refactored tests

test/auth/factory.cc

@@ -0,0 +1,20 @@
+#include <gtest/gtest.h>
+#include "webfused/auth/factory.h"
+#include "webfused/auth/authenticator.h"
+#include "webfused/log/log.h"
+#include "mock/logger.hpp"
+
+using ::testing::_;
+using ::webfused_test::MockLogger;
+
+
+TEST(auth_factory, fail_unknown_provider)
+{
+    MockLogger logger;
+    EXPECT_CALL(logger, log(WFD_LOGLEVEL_ERROR, _, _)).Times(1);
+    EXPECT_CALL(logger, onclose()).Times(1);
+
+    wfd_authenticator authenticator;
+    bool result = wfd_authenticator_create("unknown", NULL, &authenticator);
+    ASSERT_FALSE(result);
+}

test/auth/file_authenticator.cc

@@ -0,0 +1,158 @@
+#include "webfused/auth/file_authenticator.h"
+#include "webfused/auth/authenticator.h"
+#include "webfused/config/settings.h"
+#include "webfused/auth/factory.h"
+
+#include "mock/credentials.hpp"
+#include "mock/settings.hpp"
+
+#include <gtest/gtest.h>
+#include <libconfig.h>
+
+using ::webfused_test::MockSettings;
+using ::webfused_test::MockCredentials;
+using ::testing::Return;
+using ::testing::StrEq;
+
+TEST(file_authenticator, create)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("test_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, create_fail_missing_file)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return(nullptr));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_FALSE(success);
+}
+
+TEST(file_authenticator, create_via_factory)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("test_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_authenticator_create("file", nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, authenticate)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("test_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_TRUE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, authenticate_fail_wrong_passwd)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("test_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("unkown"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, authenticate_fail_no_passwd_file)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("unknown_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secred"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, authenticate_fail_missing_username)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("test_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return(nullptr));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("unkown"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, authenticate_fail_missing_password)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("test_passwd.json"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return(nullptr));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(file_authenticator, get_type)
+{
+    MockSettings settings;
+    EXPECT_CALL(settings, getString(StrEq("file"))).Times(1).WillOnce(Return("/any/path"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_file_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    ASSERT_STREQ("username", wfd_authenticator_get_type(authenticator));
+
+    wfd_authenticator_dispose(authenticator);
+}

test/auth/pam_authenticator.cc

@@ -0,0 +1,279 @@
+#include "webfused/auth/pam_authenticator.h"
+#include "webfused/auth/authenticator.h"
+#include "webfused/config/settings.h"
+#include "webfused/auth/factory.h"
+
+#include "mock/credentials.hpp"
+#include "mock/settings.hpp"
+#include "mock/pam.hpp"
+
+#include <gtest/gtest.h>
+
+
+using ::webfused_test::MockSettings;
+using ::webfused_test::MockCredentials;
+using ::webfused_test::MockPam;
+using ::testing::_;
+using ::testing::Return;
+using ::testing::StrEq;
+using ::testing::Invoke;
+using ::testing::StrictMock;
+
+TEST(pam_authenticator, create)
+{
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, create_via_factory)
+{
+    wfd_authenticator authenticator;
+    bool success = wfd_authenticator_create("pam", nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, get_type)
+{
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    ASSERT_STREQ("username", wfd_authenticator_get_type(authenticator));
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, authenticate)
+{
+    MockPam pam;
+    EXPECT_CALL(pam, start(StrEq("webfused"), nullptr, _, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, authenticate(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, acct_mgmt(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, end(_, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_TRUE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, authenticate_with_custom_service_name)
+{
+    MockPam pam;
+    EXPECT_CALL(pam, start(StrEq("brummni"), nullptr, _, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, authenticate(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, acct_mgmt(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, end(_, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+
+    MockSettings settings;
+    EXPECT_CALL(settings, getStringOrDefault(StrEq("service_name"), StrEq("webfused")))
+        .Times(1).WillOnce(Return("brummni"));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_TRUE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+namespace
+{
+
+int valid_conversation(
+    char const * service_name,
+    char const * user,
+    struct pam_conv const * conv,
+    pam_handle_t * * handle)
+{
+    (void) service_name;
+    (void) user;
+    (void) handle;
+
+    pam_message request_username = {PAM_PROMPT_ECHO_ON, "username"};
+    pam_message request_password = {PAM_PROMPT_ECHO_OFF, "password"};
+    pam_message const * messages[2] =
+    {
+        &request_username,
+        &request_password
+    };
+    pam_response * responses;
+    int rc = conv->conv(2, messages, &responses, conv->appdata_ptr);
+    if (PAM_SUCCESS == rc)
+    {
+        free(responses[0].resp);
+        free(responses[1].resp);
+        free(responses);
+    }
+
+    return rc;
+}
+
+}
+
+TEST(pam_authenticator, conversation_with_valid_messages)
+{
+    MockPam pam;
+    EXPECT_CALL(pam, start(StrEq("webfused"), nullptr, _, _))
+        .Times(1).WillOnce(Invoke(&valid_conversation));
+    EXPECT_CALL(pam, authenticate(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, acct_mgmt(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, end(_, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_TRUE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+namespace
+{
+
+int invalid_conversation(
+    char const * service_name,
+    char const * user,
+    struct pam_conv const * conv,
+    pam_handle_t * * handle)
+{
+    (void) service_name;
+    (void) user;
+    (void) handle;
+
+    pam_message invalid_request = {-1, "invalid"};
+    pam_message const * messages[2] =
+    {
+        &invalid_request
+    };
+    pam_response * responses;
+    int rc = conv->conv(1, messages, &responses, conv->appdata_ptr);
+
+    return rc;
+}
+
+}
+
+TEST(pam_authenticator, conversation_with_invalid_messages)
+{
+    MockPam pam;
+    EXPECT_CALL(pam, start(StrEq("webfused"), nullptr, _, _))
+        .Times(1).WillOnce(Invoke(&invalid_conversation));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, authenticate_fail_authenticate)
+{
+    MockPam pam;
+    EXPECT_CALL(pam, start(StrEq("webfused"), nullptr, _, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, authenticate(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(-1));
+    EXPECT_CALL(pam, end(_, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, authenticate_fail_acct_mgmt)
+{
+    MockPam pam;
+    EXPECT_CALL(pam, start(StrEq("webfused"), nullptr, _, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, authenticate(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(PAM_SUCCESS));
+    EXPECT_CALL(pam, acct_mgmt(_, PAM_DISALLOW_NULL_AUTHTOK)).Times(1).WillOnce(Return(-1));
+    EXPECT_CALL(pam, end(_, _)).Times(1).WillOnce(Return(PAM_SUCCESS));
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, authenticate_fail_missing_username)
+{
+    StrictMock<MockPam> pam;
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return(nullptr));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return("secret"));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}
+
+TEST(pam_authenticator, authenticate_fail_missing_password)
+{
+    StrictMock<MockPam> pam;
+
+    wfd_authenticator authenticator;
+    bool success = wfd_pam_authenticator_create(nullptr, &authenticator);
+    ASSERT_TRUE(success);
+
+    MockCredentials creds;
+    EXPECT_CALL(creds, get(StrEq("username"))).Times(1).WillOnce(Return("bob"));
+    EXPECT_CALL(creds, get(StrEq("password"))).Times(1).WillOnce(Return(nullptr));
+
+    bool is_authenticated = wfd_authenticator_authenticate(authenticator, nullptr);
+    ASSERT_FALSE(is_authenticated);
+
+    wfd_authenticator_dispose(authenticator);
+}