workflow-cli/builder/sshd/sshd_test.go at 3e99f29f9f61e7fac0ce471d3d071cdff7ca8cfc · drycc/workflow-cli · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
package sshd

import (
	"testing"

	"github.com/Masterminds/cookoo"
	"golang.org/x/crypto/ssh"
)

// TestAuthKey tests the AuthKey command for authorizing public keys.
func TestAuthKey(t *testing.T) {
	reg, router, cxt := cookoo.Cookoo()

	key, err := sshTestingClientKey()
	if err != nil {
		t.Fatal(err)
	}

	cxt.Put("cookoo.Router", router)
	cxt.Put("authorizedKeys", []string{testingClientPubKey})
	cxt.Put("key", key.PublicKey())
	cxt.Put("metadata", &connMetadata{})

	reg.AddRoute(cookoo.Route{
		Name: "auth", Help: "Authenticate a route.",
		Does: cookoo.Tasks{
			cookoo.Cmd{
				Name: "auth",
				Fn:   AuthKey,
				Using: []cookoo.Param{
					{Name: "key", From: "cxt:key"},
					{Name: "authorizedKeys", From: "cxt:authorizedKeys"},
					{Name: "metadata", From: "cxt:metadata"},
				},
			},
		},
	})
	if err := router.HandleRequest("auth", cxt, true); err != nil {
		t.Fatalf("Failed auth run with %s", err)
	}

	auth := cxt.Get("auth", &ssh.Permissions{}).(*ssh.Permissions)
	if user, ok := auth.Extensions["user"]; !ok {
		t.Errorf("Expected a user, but got none.")
	} else if user != "deis" {
		t.Errorf("Expected user to be 'deis', got '%s'", user)
	}
}

func TestFingerprint(t *testing.T) {
	key, _ := sshTestingClientKey()
	fp := Fingerprint(key.PublicKey())
	if fp != testingClientFingerprint {
		t.Errorf("Expected fingerprint %s to match %s.", fp, testingClientFingerprint)
	}
}