Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
D
dfss
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
7
Issues
7
List
Boards
Labels
Service Desk
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
mpcs
dfss
Commits
9a275a4e
Commit
9a275a4e
authored
Feb 07, 2016
by
Caro Axel
Committed by
Loïck Bonniot
Feb 07, 2016
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
[c] Add auth command
parent
d6abf53a
Pipeline
#273
passed with stage
Changes
9
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
245 additions
and
18 deletions
+245
-18
dfssc/main.go
dfssc/main.go
+13
-0
dfssc/user/authentication.go
dfssc/user/authentication.go
+125
-0
dfssc/user/authentication_test.go
dfssc/user/authentication_test.go
+52
-0
dfssc/user/client.go
dfssc/user/client.go
+35
-0
dfssc/user/register.go
dfssc/user/register.go
+1
-8
dfssc/user/register_test.go
dfssc/user/register_test.go
+7
-7
mockp/fixtures/authentication.go
mockp/fixtures/authentication.go
+10
-0
mockp/fixtures/register.go
mockp/fixtures/register.go
+1
-1
mockp/server/server.go
mockp/server/server.go
+1
-2
No files found.
dfssc/main.go
View file @
9a275a4e
...
...
@@ -38,6 +38,7 @@ func init() {
fmt
.
Println
(
" help print this help"
)
fmt
.
Println
(
" version print dfss client version"
)
fmt
.
Println
(
" register register a new client"
)
fmt
.
Println
(
" auth authenticate a new client"
)
fmt
.
Println
(
" show <c> print contract information from file c"
)
fmt
.
Println
(
"
\n
Flags:"
)
...
...
@@ -86,6 +87,18 @@ func main() {
fmt
.
Println
(
"An error occurred : "
,
err
.
Error
())
}
case
"authenticate"
:
fmt
.
Println
(
"Authenticating user"
)
var
mail
,
token
string
readStringParam
(
"Mail"
,
""
,
&
mail
)
readStringParam
(
"Token"
,
""
,
&
token
)
err
:=
user
.
Authenticate
(
fca
,
fcert
,
addrPort
,
mail
,
token
)
if
err
!=
nil
{
fmt
.
Println
(
"An error occurred : "
,
err
.
Error
())
}
case
"show"
:
showContract
(
flag
.
Arg
(
1
))
default
:
...
...
dfssc/user/authentication.go
0 → 100644
View file @
9a275a4e
package
user
import
(
"dfss/dfssc/common"
"dfss/dfssc/security"
pb
"dfss/dfssp/api"
"errors"
"io/ioutil"
"regexp"
"time"
"golang.org/x/net/context"
)
// AuthManager handles the authentication of a user
type
AuthManager
struct
{
fileCA
string
fileCert
string
addrPort
string
mail
string
token
string
}
// NewAuthManager creates a new authentication manager with the given parameters
func
NewAuthManager
(
fileCA
,
fileCert
,
addrPort
,
mail
,
token
string
)
(
*
AuthManager
,
error
)
{
m
:=
&
AuthManager
{
fileCA
:
fileCA
,
fileCert
:
fileCert
,
addrPort
:
addrPort
,
mail
:
mail
,
token
:
token
,
}
if
err
:=
m
.
checkValidParams
();
err
!=
nil
{
return
nil
,
err
}
if
err
:=
m
.
checkFilePresence
();
err
!=
nil
{
return
nil
,
err
}
return
m
,
nil
}
func
(
m
*
AuthManager
)
checkValidParams
()
error
{
re
,
_
:=
regexp
.
Compile
(
`.+@.+\..+`
)
if
b
:=
re
.
MatchString
(
m
.
mail
);
!
b
{
return
errors
.
New
(
"Provided mail is not valid"
)
}
return
nil
}
func
(
m
*
AuthManager
)
checkFilePresence
()
error
{
if
b
:=
common
.
FileExists
(
m
.
fileCert
);
b
{
return
errors
.
New
(
"A certificate is already present at path "
+
m
.
fileCert
)
}
if
b
:=
common
.
FileExists
(
m
.
fileCA
);
!
b
{
return
errors
.
New
(
"You need the certificate of the platform at path "
+
m
.
fileCA
)
}
data
,
err
:=
security
.
GetCertificate
(
m
.
fileCA
)
if
err
!=
nil
{
return
err
}
if
time
.
Now
()
.
After
(
data
.
NotAfter
)
{
return
errors
.
New
(
"Root certificate has expired"
)
}
return
nil
}
// Authenticate performs the authentication request
// (ie connection to the platform grpc server, sending of the request, handling the response)
func
(
m
*
AuthManager
)
Authenticate
()
error
{
response
,
err
:=
m
.
sendRequest
()
if
err
!=
nil
{
return
err
}
err
=
m
.
evaluateResponse
(
response
)
if
err
!=
nil
{
return
err
}
return
nil
}
// Creates the associated authentication request and sends it to the platform grpc server
func
(
m
*
AuthManager
)
sendRequest
()
(
*
pb
.
