nixos/pam-oath-login: Port test to python

This commit is contained in:
Jacek Galowicz 2019-12-03 16:59:11 +01:00
parent e05ae69904
commit a16695578b
1 changed files with 40 additions and 56 deletions

View File

@ -1,4 +1,4 @@
import ./make-test.nix ({ ... }:
import ./make-test-python.nix ({ ... }:
let
oathSnakeoilSecret = "cdd4083ef8ff1fa9178c6d46bfb1a3";
@ -55,70 +55,54 @@ in
};
};
testScript =
''
$machine->waitForUnit('multi-user.target');
$machine->waitUntilSucceeds("pgrep -f 'agetty.*tty1'");
$machine->screenshot("postboot");
testScript = ''
def switch_to_tty(tty_number):
machine.fail(f"pgrep -f 'agetty.*tty{tty_number}'")
machine.send_key(f"alt-f{tty_number}")
machine.wait_until_succeeds(f"[ $(fgconsole) = {tty_number} ]")
machine.wait_for_unit(f"getty@tty{tty_number}.service")
machine.wait_until_succeeds(f"pgrep -f 'agetty.*tty{tty_number}'")
subtest "Invalid password", sub {
$machine->fail("pgrep -f 'agetty.*tty2'");
$machine->sendKeys("alt-f2");
$machine->waitUntilSucceeds("[ \$(fgconsole) = 2 ]");
$machine->waitForUnit('getty@tty2.service');
$machine->waitUntilSucceeds("pgrep -f 'agetty.*tty2'");
def enter_user_alice(tty_number):
machine.wait_until_tty_matches(tty_number, "login: ")
machine.send_chars("alice\n")
machine.wait_until_tty_matches(tty_number, "login: alice")
machine.wait_until_succeeds("pgrep login")
machine.wait_until_tty_matches(tty_number, "One-time password")
$machine->waitUntilTTYMatches(2, "login: ");
$machine->sendChars("alice\n");
$machine->waitUntilTTYMatches(2, "login: alice");
$machine->waitUntilSucceeds("pgrep login");
$machine->waitUntilTTYMatches(2, "One-time password");
$machine->sendChars("${oathSnakeOilPassword1}\n");
$machine->waitUntilTTYMatches(2, "Password: ");
$machine->sendChars("blorg\n");
$machine->waitUntilTTYMatches(2, "Login incorrect");
};
machine.wait_for_unit("multi-user.target")
machine.wait_until_succeeds("pgrep -f 'agetty.*tty1'")
machine.screenshot("postboot")
subtest "Invalid oath token", sub {
$machine->fail("pgrep -f 'agetty.*tty3'");
$machine->sendKeys("alt-f3");
$machine->waitUntilSucceeds("[ \$(fgconsole) = 3 ]");
$machine->waitForUnit('getty@tty3.service');
$machine->waitUntilSucceeds("pgrep -f 'agetty.*tty3'");
with subtest("Invalid password"):
switch_to_tty(2)
enter_user_alice(2)
$machine->waitUntilTTYMatches(3, "login: ");
$machine->sendChars("alice\n");
$machine->waitUntilTTYMatches(3, "login: alice");
$machine->waitUntilSucceeds("pgrep login");
$machine->waitUntilTTYMatches(3, "One-time password");
$machine->sendChars("000000\n");
$machine->waitUntilTTYMatches(3, "Login incorrect");
$machine->waitUntilTTYMatches(3, "login:");
};
machine.send_chars("${oathSnakeOilPassword1}\n")
machine.wait_until_tty_matches(2, "Password: ")
machine.send_chars("blorg\n")
machine.wait_until_tty_matches(2, "Login incorrect")
subtest "Happy path (both passwords are mandatory to get us in)", sub {
$machine->fail("pgrep -f 'agetty.*tty4'");
$machine->sendKeys("alt-f4");
$machine->waitUntilSucceeds("[ \$(fgconsole) = 4 ]");
$machine->waitForUnit('getty@tty4.service');
$machine->waitUntilSucceeds("pgrep -f 'agetty.*tty4'");
with subtest("Invalid oath token"):
switch_to_tty(3)
enter_user_alice(3)
$machine->waitUntilTTYMatches(4, "login: ");
$machine->sendChars("alice\n");
$machine->waitUntilTTYMatches(4, "login: alice");
$machine->waitUntilSucceeds("pgrep login");
$machine->waitUntilTTYMatches(4, "One-time password");
$machine->sendChars("${oathSnakeOilPassword2}\n");
$machine->waitUntilTTYMatches(4, "Password: ");
$machine->sendChars("${alicePassword}\n");
machine.send_chars("000000\n")
machine.wait_until_tty_matches(3, "Login incorrect")
machine.wait_until_tty_matches(3, "login:")
$machine->waitUntilSucceeds("pgrep -u alice bash");
$machine->sendChars("touch done4\n");
$machine->waitForFile("/home/alice/done4");
};
with subtest("Happy path: Both passwords are mandatory to get us in"):
switch_to_tty(4)
enter_user_alice(4)
machine.send_chars("${oathSnakeOilPassword2}\n")
machine.wait_until_tty_matches(4, "Password: ")
machine.send_chars("${alicePassword}\n")
machine.wait_until_succeeds("pgrep -u alice bash")
machine.send_chars("touch done4\n")
machine.wait_for_file("/home/alice/done4")
'';
})