#!/usr/bin/perl
-use Test::More 'no_plan';
-
use strict;
-use LWP;
-use Data::Dumper;
-use JSON;
-
-my $api_base = "http://10.0.2.5/hermes/api/";
-my $api_key = "4hErgw3QFJLeuXGW";
-my $invalid_key = "invalidkey" . int(rand(255));
+use Test::More 'no_plan';
+use tests_common;
-my $test_username = "testauth-" . int(rand(255));
-my $test_password = "foobarbaz";
-my $invalid_username = "failauth-" . int(rand(255));
+# Configuration variables defined in tests_common
+# Make sure those are updated/set correctly..
+# $api_base
+# $api_key
+#
+# Further variables defined in tests_common:
+# $invalid_key
+# $test_username
+# $test_password
+# $invalid_username
-my ($g_ua, $session, $auth_key, $response, $data, $temp);
+my ($response, $data, $temp);
-$g_ua = LWP::UserAgent->new;
isa_ok( $g_ua, 'LWP::UserAgent', '$g_ua');
-$g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
isa_ok( $g_ua->cookie_jar, 'HTTP::Cookies', '$g_ua->cookies');
-#####################################################################################
login_apikey();
-$response = $g_ua->get( $api_base . "auth/new_apikey" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&host_ip=10.0.3.86" .
- "&access=full_read");
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode('auth/new_apikey', { 'host_ip' => '10.0.3.87', 'access' => 'full_read' });
is( $data->{'response'}, 'ok', 'auth/new_apikey ok');
ok( $data->{'key'}, 'auth/new_apikey new key');
$temp = $data->{'key'} if ( $data->{'response'} eq 'ok' );
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/list_apikeys" .
- "?session=" . $session .
- "&auth_key=" . $auth_key);
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode('auth/list_apikeys', undef);
is( $data->{'response'}, 'ok', 'auth/list_apikeys ok');
ok( $data->{'list'}, 'auth/list_apikeys list');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/remove_apikey" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&api_key=" . $temp );
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode('auth/remove_apikey', { "api_key" => $temp });
is( $data->{'response'}, 'ok', 'auth/remove_apikey ok');
ok( $data->{'key'}, 'auth/remove_apikey key');
-undef $data; undef $response;
-
-$response = $g_ua->get( $api_base . "auth/authorize_user" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&username=" . $test_username .
- "&access=read_write");
-$data = decode_json( $response->content) if $response->is_success;
+undef $data;
+
+$data = exec_apinode("auth/authorize_user", { "username" => $test_username, "access" => "read_write" });
is( $data->{'response'}, 'ok', 'auth/authorize_user ok');
ok( $data->{'user'}, 'auth/authorize_user user set');
is( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
ok( $data->{'access'}, 'auth/authorize_user access set');
isnt( $data->{'access'}, 'no_access', 'auth/authorize_user level');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/list_users" .
- "?session=" . $session .
- "&auth_key=" . $auth_key);
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/list_users", undef );
is( $data->{'response'}, 'ok', 'auth/list_users ok');
ok( $data->{'list'}, 'auth/list_users list');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/ping" .
- "?session=" . $session .
- "&auth_key=" . $auth_key );
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/ping", undef );
is( $data->{'response'}, 'pong', 'auth/ping PONG!');
ok( $data->{'auth_key'}, 'auth/ping key set');
ok( not ($data->{'auth_key'} eq $auth_key), 'auth/ping key changed');
$auth_key = $data->{'auth_key'};
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/list_apikeys" .
- "?session=" . $session .
- "&auth_key=" . $auth_key);
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/list_apikeys", undef );
is( $data->{'response'}, 'ok', 'auth/ping new key accepted.');
-undef $data; undef $response;
+undef $data;
logout();
ok( !$session, 'logged out, session cleared');
login_user();
-$response = $g_ua->get( $api_base . "auth/authorize_user" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&username=" . $test_username .
