From 0cf909be67dc70019503aac29c08145dddd5b85c Mon Sep 17 00:00:00 2001 From: Boris Rybalkin Date: Thu, 23 Feb 2023 21:50:46 +0000 Subject: [PATCH] fix rebase, fix docker ldap test --- .github/workflows/dendrite.yml | 4 +++- clientapi/auth/ldap_authenticator_test.go | 8 ++++---- clientapi/auth/login.go | 5 +++-- clientapi/auth/login_test.go | 4 ++-- clientapi/auth/user_interactive_test.go | 25 +++++++++++++++++++++-- test/openldap/bootstrap.ldif | 9 ++++---- 6 files changed, 40 insertions(+), 15 deletions(-) diff --git a/.github/workflows/dendrite.yml b/.github/workflows/dendrite.yml index f96e1ca2f..72a32945e 100644 --- a/.github/workflows/dendrite.yml +++ b/.github/workflows/dendrite.yml @@ -93,8 +93,10 @@ jobs: --health-retries 5 openldap: image: bitnami/openldap:2.5.14 + ports: + 389:1389 volumes: - - ${{ github.workspace }}/test/openldap:/ldifs + - ./test/openldap:/ldifs steps: - uses: actions/checkout@v3 diff --git a/clientapi/auth/ldap_authenticator_test.go b/clientapi/auth/ldap_authenticator_test.go index 3d09a5e10..f876744af 100644 --- a/clientapi/auth/ldap_authenticator_test.go +++ b/clientapi/auth/ldap_authenticator_test.go @@ -8,7 +8,7 @@ import ( func TestLdapAuthenticator_Authenticate_DirectBind_AdminUser(t *testing.T) { authenticator := NewLdapAuthenticator(config.Ldap{ - Uri: "ldap://openldap:1389", + Uri: "ldap://openldap:389", BaseDn: "dc=example,dc=org", AdminBindEnabled: false, UserBindDn: "cn={username},ou=users,dc=example,dc=org", @@ -25,7 +25,7 @@ func TestLdapAuthenticator_Authenticate_DirectBind_AdminUser(t *testing.T) { func TestLdapAuthenticator_Authenticate_DirectBind_RegularUser(t *testing.T) { authenticator := NewLdapAuthenticator(config.Ldap{ - Uri: "ldap://openldap:1389", + Uri: "ldap://openldap:389", BaseDn: "dc=example,dc=org", AdminBindEnabled: false, UserBindDn: "cn={username},ou=users,dc=example,dc=org", @@ -42,7 +42,7 @@ func TestLdapAuthenticator_Authenticate_DirectBind_RegularUser(t *testing.T) { func TestLdapAuthenticator_Authenticate_AdminBind(t *testing.T) { authenticator := NewLdapAuthenticator(config.Ldap{ - Uri: "ldap://openldap:1389", + Uri: "ldap://openldap:389", BaseDn: "dc=example,dc=org", AdminBindEnabled: true, AdminBindDn: "cn=admin,dc=example,dc=org", @@ -63,7 +63,7 @@ func TestLdapAuthenticator_Authenticate_AdminBind(t *testing.T) { func TestLdapAuthenticator_Authenticate_AdminBind_UserNotFound(t *testing.T) { authenticator := NewLdapAuthenticator(config.Ldap{ - Uri: "ldap://openldap:1389", + Uri: "ldap://openldap:389", BaseDn: "dc=example,dc=org", AdminBindEnabled: true, AdminBindDn: "cn=admin,dc=example,dc=org", diff --git a/clientapi/auth/login.go b/clientapi/auth/login.go index fb4903355..3cc38f1ce 100644 --- a/clientapi/auth/login.go +++ b/clientapi/auth/login.go @@ -32,7 +32,7 @@ import ( // called after authorization has completed, with the result of the authorization. // If the final return value is non-nil, an error occurred and the cleanup function // is nil. -func LoginFromJSONReader(ctx context.Context, r io.Reader, useraccountAPI uapi.UserLoginAPI, userAPI UserInternalAPIForLogin, cfg *config.ClientAPI) (*Login, LoginCleanupFunc, *util.JSONResponse) { +func LoginFromJSONReader(ctx context.Context, r io.Reader, userAPI UserInternalAPIForLogin, cfg *config.ClientAPI) (*Login, LoginCleanupFunc, *util.JSONResponse) { reqBytes, err := io.ReadAll(r) if err != nil { err := &util.JSONResponse{ @@ -57,7 +57,7 @@ func LoginFromJSONReader(ctx context.Context, r io.Reader, useraccountAPI uapi.U switch header.Type { case authtypes.LoginTypePassword: typ = &LoginTypePassword{ - UserAPI: useraccountAPI, + UserAPI: userAPI, Config: cfg, } case authtypes.LoginTypeToken: @@ -79,4 +79,5 @@ func LoginFromJSONReader(ctx context.Context, r io.Reader, useraccountAPI uapi.U // UserInternalAPIForLogin contains the aspects of UserAPI required for logging in. type UserInternalAPIForLogin interface { uapi.LoginTokenInternalAPI + uapi.UserLoginAPI } diff --git a/clientapi/auth/login_test.go b/clientapi/auth/login_test.go index 044062c42..eb46f129b 100644 --- a/clientapi/auth/login_test.go +++ b/clientapi/auth/login_test.go @@ -73,7 +73,7 @@ func TestLoginFromJSONReader(t *testing.T) { }, }, } - login, cleanup, err := LoginFromJSONReader(ctx, strings.NewReader(tst.Body), &userAPI, &userAPI, cfg) + login, cleanup, err := LoginFromJSONReader(ctx, strings.NewReader(tst.Body), &userAPI, cfg) if err != nil { t.Fatalf("LoginFromJSONReader failed: %+v", err) } @@ -153,7 +153,7 @@ func TestBadLoginFromJSONReader(t *testing.T) { }, }, } - _, cleanup, errRes := LoginFromJSONReader(ctx, strings.NewReader(tst.Body), &userAPI, &userAPI, cfg) + _, cleanup, errRes := LoginFromJSONReader(ctx, strings.NewReader(tst.Body), &userAPI, cfg) if errRes == nil { cleanup(ctx, nil) t.Fatalf("LoginFromJSONReader err: got %+v, want code %q", errRes, tst.WantErrCode) diff --git a/clientapi/auth/user_interactive_test.go b/clientapi/auth/user_interactive_test.go index 5d97b31ce..8d60fb36d 100644 --- a/clientapi/auth/user_interactive_test.go +++ b/clientapi/auth/user_interactive_test.go @@ -16,8 +16,9 @@ var ( ctx = context.Background() serverName = gomatrixserverlib.ServerName("example.com") // space separated localpart+password -> account - lookup = make(map[string]*api.Account) - device = &api.Device{ + lookup = make(map[string]*api.Account) + accounts = make(map[string]*api.Account) + device = &api.Device{ AccessToken: "flibble", DisplayName: "My Device", ID: "device_id_goes_here", @@ -26,6 +27,26 @@ var ( type fakeAccountDatabase struct{} +func (d *fakeAccountDatabase) QueryAccountByLocalpart(ctx context.Context, req *api.QueryAccountByLocalpartRequest, res *api.QueryAccountByLocalpartResponse) error { + acc, ok := lookup[req.Localpart] + if !ok { + return fmt.Errorf("unknown user/password") + } + res.Account = acc + return nil +} + +func (d *fakeAccountDatabase) PerformAccountCreation(ctx context.Context, req *api.PerformAccountCreationRequest, res *api.PerformAccountCreationResponse) error { + accounts[req.Localpart] = &api.Account{ + UserID: req.Localpart, + Localpart: req.Localpart, + ServerName: serverName, + AppServiceID: "ldap", + AccountType: 0, + } + return nil +} + func (d *fakeAccountDatabase) PerformPasswordUpdate(ctx context.Context, req *api.PerformPasswordUpdateRequest, res *api.PerformPasswordUpdateResponse) error { return nil } diff --git a/test/openldap/bootstrap.ldif b/test/openldap/bootstrap.ldif index 119cb08c1..97a1842e1 100644 --- a/test/openldap/bootstrap.ldif +++ b/test/openldap/bootstrap.ldif @@ -1,6 +1,7 @@ dn: dc=example,dc=org objectClass: dcObject -objectClass: organizationalUnit +objectClass: organization +o: Example, Inc # administrator dn: cn=admin,dc=example,dc=org @@ -31,7 +32,7 @@ cn: user1 sn: 10 displayName: user1 description: user1 -userPassword: user1 +userPassword: password mail: user1@example.com # regular user @@ -48,7 +49,7 @@ cn: user2 sn: 11 displayName: user2 description: user2 -userPassword: user2 +userPassword: password mail: user2@example.com # Subtree for Groups @@ -65,4 +66,4 @@ objectClass: top gidNumber: 1 cn: admin description: admin -memberUid: user1 \ No newline at end of file +memberUid: user1