aboutsummaryrefslogtreecommitdiffstats
path: root/integrations/auth_ldap_test.go
diff options
context:
space:
mode:
authorMagnus Lindvall <magnus@dnmgns.com>2018-05-24 06:59:02 +0200
committerLauris BH <lauris@nix.lv>2018-05-24 07:59:02 +0300
commitcdb9478774e6c5cebf5a75ff35bfa6d8a37bdbdb (patch)
treea3f8a487c45d43b15a9aaf7518e0b342880b3361 /integrations/auth_ldap_test.go
parentb908ac9fab141b72f38db3d40a9f6054bb701982 (diff)
downloadgitea-cdb9478774e6c5cebf5a75ff35bfa6d8a37bdbdb.tar.gz
gitea-cdb9478774e6c5cebf5a75ff35bfa6d8a37bdbdb.zip
LDAP Public SSH Keys synchronization (#1844)
* Add LDAP Key Synchronization feature Signed-off-by: Magnus Lindvall <magnus@dnmgns.com> * Add migration: add login source id column for public_key table * Only update keys if needed * Add function to only list pubkey synchronized from ldap * Only list pub ssh keys synchronized from ldap. Do not sort strings as ExistsInSlice does it. * Only get keys belonging to current login source id * Set default login source id to 0 * Some minor cleanup. Add integration tests (updete dep testify)
Diffstat (limited to 'integrations/auth_ldap_test.go')
-rw-r--r--integrations/auth_ldap_test.go79
1 files changed, 58 insertions, 21 deletions
diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go
index df26f95ed0..f31f598fa4 100644
--- a/integrations/auth_ldap_test.go
+++ b/integrations/auth_ldap_test.go
@@ -40,7 +40,11 @@ var gitLDAPUsers = []ldapUser{
Password: "hermes",
FullName: "Conrad Hermes",
Email: "hermes@planetexpress.com",
- IsAdmin: true,
+ SSHKeys: []string{
+ "SHA256:qLY06smKfHoW/92yXySpnxFR10QFrLdRjf/GNPvwcW8",
+ "SHA256:QlVTuM5OssDatqidn2ffY+Lc4YA5Fs78U+0KOHI51jQ",
+ },
+ IsAdmin: true,
},
{
UserName: "fry",
@@ -89,26 +93,27 @@ func getLDAPServerHost() string {
return host
}
-func addAuthSourceLDAP(t *testing.T) {
+func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string) {
session := loginUser(t, "user1")
csrf := GetCSRF(t, session, "/admin/auths/new")
req := NewRequestWithValues(t, "POST", "/admin/auths/new", map[string]string{
- "_csrf": csrf,
- "type": "2",
- "name": "ldap",
- "host": getLDAPServerHost(),
- "port": "389",
- "bind_dn": "uid=gitea,ou=service,dc=planetexpress,dc=com",
- "bind_password": "password",
- "user_base": "ou=people,dc=planetexpress,dc=com",
- "filter": "(&(objectClass=inetOrgPerson)(memberOf=cn=git,ou=people,dc=planetexpress,dc=com)(uid=%s))",
- "admin_filter": "(memberOf=cn=admin_staff,ou=people,dc=planetexpress,dc=com)",
- "attribute_username": "uid",
- "attribute_name": "givenName",
- "attribute_surname": "sn",
- "attribute_mail": "mail",
- "is_sync_enabled": "on",
- "is_active": "on",
+ "_csrf": csrf,
+ "type": "2",
+ "name": "ldap",
+ "host": getLDAPServerHost(),
+ "port": "389",
+ "bind_dn": "uid=gitea,ou=service,dc=planetexpress,dc=com",
+ "bind_password": "password",
+ "user_base": "ou=people,dc=planetexpress,dc=com",
+ "filter": "(&(objectClass=inetOrgPerson)(memberOf=cn=git,ou=people,dc=planetexpress,dc=com)(uid=%s))",
+ "admin_filter": "(memberOf=cn=admin_staff,ou=people,dc=planetexpress,dc=com)",
+ "attribute_username": "uid",
+ "attribute_name": "givenName",
+ "attribute_surname": "sn",
+ "attribute_mail": "mail",
+ "attribute_ssh_public_key": sshKeyAttribute,
+ "is_sync_enabled": "on",
+ "is_active": "on",
})
session.MakeRequest(t, req, http.StatusFound)
}
@@ -119,7 +124,7 @@ func TestLDAPUserSignin(t *testing.T) {
return
}
prepareTestEnv(t)
- addAuthSourceLDAP(t)
+ addAuthSourceLDAP(t, "")
u := gitLDAPUsers[0]
@@ -140,7 +145,7 @@ func TestLDAPUserSync(t *testing.T) {
return
}
prepareTestEnv(t)
- addAuthSourceLDAP(t)
+ addAuthSourceLDAP(t, "")
models.SyncExternalUsers()
session := loginUser(t, "user1")
@@ -186,9 +191,41 @@ func TestLDAPUserSigninFailed(t *testing.T) {
return
}
prepareTestEnv(t)
- addAuthSourceLDAP(t)
+ addAuthSourceLDAP(t, "")
u := otherLDAPUsers[0]
testLoginFailed(t, u.UserName, u.Password, i18n.Tr("en", "form.username_password_incorrect"))
}
+
+func TestLDAPUserSSHKeySync(t *testing.T) {
+ if skipLDAPTests() {
+ t.Skip()
+ return
+ }
+ prepareTestEnv(t)
+ addAuthSourceLDAP(t, "sshPublicKey")
+ models.SyncExternalUsers()
+
+ // Check if users has SSH keys synced
+ for _, u := range gitLDAPUsers {
+ if len(u.SSHKeys) == 0 {
+ continue
+ }
+ session := loginUserWithPassword(t, u.UserName, u.Password)
+
+ req := NewRequest(t, "GET", "/user/settings/keys")
+ resp := session.MakeRequest(t, req, http.StatusOK)
+
+ htmlDoc := NewHTMLParser(t, resp.Body)
+
+ divs := htmlDoc.doc.Find(".key.list .print.meta")
+
+ syncedKeys := make([]string, divs.Length())
+ for i := 0; i < divs.Length(); i++ {
+ syncedKeys[i] = strings.TrimSpace(divs.Eq(i).Text())
+ }
+
+ assert.ElementsMatch(t, u.SSHKeys, syncedKeys)
+ }
+}