From 41b2d36d985a63c69325d91933cfdbf01923fd51 Mon Sep 17 00:00:00 2001 From: Todd Knight Date: Fri, 31 Jul 2020 11:43:03 -0700 Subject: [PATCH] AuthToken Tests now use recently added TestAuthMethod and TestAccount (#226) --- internal/auth/password/account_test.go | 4 +- internal/auth/password/argon2_test.go | 13 +-- internal/auth/password/authmethod_test.go | 37 --------- .../auth/password/repository_account_test.go | 63 +++++---------- .../password/repository_configuration_test.go | 12 ++- .../auth/password/repository_password_test.go | 4 +- internal/auth/password/store/password.pb.go | 37 +++------ internal/auth/password/testing.go | 80 +++++++++++++++++++ internal/auth/password/testing_test.go | 44 ++++++++++ internal/authtoken/authtoken_test.go | 11 ++- internal/authtoken/repository_test.go | 11 ++- internal/authtoken/testing.go | 58 +++----------- .../auth/password/store/v1/password.proto | 9 +-- 13 files changed, 207 insertions(+), 176 deletions(-) create mode 100644 internal/auth/password/testing.go create mode 100644 internal/auth/password/testing_test.go diff --git a/internal/auth/password/account_test.go b/internal/auth/password/account_test.go index cd96ff8f2f..e5654723e3 100644 --- a/internal/auth/password/account_test.go +++ b/internal/auth/password/account_test.go @@ -6,6 +6,7 @@ import ( "github.com/hashicorp/watchtower/internal/auth/password/store" "github.com/hashicorp/watchtower/internal/db" + "github.com/hashicorp/watchtower/internal/iam" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -14,7 +15,8 @@ func TestAccount_New(t *testing.T) { conn, _ := db.TestSetup(t, "postgres") w := db.New(conn) - auts := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + auts := TestAuthMethods(t, conn, o.GetPublicId(), 1) aut := auts[0] type args struct { diff --git a/internal/auth/password/argon2_test.go b/internal/auth/password/argon2_test.go index 5060d058e1..3130715afe 100644 --- a/internal/auth/password/argon2_test.go +++ b/internal/auth/password/argon2_test.go @@ -7,6 +7,7 @@ import ( "github.com/hashicorp/watchtower/internal/auth/password/store" "github.com/hashicorp/watchtower/internal/db" + "github.com/hashicorp/watchtower/internal/iam" "github.com/jinzhu/gorm" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -15,8 +16,8 @@ import ( func TestArgon2Configuration_New(t *testing.T) { conn, _ := db.TestSetup(t, "postgres") rw := db.New(conn) - - authMethods := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, o.GetPublicId(), 1) authMethod := authMethods[0] authMethodId := authMethod.GetPublicId() ctx := context.Background() @@ -114,7 +115,8 @@ func TestArgon2Configuration_Readonly(t *testing.T) { } } - authMethods := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, o.GetPublicId(), 1) authMethod := authMethods[0] authMethodId := authMethod.GetPublicId() @@ -301,9 +303,10 @@ func TestArgon2Credential_New(t *testing.T) { rw := db.New(conn) wrapper := db.TestWrapper(t) - auts := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + auts := TestAuthMethods(t, conn, o.GetPublicId(), 1) aut := auts[0] - accts := testAccounts(t, conn, aut.ScopeId, aut.PublicId, 5) + accts := TestAccounts(t, conn, aut.PublicId, 5) confs := testArgon2Confs(t, conn, accts[0].AuthMethodId, 1) type args struct { diff --git a/internal/auth/password/authmethod_test.go b/internal/auth/password/authmethod_test.go index 477b8c3f4f..7612f0240f 100644 --- a/internal/auth/password/authmethod_test.go +++ b/internal/auth/password/authmethod_test.go @@ -7,47 +7,10 @@ import ( "github.com/hashicorp/watchtower/internal/auth/password/store" "github.com/hashicorp/watchtower/internal/db" "github.com/hashicorp/watchtower/internal/iam" - "github.com/jinzhu/gorm" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) -func testAuthMethods(t *testing.T, conn *gorm.DB, count