prysm-pulse/validator/rpc/auth_test.go

package rpc

import (
	"context"
	"testing"

	pb "github.com/prysmaticlabs/prysm/proto/validator/accounts/v2"
	"github.com/prysmaticlabs/prysm/shared/testutil/assert"
	"github.com/prysmaticlabs/prysm/shared/testutil/require"
	dbtest "github.com/prysmaticlabs/prysm/validator/db/testing"
)

func TestServer_Signup_PasswordAlreadyExists(t *testing.T) {
	valDB := dbtest.SetupDB(t, [][48]byte{})
	ctx := context.Background()
	ss := &Server{
		valDB: valDB,
	}

	// Save a hash password pre-emptively to the database.
	hashedPassword := []byte("2093402934902839489238492")
	require.NoError(t, valDB.SaveHashedPasswordForAPI(ctx, hashedPassword))

	// Attempt to signup despite already having a hashed password in the DB
	// which should immediately fail.
	strongPass := "29384283xasjasd32%%&*@*#*"
	_, err := ss.Signup(ctx, &pb.AuthRequest{
		Password: strongPass,
	})
	require.ErrorContains(t, "Validator already has a password set, cannot signup", err)
}

func TestServer_SignupAndLogin_RoundTrip(t *testing.T) {
	valDB := dbtest.SetupDB(t, [][48]byte{})
	ctx := context.Background()
	ss := &Server{
		valDB: valDB,
	}
	weakPass := "password"
	_, err := ss.Signup(ctx, &pb.AuthRequest{
		Password: weakPass,
	})
	require.ErrorContains(t, "Could not validate password input", err)

	// We assert we are able to signup with a strong password.
	strongPass := "29384283xasjasd32%%&*@*#*"
	_, err = ss.Signup(ctx, &pb.AuthRequest{
		Password: strongPass,
	})
	require.NoError(t, err)

	// Assert we stored the hashed password.
	hashedPass, err := valDB.HashedPasswordForAPI(ctx)
	require.NoError(t, err)
	assert.NotEqual(t, 0, len(hashedPass))

	// We assert we are able to login.
	_, err = ss.Login(ctx, &pb.AuthRequest{
		Password: strongPass,
	})
	require.NoError(t, err)
}
Add Authentication Functions to Validator RPC (#6968) * define auth endpoints * add intercepter with tests * auth functions * fix up the auth functions * add functions for storing and saving the hashed password from the validator db * validate strong password input and simplify jwt claims * tests for db funcs * comments for db funcs * wrap up the authentication tests * register auth srv * use proper db iface package and check if existing password * fix broken tests and add new test to check if password already exists * use roughtime * rlock to check the auth paths * Merge refs/heads/master into auth-rpc * Merge refs/heads/master into auth-rpc * Merge refs/heads/master into auth-rpc * leave out the stream interceptor * resolve confs * Merge branch 'master' into auth-rpc * confs * Merge branch 'auth-rpc' of github.com:prysmaticlabs/prysm into auth-rpc * Merge refs/heads/master into auth-rpc * Merge refs/heads/master into auth-rpc * Merge refs/heads/master into auth-rpc * Merge refs/heads/master into auth-rpc 2020-08-13 20:27:42 +00:00			`package rpc`

			`import (`
			`"context"`
			`"testing"`

			`pb "github.com/prysmaticlabs/prysm/proto/validator/accounts/v2"`
			`"github.com/prysmaticlabs/prysm/shared/testutil/assert"`
			`"github.com/prysmaticlabs/prysm/shared/testutil/require"`
			`dbtest "github.com/prysmaticlabs/prysm/validator/db/testing"`
			`)`

			`func TestServer_Signup_PasswordAlreadyExists(t *testing.T) {`
			`valDB := dbtest.SetupDB(t, [][48]byte{})`
			`ctx := context.Background()`
			`ss := &Server{`
			`valDB: valDB,`
			`}`

			`// Save a hash password pre-emptively to the database.`
			`hashedPassword := []byte("2093402934902839489238492")`
			`require.NoError(t, valDB.SaveHashedPasswordForAPI(ctx, hashedPassword))`

			`// Attempt to signup despite already having a hashed password in the DB`
			`// which should immediately fail.`
			`strongPass := "29384283xasjasd32%%&@#*"`
			`_, err := ss.Signup(ctx, &pb.AuthRequest{`
			`Password: strongPass,`
			`})`
			`require.ErrorContains(t, "Validator already has a password set, cannot signup", err)`
			`}`

			`func TestServer_SignupAndLogin_RoundTrip(t *testing.T) {`
			`valDB := dbtest.SetupDB(t, [][48]byte{})`
			`ctx := context.Background()`
			`ss := &Server{`
			`valDB: valDB,`
			`}`
			`weakPass := "password"`
			`_, err := ss.Signup(ctx, &pb.AuthRequest{`
			`Password: weakPass,`
			`})`
			`require.ErrorContains(t, "Could not validate password input", err)`

			`// We assert we are able to signup with a strong password.`
			`strongPass := "29384283xasjasd32%%&@#*"`
			`_, err = ss.Signup(ctx, &pb.AuthRequest{`
			`Password: strongPass,`
			`})`
			`require.NoError(t, err)`

			`// Assert we stored the hashed password.`
			`hashedPass, err := valDB.HashedPasswordForAPI(ctx)`
			`require.NoError(t, err)`
			`assert.NotEqual(t, 0, len(hashedPass))`

			`// We assert we are able to login.`
			`_, err = ss.Login(ctx, &pb.AuthRequest{`
			`Password: strongPass,`
			`})`
			`require.NoError(t, err)`
			`}`