RegisteredUser
,
error
)
{
client
,
err
:=
connect
(
m
.
fileCA
,
m
.
addrPort
)
if
err
!=
nil
{
return
nil
,
err
}
// gRPC request
request
:=
&
pb
.
AuthRequest
{
Email
:
m
.
mail
,
Token
:
m
.
token
,
}
// Stop the context if it takes too long for the platform to answer
ctx
,
cancel
:=
context
.
WithTimeout
(
context
.
TODO
(),
10
*
time
.
Second
)
defer
cancel
()
response
,
err
:=
client
.
Auth
(
ctx
,
request
)
if
err
!=
nil
{
return
nil
,
err
}
return
response
,
nil
}
// Handle the platform grpc server's reponse to the authentication request
func
(
m
*
AuthManager
)
evaluateResponse
(
response
*
pb
.
RegisteredUser
)
error
{
cert
:=
[]
byte
(
response
.
ClientCert
)
err
:=
ioutil
.
WriteFile
(
m
.
fileCert
,
cert
,
0600
)
if
err
!=
nil
{
return
err
}
return
nil
}
dfssc/user/authentication_test.go
0 → 100644
View file @
9a275a4e
package
user
import
(
"dfss/dfssc/common"
"fmt"
"github.com/bmizerany/assert"
"os"
"testing"
)
func
TestAuthenticationValidation
(
t
*
testing
.
T
)
{
_
,
err
:=
NewAuthManager
(
"fca"
,
fcert
,
addrPort
,
"dummy"
,
"token"
)
assert
.
T
(
t
,
err
!=
nil
,
"Email is invalid"
)
f
,
_
:=
os
.
Create
(
fcert
)
_
=
f
.
Close
()
_
,
err
=
NewAuthManager
(
"fca"
,
fcert
,
addrPort
,
"mail@mail.mail"
,
"token"
)
assert
.
T
(
t
,
err
!=
nil
,
"Cert file already there"
)
_
=
os
.
Remove
(
fcert
)
_
,
err
=
NewAuthManager
(
"fca"
,
fcert
,
addrPort
,
"mail@mail.mail"
,
"token"
)
assert
.
T
(
t
,
err
!=
nil
,
"CA file not there"
)
_
,
err
=
NewAuthManager
(
fca
,
fcert
,
addrPort
,
"mail@mail.mail"
,
"token"
)
assert
.
Equal
(
t
,
err
,
nil
)
}
func
ExampleAuthenticate
()
{
manager
,
err
:=
NewAuthManager
(
fca
,
fcert
,
addrPort
,
"mail@mail.mail"
,
"token"
)
if
err
!=
nil
{
fmt
.
Println
(
err
.
Error
())
}
fmt
.
Println
(
"Manager successfully created"
)
err
=
manager
.
Authenticate
()
if
err
!=
nil
{
fmt
.
Println
(
err
.
Error
())
}
fmt
.
Println
(
"Manager said authentication went fine"
)
if
b
:=
common
.
FileExists
(
fcert
);
!
b
{
fmt
.
Println
(
"The cert file was not saved to disk"
)
}
else
{
fmt
.
Println
(
"The cert file was saved to disk"
)
_
=
os
.
Remove
(
fcert
)
}
// Output:
// Manager successfully created
// Manager said authentication went fine
// The cert file was saved to disk
}
dfssc/user/client.go
View file @
9a275a4e
// Package user handles all the user-related logic
package
user
import
(
"dfss/dfssc/security"
pb
"dfss/dfssp/api"
"dfss/net"
)
// Register a user using the provided parameters
func
Register
(
fileCA
,
fileCert
,
fileKey
,
addrPort
,
passphrase
,
country
,
organization
,
unit
,
mail
string
,
bits
int
)
error
{
manager
,
err
:=
NewRegisterManager
(
fileCA
,
fileCert
,
fileKey
,
addrPort
,
passphrase
,
country
,
organization
,
unit
,
mail
,
bits
)
...
...
@@ -15,3 +21,32 @@ func Register(fileCA, fileCert, fileKey, addrPort, passphrase, country, organiza
return
nil
}
// Authenticate a user using the provided parameters
func
Authenticate
(
fileCA
,
fileCert
,
addrPort
,
mail
,
token
string
)
error
{
manager
,
err
:=
NewAuthManager
(
fileCA
,
fileCert
,
addrPort
,
mail
,
token
)
if
err
!=
nil
{
return
err
}
err
=
manager
.
Authenticate
()
if
err
!=
nil
{
return
err
}
return
nil
}
func
connect
(
fileCA
,
addrPort
string
)
(
pb
.
PlatformClient
,
error
)
{
ca
,
err
:=
security
.
GetCertificate
(
fileCA
)
if
err
!=
nil
{
return
nil
,
err
}
conn
,
err
:=
net
.
Connect
(
addrPort
,
nil
,
nil
,
ca
)
if
err
!=
nil
{
return
nil
,
err
}
return
pb
.
NewPlatformClient
(
conn
),
nil
}
dfssc/user/register.go
View file @
9a275a4e
...
...
