mirror of
https://github.com/grafana/grafana.git
synced 2024-11-29 12:14:08 -06:00
3e8857acb8
* AuthN: add the ability to register post login hooks * AuthN: add a guard for the user id * AuthN: Add helper to create external user info from identity * AuthN: Pass auth request to password clients * AuthN: set auth module and username in metadata
70 lines
2.0 KiB
Go
70 lines
2.0 KiB
Go
package clients
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"github.com/grafana/grafana/pkg/services/authn"
|
|
"github.com/grafana/grafana/pkg/services/org"
|
|
"github.com/grafana/grafana/pkg/services/user"
|
|
"github.com/grafana/grafana/pkg/services/user/usertest"
|
|
"github.com/grafana/grafana/pkg/util"
|
|
"github.com/stretchr/testify/assert"
|
|
)
|
|
|
|
func TestGrafana_AuthenticatePassword(t *testing.T) {
|
|
type testCase struct {
|
|
desc string
|
|
username string
|
|
password string
|
|
findUser bool
|
|
expectedErr error
|
|
expectedIdentity *authn.Identity
|
|
expectedSignedInUser *user.SignedInUser
|
|
}
|
|
|
|
tests := []testCase{
|
|
{
|
|
desc: "should successfully authenticate user with correct password",
|
|
username: "user",
|
|
password: "password",
|
|
findUser: true,
|
|
expectedSignedInUser: &user.SignedInUser{UserID: 1, OrgID: 1, OrgRole: "Viewer"},
|
|
expectedIdentity: &authn.Identity{ID: "user:1", OrgID: 1, OrgRoles: map[int64]org.RoleType{1: "Viewer"}, IsGrafanaAdmin: boolPtr(false)},
|
|
},
|
|
{
|
|
desc: "should fail for incorrect password",
|
|
username: "user",
|
|
password: "wrong",
|
|
findUser: true,
|
|
expectedErr: errInvalidPassword,
|
|
},
|
|
{
|
|
desc: "should fail if user is not found",
|
|
username: "user",
|
|
password: "password",
|
|
expectedErr: errIdentityNotFound,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.desc, func(t *testing.T) {
|
|
hashed, _ := util.EncodePassword("password", "salt")
|
|
userService := &usertest.FakeUserService{
|
|
ExpectedSignedInUser: tt.expectedSignedInUser,
|
|
ExpectedUser: &user.User{Password: hashed, Salt: "salt"},
|
|
}
|
|
|
|
if !tt.findUser {
|
|
userService.ExpectedUser = nil
|
|
userService.ExpectedError = user.ErrUserNotFound
|
|
}
|
|
|
|
c := ProvideGrafana(userService)
|
|
identity, err := c.AuthenticatePassword(context.Background(), &authn.Request{OrgID: 1}, tt.username, tt.password)
|
|
assert.ErrorIs(t, err, tt.expectedErr)
|
|
assert.EqualValues(t, tt.expectedIdentity, identity)
|
|
})
|
|
}
|
|
}
|