From c2f99e5e48ac8d3be1f3140b696bd307a4adb9d0 Mon Sep 17 00:00:00 2001
From: Jon Langseth <jon.langseth@lilug.no>
Date: Fri, 20 Jan 2012 14:46:59 +0100
Subject: [PATCH] Added formal tests for api/auth

---
 api/t/auth.t | 237 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 237 insertions(+)
 create mode 100644 api/t/auth.t

diff --git a/api/t/auth.t b/api/t/auth.t
new file mode 100644
index 0000000..5ff2e74
--- /dev/null
+++ b/api/t/auth.t
@@ -0,0 +1,237 @@
+#!/usr/bin/perl
+
+use Test::More 'no_plan';
+
+use strict;
+use LWP;
+use Data::Dumper;
+use JSON;
+
+my $api_base  = "http://10.0.2.5/hermes/api/";
+my $api_key   = "4hErgw3QFJLeuXGW";
+my $invalid_key = "invalidkey" . int(rand(255));
+
+my $test_username = "testauth-" . int(rand(255));
+my $test_password = "foobarbaz";
+my $invalid_username = "failauth-" . int(rand(255));
+
+my ($g_ua, $session, $auth_key, $response, $data, $temp);
+
+$g_ua = LWP::UserAgent->new;
+isa_ok( $g_ua, 'LWP::UserAgent', '$g_ua');
+$g_ua->cookie_jar({}); # In-memory jar, look at HTTP::Cookies for persistant
+isa_ok( $g_ua->cookie_jar, 'HTTP::Cookies', '$g_ua->cookies');
+
+#####################################################################################
+login_apikey();
+
+$response = $g_ua->get( $api_base . "auth/new_apikey" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&host_ip=10.0.3.86" .
+	"&access=full_read");
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/new_apikey ok');
+ok( $data->{'key'}, 	 		'auth/new_apikey new key');
+$temp = $data->{'key'} if ( $data->{'response'} eq 'ok' );
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/list_apikeys" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key);
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/list_apikeys ok');
+ok( $data->{'list'}, 	 		'auth/list_apikeys list');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/remove_apikey" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&api_key=" . $temp );
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/remove_apikey ok');
+ok( $data->{'key'}, 	 		'auth/remove_apikey key');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/authorize_user" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&username=" . $test_username .
+	"&access=read_write");
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/authorize_user ok');
+ok( $data->{'user'}, 			'auth/authorize_user user set');
+is( $data->{'user'}, $test_username,	'auth/authorize_user user is ' . $test_username);
+ok( $data->{'access'}, 			'auth/authorize_user access set');
+isnt( $data->{'access'}, 'no_access',	'auth/authorize_user level');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/list_users" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key);
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/list_users ok');
+ok( $data->{'list'},			'auth/list_users list');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/ping" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key );
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'pong', 		'auth/ping PONG!');
+ok( $data->{'auth_key'},				'auth/ping key set');
+ok( not ($data->{'auth_key'} eq $auth_key),		'auth/ping key changed');
+$auth_key = $data->{'auth_key'};
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/list_apikeys" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key);
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/ping new key accepted.');
+undef $data; undef $response;
+
+
+logout();
+ok( !$session,				'logged out, session cleared');
+login_user();
+
+$response = $g_ua->get( $api_base . "auth/authorize_user" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&username=" . $test_username . 
+	"&access=full_read");
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/authorize_user as user ok');
+is( $data->{'user'}, $test_username,	'auth/authorize_user user is ' . $test_username);
+ok( $data->{'access'}, 			'auth/authorize_user access set');
+isnt( $data->{'access'}, 'no_access',	'auth/authorize_user level');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/remove_user" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&username=" . $test_username );
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'failed', 		'auth/remove_user as nonpriv user fails');
+is( $data->{'cause'}, 'unauthorized',			'auth/remove_user cause correct');
+undef $data; undef $response;
+
+
+$response = $g_ua->get( $api_base . "auth/add_user" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&username=" . $test_username );
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'notimplemented', 		'auth/add_user TODO: notimplemented.');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/update_user" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&username=" . $test_username );
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'notimplemented', 		'auth/update_user TODO: notimplemented.');
+undef $data; undef $response;
+
+logout();
+ok( !$session,				'logged out, session cleared');
+login_apikey();
+
+$response = $g_ua->get( $api_base . "auth/remove_user" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key .
+	"&username=" . $test_username );
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'ok', 		'auth/remove_user as user ok');
+is( $data->{'user'}, $test_username,	'auth/remove_user removed ' . $test_username);
+undef $data; undef $response;
+
+logout();
+ok( !$session,				'logged out, session cleared');
+
+$response = $g_ua->get( $api_base . "auth/list_apikeys" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key);
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'failed', 		'auth/list_apikeys denied after logout');
+is( $data->{'cause'}, 'unauthorized',		'auth/list_apikeys cause correct');
+undef $data; undef $response;
+
+$response = $g_ua->get( $api_base . "auth/list_users" .
+	"?session=" . $session .
+	"&auth_key=" . $auth_key);
+$data = decode_json( $response->content) if $response->is_success;
+is( $data->{'response'}, 'failed', 		'auth/list_users denied after logout');
+is( $data->{'cause'}, 'unauthorized',		'auth/list_users cause correct');
+undef $data; undef $response;
+
+
+
+
+#####################################################################################
+#####################################################################################
+#####################################################################################
+#####################################################################################
+sub login_apikey
+{
+	$response = $g_ua->get( $api_base . "auth/login" .
+			"?api_key=" . $api_key );
+	ok ($response->is_success, 		'login_apikey request is_success');
+	$data = decode_json( $response->content) if $response->is_success;
+	die("HTTP error") unless $response->is_success;
+
+	is( $data->{'response'}, 'ok', 		'login_apikey logged in');
+	ok( $data->{'session'},			'login_apikey session set');
+	ok( $data->{'auth_key'},		'login_apikey auth_key set');
+	if ( $data->{'response'} eq "ok" )
+	{
+		$session = $data->{'session'};
+		$auth_key = $data->{'auth_key'};
+	}
+	else
+	{
+		exit;
+	}
+	undef $data; undef $response;
+}
+sub login_user
+{
+	$response = $g_ua->get( $api_base . "auth/login" .
+		"?username=" . $test_username .
+		"&password=" . $test_password );
+
+	ok ($response->is_success, 		'login_user request is_success');
+	$data = decode_json( $response->content) if $response->is_success;
+	die("HTTP error") unless $response->is_success;
+
+	is( $data->{'response'}, 'ok', 		'login_user logged in');
+	ok( $data->{'session'},			'login_user session set');
+	ok( $data->{'auth_key'},		'login_user auth_key set');
+	if ( $data->{'response'} eq "ok" )
+	{
+		$session = $data->{'session'};
+		$auth_key = $data->{'auth_key'};
+	}
+	else
+	{
+		exit;
+	}
+	undef $data; undef $response;
+}
+sub logout
+{
+	undef $data; undef $response;
+	$response = $g_ua->get( $api_base . "auth/logout" .
+		"?session=" . $session );
+
+	ok ($response->is_success, 		'logout request is_success');
+	die("HTTP error") unless $response->is_success;
+
+	$data = decode_json( $response->content) if $response->is_success;
+	is( $data->{'response'}, 'ok', 		'logout ok');
+
+	undef $session;
+	undef $auth_key;
+}
+
-- 
2.39.2