- "&access=full_read");
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/authorize_user", { "username" => $test_username, "access" => "full_read" });
is( $data->{'response'}, 'ok', 'auth/authorize_user as user ok');
is( $data->{'user'}, $test_username, 'auth/authorize_user user is ' . $test_username);
ok( $data->{'access'}, 'auth/authorize_user access set');
isnt( $data->{'access'}, 'no_access', 'auth/authorize_user level');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/remove_user" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&username=" . $test_username );
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/remove_user", { "username" => $test_username });
is( $data->{'response'}, 'failed', 'auth/remove_user as nonpriv user fails');
is( $data->{'cause'}, 'unauthorized', 'auth/remove_user cause correct');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/add_user" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&username=" . $test_username );
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/add_user", { "username" => $test_username });
is( $data->{'response'}, 'notimplemented', 'auth/add_user TODO: notimplemented.');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/update_user" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&username=" . $test_username );
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/update_user", { "username" => $test_username });
is( $data->{'response'}, 'notimplemented', 'auth/update_user TODO: notimplemented.');
-undef $data; undef $response;
+undef $data;
logout();
ok( !$session, 'logged out, session cleared');
login_apikey();
-$response = $g_ua->get( $api_base . "auth/remove_user" .
- "?session=" . $session .
- "&auth_key=" . $auth_key .
- "&username=" . $test_username );
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/remove_user", { "&username" => $test_username });
is( $data->{'response'}, 'ok', 'auth/remove_user as user ok');
is( $data->{'user'}, $test_username, 'auth/remove_user removed ' . $test_username);
-undef $data; undef $response;
+undef $data;
logout();
ok( !$session, 'logged out, session cleared');
-$response = $g_ua->get( $api_base . "auth/list_apikeys" .
- "?session=" . $session .
- "&auth_key=" . $auth_key);
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/list_apikeys", undef );
is( $data->{'response'}, 'failed', 'auth/list_apikeys denied after logout');
is( $data->{'cause'}, 'unauthorized', 'auth/list_apikeys cause correct');
-undef $data; undef $response;
+undef $data;
-$response = $g_ua->get( $api_base . "auth/list_users" .
- "?session=" . $session .
- "&auth_key=" . $auth_key);
-$data = decode_json( $response->content) if $response->is_success;
+$data = exec_apinode("auth/list_users", undef );
is( $data->{'response'}, 'failed', 'auth/list_users denied after logout');
is( $data->{'cause'}, 'unauthorized', 'auth/list_users cause correct');
-undef $data; undef $response;
-
-
-
-
-#####################################################################################
-#####################################################################################
-#####################################################################################
-#####################################################################################
-sub login_apikey
-{
- $response = $g_ua->get( $api_base . "auth/login" .
- "?api_key=" . $api_key );
- ok ($response->is_success, 'login_apikey request is_success');
- $data = decode_json( $response->content) if $response->is_success;
- die("HTTP error") unless $response->is_success;
-
- is( $data->{'response'}, 'ok', 'login_apikey logged in');
- ok( $data->{'session'}, 'login_apikey session set');
- ok( $data->{'auth_key'}, 'login_apikey auth_key set');
- if ( $data->{'response'} eq "ok" )
- {
- $session = $data->{'session'};
- $auth_key = $data->{'auth_key'};
- }
- else
- {
- exit;
- }
- undef $data; undef $response;
-}
-sub login_user
-{
- $response = $g_ua->get( $api_base . "auth/login" .
- "?username=" . $test_username .
- "&password=" . $test_password );
-
- ok ($response->is_success, 'login_user request is_success');
- $data = decode_json( $response->content) if $response->is_success;
- die("HTTP error") unless $response->is_success;
-
- is( $data->{'response'}, 'ok', 'login_user logged in');
- ok( $data->{'session'}, 'login_user session set');
- ok( $data->{'auth_key'}, 'login_user auth_key set');
- if ( $data->{'response'} eq "ok" )
- {
- $session = $data->{'session'};
- $auth_key = $data->{'auth_key'};
- }
- else
- {
- exit;
- }
- undef $data; undef $response;
-}
-sub logout
-{
- undef $data; undef $response;
- $response = $g_ua->get( $api_base . "auth/logout" .
- "?session=" . $session );
-
- ok ($response->is_success, 'logout request is_success');
- die("HTTP error") unless $response->is_success;
-
- $data = decode_json( $response->content) if $response->is_success;
- is( $data->{'response'}, 'ok', 'logout ok');
-
- undef $session;
- undef $auth_key;
-}
+undef $data;
git.defcon.no / hermes / blobdiff