pam: Ensure that the user is properly set in the pam stack

Print it once authenticated so that we are sure that the expected user
is passed to the pam stack.

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_and_add_it_to_local_group

@@ -132,7 +132,7 @@ Gimme your password
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user-local-groups' success
 AcctMgmt success
 >
 
@@ -165,7 +165,7 @@ AcctMgmt success
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user-local-groups' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_and_offer_password_reset

@@ -201,7 +201,7 @@ Enter your new password (3 days until mandatory)
 >
 >
 
-Auth success
+Auth user 'user-can-reset' success
 AcctMgmt success
 >
 
@@ -234,7 +234,7 @@ Enter your new password (3 days until mandatory)
 >
 >
 
-Auth success
+Auth user 'user-can-reset' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_and_reset_password

@@ -232,7 +232,7 @@ Enter your new password
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Enter your new password
 > *******
-Auth success
+Auth user 'user-needs-reset' success
 AcctMgmt success
 >
 
@@ -265,7 +265,7 @@ AcctMgmt success
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Enter your new password
 > *******
-Auth success
+Auth user 'user-needs-reset' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_successfully

@@ -132,7 +132,7 @@ Gimme your password
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user1' success
 AcctMgmt success
 >
 
@@ -165,7 +165,7 @@ AcctMgmt success
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user1' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_switching_auth_mode

@@ -330,7 +330,7 @@ Gimme your password
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user-integration-switch-mode' success
 AcctMgmt success
 >
 
@@ -363,7 +363,7 @@ AcctMgmt success
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user-integration-switch-mode' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_switching_broker

@@ -225,9 +225,9 @@ Gimme your password
 
 
 
-Auth error (25): The return value should be ignored by PAM dispatch:
+Auth user 'user-integration-switch-broker' error (25): The return value should be ignored by PAM
+ dispatch:
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
->
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
   Select your provider
@@ -258,7 +258,7 @@ AcctMgmt error (25): The return value should be ignored by PAM dispatch
 
 
 
-Auth error (25): The return value should be ignored by PAM dispatch:
+Auth user 'user-integration-switch-broker' error (25): The return value should be ignored by PAM
+ dispatch:
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
->
 ────────────────────────────────────────────────────────────────────────────────

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_switching_username

@@ -198,7 +198,7 @@ Gimme your password
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user-integration-username-switched' success
 AcctMgmt success
 >
 
@@ -231,7 +231,7 @@ AcctMgmt success
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
-Auth success
+Auth user 'user-integration-username-switched' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_with_form_mode_with_button

@@ -266,7 +266,7 @@ Enter your one time credential
 Enter your one time credential
 > temporary pass00
 
-Auth success
+Auth user 'user-integration-form-w-button' success
 AcctMgmt success
 >
 
@@ -299,7 +299,7 @@ AcctMgmt success
 Enter your one time credential
 > temporary pass00
 
-Auth success
+Auth user 'user-integration-form-w-button' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_with_mfa

@@ -296,7 +296,7 @@ Unlock your phone +33… or accept request on web interface:
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
-Auth success
+Auth user 'user-mfa' success
 AcctMgmt success
 >
 
@@ -329,7 +329,7 @@ AcctMgmt success
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
-Auth success
+Auth user 'user-mfa' success
 AcctMgmt success
 >
 
@@ -362,7 +362,7 @@ AcctMgmt success
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
-Auth success
+Auth user 'user-mfa' success
 AcctMgmt success
 >
 
@@ -395,7 +395,7 @@ AcctMgmt success
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
-Auth success
+Auth user 'user-mfa' success
 AcctMgmt success
 >
 
@@ -428,7 +428,7 @@ AcctMgmt success
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
-Auth success
+Auth user 'user-mfa' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/authenticate_user_with_qr_code

@@ -284,7 +284,7 @@ Enter the following code after flashing the address: 1337
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
 
 
-Auth success
+Auth user 'user-integration-qr-code' success
 AcctMgmt success
 >
 
@@ -317,7 +317,7 @@ Enter the following code after flashing the address: 1337
 ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
 
 
-Auth success
+Auth user 'user-integration-qr-code' success
 AcctMgmt success
 >
 

pam/integration-tests/testdata/TestCLIIntegration/golden/deny_authentication_if_max_attempts_reached

@@ -266,7 +266,8 @@ invalid password, should be goodpass
 Gimme your password
 >
 PAM ERROR: invalid password, should be goodpass
-Auth error (7): Authentication failure: invalid password, should be goodpass
+Auth user 'user-integration-max-attempts' error (7): Authentication failure: invalid password, s
+hould be goodpass
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
 >
 
@@ -291,15 +292,15 @@ AcctMgmt error (25): The return value should be ignored by PAM dispatch
 
 
 
