Skip to content

Commit

Permalink
fix(pam/gdm): Fix and test handling of gdm qrcode regeneration (#402)
Browse files Browse the repository at this point in the history 
Ensure `reselectAuthMode` is properly handled by the gdm model,
following what the others model do.

Add tests for qrcode auth and regeneration in gdm model

UDENG-3126
  • Loading branch information
@3v1n0
3v1n0 committed Jul 4, 2024
2 parents a9e0553 + fe1e2d5 commit 8e73e09
Show file tree
Hide file tree
Showing 9 changed files with 355 additions and 52 deletions.
5 changes: 5 additions & 0 deletions examplebroker/broker.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,11 @@ func (b *Broker) NewSession(ctx context.Context, username, lang, mode string) (s
exampleUsers[username] = userInfoBroker{Password: "goodpass"}
}

if _, ok := exampleUsers[username]; !ok && strings.HasPrefix(username, "user-mfa-integration") {
exampleUsers[username] = userInfoBroker{Password: "goodpass"}
info.neededAuthSteps = 3
}

pubASN1, err := x509.MarshalPKIXPublicKey(&b.privateKey.PublicKey)
if err != nil {
return "", "", err
Expand Down
42 changes: 38 additions & 4 deletions pam/integration-tests/gdm-module-handler_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,9 @@ type gdmTestModuleHandler struct {

protoVersion uint32

supportedLayouts []*authd.UILayout
supportedLayouts []*authd.UILayout
currentUILayout *authd.UILayout
selectedUILayouts []*authd.UILayout

currentStage proto.Stage
pollResponses []*gdm.EventData
Expand Down Expand Up @@ -78,9 +80,19 @@ func (gh *gdmTestModuleHandler) exampleHandleGdmData(gdmData *gdm.Data) (*gdm.Da
func (gh *gdmTestModuleHandler) exampleHandleEvent(event *gdm.EventData) error {
events, ok := gh.eventPollResponses[event.Type]
if ok && len(events) > 0 {
pollResp := events[0]
gh.eventPollResponses[event.Type] = slices.Delete(events, 0, 1)
gh.pollResponses = append(gh.pollResponses, pollResp)
numEvents := 1
if events[0].Type == gdm_test.EventsGroupBegin().Type {
numEvents = slices.IndexFunc(events, func(ev *gdm.EventData) bool {
return ev.Type == gdm_test.EventsGroupEnd().Type
})
require.Greater(gh.t, numEvents, 1, "No valid events group found")
events = slices.Delete(events, numEvents, numEvents+1)
events = slices.Delete(events, 0, 1)
numEvents--
}
pollEvents := slices.Clone(events[0:numEvents])
gh.eventPollResponses[event.Type] = slices.Delete(events, 0, numEvents)
gh.pollResponses = append(gh.pollResponses, pollEvents...)
}

switch ev := event.Data.(type) {
Expand Down Expand Up @@ -126,6 +138,11 @@ func (gh *gdmTestModuleHandler) exampleHandleEvent(event *gdm.EventData) error {
if layout.Label != nil {
gh.t.Logf("%s:", *layout.Label)
}
if layout.Content != nil {
gh.t.Logf("%s:", *layout.Content)
}

gh.currentUILayout = layout

case *gdm.EventData_StartAuthentication:
idx := slices.IndexFunc(gh.authModes, func(mode *authd.GAMResponse_AuthenticationMode) bool {
Expand All @@ -142,6 +159,15 @@ func (gh *gdmTestModuleHandler) exampleHandleEvent(event *gdm.EventData) error {
"Selected authentication mode ID does not match expected one")
gh.selectedAuthModeIDs = slices.Delete(gh.selectedAuthModeIDs, 0, 1)

if len(gh.selectedUILayouts) < 1 {
// TODO: Make this an error but we don't support checking the layout in all tests yet.
return nil
}

gdm_test.RequireEqualData(gh.t, gh.selectedUILayouts[0], gh.currentUILayout,
"Selected UI layout does not match expected one")
gh.selectedUILayouts = slices.Delete(gh.selectedUILayouts, 0, 1)

case *gdm.EventData_AuthEvent:
gh.t.Logf("Authentication event: %s", ev.AuthEvent.Response)
if msg := ev.AuthEvent.Response.Msg; msg != "" {
Expand Down Expand Up @@ -173,6 +199,14 @@ func (gh *gdmTestModuleHandler) exampleHandleAuthDRequest(gdmData *gdm.Data) (*g
gh.currentStage = req.ChangeStage.Stage
log.Debugf(context.TODO(), "Switching to stage %d", gh.currentStage)

switch req.ChangeStage.Stage {
case proto.Stage_brokerSelection:
gh.authModes = nil
gh.brokerID = ""
case proto.Stage_authModeSelection:
gh.currentUILayout = nil
}

return &gdm.Data{
Type: gdm.DataType_response,
Response: &gdm.ResponseData{
Expand Down
Loading

0 comments on commit 8e73e09

Please sign in to comment.