int) []*AuthMethod { - t.Helper() - assert, require := assert.New(t), require.New(t) - w := db.New(conn) - org, _ := iam.TestScopes(t, conn) - var auts []*AuthMethod - for i := 0; i < count; i++ { - cat, err := NewAuthMethod(org.GetPublicId()) - assert.NoError(err) - require.NotNil(cat) - id, err := newAuthMethodId() - assert.NoError(err) - require.NotEmpty(id) - cat.PublicId = id - - conf := NewArgon2Configuration() - require.NotNil(conf) - conf.PrivateId, err = newArgon2ConfigurationId() - require.NoError(err) - conf.PasswordMethodId = cat.PublicId - cat.PasswordConfId = conf.PrivateId - - ctx := context.Background() - _, err2 := w.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, - func(_ db.Reader, iw db.Writer) error { - require.NoError(iw.Create(ctx, conf)) - return iw.Create(ctx, cat) - }, - ) - - require.NoError(err2) - auts = append(auts, cat) - } - return auts -} - func TestAuthMethod_New(t *testing.T) { conn, _ := db.TestSetup(t, "postgres") diff --git a/internal/auth/password/repository_account_test.go b/internal/auth/password/repository_account_test.go index dfa3a43363..aea2538531 100644 --- a/internal/auth/password/repository_account_test.go +++ b/internal/auth/password/repository_account_test.go @@ -3,14 +3,13 @@ package password import ( "context" "errors" - "fmt" "testing" "time" "github.com/hashicorp/watchtower/internal/auth/password/store" "github.com/hashicorp/watchtower/internal/db" + "github.com/hashicorp/watchtower/internal/iam" "github.com/hashicorp/watchtower/internal/oplog" - "github.com/jinzhu/gorm" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -35,41 +34,13 @@ func TestCheckUserName(t *testing.T) { } } -func testAccounts(t *testing.T, conn *gorm.DB, scopeId, authMethodId string, count int) []*Account { - t.Helper() - assert, require := assert.New(t), require.New(t) - w := db.New(conn) - var auts []*Account - for i := 0; i < count; i++ { - cat, err := NewAccount(authMethodId, fmt.Sprintf("name%d", i)) - assert.NoError(err) - require.NotNil(cat) - id, err := newAuthMethodId() - assert.NoError(err) - require.NotEmpty(id) - cat.PublicId = id - - ctx := context.Background() - _, err2 := w.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, - func(_ db.Reader, iw db.Writer) error { - return iw.Create(ctx, cat) - }, - ) - - require.NoError(err2) - // TODO(toddknight): Figure out why the iw.Create call doesn't populate the scope id from the DB. - cat.ScopeId = scopeId - auts = append(auts, cat) - } - return auts -} - func TestRepository_CreateAccount(t *testing.T) { conn, _ := db.TestSetup(t, "postgres") rw := db.New(conn) wrapper := db.TestWrapper(t) - authMethods := testAuthMethods(t, conn, 1) + org, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, org.GetPublicId(), 1) authMethod := authMethods[0] var tests = []struct { @@ -276,7 +247,8 @@ func TestRepository_CreateAccount(t *testing.T) { assert.NoError(err) require.NotNil(repo) - authMethods := testAuthMethods(t, conn, 1) + org, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, org.GetPublicId(), 1) authMethod := authMethods[0] in := &Account{ @@ -307,7 +279,8 @@ func TestRepository_CreateAccount(t *testing.T) { assert.NoError(err) require.NotNil(repo) - authMethods := testAuthMethods(t, conn, 2) + org, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, org.GetPublicId(), 2) authMethoda, authMethodb := authMethods[0], authMethods[1] in := &Account{ Account: &store.Account{ @@ -344,8 +317,9 @@ func TestRepository_LookupAccount(t *testing.T) { rw := db.New(conn) wrapper := db.TestWrapper(t) - authMethod := testAuthMethods(t, conn, 1)[0] - account := testAccounts(t, conn, authMethod.GetScopeId(), authMethod.GetPublicId(), 1)[0] + org, _ := iam.TestScopes(t, conn) + authMethod := TestAuthMethods(t, conn, org.GetPublicId(), 1)[0] + account := TestAccounts(t, conn, authMethod.GetPublicId(), 1)[0] newAcctId, err := newAccountId() require.NoError(t, err) @@ -394,8 +368,9 @@ func TestRepository_DeleteAccount(t *testing.T) { rw := db.New(conn) wrapper := db.TestWrapper(t) - authMethod := testAuthMethods(t, conn, 1)[0] - account := testAccounts(t, conn, authMethod.GetScopeId(), authMethod.GetPublicId(), 1)[0] + org, _ := iam.TestScopes(t, conn) + authMethod := TestAuthMethods(t, conn, org.GetPublicId(), 1)[0] + account := TestAccounts(t, conn, authMethod.GetPublicId(), 1)[0] newAcctId, err := newAccountId() require.NoError(t, err) @@ -445,9 +420,10 @@ func TestRepository_ListAccounts(t *testing.T) { rw := db.New(conn) wrapper := db.TestWrapper(t) - authMethods := testAuthMethods(t, conn, 3) - accounts1 := testAccounts(t, conn, authMethods[0].GetScopeId(), authMethods[0].GetPublicId(), 3) - accounts2 := testAccounts(t, conn, authMethods[1].GetScopeId(), authMethods[1].GetPublicId(), 4) + org, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, org.GetPublicId(), 3) + accounts1 := TestAccounts(t, conn, authMethods[0].GetPublicId(), 3) + accounts2 := TestAccounts(t, conn, authMethods[1].GetPublicId(), 4) _ = accounts2 var tests = []struct { @@ -497,10 +473,11 @@ func TestRepository_ListAccounts_Limits(t *testing.T) { rw := db.New(conn) wrapper := db.TestWrapper(t) - am := testAuthMethods(t, conn, 1)[0] + org, _ := iam.TestScopes(t, conn) + am := TestAuthMethods(t, conn, org.GetPublicId(), 1)[0] accountCount := 10 - _ = testAccounts(t, conn, am.GetScopeId(), am.GetPublicId(), accountCount) + _ = TestAccounts(t, conn, am.GetPublicId(), accountCount) var tests = []struct { name string diff --git a/internal/auth/password/repository_configuration_test.go b/internal/auth/password/repository_configuration_test.go index ea22545954..bd5945e0d1 100644 --- a/internal/auth/password/repository_configuration_test.go +++ b/internal/auth/password/repository_configuration_test.go @@ -8,6 +8,7 @@ import ( "github.com/hashicorp/watchtower/internal/auth/password/store" "github.com/hashicorp/watchtower/internal/db" + "github.com/hashicorp/watchtower/internal/iam" "github.com/hashicorp/watchtower/internal/oplog" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" @@ -21,7 +22,8 @@ func TestRepository_GetSetConfiguration(t *testing.T) { assert.NoError(t, err) require.NotNil(t, repo) - authMethods := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, o.GetPublicId(), 1) authMethod := authMethods[0] authMethodId := authMethod.GetPublicId() ctx := context.Background() @@ -125,7 +127,8 @@ func TestRepository_GetConfiguration(t *testing.T) { assert.NoError(t, err) require.NotNil(t, repo) - authMethods := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, o.GetPublicId(), 1) authMethod := authMethods[0] authMethodId := authMethod.GetPublicId() ctx := context.Background() @@ -181,8 +184,10 @@ func TestRepository_GetConfiguration(t *testing.T) { } type tconf int + func (t tconf) AuthMethodId() string { return "abcdefghijk" } func (t tconf) validate() error { return nil } + var _ Configuration = tconf(0) func TestRepository_SetConfiguration(t *testing.T) { @@ -193,7 +198,8 @@ func TestRepository_SetConfiguration(t *testing.T) { assert.NoError(t, err) require.NotNil(t, repo) - authMethods := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, o.GetPublicId(), 1) authMethod := authMethods[0] authMethodId := authMethod.GetPublicId() diff --git a/internal/auth/password/repository_password_test.go b/internal/auth/password/repository_password_test.go index acc2b9e99e..745587b398 100644 --- a/internal/auth/password/repository_password_test.go +++ b/internal/auth/password/repository_password_test.go @@ -7,6 +7,7 @@ import ( "github.com/hashicorp/watchtower/internal/auth/password/store" "github.com/hashicorp/watchtower/internal/db" + "github.com/hashicorp/watchtower/internal/iam" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" ) @@ -16,7 +17,8 @@ func TestRepository_Authenticate(t *testing.T) { rw := db.New(conn) wrapper := db.TestWrapper(t) - authMethods := testAuthMethods(t, conn, 1) + o, _ := iam.TestScopes(t, conn) + authMethods := TestAuthMethods(t, conn, o.GetPublicId(), 1) authMethod := authMethods[0] inAcct := &Account{ diff --git a/internal/auth/password/store/password.pb.go b/internal/auth/password/store/password.pb.go index 031211d441..5b88aba433 100644 --- a/internal/auth/password/store/password.pb.go +++ b/internal/auth/password/store/password.pb.go @@ -172,13 +172,10 @@ type Account struct { // description is optional. // @inject_tag: `gorm:"default:null"` Description string `protobuf:"bytes,5,opt,name=description,proto3" json:"description,omitempty" gorm:"default:null"` - // The scope_id of the owning scope. Must be set. - // @inject_tag: `gorm:"not_null"` - ScopeId string `protobuf:"bytes,6,opt,name=scope_id,json=scopeId,proto3" json:"scope_id,omitempty" gorm:"not_null"` // @inject_tag: `gorm:"not_null"` - AuthMethodId string `protobuf:"bytes,7,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"not_null"` + AuthMethodId string `protobuf:"bytes,6,opt,name=auth_method_id,json=authMethodId,proto3" json:"auth_method_id,omitempty" gorm:"not_null"` // @inject_tag: `gorm:"not_null"` - UserName string `protobuf:"bytes,8,opt,name=user_name,json=userName,proto3" json:"user_name,omitempty" gorm:"not_null"` + UserName string `protobuf:"bytes,7,opt,name=user_name,json=userName,proto3" json:"user_name,omitempty" gorm:"not_null"` } func (x *Account) Reset() { @@ -248,13 +245,6 @@ func (x *Account) GetDescription() string { return "" } -func (x *Account) GetScopeId() string { - if x != nil { - return x.ScopeId - } - return "" -} - func (x *Account) GetAuthMethodId() string { if x != nil { return x.AuthMethodId @@ -307,7 +297,7 @@ var file_controller_storage_auth_password_store_v1_password_proto_rawDesc = []by 0x6d, 0x65, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x12, 0x2e, 0x0a, 0x13, 0x6d, 0x69, 0x6e, 0x5f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x5f, 0x6c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x11, 0x6d, 0x69, 0x6e, 0x50, 0x61, 0x73, 0x73, 0x77, 0x6f, - 0x72, 0x64, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x22, 0xd4, 0x02, 0x0a, 0x07, 0x41, 0x63, 0x63, + 0x72, 0x64, 0x4c, 0x65, 0x6e, 0x67, 0x74, 0x68, 0x22, 0xb9, 0x02, 0x0a, 0x07, 0x41, 0x63, 0x63, 0x6f, 0x75, 0x6e, 0x74, 0x12, 0x1b, 0x0a, 0x09, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x49, 0x64, 0x12, 0x4b, 0x0a, 0x0b, 0x63, 0x72, 0x65, 0x61, 0x74, 0x65, 0x5f, 0x74, 0x69, 0x6d, 0x65, @@ -323,17 +313,16 @@ var file_controller_storage_auth_password_store_v1_password_proto_rawDesc = []by 0x61, 0x6d, 0x65, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x04, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x63, 0x72, 0x69, 0x70, 0x74, 0x69, 0x6f, - 0x6e, 0x12, 0x19, 0x0a, 0x08, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x5f, 0x69, 0x64, 0x18, 0x06, 0x20, - 0x01, 0x28, 0x09, 0x52, 0x07, 0x73, 0x63, 0x6f, 0x70, 0x65, 0x49, 0x64, 0x12, 0x24, 0x0a, 0x0e, - 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, 0x5f, 0x69, 0x64, 0x18, 0x07, - 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x4d, 0x65, 0x74, 0x68, 0x6f, 0x64, - 0x49, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x75, 0x73, 0x65, 0x72, 0x5f, 0x6e, 0x61, 0x6d, 0x65, 0x18, - 0x08, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x4e, 0x61, 0x6d, 0x65, 0x42, - 0x44, 0x5a, 0x42, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x68, 0x61, - 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x77, 0x61, 0x74, 0x63, 0x68, 0x74, 0x6f, 0x77, - 0x65, 0x72, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, 