]> git.defcon.no Git - hermes/blob - api/t/auth.t
Added formal tests for api/auth
[hermes] / api / t / auth.t
1 #!/usr/bin/perl
2
3 use Test::More 'no_plan';
4
5 use strict;
6 use LWP;
7 use Data::Dumper;
8 use JSON;
9
10 my $api_base = "http://10.0.2.5/hermes/api/";
11 my $api_key = "4hErgw3QFJLeuXGW";
12 my $invalid_key = "invalidkey" . int(rand(255));
13
14 my $test_username = "testauth-" . int(rand(255));
15 my $test_password = "foobarbaz";
16 my $invalid_username = "failauth-" . int(rand(255));
17
18 my ($g_ua, $session, $auth_key, $response, $data, $temp);
19
20 $g_ua = LWP::UserAgent->new;
21 isa_ok( $g_ua, 'LWP::UserAgent', '$g_ua');
22 $g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
23 isa_ok( $g_ua->cookie_jar, 'HTTP::Cookies', '$g_ua->cookies');
24
25 #####################################################################################
26 login_apikey();
27
28 $response = $g_ua->get( $api_base . "auth/new_apikey" .
29 "?session=" . $session .
30 "&auth_key=" . $auth_key .
31 "&host_ip=10.0.3.86" .
32 "&access=full_read");
33 $data = decode_json( $response->content) if $response->is_success;
34 is( $data->{'response'}, 'ok', 'auth/new_apikey ok');
35 ok( $data->{'key'}, 'auth/new_apikey new key');
36 $temp = $data->{'key'} if ( $data->{'response'} eq 'ok' );
37 undef $data; undef $response;
38
39 $response = $g_ua->get( $api_base . "auth/list_apikeys" .
40 "?session=" . $session .
41 "&auth_key=" . $auth_key);
42 $data = decode_json( $response->content) if $response->is_success;
43 is( $data->{'response'}, 'ok', 'auth/list_apikeys ok');
44 ok( $data->{'list'}, 'auth/list_apikeys list');
45 undef $data; undef $response;
46
47 $response = $g_ua->get( $api_base . "auth/remove_apikey" .
48 "?session=" . $session .
49 "&auth_key=" . $auth_key .
50 "&api_key=" . $temp );
51 $data = decode_json( $response->content) if $response->is_success;
52 is( $data->{'response'}, 'ok', 'auth/remove_apikey ok');
53 ok( $data->{'key'}, 'auth/remove_apikey key');
54 undef $data; undef $response;
55
56 $response = $g_ua->get( $api_base . "auth/authorize_user" .
57 "?session=" . $session .
58 "&auth_key=" . $auth_key .
59 "&username=" . $test_username .
60 "&access=read_write");
61 $data = decode_json( $response->content) if $response->is_success;
62 is( $data->{'response'}, 'ok', 'auth/authorize_user ok');
63 ok( $data->{'user'}, 'auth/authorize_user user set');
64 is( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
65 ok( $data->{'access'}, 'auth/authorize_user access set');
66 isnt( $data->{'access'}, 'no_access', 'auth/authorize_user level');
67 undef $data; undef $response;
68
69 $response = $g_ua->get( $api_base . "auth/list_users" .
70 "?session=" . $session .
71 "&auth_key=" . $auth_key);
72 $data = decode_json( $response->content) if $response->is_success;
73 is( $data->{'response'}, 'ok', 'auth/list_users ok');
74 ok( $data->{'list'}, 'auth/list_users list');
75 undef $data; undef $response;
76
77 $response = $g_ua->get( $api_base . "auth/ping" .
78 "?session=" . $session .
79 "&auth_key=" . $auth_key );
80 $data = decode_json( $response->content) if $response->is_success;
81 is( $data->{'response'}, 'pong', 'auth/ping PONG!');
82 ok( $data->{'auth_key'}, 'auth/ping key set');
83 ok( not ($data->{'auth_key'} eq $auth_key), 'auth/ping key changed');
84 $auth_key = $data->{'auth_key'};
85 undef $data; undef $response;
86
87 $response = $g_ua->get( $api_base . "auth/list_apikeys" .
88 "?session=" . $session .
89 "&auth_key=" . $auth_key);
90 $data = decode_json( $response->content) if $response->is_success;
91 is( $data->{'response'}, 'ok', 'auth/ping new key accepted.');
92 undef $data; undef $response;
93
94
95 logout();
96 ok( !$session, 'logged out, session cleared');
97 login_user();
98
99 $response = $g_ua->get( $api_base . "auth/authorize_user" .
100 "?session=" . $session .
101 "&auth_key=" . $auth_key .
102 "&username=" . $test_username .
103 "&access=full_read");
104 $data = decode_json( $response->content) if $response->is_success;
105 is( $data->{'response'}, 'ok', 'auth/authorize_user as user ok');
106 is( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
107 ok( $data->{'access'}, 'auth/authorize_user access set');
108 isnt( $data->{'access'}, 'no_access', 'auth/authorize_user level');
109 undef $data; undef $response;
110
111 $response = $g_ua->get( $api_base . "auth/remove_user" .
