Beispiel #1
0
func makeTestFixtures() *testFixtures {
	f := &testFixtures{}

	f.ur = user.NewUserRepoFromUsers([]user.UserWithRemoteIdentities{
		{
			User: user.User{
				ID:          "ID-1",
				Email:       "*****@*****.**",
				DisplayName: "Name-1",
			},
		},
		{
			User: user.User{
				ID:          "ID-2",
				Email:       "*****@*****.**",
				DisplayName: "Name-2",
			},
		},
	})
	f.pwr = user.NewPasswordInfoRepoFromPasswordInfos([]user.PasswordInfo{
		{
			UserID:   "ID-1",
			Password: []byte("hi."),
		},
	})
	ccr := connector.NewConnectorConfigRepoFromConfigs([]connector.ConnectorConfig{
		&connector.LocalConnectorConfig{ID: "local"},
	})
	f.mgr = manager.NewUserManager(f.ur, f.pwr, ccr, repo.InMemTransactionFactory, manager.ManagerOptions{})
	f.adAPI = NewAdminAPI(f.mgr, f.ur, f.pwr, "local")

	return f
}
Beispiel #2
0
func makeTestFixtures() (*UsersAPI, *testEmailer) {
	ur := user.NewUserRepoFromUsers([]user.UserWithRemoteIdentities{
		{
			User: user.User{
				ID:        "ID-1",
				Email:     "*****@*****.**",
				Admin:     true,
				CreatedAt: clock.Now(),
			},
		}, {
			User: user.User{
				ID:        "ID-2",
				Email:     "*****@*****.**",
				CreatedAt: clock.Now(),
			},
		}, {
			User: user.User{
				ID:        "ID-3",
				Email:     "*****@*****.**",
				CreatedAt: clock.Now(),
			},
		}, {
			User: user.User{
				ID:        "ID-4",
				Email:     "*****@*****.**",
				CreatedAt: clock.Now(),
				Disabled:  true,
			},
		},
	})
	pwr := user.NewPasswordInfoRepoFromPasswordInfos([]user.PasswordInfo{
		{
			UserID:   "ID-1",
			Password: []byte("password-1"),
		},
		{
			UserID:   "ID-2",
			Password: []byte("password-2"),
		},
	})
	mgr := user.NewManager(ur, pwr, repo.InMemTransactionFactory, user.ManagerOptions{})
	mgr.Clock = clock
	ci := oidc.ClientIdentity{
		Credentials: oidc.ClientCredentials{
			ID:     "XXX",
			Secret: "secrete",
		},
		Metadata: oidc.ClientMetadata{
			RedirectURLs: []url.URL{
				validRedirURL,
			},
		},
	}
	cir := client.NewClientIdentityRepo([]oidc.ClientIdentity{ci})

	emailer := &testEmailer{}
	api := NewUsersAPI(mgr, cir, emailer, "local")
	return api, emailer

}
Beispiel #3
0
func makeTestFixtures() (*UserEmailer, *testEmailer, *key.PublicKey) {
	ur := user.NewUserRepoFromUsers([]user.UserWithRemoteIdentities{
		{
			User: user.User{
				ID:    "ID-1",
				Email: "*****@*****.**",
				Admin: true,
			},
		}, {
			User: user.User{
				ID:    "ID-2",
				Email: "*****@*****.**",
			},
		}, {
			User: user.User{
				ID:    "ID-3",
				Email: "*****@*****.**",
			},
		},
	})
	pwr := user.NewPasswordInfoRepoFromPasswordInfos([]user.PasswordInfo{
		{
			UserID:   "ID-1",
			Password: []byte("password-1"),
		},
		{
			UserID:   "ID-2",
			Password: []byte("password-2"),
		},
	})

	privKey, err := key.GeneratePrivateKey()
	if err != nil {
		panic(fmt.Sprintf("Failed to generate private key, error=%v", err))
	}

	publicKey := key.NewPublicKey(privKey.JWK())
	signer := privKey.Signer()
	signerFn := func() (jose.Signer, error) {
		return signer, nil
	}

	textTemplateString := `{{define "password-reset.txt"}}{{.link}}{{end}}
{{define "verify-email.txt"}}{{.link}}{{end}}"`
	textTemplates := template.New("text")
	_, err = textTemplates.Parse(textTemplateString)
	if err != nil {
		panic(fmt.Sprintf("error parsing text templates: %v", err))
	}

