Browse code
log success
Greg Wiley authored on 18/04/2017 22:11:59Showing 5 changed files
| ... | ... |
@@ -7,6 +7,7 @@ class impl : public dual_control_ifc {
|
| 7 | 7 |
private: |
| 8 | 8 |
conversations conversations_; |
| 9 | 9 |
validator validator_; |
| 10 |
+ logger logger_; |
|
| 10 | 11 |
public: |
| 11 | 12 |
impl(const dual_control_configuration &configuration); |
| 12 | 13 |
int authenticate(pam_handle *handle, int flags, const std::vector<const std::string> &arguments ); |
| ... | ... |
@@ -15,7 +16,8 @@ class impl : public dual_control_ifc {
|
| 15 | 16 |
|
| 16 | 17 |
impl::impl(const dual_control_configuration &configuration) : |
| 17 | 18 |
conversations_(configuration.conversations), |
| 18 |
- validator_(configuration.validator) {}
|
|
| 19 |
+ validator_(configuration.validator), |
|
| 20 |
+ logger_(configuration.logger) {}
|
|
| 19 | 21 |
|
| 20 | 22 |
int impl::setcred(pam_handle *handle, int flags, const std::vector<const std::string> &arguments) {
|
| 21 | 23 |
return PAM_SUCCESS; |
| ... | ... |
@@ -23,14 +25,14 @@ int impl::setcred(pam_handle *handle, int flags, const std::vector<const std::st |
| 23 | 25 |
|
| 24 | 26 |
int impl::authenticate(pam_handle *handle, int flags, const std::vector<const std::string> &arguments) {
|
| 25 | 27 |
|
| 26 |
- conversation_result result = conversations_->initiate_conversation(); |
|
| 27 |
- std::string user = result.user_name(); |
|
| 28 |
- std::string token = result.token(); |
|
| 28 |
+ conversation_result conversation = conversations_->initiate_conversation(); |
|
| 29 |
+ std::string user_name = conversation.user_name(); |
|
| 30 |
+ std::string token = conversation.token(); |
|
| 29 | 31 |
|
| 30 |
- if (validator_->validate(user, token)) {
|
|
| 31 |
- return PAM_SUCCESS; |
|
| 32 |
- } |
|
| 33 |
- return PAM_AUTH_ERR; |
|
| 32 |
+ int auth_result = validator_->validate(user_name, token) ? PAM_SUCCESS : PAM_AUTH_ERR; |
|
| 33 |
+ |
|
| 34 |
+ logger_->log(auth_result, user_name, token); |
|
| 35 |
+ return auth_result; |
|
| 34 | 36 |
} |
| 35 | 37 |
|
| 36 | 38 |
dual_control create_dual_control(const dual_control_configuration &configuration) {
|
| ... | ... |
@@ -8,7 +8,7 @@ |
| 8 | 8 |
|
| 9 | 9 |
#include "validator.h" |
| 10 | 10 |
#include "conversation.h" |
| 11 |
- |
|
| 11 |
+#include "logger.h" |
|
| 12 | 12 |
|
| 13 | 13 |
class dual_control_ifc {
|
| 14 | 14 |
public: |
| ... | ... |
@@ -22,6 +22,9 @@ typedef std::shared_ptr<dual_control_ifc> dual_control; |
| 22 | 22 |
struct dual_control_configuration {
|
| 23 | 23 |
validator validator; |
| 24 | 24 |
conversations conversations; |
| 25 |
+ logger logger; |
|
| 26 |
+ dual_control_configuration() |
|
| 27 |
+ : logger(new logger_ifc) {}
|
|
| 25 | 28 |
}; |
| 26 | 29 |
|
| 27 | 30 |
dual_control create_dual_control(const dual_control_configuration &configuration); |
| ... | ... |
@@ -1,11 +1,34 @@ |
| 1 | 1 |
#include <security/pam_modules.h> |
| 2 |
+#include <string> |
|
| 2 | 3 |
|
| 3 | 4 |
#include "dual_control.h" |
| 4 | 5 |
#include "validator.h" |
| 5 |
- |
|
| 6 |
-#include "test_util.h" |
|
| 7 | 6 |
#include "conversation.h" |
| 7 |
+#include "logger.h" |
|
| 8 |
+#include "test_util.h" |
|
| 9 |
+ |
|
| 8 | 10 |
|
| 11 |
+class mock_logger : public logger_ifc {
|
|
| 12 |
+ private: |
|
| 13 |
+ int result_; |
|
| 14 |
+ std::string user_name_; |
|
| 15 |
+ std::string token_; |
|
| 16 |
+ public: |
|
| 17 |
+ void log(int result, const std::string &user_name, const std::string &token) {
|
|
| 18 |
+ result_ = result; |
|
| 19 |
+ user_name_ = user_name; |
|
| 20 |
+ token_ = token; |
|
| 21 |
+ } |
|
| 22 |
+ int logged_result() {
|
|
| 23 |
+ return result_; |
|
| 24 |
+ } |
|
| 25 |
+ std::string logged_user_name() {
|
|
| 26 |
+ return user_name_; |
|
| 27 |
+ } |
|
| 28 |
+ std::string logged_token() {
|
|
| 29 |
+ return token_; |
|
| 30 |
+ } |
|
| 31 |
+}; |
|
| 9 | 32 |
|
| 10 | 33 |
class fake_conversations : public conversations_ifc {
|
| 11 | 34 |
private: |
| ... | ... |
@@ -101,15 +124,38 @@ int authenticate_fails_with_wrong_token() {
