mirrors/dendrite
1
0
Fork 0
mirror of https://github.com/matrix-org/dendrite.git synced 2026-01-17 02:53:11 -06:00
Code Issues Packages Projects Releases Wiki Activity
dendrite/clientapi/auth/ldap_authenticator_test.go
Boris Rybalkin 623e55a871 ldap tests (wip)
2023-02-23 00:05:25 +00:00

96 lines
3.1 KiB
Go
Raw Blame History

package auth
import (
"github.com/matrix-org/dendrite/setup/config"
"github.com/stretchr/testify/assert"
"testing"
)
func TestLdapAuthenticator_Authenticate_DirectBind_AdminUser(t *testing.T) {
authenticator := NewLdapAuthenticator(config.Ldap{
Uri: "ldap://openldap:1389",
BaseDn: "dc=example,dc=org",
AdminBindEnabled: false,
UserBindDn: "cn={username},ou=users,dc=example,dc=org",
AdminGroupDn: "cn=admin,ou=groups,dc=example,dc=org",
AdminGroupFilter: "(memberUid={username})",
AdminGroupAttribute: "memberUid",
})
isAdmin, err := authenticator.Authenticate("user1", "password")
assert.Nil(t, err)
assert.True(t, isAdmin)
}
func TestLdapAuthenticator_Authenticate_DirectBind_RegularUser(t *testing.T) {
authenticator := NewLdapAuthenticator(config.Ldap{
Uri: "ldap://openldap:1389",
BaseDn: "dc=example,dc=org",
AdminBindEnabled: false,
UserBindDn: "cn={username},ou=users,dc=example,dc=org",
AdminGroupDn: "cn=admin,ou=groups,dc=example,dc=org",
AdminGroupFilter: "(memberUid={username})",
AdminGroupAttribute: "memberUid",
})
isAdmin, err := authenticator.Authenticate("user2", "password")
assert.Nil(t, err)
assert.False(t, isAdmin)
}
func TestLdapAuthenticator_Authenticate_AdminBind(t *testing.T) {
authenticator := NewLdapAuthenticator(config.Ldap{
Uri: "ldap://openldap:1389",
BaseDn: "dc=example,dc=org",
AdminBindEnabled: true,
AdminBindDn: "cn=admin,dc=example,dc=org",
AdminBindPassword: "password",
AdminGroupDn: "cn=admin,ou=groups,dc=example,dc=org",
AdminGroupFilter: "(memberUid={username})",
AdminGroupAttribute: "memberUid",
SearchBaseDn: "ou=users,dc=example,dc=org",
SearchFilter: "(&(objectclass=inetOrgPerson)(cn={username}))",
SearchAttribute: "cn",
})
isAdmin, err := authenticator.Authenticate("user1", "password")
assert.Nil(t, err)
assert.True(t, isAdmin)
}
func TestLdapAuthenticator_Authenticate_AdminBind_UserNotFound(t *testing.T) {
authenticator := NewLdapAuthenticator(config.Ldap{
Uri: "ldap://openldap:1389",
BaseDn: "dc=example,dc=org",
AdminBindEnabled: true,
AdminBindDn: "cn=admin,dc=example,dc=org",
AdminBindPassword: "password",
AdminGroupDn: "cn=admin,ou=groups,dc=example,dc=org",
AdminGroupFilter: "(memberUid={username})",
AdminGroupAttribute: "memberUid",
SearchBaseDn: "ou=users,dc=example,dc=org",
SearchFilter: "(&(objectclass=inetOrgPerson)(cn={username}))",
SearchAttribute: "cn",
})
_, err := authenticator.Authenticate("user_not_found", "")
assert.NotNil(t, err)
}
func TestLdapAuthenticator_Authenticate_DirectBind_WrongPassword(t *testing.T) {
authenticator := NewLdapAuthenticator(config.Ldap{
Uri: "ldap://openldap:1389",
BaseDn: "dc=example,dc=org",
UserBindDn: "cn={username},ou=users,dc=example,dc=org",
AdminBindEnabled: false,
})
_, err := authenticator.Authenticate("user2", "password_wrong")
assert.NotNil(t, err)
}
Reference in a new issue View git blame Copy permalink