1: -module(auth_methods_for_c2s_SUITE).
2: -compile([export_all, nowarn_export_all]).
3:
4: -include_lib("eunit/include/eunit.hrl").
5: -include_lib("exml/include/exml.hrl").
6:
7: -import(distributed_helper, [mim/0, rpc/4]).
8:
9: all() ->
10: [
11: {group, two_methods_enabled},
12: {group, metrics}
13: ].
14:
15: groups() ->
16: [
17: {two_methods_enabled, [parallel],
18: [
19: can_login_with_allowed_method,
20: cannot_login_with_not_allowed_method,
21: can_login_to_another_listener
22: ]},
23: {metrics, [],
24: [
25: metrics_incremented_on_user_connect
26: ]}
27: ].
28:
29: init_per_suite(Config) ->
30: escalus:init_per_suite(Config).
31:
32: end_per_suite(Config) ->
33: escalus:end_per_suite(Config).
34:
35: init_per_group(metrics, Config) ->
36: Config;
37: init_per_group(_, Config0) ->
38: Config1 = ejabberd_node_utils:init(Config0),
39: ejabberd_node_utils:backup_config_file(Config1),
40: modify_config_and_restart(Config1),
41: escalus_cleaner:start(Config1).
42:
43: end_per_group(metrics, _Config) ->
44: escalus_fresh:clean();
45: end_per_group(_, Config) ->
46: ejabberd_node_utils:restore_config_file(Config),
47: ejabberd_node_utils:restart_application(mongooseim),
48: escalus_fresh:clean().
49:
50: init_per_testcase(TC, Config) ->
51: Spec = escalus_fresh:freshen_spec(Config, alice),
52: Clean = register_internal_user(Spec),
53: [{clean_fn, Clean}, {spec, Spec}|escalus:init_per_testcase(TC, Config)].
54:
55: end_per_testcase(TC, Config) ->
56: Clean = proplists:get_value(clean_fn, Config),
57: Clean(),
58: escalus:end_per_testcase(TC, Config).
59:
60: modify_config_and_restart(Config) ->
61: NewConfigValues = [{auth_method, "internal]\n [auth.dummy"},
62: {auth_method_opts, false},
63: {allowed_auth_methods, "\"internal\""}],
64: ejabberd_node_utils:modify_config_file(NewConfigValues, Config),
65: ejabberd_node_utils:restart_application(mongooseim).
66:
67: can_login_with_allowed_method(Config) ->
68: Spec = proplists:get_value(spec, Config),
69: {ok, _, _} = escalus_connection:start(Spec).
70:
71: cannot_login_with_not_allowed_method(Config) ->
72: Spec = proplists:get_value(spec, Config),
73: {error, _} = escalus_connection:start([{password, <<"wrong">>}|Spec]).
74:
75: can_login_to_another_listener(Config) ->
76: Spec = proplists:get_value(spec, Config),
77: TlsPort = ct:get_config({hosts, mim, c2s_tls_port}),
78: Spec2 = [{port, TlsPort}, {ssl, true}, {ssl_opts, [{verify, verify_none}]},
79: {password, <<"wrong">>} | Spec],
80: {ok, _, _} = escalus_connection:start(Spec2).
81:
82: metrics_incremented_on_user_connect(ConfigIn) ->
83: F = fun(Alice, Bob) ->
84: Body = <<"Hello Bob">>,
85: escalus:send(Alice, escalus_stanza:chat_to(Bob, Body)),
86: escalus:assert(is_chat_message, [Body], escalus:wait_for_stanza(Bob))
87: end,
88: HostType = domain_helper:host_type(),
89: HostTypePrefix = domain_helper:make_metrics_prefix(HostType),
90: MongooseMetrics = [{[HostTypePrefix, backends, auth, authorize], changed}],
91: Config = [{mongoose_metrics, MongooseMetrics} | ConfigIn],
92: escalus_fresh:story(Config, [{alice, 1}, {bob, 1}], F).
93:
94: %% Helpers
95: %% If dummy backend is enabled, it is not possible to create new users
96: %% (we check if an user does exist before registering the user).
97: register_internal_user(Spec) ->
98: #{username := User, server := Server,
99: password := Password} = maps:from_list(Spec),
100: LUser = jid:nodeprep(User),
101: LServer = escalus_utils:jid_to_lower(Server),
102: HostType = domain_helper:host_type(),
103: rpc(mim(), ejabberd_auth_internal, try_register,
104: [HostType, LUser, LServer, Password]),
105: fun() -> rpc(mim(), ejabberd_auth_internal, remove_user,
106: [HostType, LUser, LServer]) end.