	htmlTemplates := htmltemplate.New("html")

	emailer := &testEmailer{}
	tEmailer := email.NewTemplatizedEmailerFromTemplates(textTemplates, htmlTemplates, emailer)

	userEmailer := NewUserEmailer(ur, pwr, signerFn, validityWindow, issuerURL, tEmailer, fromAddress, passwordResetURL, verifyEmailURL, acceptInvitationURL)

	return userEmailer, emailer, publicKey
}
Beispiel #4
0
func makeUserObjects(users []user.UserWithRemoteIdentities, passwords []user.PasswordInfo) (user.UserRepo, user.PasswordInfoRepo, *user.Manager) {
	ur := user.NewUserRepoFromUsers(users)
	pwr := user.NewPasswordInfoRepoFromPasswordInfos(passwords)

	um := user.NewManager(ur, pwr, repo.InMemTransactionFactory, user.ManagerOptions{})
	um.Clock = clock
	return ur, pwr, um
}
Beispiel #5
0
func makeUserObjects(users []user.UserWithRemoteIdentities, passwords []user.PasswordInfo) (user.UserRepo, user.PasswordInfoRepo, *manager.UserManager) {
	ur := user.NewUserRepoFromUsers(users)
	pwr := user.NewPasswordInfoRepoFromPasswordInfos(passwords)

	ccr := connector.NewConnectorConfigRepoFromConfigs(
		[]connector.ConnectorConfig{&connector.LocalConnectorConfig{ID: "local"}},
	)
	um := manager.NewUserManager(ur, pwr, ccr, repo.InMemTransactionFactory, manager.ManagerOptions{})
	um.Clock = clock
	return ur, pwr, um
}
Beispiel #6
0
func TestNewUserRepoFromUsers(t *testing.T) {
	tests := []struct {
		users []user.UserWithRemoteIdentities
	}{
		{
			users: []user.UserWithRemoteIdentities{
				{
					User: user.User{
						ID:    "123",
						Email: "*****@*****.**",
					},
					RemoteIdentities: []user.RemoteIdentity{},
				},
				{
					User: user.User{
						ID:    "456",
						Email: "*****@*****.**",
					},
					RemoteIdentities: []user.RemoteIdentity{
						{
							ID:          "remoteID",
							ConnectorID: "connID",
						},
					},
				},
			},
		},
	}

	for i, tt := range tests {
		repo := user.NewUserRepoFromUsers(tt.users)
		for _, want := range tt.users {
			gotUser, err := repo.Get(nil, want.User.ID)
			if err != nil {
				t.Errorf("case %d: want nil err: %v", i, err)
			}

			gotRIDs, err := repo.GetRemoteIdentities(nil, want.User.ID)
			if err != nil {
				t.Errorf("case %d: want nil err: %v", i, err)
			}

			if !reflect.DeepEqual(want.User, gotUser) {
				t.Errorf("case %d: want=%#v got=%#v", i, want.User, gotUser)
			}

			if !reflect.DeepEqual(want.RemoteIdentities, gotRIDs) {
				t.Errorf("case %d: want=%#v got=%#v", i, want.RemoteIdentities, gotRIDs)
			}
		}
	}
}
Beispiel #7
0
func makeTestFixtures() *testFixtures {
	f := &testFixtures{}
	f.clock = clockwork.NewFakeClock()

	f.ur = user.NewUserRepoFromUsers([]user.UserWithRemoteIdentities{
		{
			User: user.User{
				ID:    "ID-1",
				Email: "*****@*****.**",
			},
			RemoteIdentities: []user.RemoteIdentity{
				{
					ConnectorID: "local",
					ID:          "1",
				},
			},
		}, {
			User: user.User{
				ID:            "ID-2",
				Email:         "*****@*****.**",
				EmailVerified: true,
			},
			RemoteIdentities: []user.RemoteIdentity{
				{
					ConnectorID: "local",
					ID:          "2",
				},
			},
		},
	})
	f.pwr = user.NewPasswordInfoRepoFromPasswordInfos([]user.PasswordInfo{
		{
			UserID:   "ID-1",
			Password: []byte("password-1"),
		},
		{
			UserID:   "ID-2",
			Password: []byte("password-2"),
		},
	})
	f.ccr = connector.NewConnectorConfigRepoFromConfigs([]connector.ConnectorConfig{
		&connector.LocalConnectorConfig{ID: "local"},
	})
	f.mgr = NewUserManager(f.ur, f.pwr, f.ccr, repo.InMemTransactionFactory, ManagerOptions{})
	f.mgr.Clock = f.clock
	return f
}
Beispiel #8
0
func makeTestFixtures() *testFixtures {
	f := &testFixtures{}

