Example #1
0
func (s *VisitorSuite) TestVisitWebPageErrorResult(c *gc.C) {
	v := authentication.NewVisitor("bob", func(username string) (string, error) {
		return "hunter2", nil
	})
	s.handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		http.Error(w, `{"Message":"bleh"}`, http.StatusInternalServerError)
	})
	err := v.VisitWebPage(s.client, map[string]*url.URL{
		"juju_userpass": mustParseURL(s.server.URL),
	})
	c.Assert(err, gc.ErrorMatches, "bleh")
}
Example #2
0
func (s *VisitorSuite) TestVisitWebPage(c *gc.C) {
	v := authentication.NewVisitor("bob", func(username string) (string, error) {
		c.Assert(username, gc.Equals, "bob")
		return "hunter2", nil
	})
	var formUser, formPassword string
	s.handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
		r.ParseForm()
		formUser = r.Form.Get("user")
		formPassword = r.Form.Get("password")
	})
	err := v.VisitWebPage(s.client, map[string]*url.URL{
		"juju_userpass": mustParseURL(s.server.URL),
	})
	c.Assert(err, jc.ErrorIsNil)
	c.Assert(formUser, gc.Equals, "bob")
	c.Assert(formPassword, gc.Equals, "hunter2")
}
Example #3
0
func (s *toolsWithMacaroonsSuite) TestCanPostWithLocalLogin(c *gc.C) {
	// Create a new local user that we can log in as
	// using macaroon authentication.
	const password = "******"
	user := s.Factory.MakeUser(c, &factory.UserParams{Password: password})

	// Install a "web-page" visitor that deals with the interaction
	// method that Juju controllers support for authenticating local
	// users. Note: the use of httpbakery.NewMultiVisitor is necessary
	// to trigger httpbakery to query the authentication methods and
	// bypass browser authentication.
	var prompted bool
	jar := apitesting.NewClearableCookieJar()
	client := utils.GetNonValidatingHTTPClient()
	client.Jar = jar
	bakeryClient := httpbakery.NewClient()
	bakeryClient.Client = client
	bakeryClient.WebPageVisitor = httpbakery.NewMultiVisitor(apiauthentication.NewVisitor(
		user.UserTag().Id(),
		func(username string) (string, error) {
			c.Assert(username, gc.Equals, user.UserTag().Id())
			prompted = true
			return password, nil
		},
	))
	bakeryDo := func(req *http.Request) (*http.Response, error) {
		var body io.ReadSeeker
		if req.Body != nil {
			body = req.Body.(io.ReadSeeker)
			req.Body = nil
		}
		return bakeryClient.DoWithBodyAndCustomError(req, body, bakeryGetError)
	}

	resp := s.sendRequest(c, httpRequestParams{
		method:   "POST",
		url:      s.toolsURI(c, ""),
		tag:      user.UserTag().String(),
		password: "", // no password forces macaroon usage
		do:       bakeryDo,
	})
	s.assertErrorResponse(c, resp, http.StatusBadRequest, "expected binaryVersion argument")
	c.Assert(prompted, jc.IsTrue)
}
Example #4
0
func (c *changePasswordCommand) recordMacaroon(user, password string) error {
	accountDetails := &jujuclient.AccountDetails{User: user}
	args, err := c.NewAPIConnectionParams(
		c.ClientStore(), c.ControllerName(), "", accountDetails,
	)
	if err != nil {
		return errors.Trace(err)
	}
	args.DialOpts.BakeryClient.WebPageVisitor = httpbakery.NewMultiVisitor(
		authentication.NewVisitor(accountDetails.User, func(string) (string, error) {
			return password, nil
		}),
		args.DialOpts.BakeryClient.WebPageVisitor,
	)
	api, err := c.newAPIConnection(args)
	if err != nil {
		return errors.Annotate(err, "connecting to API")
	}
	return api.Close()
}
Example #5
0
File: base.go Project: bac/juju
func newAPIConnectionParams(
	store jujuclient.ClientStore,
	controllerName,
	modelName string,
	accountDetails *jujuclient.AccountDetails,
	bakery *httpbakery.Client,
	apiOpen api.OpenFunc,
	getPassword func(string) (string, error),
) (juju.NewAPIConnectionParams, error) {
	if controllerName == "" {
		return juju.NewAPIConnectionParams{}, errors.Trace(errNoNameSpecified)
	}
	var modelUUID string
	if modelName != "" {
		modelDetails, err := store.ModelByName(controllerName, modelName)
		if err != nil {
			return juju.NewAPIConnectionParams{}, errors.Trace(err)
		}
		modelUUID = modelDetails.ModelUUID
	}
	dialOpts := api.DefaultDialOpts()
	dialOpts.BakeryClient = bakery

	if accountDetails != nil {
		bakery.WebPageVisitor = httpbakery.NewMultiVisitor(
			authentication.NewVisitor(accountDetails.User, getPassword),
			bakery.WebPageVisitor,
		)
	}

	return juju.NewAPIConnectionParams{
		Store:          store,
		ControllerName: controllerName,
		AccountDetails: accountDetails,
		ModelUUID:      modelUUID,
		DialOpts:       dialOpts,
		OpenAPI:        apiOpen,
	}, nil
}
Example #6
0
func (s *VisitorSuite) TestVisitWebPageMethodNotSupported(c *gc.C) {
	v := authentication.NewVisitor("bob", nil)
	err := v.VisitWebPage(s.client, map[string]*url.URL{})
	c.Assert(err, gc.Equals, httpbakery.ErrMethodNotSupported)
}