| |
@@ -0,0 +1,102 @@
|
| |
+ # --- BEGIN COPYRIGHT BLOCK ---
|
| |
+ # Copyright (C) 2020 Red Hat, Inc.
|
| |
+ # All rights reserved.
|
| |
+ #
|
| |
+ # License: GPL (version 3 or any later version).
|
| |
+ # See LICENSE for details.
|
| |
+ # --- END COPYRIGHT BLOCK ----
|
| |
+
|
| |
+
|
| |
+ """
|
| |
+ This file contains the test for password storage scheme
|
| |
+ """
|
| |
+
|
| |
+ import os
|
| |
+ import pytest
|
| |
+ import ldap
|
| |
+
|
| |
+ from lib389.topologies import topology_st as topo
|
| |
+ from lib389.idm.user import UserAccounts, UserAccount
|
| |
+ from lib389._constants import DEFAULT_SUFFIX
|
| |
+ from lib389.config import Config
|
| |
+ from password_plugins import SHAPlugin
|
| |
+
|
| |
+ pytestmark = pytest.mark.tier1
|
| |
+
|
| |
+
|
| |
+ def change_config_create_user(topo, field_value):
|
| |
+ """
|
| |
+ Will change passwordStorageScheme
|
| |
+ """
|
| |
+ Config(topo.standalone).replace("passwordStorageScheme", field_value)
|
| |
+ user = UserAccounts(topo.standalone, DEFAULT_SUFFIX).create_test_user()
|
| |
+ user.set('userpassword', 'HayItsMEAnuj')
|
| |
+ return user
|
| |
+
|
| |
+
|
| |
+ @pytest.fixture(scope="function")
|
| |
+ def _delete_user(request, topo):
|
| |
+ def fin():
|
| |
+ """
|
| |
+ Will delete the user
|
| |
+ """
|
| |
+ UserAccount(topo.standalone, f'uid=test_user_1000,ou=People,{DEFAULT_SUFFIX}').delete()
|
| |
+ request.addfinalizer(fin)
|
| |
+
|
| |
+
|
| |
+ def test_sha_and_clear(topo, _delete_user):
|
| |
+ """Check SHA Scheme
|
| |
+
|
| |
+ :id: 5c514112-33c1-11ea-a298-8c16451d917b
|
| |
+ :setup: Standalone
|
| |
+ :steps:
|
| |
+ 1. Disable SHA Plugin
|
| |
+ 2. Activate SHA Plugin
|
| |
+ 3. Enable SHA Plugin
|
| |
+ 4. Test CLEAR password
|
| |
+ :expected results:
|
| |
+ 1. Pass
|
| |
+ 2. Pass
|
| |
+ 3. Pass
|
| |
+ 4. Pass
|
| |
+ """
|
| |
+ sha = SHAPlugin(topo.standalone)
|
| |
+ assert sha.status()
|
| |
+ sha.disable()
|
| |
+ assert not sha.status()
|
| |
+ topo.standalone.restart()
|
| |
+ with pytest.raises(ldap.OPERATIONS_ERROR):
|
| |
+ Config(topo.standalone).replace("passwordStorageScheme", "SHA")
|
| |
+ Config(topo.standalone).replace("passwordStorageScheme", "CLEAR")
|
| |
+ user = change_config_create_user(topo, 'CLEAR')
|
| |
+ user.set("userpassword", "AnujBorah")
|
| |
+ assert user.get_attr_val_utf8('userpassword') == 'AnujBorah'
|
| |
+ sha.enable()
|
| |
+ assert sha.status()
|
| |
+
|
| |
+
|
| |
+ @pytest.mark.parametrize("value", ['CRYPT', 'CRYPT-MD5', 'CRYPT-SHA256', 'CRYPT-SHA512', 'MD5',
|
| |
+ 'PBKDF2_SHA256', 'SHA256', 'SHA384', 'SHA512', 'SMD5', 'SSHA',
|
| |
+ 'SSHA256', 'SSHA384', 'SSHA512'])
|
| |
+ def test_check_password_scheme(topo, value, _delete_user):
|
| |
+ """Check all password scheme.
|
| |
+
|
| |
+ :id: 618207fc-33c1-11ea-93ce-8c16451d917b
|
| |
+ :setup: Standalone
|
| |
+ :steps:
|
| |
+ 1. Create a user without password
|
| |
+ 2. Update the user with a password
|
| |
+ 3. Check the encryption of the pwd
|
| |
+ :expected results:
|
| |
+ 1. Pass
|
| |
+ 2. Pass
|
| |
+ 3. Pass
|
| |
+ """
|
| |
+ user = change_config_create_user(topo, value)
|
| |
+ user.set("userpassword", "AnujBorah")
|
| |
+ assert '{' + value.lower().split('-')[0] + '}' in user.get_attr_val_utf8('userpassword').lower()
|
| |
+
|
| |
+
|
| |
+ if __name__ == "__main__":
|
| |
+ CURRENT_FILE = os.path.realpath(__file__)
|
| |
+ pytest.main("-s -v %s" % CURRENT_FILE)
|
| |
Port Password Storage test cases from TET to python3 part 2
Fixes: https://pagure.io/389-ds-base/issue/50690
Author: aborah
Reviewed by: Viktor Ashirov