|
| 101 | 124 |
succeed(); |
| 102 | 125 |
} |
| 103 | 126 |
|
| 127 |
+int logs_authentication() {
|
|
| 128 |
+ //given |
|
| 129 |
+ dual_control_configuration configuration; |
|
| 130 |
+ std::string user("user");
|
|
| 131 |
+ std::string token("token");
|
|
| 132 |
+ configuration.validator = validator(new fake_validator(user, token)); |
|
| 133 |
+ configuration.conversations = conversations(new fake_conversations(user, token)); |
|
| 134 |
+ mock_logger *test_logger = new mock_logger; |
|
| 135 |
+ configuration.logger = logger(test_logger); |
|
| 136 |
+ dual_control dc(create_dual_control(configuration)); |
|
| 137 |
+ pam_handle_t *handle = (pam_handle_t*)""; |
|
| 138 |
+ std::vector<const std::string> arguments; |
|
| 139 |
+ |
|
| 140 |
+ //when |
|
| 141 |
+ dc->authenticate(handle, 0, arguments); |
|
| 142 |
+ |
|
| 143 |
+ //then |
|
| 144 |
+ check (test_logger->logged_result() == PAM_SUCCESS, "logged result should be success"); |
|
| 145 |
+ check (test_logger->logged_user_name() == user, "logged user name should be user"); |
|
| 146 |
+ check (test_logger->logged_token() == token, "logged token should be token"); |
|
| 147 |
+ succeed(); |
|
| 148 |
+} |
|
| 104 | 149 |
|
| 105 | 150 |
RESET_VARS_START |
| 106 | 151 |
RESET_VARS_END |
| 107 | 152 |
|
| 108 | 153 |
int runtests() {
|
| 109 |
- test(setcred_returns_success); |
|
| 110 |
- test(authenticate_validates_with_received_token); |
|
| 111 |
- test(authenticate_fails_with_wrong_user); |
|
| 112 |
- test(authenticate_fails_with_wrong_token); |
|
| 154 |
+// test(setcred_returns_success); |
|
| 155 |
+// test(authenticate_validates_with_received_token); |
|
| 156 |
+// test(authenticate_fails_with_wrong_user); |
|
| 157 |
+// test(authenticate_fails_with_wrong_token); |
|
| 158 |
+ test(logs_authentication); |
|
| 113 | 159 |
succeed(); |
| 114 | 160 |
} |
| 115 | 161 |
|
| ... | ... |
@@ -160,21 +206,6 @@ void log_failure() {
|
| 160 | 206 |
log_failure_invoked = 1; |
| 161 | 207 |
} |
| 162 | 208 |
|
| 163 |
-int pam_sm_authenticate_validates_with_received_token() {
|
|
| 164 |
- // given |
|
| 165 |
- token_to_return = "user:pin"; |
|
| 166 |
- pam_handle_t *handle = (pam_handle_t*)""; |
|
| 167 |
- |
|
| 168 |
- // when |
|
| 169 |
- pam_sm_authenticate(handle, 0, 0, NULL); |
|
| 170 |
- |
|
| 171 |
- // then |
|
| 172 |
- checkstr("pin",validated_token, "validated token");
|
|
| 173 |
- checkstr("user",validated_user, "validated user");
|
|
| 174 |
- check(passed_pam_handle == handle, "incorrect handle"); |
|
| 175 |
- succeed(); |
|
| 176 |
-} |
|
| 177 |
- |
|
| 178 | 209 |
int pam_sm_authenticate_success_invokes_log_success() {
|
| 179 | 210 |
// given |
| 180 | 211 |
validation_to_return = 1; |
| ... | ... |
@@ -194,27 +225,6 @@ int pam_sm_authenticate_fail_invokes_log_failure() {
|
| 194 | 225 |
succeed(); |
| 195 | 226 |
} |
| 196 | 227 |
|
| 197 |
-int succeeds_with_valid_token() {
|
|
| 198 |
- //given |
|
| 199 |
- validation_to_return = 1; |
|
| 200 |
- |
|
| 201 |
- //when |
|
| 202 |
- int result = pam_sm_authenticate(NULL, 0, 0, NULL); |
|
| 203 |
- |
|
| 204 |
- //then |
|
| 205 |
- return result == PAM_SUCCESS; |
|
| 206 |
-} |
|
| 207 |
- |
|
| 208 |
-int fails_with_invalid_token() {
|
|
| 209 |
- //given |
|
| 210 |
- validation_to_return = 0; |
|
| 211 |
- |
|
| 212 |
- //when |
|
| 213 |
- int result = pam_sm_authenticate(NULL, 0, 0, NULL); |
|
| 214 |
- |
|
| 215 |
- //then |
|
| 216 |
- return result == PAM_AUTH_ERR; |
|
| 217 |
-} |
|
| 218 | 228 |
*/ |
| 219 | 229 |
|
| 220 | 230 |
|
| 221 | 231 |
new file mode 100644 |
| ... | ... |
@@ -0,0 +1,14 @@ |
| 1 |
+#ifndef __DUAL_CONTROL_LOGGING |
|
| 2 |
+#define __DUAL_CONTROL_LOGGING |
|
| 3 |
+ |
|
| 4 |
+#include <memory> |
|
| 5 |
+#include <string> |
|
| 6 |
+ |
|
| 7 |
+class logger_ifc {
|
|
| 8 |
+ public: |
|
| 9 |
+ virtual ~logger_ifc() {}
|
|
| 10 |
+ virtual void log(int result, const std::string &user_name, const std::string &token) {};
|
|
| 11 |
+}; |
|
| 12 |
+typedef std::shared_ptr<logger_ifc> logger; |
|
| 13 |
+ |
|
| 14 |
+#endif |