X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/23d90de7344ae39d1d0082a369b0dc5e9086531d..5aa318268437efe1e1a6dac3ff139a0b698f5da5:/lib/controller/localdb/login_pam_test.go

diff --git a/lib/controller/localdb/login_pam_test.go b/lib/controller/localdb/login_pam_test.go
index 4af40f8d38..e6b967c944 100644
--- a/lib/controller/localdb/login_pam_test.go
+++ b/lib/controller/localdb/login_pam_test.go
@@ -32,8 +32,8 @@ func (s *PamSuite) SetUpSuite(c *check.C) {
 	c.Assert(err, check.IsNil)
 	s.cluster, err = cfg.GetCluster("")
 	c.Assert(err, check.IsNil)
-	s.cluster.Login.PAM = true
-	s.cluster.Login.PAMDefaultEmailDomain = "example.com"
+	s.cluster.Login.PAM.Enable = true
+	s.cluster.Login.PAM.DefaultEmailDomain = "example.com"
 	s.railsSpy = arvadostest.NewProxy(c, s.cluster.Services.RailsAPI)
 	s.ctrl = &pamLoginController{
 		Cluster:    s.cluster,
@@ -42,20 +42,16 @@ func (s *PamSuite) SetUpSuite(c *check.C) {
 }
 
 func (s *PamSuite) TestLoginFailure(c *check.C) {
-	resp, err := s.ctrl.Login(context.Background(), arvados.LoginOptions{
+	resp, err := s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{
 		Username: "bogususername",
 		Password: "boguspassword",
-		ReturnTo: "https://example.com/foo",
 	})
-	c.Check(err, check.ErrorMatches, "Authentication failure")
+	c.Check(err, check.ErrorMatches, `PAM: Authentication failure \(with username "bogususername" and password\)`)
 	hs, ok := err.(interface{ HTTPStatus() int })
 	if c.Check(ok, check.Equals, true) {
 		c.Check(hs.HTTPStatus(), check.Equals, http.StatusUnauthorized)
 	}
-	c.Check(resp.RedirectLocation, check.Equals, "")
-	c.Check(resp.Token, check.Equals, "")
-	c.Check(resp.Message, check.Equals, "")
-	c.Check(resp.HTML.String(), check.Equals, "")
+	c.Check(resp.APIToken, check.Equals, "")
 }
 
 // This test only runs if the ARVADOS_TEST_PAM_CREDENTIALS_FILE env
@@ -73,17 +69,16 @@ func (s *PamSuite) TestLoginSuccess(c *check.C) {
 	c.Assert(len(lines), check.Equals, 2, check.Commentf("credentials file %s should contain \"username\\npassword\"", testCredsFile))
 	u, p := lines[0], lines[1]
 
-	resp, err := s.ctrl.Login(context.Background(), arvados.LoginOptions{
+	resp, err := s.ctrl.UserAuthenticate(context.Background(), arvados.UserAuthenticateOptions{
 		Username: u,
 		Password: p,
-		ReturnTo: "https://example.com/foo",
 	})
 	c.Check(err, check.IsNil)
-	c.Check(resp.RedirectLocation, check.Equals, "")
-	c.Check(resp.Token, check.Matches, `v2/zzzzz-gj3su-.*/.*`)
-	c.Check(resp.HTML.String(), check.Equals, "")
+	c.Check(resp.APIToken, check.Not(check.Equals), "")
+	c.Check(resp.UUID, check.Matches, `zzzzz-gj3su-.*`)
+	c.Check(resp.Scopes, check.DeepEquals, []string{"all"})
 
 	authinfo := getCallbackAuthInfo(c, s.railsSpy)
-	c.Check(authinfo.Email, check.Equals, u+"@"+s.cluster.Login.PAMDefaultEmailDomain)
+	c.Check(authinfo.Email, check.Equals, u+"@"+s.cluster.Login.PAM.DefaultEmailDomain)
 	c.Check(authinfo.AlternateEmails, check.DeepEquals, []string(nil))
 }