Commit e9f873a4 authored by Renato Figueiro Maia's avatar Renato Figueiro Maia

[OPENBUS-2545] (Lua) Incluir funcionalidade de construção de cadeia a partir...

[OPENBUS-2545] (Lua) Incluir funcionalidade de construção de cadeia a partir de prova externa ao OpenBus no núcleo
[OPENBUS-2549] (Lua) Incluir método na API para permitir construção de cadeia a partir de provas de autenticação externos ao OpenBus
[OPENBUS-2707] (Lua) Adicionar suporte a domínios de autenticação de senha

git-svn-id: https://subversion.tecgraf.puc-rio.br/engdist/openbus/sdk/lua/trunk@159094 ae0415b3-e90b-0410-900d-d0be9363c56b
parent 5bf22c6f
......@@ -21,7 +21,7 @@ local conn = OpenBusContext:createConnection(bushost, busport)
OpenBusContext:setDefaultConnection(conn)
-- login to the bus
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
-- define service properties
properties[#properties+1] =
......
......@@ -23,7 +23,7 @@ local conn = OpenBusContext:createConnection(bushost, busport)
OpenBusContext:setDefaultConnection(conn)
-- login to the bus
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
-- retrieve services
local OfferRegistry = OpenBusContext:getOfferRegistry()
......@@ -51,20 +51,20 @@ end
-- logout from the bus
conn:logout()
conn:loginByPassword("bill", "bill")
conn:loginByPassword("bill", "bill", domain)
services.Forwarder.ref:setForward("willian")
services.Broadcaster.ref:subscribe()
conn:logout()
conn:loginByPassword("paul", "paul")
conn:loginByPassword("paul", "paul", domain)
services.Broadcaster.ref:subscribe()
conn:logout()
conn:loginByPassword("mary", "mary")
conn:loginByPassword("mary", "mary", domain)
services.Broadcaster.ref:subscribe()
conn:logout()
conn:loginByPassword("steve", "steve")
conn:loginByPassword("steve", "steve", domain)
services.Broadcaster.ref:subscribe()
services.Broadcaster.ref:post("Testing the list!")
conn:logout()
......@@ -107,14 +107,14 @@ local expected = {
}
local actual = {}
for _, user in ipairs{"willian", "bill", "paul", "mary", "steve"} do
conn:loginByPassword(user, user)
conn:loginByPassword(user, user, domain)
actual[user] = services.Messenger.ref:receivePosts()
log:TEST(user," got posts: ",actual[user])
services.Broadcaster.ref:unsubscribe()
conn:logout()
end
conn:loginByPassword("bill", "bill")
conn:loginByPassword("bill", "bill", domain)
services.Forwarder.ref:cancelForward("willian")
conn:logout()
orb:shutdown()
......
......@@ -31,7 +31,7 @@ for _, businfo in ipairs{
OpenBusContext:setDefaultConnection(conn)
-- login to the bus
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
-- find the offered service
log:TEST("retrieve hello services from bus ",conn.busid,"!")
......
......@@ -24,7 +24,7 @@ local conn = OpenBusContext:createConnection(bushost, busport)
OpenBusContext:setDefaultConnection(conn)
-- login to the bus
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
-- define service properties
properties[#properties+1] =
......
......@@ -21,7 +21,7 @@ local conn = OpenBusContext:createConnection(bushost, busport)
OpenBusContext:setDefaultConnection(conn)
-- login to the bus
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
-- define service properties
properties[#properties+1] =
......
......@@ -21,7 +21,7 @@ local conn = OpenBusContext:createConnection(bushost, busport)
OpenBusContext:setDefaultConnection(conn)
-- login to the bus
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
-- define service properties
properties[#properties+1] =
......