-
 
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
 >
 PAM ERROR: invalid password, should be goodpass
-Auth error (7): Authentication failure: invalid password, should be goodpass
+Auth user 'user-integration-max-attempts' error (7): Authentication failure: invalid password, s
+hould be goodpass
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
 >
 
@@ -324,7 +325,6 @@ AcctMgmt error (25): The return value should be ignored by PAM dispatch
 
 
 
-
 
 
 ────────────────────────────────────────────────────────────────────────────────

pam/integration-tests/testdata/TestCLIIntegration/golden/deny_authentication_if_user_does_not_exist

@@ -128,7 +128,7 @@ Username: user-unexistent
 
 PAM ERROR: can't select broker: rpc error: code = Unknown desc = can't start authentication tran
 saction: user "user-unexistent" does not exist
-Auth error (4): System error: can't select broker: rpc error: code = Unknown desc = can't start
+Auth user 'user-unexistent' error (4): System error: can't select broker: rpc error: code = Unkn
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
   Select your provider
@@ -161,5 +161,5 @@ Auth error (4): System error: can't select broker: rpc error: code = Unknown des
 
 PAM ERROR: can't select broker: rpc error: code = Unknown desc = can't start authentication tran
 saction: user "user-unexistent" does not exist
-Auth error (4): System error: can't select broker: rpc error: code = Unknown desc = can't start
+Auth user 'user-unexistent' error (4): System error: can't select broker: rpc error: code = Unkn
 ────────────────────────────────────────────────────────────────────────────────

pam/integration-tests/testdata/TestCLIIntegration/golden/exit_authd_if_local_broker_is_selected

@@ -126,7 +126,7 @@ Username: user-local-broker
 
 
 
-Auth error (25): The return value should be ignored by PAM dispatch:
+Auth user 'user-local-broker' error (25): The return value should be ignored by PAM dispatch:
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
 >
 ────────────────────────────────────────────────────────────────────────────────
@@ -159,7 +159,7 @@ AcctMgmt error (25): The return value should be ignored by PAM dispatch
 
 
 
-Auth error (25): The return value should be ignored by PAM dispatch:
+Auth user 'user-local-broker' error (25): The return value should be ignored by PAM dispatch:
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
 >
 ────────────────────────────────────────────────────────────────────────────────

pam/integration-tests/testdata/TestCLIIntegration/golden/exit_authd_if_user_sigints

@@ -133,7 +133,8 @@ Gimme your password
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
 PAM ERROR: cancel requested
-Auth error (26): Critical error - immediate abort: cancel requested
+Auth user 'user-integration-sigint' error (26): Critical error - immediate abort: cancel request
+ed
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
 >
 
@@ -159,14 +160,14 @@ AcctMgmt error (25): The return value should be ignored by PAM dispatch
 
 
 
-
 
 
 ────────────────────────────────────────────────────────────────────────────────
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Gimme your password
 PAM ERROR: cancel requested
-Auth error (26): Critical error - immediate abort: cancel requested
+Auth user 'user-integration-sigint' error (26): Critical error - immediate abort: cancel request
+ed
 AcctMgmt error (25): The return value should be ignored by PAM dispatch
 >
 
@@ -192,7 +193,6 @@ AcctMgmt error (25): The return value should be ignored by PAM dispatch
 
 
 
-
 
 
 ────────────────────────────────────────────────────────────────────────────────

pam/integration-tests/testdata/TestCLIIntegration/golden/remember_last_successful_broker_and_mode

@@ -167,7 +167,7 @@ Enter your one time credential
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 >
 
@@ -200,7 +200,7 @@ AcctMgmt success
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Username: user name
@@ -233,7 +233,7 @@ Username: user name
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Username: user-integration-remember-mode
@@ -266,7 +266,7 @@ Username: user-integration-remember-mode
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Enter your one time credential
@@ -299,13 +299,13 @@ Enter your one time credential
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 >
 
@@ -332,13 +332,13 @@ AcctMgmt success
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 > ./pam_authd socket=/tmp/pam-cli-tests.sock
 Enter your one time credential
 > temporary pass0
 
-Auth success
+Auth user 'user-integration-remember-mode' success
 AcctMgmt success
 >
 

pam/main-cli.go

@@ -37,7 +37,9 @@ func main() {
 			return "", nil
 		}))
 
-	printResult("Auth", module.Authenticate(mTx, pam.Flags(0), os.Args))
+	authResult := module.Authenticate(mTx, pam.Flags(0), os.Args)
+	user, _ := mTx.GetItem(pam.User)
+	printResult(fmt.Sprintf("Auth user '%s'", user), authResult)
 
 	// Simulate setting auth broker as default.
 	printResult("AcctMgmt", module.AcctMgmt(mTx, pam.Flags(0), os.Args))