func testAccStepLogin(t *testing.T, username string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login",
Data: map[string]interface{}{
"method": "accept",
"username": username,
},
Unauthenticated: true,
Check: logicaltest.TestCheckAuth([]string{"foo"}),
}
}
func testAccLogin(t *testing.T, keys []string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.WriteOperation,
Path: "login",
Data: map[string]interface{}{
"token": os.Getenv("GITHUB_TOKEN"),
},
Unauthenticated: true,
Check: logicaltest.TestCheckAuth(keys),
}
}
func testAccStepLogin(t *testing.T, user string, pass string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login/" + user,
Data: map[string]interface{}{
"password": pass,
},
Unauthenticated: true,
Check: logicaltest.TestCheckAuth([]string{"foo", "bar"}),
}
}
func testAccStepLogin(t *testing.T, user string, pass string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login/" + user,
Data: map[string]interface{}{
"password": pass,
},
Unauthenticated: true,
// Verifies user tesla maps to groups via local group (engineers) as well as remote group (Scientiests)
Check: logicaltest.TestCheckAuth([]string{"bar", "default", "foo"}),
}
}
func testAccStepLogin(t *testing.T, connState tls.ConnectionState) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.WriteOperation,
Path: "login",
Unauthenticated: true,
ConnState: &connState,
Check: func(resp *logical.Response) error {
if resp.Auth.TTL != 1000*time.Second {
t.Fatalf("bad lease length: %#v", resp.Auth)
}
fn := logicaltest.TestCheckAuth([]string{"foo"})
return fn(resp)
},
}
}
func testAccLogin(t *testing.T, display string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.WriteOperation,
Path: "login",
Data: map[string]interface{}{
"app_id": "foo",
"user_id": "42",
},
Unauthenticated: true,
Check: logicaltest.TestCheckMulti(
logicaltest.TestCheckAuth([]string{"bar", "foo"}),
logicaltest.TestCheckAuthDisplayName(display),
),
}
}
func testAccStepLoginNoGroupDN(t *testing.T, user string, pass string) logicaltest.TestStep {
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login/" + user,
Data: map[string]interface{}{
"password": pass,
},
Unauthenticated: true,
Check: func(resp *logical.Response) error {
if len(resp.Warnings()) != 1 {
return fmt.Errorf("expected a warning due to no group dn, got: %#v", resp.Warnings())
}
return logicaltest.TestCheckAuth([]string{"bar", "default"})(resp)
},
}
}
func testAccLoginCidr(t *testing.T, ip string, err bool) logicaltest.TestStep {
check := logicaltest.TestCheckError()
if !err {
check = logicaltest.TestCheckAuth([]string{"bar", "foo"})
}
return logicaltest.TestStep{
Operation: logical.WriteOperation,
Path: "login",
Data: map[string]interface{}{
"app_id": "foo",
"user_id": "42",
},
ErrorOk: err,
Unauthenticated: true,
RemoteAddr: ip,
Check: check,
}
}
func testAccLoginAppIDInPath(t *testing.T, display string) logicaltest.TestStep {
checkTTL := func(resp *logical.Response) error {
if resp.Auth.LeaseOptions.TTL.String() != "720h0m0s" {
return fmt.Errorf("invalid TTL")
}
return nil
}
return logicaltest.TestStep{
Operation: logical.UpdateOperation,
Path: "login/foo",
Data: map[string]interface{}{
"user_id": "42",
},
Unauthenticated: true,
Check: logicaltest.TestCheckMulti(
logicaltest.TestCheckAuth([]string{"bar", "default", "foo"}),
logicaltest.TestCheckAuthDisplayName(display),
checkTTL,
),
}
}