......@@ -132,6 +132,18 @@ do
end
end
local function unmarshalJustSignedChain(self, conn, signed)
local chain = unmarshalSignedChain(self, signed, self.types.CallChain)
local legacy = conn.legacy
if legacy ~= nil then
local converter = legacy.converter
if converter ~= nil then
chain.legacy = converter:signChainFor(chain.target)
end
end
return chain
end
local function getLoginEntry(self, loginId)
local LoginRegistry = self.__object
......@@ -526,7 +538,7 @@ function Connection:receiverequest(request, ...)
end
function Connection:loginByPassword(entity, password)
function Connection:loginByPassword(entity, password, domain)
if self.login ~= nil then AlreadyLoggedIn() end
local AccessControl, buskey = intiateLogin(self)
local pubkey = self.prvkey:encode("public")
......@@ -534,7 +546,8 @@ function Connection:loginByPassword(entity, password)
if encrypted == nil then
AccessDenied{message=msg.UnableToEncryptPassword:tag{message=errmsg}}
end
local login, lease = AccessControl:loginByPassword(entity, pubkey, encrypted)
local login, lease = AccessControl:loginByPassword(entity, domain, pubkey,
encrypted)
local busid = AccessControl:_get_busid()
localLogin(self, AccessControl, busid, buskey, login, lease)
log:request(msg.LoginByPassword:tag{
......@@ -846,17 +859,22 @@ function Context:makeChainFor(target)
minor = NoLoginCode,
}
end
local joined = self:getJoinedChain()
local signed = conn:signChainFor(target, joined)
local chain = unmarshalSignedChain(self, signed, self.types.CallChain)
local legacy = conn.legacy
if legacy ~= nil then
local converter = legacy.converter
if converter ~= nil then
chain.legacy = converter:signChainFor(target)
end
local signed = conn:signChainFor(target, self:getJoinedChain())
return unmarshalJustSignedChain(self, conn, signed)
end
function Context:importChain(token, domain)
local conn = self:getCurrentConnection()
local buskey, AccessControl = conn.buskey, conn.AccessControl
if buskey == nil then
NO_PERMISSION{
completed = "COMPLETED_NO",
minor = NoLoginCode,
}
end
return chain
local encrypted = buskey:encrypt(token)
local signed = AccessControl:signChainByToken(encrypted, domain)
return unmarshalJustSignedChain(self, conn, signed)
end
local EncodingValues = {
......@@ -1078,7 +1096,7 @@ argcheck.convertclass(SharedAuthSecret, {
cancel = {},
})
argcheck.convertclass(Connection, {
loginByPassword = { "string", "string" },
loginByPassword = { "string", "string", "string" },
loginByCertificate = { "string", "userdata" },
startSharedAuth = {},
loginBySharedAuth = { "table" },
......@@ -1097,6 +1115,7 @@ local ContextOperations = {
getLoginRegistry = {},
getOfferRegistry = {},
makeChainFor = { "string" },
importChain = { "string" },
encodeChain = { "table" },
decodeChain = { "string" },
encodeSharedAuth = { "table" },
......
......@@ -112,7 +112,7 @@ function Assistant:__init()
local password = self.password
if self.password ~= nil then
function self.loginargs()
return "Password", self.entity, password
return "Password", self.entity, password, self.domain
end
self.password = nil
else
......
......@@ -346,9 +346,9 @@ do
end
end
function Assistant:loginByPassword(entity, password)
function Assistant:loginByPassword(entity, password, domain)
if self.loginargs ~= nil then throw.AlreadyLoggedIn() end
function self.loginargs() return "Password", entity, password end
function self.loginargs() return "Password", entity, password, domain end
localLogin(self)
end
......@@ -490,7 +490,7 @@ end
-- insert function argument typing
local argcheck = require "openbus.util.argcheck"
argcheck.convertclass(Assistant, {
loginByPassword = { "string", "string" },
loginByPassword = { "string", "string", "string" },
loginByCertificate = { "string", "userdata" },
loginByCallback = { "function" },
startSharedAuth = {},
......
......@@ -102,7 +102,7 @@ end
do log:TEST("Encode and decode chains")
local conn1 = OpenBusContext:createConnection(bushost, busport, connprops)
conn1:loginByPassword(user, password)
conn1:loginByPassword(user, password, domain)
local conn2 = OpenBusContext:createConnection(bushost, busport, connprops)
conn2:loginByCertificate(system, syskey)
assert(conn1.busid == conn2.busid)
......
