -216,7 +216,7 @@ func (b *BrokerBusMock) IsAuthenticated(sessionID, authenticationData string) (a // We have to use both the prefixed sessionID and the parsed one in order to differentiate between test cases. parsedID := parseSessionID(sessionID) - if parsedID == "IA_error" { + if parsedID == "ia_error" { return "", "", dbus.MakeFailedError(fmt.Errorf("broker %q: IsAuthenticated errored out", b.name)) } @@ -244,17 +244,17 @@ func (b *BrokerBusMock) IsAuthenticated(sessionID, authenticationData string) (a data = fmt.Sprintf(`{"userinfo": %s}`, userInfoFromName(sessionID, nil)) switch parsedID { - case "IA_timeout": + case "ia_timeout": time.Sleep(time.Second) access = authDenied data = `{"message": "denied by time out"}` - case "IA_wait": + case "ia_wait": <-ctx.Done() access = authCancelled data = "" - case "IA_second_call": + case "ia_second_call": select { case <-ctx.Done(): access = authCancelled @@ -264,7 +264,7 @@ func (b *BrokerBusMock) IsAuthenticated(sessionID, authenticationData string) (a data = fmt.Sprintf(`{"userinfo": %s}`, userInfoFromName(sessionID, nil)) } - case "IA_next": + case "ia_next": access = authNext data = "" @@ -272,31 +272,31 @@ func (b *BrokerBusMock) IsAuthenticated(sessionID, authenticationData string) (a extragroups := []groupJSONInfo{{Name: "localgroup1"}, {Name: "localgroup3"}} data = fmt.Sprintf(`{"userinfo": %s}`, userInfoFromName(sessionID, extragroups)) - case "IA_invalid_access": + case "ia_invalid_access": access = "invalid" - case "IA_invalid_data": + case "ia_invalid_data": data = "invalid" - case "IA_empty_data": + case "ia_empty_data": data = "" - case "IA_invalid_userinfo": + case "ia_invalid_userinfo": data = `{"userinfo": "not valid"}` - case "IA_denied_without_data": + case "ia_denied_without_data": access = authDenied data = "" - case "IA_retry_without_data": + case "ia_retry_without_data": access = authRetry data = "" - case "IA_next_with_data": + case "ia_next_with_data": access = authNext data = `{"message": "there should not be a message here"}` - case "IA_cancelled_with_data": + case "ia_cancelled_with_data": access = authCancelled data = `{"message": "there should not be a message here"}` } @@ -307,7 +307,7 @@ func (b *BrokerBusMock) IsAuthenticated(sessionID, authenticationData string) (a // EndSession returns default values to be used in tests or an error if requested. func (b *BrokerBusMock) EndSession(sessionID string) (dbusErr *dbus.Error) { sessionID = parseSessionID(sessionID) - if sessionID == "ES_error" { + if sessionID == "es_error" { return dbus.MakeFailedError(fmt.Errorf("broker %q: EndSession errored out", b.name)) } return nil @@ -364,23 +364,23 @@ func userInfoFromName(sessionID string, extraGroups []groupJSONInfo) string { ugid := "ugid-" + parsedID switch parsedID { - case "IA_info_empty_user_name": + case "ia_info_empty_user_name": name = "" - case "IA_info_mismatching_user_name": + case "ia_info_mismatching_user_name": name = "different_username" - case "IA_info_empty_group_name": + case "ia_info_empty_group_name": group = "" - case "IA_info_empty_uuid": + case "ia_info_empty_uuid": uuid = "" - case "IA_info_empty_ugid": + case "ia_info_empty_ugid": ugid = "" - case "IA_info_empty_gecos": + case "ia_info_empty_gecos": gecos = "" - case "IA_info_empty_groups": + case "ia_info_empty_groups": group = "-" - case "IA_info_invalid_home": + case "ia_info_invalid_home": home = "this is not a homedir" - case "IA_info_invalid_shell": + case "ia_info_invalid_shell": shell = "this is not a valid shell" }