Merge pull request #335 from ericchiang/fix_passwords

user: fix password info JSON encoding to survive round trips
This commit is contained in:
Eric Chiang 2016-02-24 13:55:43 -08:00
commit 118bbb6d18
3 changed files with 46 additions and 5 deletions

View file

@ -61,7 +61,7 @@ func TestNewConnectorConfigFromMap(t *testing.T) {
"type": "local",
"id": "foo",
"passwordInfos": []map[string]string{
{"userId": "abc", "passwordHash": "PING"},
{"userId": "abc", "passwordHash": "UElORw=="}, // []byte is base64 encoded when using json.Marshasl
{"userId": "271", "passwordPlaintext": "pong"},
},
},

View file

@ -53,9 +53,9 @@ func NewPasswordFromPlaintext(plaintext string) (Password, error) {
type PasswordInfo struct {
UserID string
Password Password
Password Password `json:"passwordHash"`
PasswordExpires time.Time
PasswordExpires time.Time `json:"passwordExpires"`
}
func (p PasswordInfo) Authenticate(plaintext string) (*oidc.Identity, error) {
@ -86,7 +86,7 @@ type PasswordInfoRepo interface {
func (u *PasswordInfo) UnmarshalJSON(data []byte) error {
var dec struct {
UserID string `json:"userId"`
PasswordHash string `json:"passwordHash"`
PasswordHash []byte `json:"passwordHash"`
PasswordPlaintext string `json:"passwordPlaintext"`
PasswordExpires time.Time `json:"passwordExpires"`
}
@ -98,7 +98,9 @@ func (u *PasswordInfo) UnmarshalJSON(data []byte) error {
u.UserID = dec.UserID
u.PasswordExpires = dec.PasswordExpires
if !dec.PasswordExpires.IsZero() {
u.PasswordExpires = dec.PasswordExpires
}
if len(dec.PasswordHash) != 0 {
if dec.PasswordPlaintext != "" {

View file

@ -1,6 +1,7 @@
package user
import (
"encoding/json"
"net/url"
"testing"
"time"
@ -13,6 +14,44 @@ import (
"github.com/coreos/go-oidc/key"
)
func TestPasswordMarshaling(t *testing.T) {
hashPassword := func(s string) []byte {
data, err := DefaultPasswordHasher(s)
if err != nil {
t.Fatalf("Failed to hash password: %v", err)
}
return data
}
tests := []PasswordInfo{
{
UserID: "mrpink",
Password: hashPassword("mrpinks-password"),
},
{
UserID: "mrorange",
Password: hashPassword("mroranges-password"),
PasswordExpires: time.Now().Add(time.Hour),
},
}
for i, tt := range tests {
data, err := json.Marshal(tt)
if err != nil {
t.Errorf("case %d: failed to marshal password info: %v", i, err)
continue
}
var p PasswordInfo
if err := json.Unmarshal(data, &p); err != nil {
t.Errorf("case %d: failed to unmarshal password info: %v", i, err)
continue
}
if diff := pretty.Compare(tt, p); diff != "" {
t.Errorf("case %d: password info did not survive JSON marshal round trip: %s", i, diff)
}
}
}
func TestNewPasswordFromHash(t *testing.T) {
tests := []string{
"test",