......@@ -30,7 +30,7 @@ local invalidate, shutdown do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
function invalidate(loginId)
OpenBusContext:getLoginRegistry():invalidateLogin(loginId)
......@@ -51,7 +51,7 @@ do log:TEST("Two threads logging in")
local failures = 0
local threads = 2
local function trylogin()
local ok, ex = pcall(conn.loginByPassword, conn, user, password)
local ok, ex = pcall(conn.loginByPassword, conn, user, password, domain)
threads = threads-1
if not ok then
failures = failures+1
......@@ -74,7 +74,7 @@ end
do log:TEST("Two threads getting invalid login")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local OfferRegistry = OpenBusContext:getOfferRegistry()
......@@ -110,7 +110,7 @@ do log:TEST("Two threads getting invalid login")
-- check connection behavion while logged wiht invalid login
assert(conn.login == nil)
local ok, ex = pcall(conn.loginByPassword, conn, user, "ThisIsNot:"..password)
local ok, ex = pcall(conn.loginByPassword, conn, user, "ThisIsNot:"..password, domain)
assert(not ok)
assert(ex._repid == idl.types.services.access_control.AccessDenied)
assert(conn.login == nil)
......@@ -127,7 +127,7 @@ end
do log:TEST("Two threads getting invalid login while other relogs")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local OfferRegistry = OpenBusContext:getOfferRegistry()
......@@ -157,7 +157,7 @@ do log:TEST("Two threads getting invalid login while other relogs")
-- check connection behavion while logged wiht invalid login
assert(conn.login == nil)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
assert(conn.login ~= nil)
assert(conn.login ~= mylogin)
......@@ -175,7 +175,7 @@ end
do log:TEST("Two threads getting invalid login and trying to relog")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local OfferRegistry = OpenBusContext:getOfferRegistry()
......@@ -188,7 +188,7 @@ do log:TEST("Two threads getting invalid login and trying to relog")
assert(login == mylogin)
suspended[#suspended+1] = cothread.running()
cothread.suspend()
local ok, ex = pcall(conn.loginByPassword, conn, user, password)
local ok, ex = pcall(conn.loginByPassword, conn, user, password, domain)
if not ok then
alreadylogged = alreadylogged+1
assert(ex._repid == libidl.types.AlreadyLoggedIn)
......
local _G = require "_G"
local assert = _G.assert
local pcall = _G.pcall
local giop = require "oil.corba.giop"
local openbus = require "openbus"
local idl = require "openbus.core.idl"
local log = require "openbus.util.logger"
local sysex = giop.SystemExceptionIDs
bushost, busport, verbose = ...
require "openbus.test.configs"
syskey = assert(openbus.readKeyFile(syskey))
local connprops = { accesskey = openbus.newKey() }
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
assert(OpenBusContext.orb == orb)
local FakeEntity = "FakeEntity"
do log:TEST("Import chain from token")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password, domain)
local busid = conn.busid
local login = conn.login.id
local entity = conn.login.entity
OpenBusContext:setDefaultConnection(conn)
local token = entity.."@"..login..": ExternalOriginator, ExternalCaller"
local imported = OpenBusContext:importChain(token, domain)
assert(imported.busid == busid)
assert(imported.target == entity)
assert(imported.caller.id == "<unknown>")
assert(imported.caller.entity == "ExternalCaller")
assert(imported.originators[1].id == "<unknown>")
assert(imported.originators[1].entity == "ExternalOriginator")
assert(#imported.originators == 1)
OpenBusContext:joinChain(imported)
local joined = OpenBusContext:makeChainFor(FakeEntity)
OpenBusContext:exitChain()
assert(joined.busid == busid)
assert(joined.target == FakeEntity)
assert(joined.caller.id == login)
assert(joined.caller.entity == entity)
assert(joined.originators[2].id == "<unknown>")
assert(joined.originators[2].entity == "ExternalCaller")
assert(joined.originators[1].id == "<unknown>")
assert(joined.originators[1].entity == "ExternalOriginator")
assert(#joined.originators == 2)
OpenBusContext:setDefaultConnection(nil)
conn:logout()
end
do log:TEST("Fail to import chain from token of unknown domain")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local token = conn.login.entity.."@"..conn.login.id..": ExternalOriginator, ExternalCaller"
local ok, ex = pcall(OpenBusContext.importChain, OpenBusContext, token, "UnknownDomain")
assert(ok == false)
assert(ex._repid == idl.types.services.access_control.UnknownDomain)
assert(ex.domain == "UnknownDomain")
OpenBusContext:setDefaultConnection(nil)
conn:logout()
end
do log:TEST("Fail to import chain from invalid token")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local ok, ex = pcall(OpenBusContext.importChain, OpenBusContext, "FakeToken", domain)
assert(ok == false)
assert(ex._repid == idl.types.services.access_control.InvalidToken)
assert(ex.message == "malformed test token")
OpenBusContext:setDefaultConnection(nil)
conn:logout()
end
orb:shutdown()
......@@ -53,7 +53,7 @@ local callwithin do
end
local loginways = {
loginByPassword = function() return user, password end,
loginByPassword = function() return user, password, domain end,
loginByCertificate = function() return system, syskey end,
loginBySharedAuth = function()
return {
......@@ -182,7 +182,7 @@ local invalidate, shutdown, leasetime do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
busid = conn.busid
leasetime = conn.AccessControl:renew()
......@@ -217,12 +217,22 @@ for _, connOp in ipairs({"DefaultConnection", "CurrentConnection"}) do
local conn = conns[1]
for _, invalid in ipairs{nil,true,false,123,{},error,thread,userdata} do
local badtype = type(invalid)
local ex = catcherr(conn.loginByPassword, conn, user, invalid)
local ex = catcherr(conn.loginByPassword, conn, user, invalid, domain)
assert(ex:match("bad argument #2 to 'loginByPassword' %(expected string, got "..badtype.."%)$"))
assertlogoff(conn)
end
end
do log:TEST "login with invalid domain"
local conn = conns[1]
for _, invalid in ipairs{nil,true,false,123,{},error,thread,userdata} do
local badtype = type(invalid)
local ex = catcherr(conn.loginByPassword, conn, user, password, invalid)
assert(ex:match("bad argument #3 to 'loginByPassword' %(expected string, got "..badtype.."%)$"))
assertlogoff(conn)
end
end
do log:TEST "login with invalid private key"
local conn = conns[1]
for _, invalid in ipairs{nil,true,false,123,"key",{},error,thread} do
......@@ -235,11 +245,18 @@ for _, connOp in ipairs({"DefaultConnection", "CurrentConnection"}) do
do log:TEST "login with wrong password"
local conn = conns[1]
local ex = catcherr(conn.loginByPassword, conn, user, "WrongPassword")
local ex = catcherr(conn.loginByPassword, conn, user, "WrongPassword", domain)
assert(ex._repid == idl.types.services.access_control.AccessDenied)
assertlogoff(conn)
end
do log:TEST "login with unknown domain"
local conn = conns[1]
local ex = catcherr(conn.loginByPassword, conn, user, password, "UnknownDomain")
assert(ex._repid == idl.types.services.access_control.UnknownDomain)
assertlogoff(conn)
end
do log:TEST "login with entity without certificate"
local conn = conns[1]
local ex = catcherr(conn.loginByCertificate, conn, "NoCertif.", syskey)
......@@ -313,7 +330,7 @@ for _, connOp in ipairs({"DefaultConnection", "CurrentConnection"}) do
assertlogged(conn)
end
do log:TEST "login with wrong bus"
otherBusConn:loginByPassword(user, password)
otherBusConn:loginByPassword(user, password, domain)
local attempt = otherBusConn:startSharedAuth()
assert(otherBusConn:logout() == true)
local ex = catcherr(other.loginBySharedAuth, other, attempt)
......
