loginsrv

Unnamed repository; edit this file 'description' to name the repository.
git clone git@jamesshield.xyz:repos/loginsrv.git
Log | Files | Refs | README | LICENSE

commit 7b94209dd48880be6f9bfc07466f00ecd384c40a
parent a3d3e71ff37190adadff25846560afa141c58ba3
Author: Sebastian Mancke <s.mancke@tarent.de>
Date:   Tue, 22 Nov 2016 11:48:22 +0100

enhanced test coverage for htpasswd

Diffstat:
Mhtpasswd/auth.go | 21++++++++++++---------
Dhtpasswd/auth_file_test.go | 55-------------------------------------------------------
Ahtpasswd/auth_test.go | 82+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 94 insertions(+), 64 deletions(-)

diff --git a/htpasswd/auth.go b/htpasswd/auth.go @@ -4,6 +4,7 @@ import ( "encoding/csv" "fmt" "golang.org/x/crypto/bcrypt" + "io" "os" "strings" ) @@ -23,22 +24,24 @@ func NewAuth(filename string) (*Auth, error) { func (a *Auth) parse(filename string) error { r, err := os.Open(filename) if err != nil { - panic(err) + return err } cr := csv.NewReader(r) cr.Comma = ':' cr.Comment = '#' cr.TrimLeadingSpace = true - records, err := cr.ReadAll() - if err != nil { - return err - } - a.userHash = map[string]string{} - for _, record := range records { - if len(record) < 2 { - continue + for { + record, err := cr.Read() + if err == io.EOF { + break + } + if err != nil { + return err + } + if len(record) != 2 { + return fmt.Errorf("password file in wrong format (%v)", filename) } a.userHash[record[0]] = record[1] } diff --git a/htpasswd/auth_file_test.go b/htpasswd/auth_file_test.go @@ -1,55 +0,0 @@ -package htpasswd - -import ( - "github.com/stretchr/testify/assert" - "io/ioutil" - "testing" -) - -// password for all of them is 'secret' -const testfile = `bob-md5:$apr1$IDZSCL/o$N68zaFDDRivjour94OVeB. -bob-bcrypt:$2y$05$Hw6y1sFwh6CdwiPOKFMYj..xVSQWI3wzyQvt5th392ig8RLmeLU.6 -bob-sha:{SHA}5en6G6MezRroT3XKqkdPOmY/BfQ= -bob-foo:{fooo}sdcsdcsdc/BfQ= -` - -func TestClient_Hashes(t *testing.T) { - auth, err := NewAuth(writeTestfile()) - assert.NoError(t, err) - - //testUsers := []string{"bob-md5", "bob-bcrypt", "bob-sha"} - testUsers := []string{"bob-bcrypt"} - for _, name := range testUsers { - t.Run(name, func(t *testing.T) { - authenticated, err := auth.Authenticate(name, "secret") - assert.NoError(t, err) - assert.True(t, authenticated) - - authenticated, err = auth.Authenticate(name, "XXXXX") - assert.NoError(t, err) - assert.False(t, authenticated) - }) - } -} - -func TestClient_Hashes_UnknownAlgoError(t *testing.T) { - auth, err := NewAuth(writeTestfile()) - assert.NoError(t, err) - - authenticated, err := auth.Authenticate("bob-foo", "secret") - assert.Error(t, err) - assert.False(t, authenticated) -} - -func writeTestfile() string { - f, err := ioutil.TempFile("", "loginsrv_htpasswdtest") - if err != nil { - panic(err) - } - defer f.Close() - _, err = f.WriteString(testfile) - if err != nil { - panic(err) - } - return f.Name() -} diff --git a/htpasswd/auth_test.go b/htpasswd/auth_test.go @@ -0,0 +1,82 @@ +package htpasswd + +import ( + "github.com/stretchr/testify/assert" + "io/ioutil" + "testing" +) + +// password for all of them is 'secret' +const testfile = `bob-md5:$apr1$IDZSCL/o$N68zaFDDRivjour94OVeB. + +bob-bcrypt:$2y$05$Hw6y1sFwh6CdwiPOKFMYj..xVSQWI3wzyQvt5th392ig8RLmeLU.6 +bob-sha:{SHA}5en6G6MezRroT3XKqkdPOmY/BfQ= # a comment + +# a comment +bob-foo:{fooo}sdcsdcsdc/BfQ= + + +` + +func TestClient_Hashes(t *testing.T) { + auth, err := NewAuth(writeTmpfile(testfile)) + assert.NoError(t, err) + + //testUsers := []string{"bob-md5", "bob-bcrypt", "bob-sha"} + testUsers := []string{"bob-bcrypt"} + for _, name := range testUsers { + t.Run(name, func(t *testing.T) { + authenticated, err := auth.Authenticate(name, "secret") + assert.NoError(t, err) + assert.True(t, authenticated) + + authenticated, err = auth.Authenticate(name, "XXXXX") + assert.NoError(t, err) + assert.False(t, authenticated) + }) + } +} + +func TestClient_UnknownUser(t *testing.T) { + auth, err := NewAuth(writeTmpfile(testfile)) + assert.NoError(t, err) + + authenticated, err := auth.Authenticate("unknown", "secret") + assert.NoError(t, err) + assert.False(t, authenticated) +} + +func TestClient_ErrorOnMissingFile(t *testing.T) { + _, err := NewAuth("/tmp/foo/bar/nothing") + assert.Error(t, err) +} + +func TestClient_ErrorOnInvalidFileContents(t *testing.T) { + _, err := NewAuth(writeTmpfile("foo bar bazz")) + assert.Error(t, err) + + _, err = NewAuth(writeTmpfile("foo:bar\nfoo:bar:bazz")) + assert.Error(t, err) +} + +func TestClient_Hashes_UnknownAlgoError(t *testing.T) { + auth, err := NewAuth(writeTmpfile(testfile)) + assert.NoError(t, err) + + authenticated, err := auth.Authenticate("bob-foo", "secret") + assert.Error(t, err) + assert.False(t, authenticated) +} + +func writeTmpfile(contents string) string { + f, err := ioutil.TempFile("", "loginsrv_htpasswdtest") + if err != nil { + panic(err) + } + defer f.Close() + _, err = f.WriteString(contents) + if err != nil { + panic(err) + } + return f.Name() +}