0x2f, 0x61, 0x75, 0x74, 0x68, - 0x2f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x2f, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x3b, - 0x73, 0x74, 0x6f, 0x72, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x6e, 0x12, 0x24, 0x0a, 0x0e, 0x61, 0x75, 0x74, 0x68, 0x5f, 0x6d, 0x65, 0x74, 0x68, 0x6f, 0x64, + 0x5f, 0x69, 0x64, 0x18, 0x06, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x61, 0x75, 0x74, 0x68, 0x4d, + 0x65, 0x74, 0x68, 0x6f, 0x64, 0x49, 0x64, 0x12, 0x1b, 0x0a, 0x09, 0x75, 0x73, 0x65, 0x72, 0x5f, + 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x07, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, + 0x4e, 0x61, 0x6d, 0x65, 0x42, 0x44, 0x5a, 0x42, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, + 0x6f, 0x6d, 0x2f, 0x68, 0x61, 0x73, 0x68, 0x69, 0x63, 0x6f, 0x72, 0x70, 0x2f, 0x77, 0x61, 0x74, + 0x63, 0x68, 0x74, 0x6f, 0x77, 0x65, 0x72, 0x2f, 0x69, 0x6e, 0x74, 0x65, 0x72, 0x6e, 0x61, 0x6c, + 0x2f, 0x61, 0x75, 0x74, 0x68, 0x2f, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x2f, 0x73, + 0x74, 0x6f, 0x72, 0x65, 0x3b, 0x73, 0x74, 0x6f, 0x72, 0x65, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, + 0x6f, 0x33, } var ( diff --git a/internal/auth/password/testing.go b/internal/auth/password/testing.go new file mode 100644 index 0000000000..efbf2a67c9 --- /dev/null +++ b/internal/auth/password/testing.go @@ -0,0 +1,80 @@ +package password + +import ( + "context" + "fmt" + "testing" + + "github.com/hashicorp/watchtower/internal/db" + "github.com/jinzhu/gorm" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +// TestAuthMethods creates count number of password auth methods to the provided DB +// with the provided scope id. If any errors are encountered during the creation of +// the auth methods, the test will fail. +func TestAuthMethods(t *testing.T, conn *gorm.DB, scopeId string, count int) []*AuthMethod { + t.Helper() + assert, require := assert.New(t), require.New(t) + w := db.New(conn) + var auts []*AuthMethod + for i := 0; i < count; i++ { + cat, err := NewAuthMethod(scopeId) + assert.NoError(err) + require.NotNil(cat) + id, err := newAuthMethodId() + assert.NoError(err) + require.NotEmpty(id) + cat.PublicId = id + + conf := NewArgon2Configuration() + require.NotNil(conf) + conf.PrivateId, err = newArgon2ConfigurationId() + require.NoError(err) + conf.PasswordMethodId = cat.PublicId + cat.PasswordConfId = conf.PrivateId + + ctx := context.Background() + _, err2 := w.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, + func(_ db.Reader, iw db.Writer) error { + require.NoError(iw.Create(ctx, conf)) + return iw.Create(ctx, cat) + }, + ) + + require.NoError(err2) + auts = append(auts, cat) + } + return auts +} + +// TestAccounts creates count number of password account to the provided DB +// with the provided auth method id. The auth method must have been created previously. +// If any errors are encountered during the creation of the account, the test will fail. +func TestAccounts(t *testing.T, conn *gorm.DB, authMethodId string, count int) []*Account { + t.Helper() + assert, require := assert.New(t), require.New(t) + w := db.New(conn) + var auts []*Account + for i := 0; i < count; i++ { + cat, err := NewAccount(authMethodId, fmt.Sprintf("name%d", i)) + assert.NoError(err) + require.NotNil(cat) + id, err := newAccountId() + assert.NoError(err) + require.NotEmpty(id) + cat.PublicId = id + + ctx := context.Background() + _, err2 := w.DoTx(ctx, db.StdRetryCnt, db.ExpBackoff{}, + func(_ db.Reader, iw db.Writer) error { + return iw.Create(ctx, cat) + }, + ) + + require.NoError(err2) + auts = append(auts, cat) + } + return auts +} diff --git a/internal/auth/password/testing_test.go b/internal/auth/password/testing_test.go new file mode 100644 index 0000000000..c8e1218018 --- /dev/null +++ b/internal/auth/password/testing_test.go @@ -0,0 +1,44 @@ +package password + +import ( + "testing" + + "github.com/hashicorp/watchtower/internal/db" + "github.com/hashicorp/watchtower/internal/iam" + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func Test_TestAuthMethods(t *testing.T) { + assert, require := assert.New(t), require.New(t) + conn, _ := db.TestSetup(t, "postgres") + org, _ := iam.TestScopes(t, conn) + require.NotNil(org) + assert.NotEmpty(org.GetPublicId()) + + count := 4 + ams := TestAuthMethods(t, conn, org.GetPublicId(), count) + assert.Len(ams, count) + for _, am := range ams { + assert.NotEmpty(am.GetPublicId()) + } +} + +func Test_TestAccounts(t *testing.T) { + t.Helper() + assert, require := assert.New(t), require.New(t) + conn, _ := db.TestSetup(t, "postgres") + org, _ := iam.TestScopes(t, conn) + + require.NotNil(org) + assert.NotEmpty(org.GetPublicId()) + + am := TestAuthMethods(t, conn, org.GetPublicId(), 1)[0] + + count := 4 + accounts := TestAccounts(t, conn, am.GetPublicId(), count) + assert.Len(accounts, count) + for _, a := range accounts { + assert.NotEmpty(a.GetPublicId()) + } +} diff --git a/internal/authtoken/authtoken_test.go b/internal/authtoken/authtoken_test.go index e99d485714..7c47b24bc1 100644 --- a/internal/authtoken/authtoken_test.go +++ b/internal/authtoken/authtoken_test.go @@ -10,6 +10,7 @@ import ( "time" "github.com/golang/protobuf/ptypes" + "github.com/hashicorp/watchtower/internal/auth/password" "github.com/hashicorp/watchtower/internal/authtoken/store" "github.com/hashicorp/watchtower/internal/db" "github.com/hashicorp/watchtower/internal/db/timestamp" @@ -24,9 +25,8 @@ func TestAuthToken_DbUpdate(t *testing.T) { wrapper := db.TestWrapper(t) org, _ := iam.TestScopes(t, conn) - u := iam.TestUser(t, conn, org.GetPublicId()) - amId := setupAuthMethod(t, conn, org.GetPublicId()) - acct := setupAuthAccount(t, conn, org.GetPublicId(), amId, u.GetPublicId()) + am := password.TestAuthMethods(t, conn, org.GetPublicId(), 1)[0] + acct := password.TestAccounts(t, conn, am.GetPublicId(), 1)[0] newAuthTokId, err := newAuthTokenId() require.NoError(t, err) @@ -118,9 +118,8 @@ func TestAuthToken_DbCreate(t *testing.T) { wrapper := db.TestWrapper(t) org, _ := iam.TestScopes(t, conn) - u := iam.TestUser(t, conn, org.GetPublicId()) - amId := setupAuthMethod(t, conn, org.GetPublicId()) - acct := setupAuthAccount(t, conn, org.GetPublicId(), amId, u.GetPublicId()) + am := password.TestAuthMethods(t, conn, org.GetPublicId(), 1)[0] + acct := password.TestAccounts(t, conn, am.GetPublicId(), 1)[0] createdAuthToken := TestAuthToken(t, conn, wrapper, org.GetPublicId()) testAuthTokenId := func() string { diff --git a/internal/authtoken/repository_test.go b/internal/authtoken/repository_test.go index c8802e336a..af0d297cf0 100644 --- a/internal/authtoken/repository_test.go +++ b/internal/authtoken/repository_test.go @@ -10,6 +10,7 @@ import ( "github.com/golang/protobuf/ptypes" "github.com/google/go-cmp/cmp" wrapping "github.com/hashicorp/go-kms-wrapping" + "github.com/hashicorp/watchtower/internal/auth/password" iamStore "github.com/hashicorp/watchtower/internal/iam/store" "github.com/hashicorp/watchtower/internal/oplog" "github.com/stretchr/testify/assert" @@ -132,9 +133,13 @@ func TestRepository_CreateAuthToken(t *testing.T) { wrapper := db.TestWrapper(t) org1, _ := iam.TestScopes(t, conn) - u1 := iam.TestUser(t, conn, org1.GetPublicId()) - amId1 := setupAuthMethod(t, conn, org1.GetPublicId()) - aAcct := setupAuthAccount(t, conn, org1.GetPublicId(), amId1, u1.GetPublicId()) + am := password.TestAuthMethods(t, conn, org1.GetPublicId(), 1)[0] + aAcct := password.TestAccounts(t, conn, am.GetPublicId(), 1)[0] + + iamRepo, err := iam.NewRepository(rw, rw, wrapper) + require.NoError(t, err) + u1, err := iamRepo.LookupUserWithLogin(context.Background(), aAcct.GetPublicId(), iam.WithAutoVivify(true)) + require.NoError(t, err) org2, _ := iam.TestScopes(t, conn) u2 := iam.TestUser(t, conn, org2.GetPublicId()) diff --git a/internal/authtoken/testing.go b/internal/authtoken/testing.go index 23a813a250..b6381e19fc 100644 --- a/internal/authtoken/testing.go +++ b/internal/authtoken/testing.go @@ -5,70 +5,32 @@ import ( "testing" wrapping "github.com/hashicorp/go-kms-wrapping" + "github.com/hashicorp/watchtower/internal/auth/password" "github.com/hashicorp/watchtower/internal/db" "github.com/hashicorp/watchtower/internal/iam" - iamStore "github.com/hashicorp/watchtower/internal/iam/store" "github.com/jinzhu/gorm" "github.com/stretchr/testify/require" ) func TestAuthToken(t *testing.T, conn *gorm.DB, wrapper wrapping.Wrapper, scopeId string) *AuthToken { t.Helper() - u := iam.TestUser(t, conn, scopeId) - amId := setupAuthMethod(t, conn, scopeId) - + authMethod := password.TestAuthMethods(t, conn, scopeId, 1)[0] // auth account is only used to join auth method to user. // We don't do anything else with the auth account in the test setup. - acct := setupAuthAccount(t, conn, scopeId, amId, u.GetPublicId()) + acct := password.TestAccounts(t, conn, authMethod.GetPublicId(), 1)[0] + ctx := context.Background() rw := db.New(conn) + iamRepo, err := iam.NewRepository(rw, rw, wrapper) + require.NoError(t, err) + + u, err := iamRepo.LookupUserWithLogin(ctx, acct.GetPublicId(), iam.WithAutoVivify(true)) + require.NoError(t, err) + repo, err := NewRepository(rw, rw, wrapper) require.NoError(t, err) - ctx := context.Background() at, err := repo.CreateAuthToken(ctx, u.GetPublicId(), acct.GetPublicId()) require.NoError(t, err) return at } - -// Returns auth method id -// TODO: Remove this when the auth method repos are created with the relevant test methods. -func setupAuthMethod(t *testing.T, conn *gorm.DB, scope string) string { - t.Helper() - require := require.New(t) - insert := `insert into auth_method - (public_id, scope_id) - values - ($1, $2);` - amId, err := db.NewPublicId("am") - require.NoError(err) - _, err = conn.DB().Exec(insert, amId, scope) - require.NoError(err) - return amId -} - -// TODO: Remove this when the auth method repos are created with the relevant test methods. -func setupAuthAccount(t *testing.T, conn *gorm.DB, scopeId, authMethodId, userId string) *iam.AuthAccount { - t.Helper() - require := require.New(t) - require.NotEmpty(scopeId) - require.NotEmpty(authMethodId) - require.NotEmpty(userId) - - authAcctId, err := db.NewPublicId("aa") - require.NoError(err) - - acct := &iam.AuthAccount{ - AuthAccount: &iamStore.AuthAccount{ - PublicId: authAcctId, - ScopeId: scopeId, - AuthMethodId: authMethodId, - IamUserId: userId, - }, - } - rw := db.New(conn) - err = rw.Create(context.Background(), acct) - require.NoError(err) - require.NotEmpty(acct.PublicId) - return acct -} diff --git a/internal/proto/local/controller/storage/auth/password/store/v1/password.proto b/internal/proto/local/controller/storage/auth/password/store/v1/password.proto index d5feee186a..ac36363f05 100644 --- a/internal/proto/local/controller/storage/auth/password/store/v1/password.proto +++ b/internal/proto/local/controller/storage/auth/password/store/v1/password.proto @@ -60,13 +60,12 @@ message Account { // @inject_tag: `gorm:"default:null"` string description = 5; - // The scope_id of the owning scope. Must be set. // @inject_tag: `gorm:"not_null"` - string scope_id = 6; + string auth_method_id = 6; // @inject_tag: `gorm:"not_null"` - string auth_method_id = 7; + string user_name = 7; - // @inject_tag: `gorm:"not_null"` - string user_name = 8; + // the scope_id column is not included here as it is used only to ensure + // data integrity in the database between iam users and auth methods. }