......@@ -23,7 +23,7 @@ assert(OpenBusContext.orb == orb)
do log:TEST("Make chains for active logins")
local conn1 = OpenBusContext:createConnection(bushost, busport, connprops)
conn1:loginByPassword(user, password)
conn1:loginByPassword(user, password, domain)
local conn2 = OpenBusContext:createConnection(bushost, busport, connprops)
conn2:loginByCertificate(system, syskey)
assert(conn1.busid == conn2.busid)
......@@ -65,7 +65,7 @@ end
do log:TEST("Fail to make chain for invalid logins")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local FakeEntity = "Fake Entity"
......@@ -96,7 +96,7 @@ do log:TEST("Fail to make chain without login")
assert(ex.completed == "COMPLETED_NO")
assert(ex.minor == idl.const.services.access_control.NoLoginCode)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
conn:logout()
local ok, ex = pcall(OpenBusContext.makeChainFor, OpenBusContext, user)
......
......@@ -31,7 +31,7 @@ local invalidate, shutdown do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
function invalidate(loginId)
OpenBusContext:getLoginRegistry():invalidateLogin(loginId)
......@@ -60,7 +60,7 @@ assert(OpenBusContext.orb == orb)
do log:TEST("Get invalid login notification while performing a call")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
invalidate(conn.login.id)
......@@ -79,7 +79,7 @@ end
do log:TEST("Get invalid login notification while dispathing a call")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
local ior = tostring(orb:newservant({}, nil, "CORBA::InterfaceDef"))
......@@ -101,11 +101,11 @@ end
do log:TEST("Relog while performing a call")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
function conn:onInvalidLogin(login)
local ok, ex = pcall(conn.loginByPassword, conn, user, password)
local ok, ex = pcall(conn.loginByPassword, conn, user, password, domain)
if not ok then
assert(ex._repid == libidl.types.AlreadyLoggedIn)
end
......@@ -123,11 +123,11 @@ end
do log:TEST("Relog while dispathing a call")
local conn = OpenBusContext:createConnection(bushost, busport, connprops)
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn)
function conn:onInvalidLogin(login)
local ok, ex = pcall(conn.loginByPassword, conn, user, password)
local ok, ex = pcall(conn.loginByPassword, conn, user, password, domain)
if not ok then
assert(ex._repid == libidl.types.AlreadyLoggedIn)
end
......
......@@ -62,7 +62,7 @@ local callwithin do
end
local loginways = {
loginByPassword = function() return user, password end,
loginByPassword = function() return user, password, domain end,
loginByCertificate = function() return system, syskey end,
loginBySharedAuth = function()
return {
......@@ -147,6 +147,7 @@ do
busport = busport,
entity = user,
password = password,
domain = domain,
}
for name, values in pairs(InvalidParams) do
for invalid, expected in pairs(values) do
......@@ -208,6 +209,7 @@ do
busport = busport,
entity = invalid,
[field] = secret,
domain = field=="password" and domain or nil,
}, "bad argument #2 to '"..Field2Op[field].."' (expected string, got "..type(invalid)..")")
end
end
......@@ -220,6 +222,7 @@ do
busport = busport,
entity = user,
password = invalid,
domain = domain,
}, "bad argument #3 to 'loginByPassword' (expected string, got "..type(invalid)..")")
end
......@@ -241,6 +244,7 @@ do
busport = busport,
entity = user,
password = "WrongPassword",
domain = domain,
}, {_repid = assert(idl.types.services.access_control.AccessDenied)})
log:TEST "login with entity without certificate"
......@@ -269,7 +273,7 @@ local invalidate, sharedauth, shutdown, leasetime do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
leasetime = conn.AccessControl:renew()
function invalidate(loginId)
......@@ -319,6 +323,7 @@ do
busport = busport,
entity = user,
password = password,
domain = domain,
}
log:TEST(false)
log:TEST(true, "login by private key")
......@@ -349,7 +354,7 @@ for interval = 1, 3 do
orb = orb,
bushost = bushost,
busport = busport,
loginargs = function () return "Password", entity, secret end,
loginargs = function () return "Password", entity, secret, domain end,
interval = interval,
observer = {
onLoginFailure = function (self, assist, except)
......
......@@ -34,7 +34,7 @@ local invalidate, shutdown do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
function invalidate(loginId)
OpenBusContext:getLoginRegistry():invalidateLogin(loginId)
......@@ -60,7 +60,7 @@ do log:TEST("Two threads logging in")
local failures = 0
local threads = 2
local function trylogin()
local ok, ex = pcall(conn.loginByPassword, conn, user, password)
local ok, ex = pcall(conn.loginByPassword, conn, user, password, domain)
threads = threads-1
if not ok then
failures = failures+1
......@@ -88,7 +88,7 @@ do log:TEST("Two threads getting invalid login and trying to relog")
busport = busport,
accesskey = accesskey,
}
conn:loginByPassword(user, password)
conn:loginByPassword(user, password, domain)
OpenBusContext:setDefaultConnection(conn.connection)
local mylogin = conn.login
......
......@@ -42,7 +42,7 @@ local function catcherr(...)
end
local loginways = {
loginByPassword = function() return user, password end,
loginByPassword = function() return user, password, domain end,
loginByCertificate = function() return system, syskey end,
loginByCallback = function()
return function ()
......@@ -164,7 +164,7 @@ local invalidate, shutdown, leasetime do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
leasetime = conn.AccessControl:renew()
function invalidate(loginId)
......@@ -198,12 +198,22 @@ for _, connOp in ipairs({"DefaultConnection", "CurrentConnection"}) do
local conn = conns[1]
for _, invalid in ipairs{nil,true,false,123,{},error,thread,userdata} do
local badtype = type(invalid)
local ex = catcherr(conn.loginByPassword, conn, user, invalid)
local ex = catcherr(conn.loginByPassword, conn, user, invalid, domain)
assert(ex:match("bad argument #2 to 'loginByPassword' %(expected string, got "..badtype.."%)$"))
assertlogoff(conn)
end
end
do log:TEST "login with invalid domain"
local conn = conns[1]
for _, invalid in ipairs{nil,true,false,123,{},error,thread,userdata} do
local badtype = type(invalid)
local ex = catcherr(conn.loginByPassword, conn, user, password, invalid)
assert(ex:match("bad argument #3 to 'loginByPassword' %(expected string, got "..badtype.."%)$"))
assertlogoff(conn)
end
end
do log:TEST "login with invalid private key"
local conn = conns[1]
for _, invalid in ipairs{nil,true,false,123,"key",{},error,thread} do
......@@ -216,11 +226,18 @@ for _, connOp in ipairs({"DefaultConnection", "CurrentConnection"}) do
do log:TEST "login with wrong password"
local conn = conns[1]
local ex = catcherr(conn.loginByPassword, conn, user, "WrongPassword")
local ex = catcherr(conn.loginByPassword, conn, user, "WrongPassword", domain)
assert(ex._repid == idl.types.services.access_control.AccessDenied)
assertlogoff(conn)
end
do log:TEST "login with unknown domain"
local conn = conns[1]
local ex = catcherr(conn.loginByPassword, conn, user, password, "UnknownDomain")
assert(ex._repid == idl.types.services.access_control.UnknownDomain)
assertlogoff(conn)
end
do log:TEST "login with entity without certificate"
local conn = conns[1]
local ex = catcherr(conn.loginByCertificate, conn, "NoCertif.", syskey)
......
......@@ -31,7 +31,7 @@ local invalidate, shutdown do
local orb = openbus.initORB()
local OpenBusContext = orb.OpenBusContext
local conn = OpenBusContext:createConnection(bushost, busport)
conn:loginByPassword(admin, admpsw)
conn:loginByPassword(admin, admpsw, domain)
OpenBusContext:setDefaultConnection(conn)
function invalidate(loginId)
OpenBusContext:getLoginRegistry():invalidateLogin(loginId)
......@@ -65,7 +65,7 @@ do log:TEST("Relog while performing a call")
busport = busport,
accesskey = accesskey,
}