func (s *registrationSuite) TestRegister(c *gc.C) { // Ensure we cannot log in with the password yet. const password = "******" c.Assert(s.bob.PasswordValid(password), jc.IsFalse) validNonce := []byte(strings.Repeat("X", 24)) secretKey := s.bob.SecretKey() ciphertext := s.sealBox( c, validNonce, secretKey, fmt.Sprintf(`{"password": "******"}`, password), ) resp := httptesting.Do(c, httptesting.DoRequestParams{ Do: utils.GetNonValidatingHTTPClient().Do, URL: s.registrationURL(c), Method: "POST", JSONBody: ¶ms.SecretKeyLoginRequest{ User: "******", Nonce: validNonce, PayloadCiphertext: ciphertext, }, }) c.Assert(resp.StatusCode, gc.Equals, http.StatusOK) defer resp.Body.Close() // It should be possible to log in as bob with the // password "hunter2" now, and there should be no // secret key any longer. err := s.bob.Refresh() c.Assert(err, jc.ErrorIsNil) c.Assert(s.bob.PasswordValid(password), jc.IsTrue) c.Assert(s.bob.SecretKey(), gc.IsNil) var response params.SecretKeyLoginResponse bodyData, err := ioutil.ReadAll(resp.Body) c.Assert(err, jc.ErrorIsNil) err = json.Unmarshal(bodyData, &response) c.Assert(err, jc.ErrorIsNil) c.Assert(response.Nonce, gc.HasLen, len(validNonce)) plaintext := s.openBox(c, response.PayloadCiphertext, response.Nonce, secretKey) var responsePayload params.SecretKeyLoginResponsePayload err = json.Unmarshal(plaintext, &responsePayload) c.Assert(err, jc.ErrorIsNil) c.Assert(responsePayload.CACert, gc.Equals, s.BackingState.CACert()) model, err := s.BackingState.Model() c.Assert(err, jc.ErrorIsNil) c.Assert(responsePayload.ControllerUUID, gc.Equals, model.ControllerUUID()) }
func (s *authHttpSuite) sendRequest(c *gc.C, p httpRequestParams) *http.Response { c.Logf("sendRequest: %s", p.url) hp := httptesting.DoRequestParams{ Do: p.do, Method: p.method, URL: p.url, Body: p.body, JSONBody: p.jsonBody, Header: make(http.Header), Username: p.tag, Password: p.password, ExpectError: p.expectError, } if p.contentType != "" { hp.Header.Set("Content-Type", p.contentType) } if p.nonce != "" { hp.Header.Set(params.MachineNonceHeader, p.nonce) } if hp.Do == nil { hp.Do = utils.GetNonValidatingHTTPClient().Do } return httptesting.Do(c, hp) }