func (s *VisitorSuite) TestVisitWebPageErrorResult(c *gc.C) { v := authentication.NewVisitor("bob", func(username string) (string, error) { return "hunter2", nil }) s.handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { http.Error(w, `{"Message":"bleh"}`, http.StatusInternalServerError) }) err := v.VisitWebPage(s.client, map[string]*url.URL{ "juju_userpass": mustParseURL(s.server.URL), }) c.Assert(err, gc.ErrorMatches, "bleh") }
func (s *VisitorSuite) TestVisitWebPage(c *gc.C) { v := authentication.NewVisitor("bob", func(username string) (string, error) { c.Assert(username, gc.Equals, "bob") return "hunter2", nil }) var formUser, formPassword string s.handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { r.ParseForm() formUser = r.Form.Get("user") formPassword = r.Form.Get("password") }) err := v.VisitWebPage(s.client, map[string]*url.URL{ "juju_userpass": mustParseURL(s.server.URL), }) c.Assert(err, jc.ErrorIsNil) c.Assert(formUser, gc.Equals, "bob") c.Assert(formPassword, gc.Equals, "hunter2") }
func (s *toolsWithMacaroonsSuite) TestCanPostWithLocalLogin(c *gc.C) { // Create a new local user that we can log in as // using macaroon authentication. const password = "******" user := s.Factory.MakeUser(c, &factory.UserParams{Password: password}) // Install a "web-page" visitor that deals with the interaction // method that Juju controllers support for authenticating local // users. Note: the use of httpbakery.NewMultiVisitor is necessary // to trigger httpbakery to query the authentication methods and // bypass browser authentication. var prompted bool jar := apitesting.NewClearableCookieJar() client := utils.GetNonValidatingHTTPClient() client.Jar = jar bakeryClient := httpbakery.NewClient() bakeryClient.Client = client bakeryClient.WebPageVisitor = httpbakery.NewMultiVisitor(apiauthentication.NewVisitor( user.UserTag().Id(), func(username string) (string, error) { c.Assert(username, gc.Equals, user.UserTag().Id()) prompted = true return password, nil }, )) bakeryDo := func(req *http.Request) (*http.Response, error) { var body io.ReadSeeker if req.Body != nil { body = req.Body.(io.ReadSeeker) req.Body = nil } return bakeryClient.DoWithBodyAndCustomError(req, body, bakeryGetError) } resp := s.sendRequest(c, httpRequestParams{ method: "POST", url: s.toolsURI(c, ""), tag: user.UserTag().String(), password: "", // no password forces macaroon usage do: bakeryDo, }) s.assertErrorResponse(c, resp, http.StatusBadRequest, "expected binaryVersion argument") c.Assert(prompted, jc.IsTrue) }
func (c *changePasswordCommand) recordMacaroon(user, password string) error { accountDetails := &jujuclient.AccountDetails{User: user} args, err := c.NewAPIConnectionParams( c.ClientStore(), c.ControllerName(), "", accountDetails, ) if err != nil { return errors.Trace(err) } args.DialOpts.BakeryClient.WebPageVisitor = httpbakery.NewMultiVisitor( authentication.NewVisitor(accountDetails.User, func(string) (string, error) { return password, nil }), args.DialOpts.BakeryClient.WebPageVisitor, ) api, err := c.newAPIConnection(args) if err != nil { return errors.Annotate(err, "connecting to API") } return api.Close() }
func newAPIConnectionParams( store jujuclient.ClientStore, controllerName, modelName string, accountDetails *jujuclient.AccountDetails, bakery *httpbakery.Client, apiOpen api.OpenFunc, getPassword func(string) (string, error), ) (juju.NewAPIConnectionParams, error) { if controllerName == "" { return juju.NewAPIConnectionParams{}, errors.Trace(errNoNameSpecified) } var modelUUID string if modelName != "" { modelDetails, err := store.ModelByName(controllerName, modelName) if err != nil { return juju.NewAPIConnectionParams{}, errors.Trace(err) } modelUUID = modelDetails.ModelUUID } dialOpts := api.DefaultDialOpts() dialOpts.BakeryClient = bakery if accountDetails != nil { bakery.WebPageVisitor = httpbakery.NewMultiVisitor( authentication.NewVisitor(accountDetails.User, getPassword), bakery.WebPageVisitor, ) } return juju.NewAPIConnectionParams{ Store: store, ControllerName: controllerName, AccountDetails: accountDetails, ModelUUID: modelUUID, DialOpts: dialOpts, OpenAPI: apiOpen, }, nil }
func (s *VisitorSuite) TestVisitWebPageMethodNotSupported(c *gc.C) { v := authentication.NewVisitor("bob", nil) err := v.VisitWebPage(s.client, map[string]*url.URL{}) c.Assert(err, gc.Equals, httpbakery.ErrMethodNotSupported) }