112 "?session=" . $session .
113 "&auth_key=" . $auth_key .
114 "&username=" . $test_username );
115 $data = decode_json( $response->content) if $response->is_success;
116 is( $data->{'response'}, 'failed', 'auth/remove_user as nonpriv user fails');
117 is( $data->{'cause'}, 'unauthorized', 'auth/remove_user cause correct');
118 undef $data; undef $response;
119
120
121 $response = $g_ua->get( $api_base . "auth/add_user" .
122 "?session=" . $session .
123 "&auth_key=" . $auth_key .
124 "&username=" . $test_username );
125 $data = decode_json( $response->content) if $response->is_success;
126 is( $data->{'response'}, 'notimplemented', 'auth/add_user TODO: notimplemented.');
127 undef $data; undef $response;
128
129 $response = $g_ua->get( $api_base . "auth/update_user" .
130 "?session=" . $session .
131 "&auth_key=" . $auth_key .
132 "&username=" . $test_username );
133 $data = decode_json( $response->content) if $response->is_success;
134 is( $data->{'response'}, 'notimplemented', 'auth/update_user TODO: notimplemented.');
135 undef $data; undef $response;
136
137 logout();
138 ok( !$session, 'logged out, session cleared');
139 login_apikey();
140
141 $response = $g_ua->get( $api_base . "auth/remove_user" .
142 "?session=" . $session .
143 "&auth_key=" . $auth_key .
144 "&username=" . $test_username );
145 $data = decode_json( $response->content) if $response->is_success;
146 is( $data->{'response'}, 'ok', 'auth/remove_user as user ok');
147 is( $data->{'user'}, $test_username, 'auth/remove_user removed ' . $test_username);
148 undef $data; undef $response;
149
150 logout();
151 ok( !$session, 'logged out, session cleared');
152
153 $response = $g_ua->get( $api_base . "auth/list_apikeys" .
154 "?session=" . $session .
155 "&auth_key=" . $auth_key);
156 $data = decode_json( $response->content) if $response->is_success;
157 is( $data->{'response'}, 'failed', 'auth/list_apikeys denied after logout');
158 is( $data->{'cause'}, 'unauthorized', 'auth/list_apikeys cause correct');
159 undef $data; undef $response;
160
161 $response = $g_ua->get( $api_base . "auth/list_users" .
162 "?session=" . $session .
163 "&auth_key=" . $auth_key);
164 $data = decode_json( $response->content) if $response->is_success;
165 is( $data->{'response'}, 'failed', 'auth/list_users denied after logout');
166 is( $data->{'cause'}, 'unauthorized', 'auth/list_users cause correct');
167 undef $data; undef $response;
168
169
170
171
172 #####################################################################################
173 #####################################################################################
174 #####################################################################################
175 #####################################################################################
176 sub login_apikey
177 {
178 $response = $g_ua->get( $api_base . "auth/login" .
179 "?api_key=" . $api_key );
180 ok ($response->is_success, 'login_apikey request is_success');
181 $data = decode_json( $response->content) if $response->is_success;
182 die("HTTP error") unless $response->is_success;
183
184 is( $data->{'response'}, 'ok', 'login_apikey logged in');
185 ok( $data->{'session'}, 'login_apikey session set');
186 ok( $data->{'auth_key'}, 'login_apikey auth_key set');
187 if ( $data->{'response'} eq "ok" )
188 {
189 $session = $data->{'session'};
190 $auth_key = $data->{'auth_key'};
191 }
192 else
193 {
194 exit;
195 }
196 undef $data; undef $response;
197 }
198 sub login_user
199 {
200 $response = $g_ua->get( $api_base . "auth/login" .
201 "?username=" . $test_username .
202 "&password=" . $test_password );
203
204 ok ($response->is_success, 'login_user request is_success');
205 $data = decode_json( $response->content) if $response->is_success;
206 die("HTTP error") unless $response->is_success;
207
208 is( $data->{'response'}, 'ok', 'login_user logged in');
209 ok( $data->{'session'}, 'login_user session set');
210 ok( $data->{'auth_key'}, 'login_user auth_key set');
211 if ( $data->{'response'} eq "ok" )
212 {
213 $session = $data->{'session'};
214 $auth_key = $data->{'auth_key'};
215 }
216 else
217 {
218 exit;
219 }
220 undef $data; undef $response;
221 }
222 sub logout
223 {
224 undef $data; undef $response;
225 $response = $g_ua->get( $api_base . "auth/logout" .
226 "?session=" . $session );
227
228 ok ($response->is_success, 'logout request is_success');
229 die("HTTP error") unless $response->is_success;
230
231 $data = decode_json( $response->content) if $response->is_success;
232 is( $data->{'response'}, 'ok', 'logout ok');
233
234 undef $session;
235 undef $auth_key;
236 }
237