@@ -4,7 +4,6 @@ import (
"dfss/dfssc/common"
"dfss/dfssc/security"
pb
"dfss/dfssp/api"
"dfss/net"
"errors"
"regexp"
"time"
...
...
@@ -138,12 +137,7 @@ func (m *RegisterManager) buildCertificateRequest() (string, error) {
// Send the request and returns the response
func
(
m
*
RegisterManager
)
sendRequest
(
certRequest
string
)
(
*
pb
.
ErrorCode
,
error
)
{
ca
,
err
:=
security
.
GetCertificate
(
m
.
fileCA
)
if
err
!=
nil
{
return
nil
,
err
}
conn
,
err
:=
net
.
Connect
(
m
.
addrPort
,
nil
,
nil
,
ca
)
client
,
err
:=
connect
(
m
.
fileCA
,
m
.
addrPort
)
if
err
!=
nil
{
return
nil
,
err
}
...
...
@@ -154,7 +148,6 @@ func (m *RegisterManager) sendRequest(certRequest string) (*pb.ErrorCode, error)
Request
:
certRequest
,
}
client
:=
pb
.
NewPlatformClient
(
conn
)
// Stop the context if it takes too long for the platform to answer
ctx
,
cancel
:=
context
.
WithTimeout
(
context
.
TODO
(),
10
*
time
.
Second
)
defer
cancel
()
...
...
dfssc/user/register_test.go
View file @
9a275a4e
...
...
@@ -65,7 +65,7 @@ func TestMain(m *testing.M) {
}
// Test the validation of the fields
func
TestValidation
(
t
*
testing
.
T
)
{
func
Test
Register
Validation
(
t
*
testing
.
T
)
{
_
,
err
:=
NewRegisterManager
(
fca
,
fcert
,
fkey
,
addrPort
,
"password"
,
"FR"
,
"organization"
,
"unit"
,
"dummy"
,
2048
)
assert
.
T
(
t
,
err
!=
nil
,
"Email is invalid"
)
...
...
@@ -97,15 +97,15 @@ func TestGetCertificate(t *testing.T) {
err
=
manager
.
GetCertificate
()
assert
.
T
(
t
,
err
==
nil
,
"An error occurred while getting the certificate"
)
go
testInvalidResponse
(
t
,
"dfss@invarg.io"
)
go
testInvalidResponse
(
t
,
"dfss@badauth.io"
)
go
testInvalidResponse
(
t
,
"dfss@warning.io"
)
go
testInvalidResponse
(
t
,
"dfss@interr.io"
)
go
testInvalidResponse
(
t
,
"dfss@inexistant.io"
)
go
test
Register
InvalidResponse
(
t
,
"dfss@invarg.io"
)
go
test
Register
InvalidResponse
(
t
,
"dfss@badauth.io"
)
go
test
Register
InvalidResponse
(
t
,
"dfss@warning.io"
)
go
test
Register
InvalidResponse
(
t
,
"dfss@interr.io"
)
go
test
Register
InvalidResponse
(
t
,
"dfss@inexistant.io"
)
}
// Test an invalid error code and check we get an error
func
testInvalidResponse
(
t
*
testing
.
T
,
mail
string
)
{
func
test
Register
InvalidResponse
(
t
*
testing
.
T
,
mail
string
)
{
manager
,
err
:=
NewRegisterManager
(
fca
,
fcert
+
mail
,
fkey
+
mail
,
addrPort
,
"password"
,
"FR"
,
"organization"
,
"unit"
,
mail
,
2048
)
assert
.
T
(
t
,
err
==
nil
,
"An error occurred while processing"
)
...
...
mockp/fixtures/authentication.go
0 → 100644
View file @
9a275a4e
package
fixtures
import
(
pb
"dfss/dfssp/api"
)
// AuthFixture holds the fixture for the Auth route
var
AuthFixture
=
map
[
string
]
*
pb
.
RegisteredUser
{
"default"
:
&
pb
.
RegisteredUser
{
ClientCert
:
"default"
},
}
mockp/fixtures/register.go
View file @
9a275a4e
...
...
@@ -6,7 +6,7 @@ import (
)
// RegisterFixture holds the fixture for the Register route
var
RegisterFixture
map
[
string
]
*
pb
.
ErrorCode
=
map
[
string
]
*
pb
.
ErrorCode
{
var
RegisterFixture
=
map
[
string
]
*
pb
.
ErrorCode
{
"dfss@success.io"
:
&
pb
.
ErrorCode
{
Code
:
pb
.
ErrorCode_SUCCESS
,
Message
:
"SUCCESS"
,
...
...
mockp/server/server.go
View file @
9a275a4e
...
...
@@ -32,8 +32,7 @@ func (s *mockServer) Register(ctx context.Context, in *api.RegisterRequest) (*ap
//
// Handle incoming AuthRequest messages
func
(
s
*
mockServer
)
Auth
(
ctx
context
.
Context
,
in
*
api
.
AuthRequest
)
(
*
api
.
RegisteredUser
,
error
)
{
// TODO
return
nil
,
nil
return
fixtures
.
AuthFixture
[
"default"
],
nil
}
// Unregister handler
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment