import (
"context"
"io/ioutil"
+ "net/http"
"os"
"strings"
}
func (s *PamSuite) TestLoginFailure(c *check.C) {
- resp, err := s.ctrl.Login(context.Background(), arvados.LoginOptions{
+ resp, err := s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{
Username: "bogususername",
Password: "boguspassword",
- ReturnTo: "https://example.com/foo",
})
- c.Check(err, check.IsNil)
- c.Check(resp.RedirectLocation, check.Equals, "")
- c.Check(resp.Token, check.Equals, "")
- c.Check(resp.Message, check.Equals, "Authentication failure")
- c.Check(resp.HTML.String(), check.Equals, "")
+ c.Check(err, check.ErrorMatches, `PAM: Authentication failure \(with username "bogususername" and password\)`)
+ hs, ok := err.(interface{ HTTPStatus() int })
+ if c.Check(ok, check.Equals, true) {
+ c.Check(hs.HTTPStatus(), check.Equals, http.StatusUnauthorized)
+ }
+ c.Check(resp.APIToken, check.Equals, "")
}
// This test only runs if the ARVADOS_TEST_PAM_CREDENTIALS_FILE env
c.Assert(len(lines), check.Equals, 2, check.Commentf("credentials file %s should contain \"username\\npassword\"", testCredsFile))
u, p := lines[0], lines[1]
- resp, err := s.ctrl.Login(context.Background(), arvados.LoginOptions{
+ resp, err := s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{
Username: u,
Password: p,
- ReturnTo: "https://example.com/foo",
})
c.Check(err, check.IsNil)
- c.Check(resp.RedirectLocation, check.Equals, "")
- c.Check(resp.Token, check.Matches, `v2/zzzzz-gj3su-.*/.*`)
- c.Check(resp.HTML.String(), check.Equals, "")
+ c.Check(resp.APIToken, check.Not(check.Equals), "")
+ c.Check(resp.UUID, check.Matches, `zzzzz-gj3su-.*`)
+ c.Check(resp.Scopes, check.DeepEquals, []string{"all"})
authinfo := getCallbackAuthInfo(c, s.railsSpy)
c.Check(authinfo.Email, check.Equals, u+"@"+s.cluster.Login.PAMDefaultEmailDomain)