	f.ur = user.NewUserRepoFromUsers([]user.UserWithRemoteIdentities{
		{
			User: user.User{
				ID:   "ID-1",
				Name: "Name-1",
			},
		},
	})
	f.pwr = user.NewPasswordInfoRepoFromPasswordInfos([]user.PasswordInfo{
		{
			UserID:   "ID-1",
			Password: []byte("hi."),
		},
	})

	f.adAPI = NewAdminAPI(f.ur, f.pwr)

	return f
}
Beispiel #9
0
func makeTestUserRepoMem(users []user.UserWithRemoteIdentities) user.UserRepo {
	return user.NewUserRepoFromUsers(users)
}
Beispiel #10
0
func makeTestFixtures() (*testFixtures, error) {
	userRepo := user.NewUserRepoFromUsers(testUsers)
	pwRepo := user.NewPasswordInfoRepoFromPasswordInfos(testPasswordInfos)
	manager := user.NewManager(userRepo, pwRepo, repo.InMemTransactionFactory, user.ManagerOptions{})

	connConfigs := []connector.ConnectorConfig{
		&connector.OIDCConnectorConfig{
			ID:           "oidc",
			IssuerURL:    testIssuerURL.String(),
			ClientID:     "12345",
			ClientSecret: "567789",
		},
		&connector.OIDCConnectorConfig{
			ID:                   "oidc-trusted",
			IssuerURL:            testIssuerURL.String(),
			ClientID:             "12345-trusted",
			ClientSecret:         "567789-trusted",
			TrustedEmailProvider: true,
		},
		&connector.LocalConnectorConfig{
			ID: "local",
		},
	}

	sessionManager := session.NewSessionManager(session.NewSessionRepo(), session.NewSessionKeyRepo())
	sessionManager.GenerateCode = sequentialGenerateCodeFunc()

	emailer, err := email.NewTemplatizedEmailerFromGlobs(
		emailTemplatesLocation+"/*.txt",
		emailTemplatesLocation+"/*.html",
		&email.FakeEmailer{})
	if err != nil {
		return nil, err
	}

	clientIdentityRepo := client.NewClientIdentityRepo([]oidc.ClientIdentity{
		oidc.ClientIdentity{
			Credentials: oidc.ClientCredentials{
				ID:     "XXX",
				Secret: testClientSecret,
			},
			Metadata: oidc.ClientMetadata{
				RedirectURLs: []url.URL{
					testRedirectURL,
				},
			},
		},
	})

	km := key.NewPrivateKeyManager()
	err = km.Set(key.NewPrivateKeySet([]*key.PrivateKey{testPrivKey}, time.Now().Add(time.Minute)))
	if err != nil {
		return nil, err
	}

	tpl, err := getTemplates("dex", "https://coreos.com/assets/images/brand/coreos-mark-30px.png", templatesLocation)
	if err != nil {
		return nil, err
	}

	srv := &Server{
		IssuerURL:          testIssuerURL,
		SessionManager:     sessionManager,
		ClientIdentityRepo: clientIdentityRepo,
		Templates:          tpl,
		UserRepo:           userRepo,
		PasswordInfoRepo:   pwRepo,
		UserManager:        manager,
		KeyManager:         km,
	}

	err = setTemplates(srv, tpl)
	if err != nil {
		return nil, err
	}

	for _, config := range connConfigs {
		if err := srv.AddConnector(config); err != nil {
			return nil, err
		}
	}

	srv.UserEmailer = useremail.NewUserEmailer(srv.UserRepo,
		srv.PasswordInfoRepo,
		srv.KeyManager.Signer,
		srv.SessionManager.ValidityWindow,
		srv.IssuerURL,
		emailer,
		"*****@*****.**",
		srv.absURL(httpPathResetPassword),
		srv.absURL(httpPathEmailVerify))

	return &testFixtures{
		srv:                srv,
		redirectURL:        testRedirectURL,
		userRepo:           userRepo,
		sessionManager:     sessionManager,
		emailer:            emailer,
		clientIdentityRepo: clientIdentityRepo,
	}, nil
}