diff options
Diffstat (limited to 'src/testing/test_merchant_instance_auth.sh')
-rwxr-xr-x | src/testing/test_merchant_instance_auth.sh | 195 |
1 files changed, 149 insertions, 46 deletions
diff --git a/src/testing/test_merchant_instance_auth.sh b/src/testing/test_merchant_instance_auth.sh index f4534b9a..85857b4f 100755 --- a/src/testing/test_merchant_instance_auth.sh +++ b/src/testing/test_merchant_instance_auth.sh @@ -1,6 +1,6 @@ #!/bin/bash # This file is part of TALER -# Copyright (C) 2014-2021 Taler Systems SA +# Copyright (C) 2014-2023 Taler Systems SA # # TALER is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as @@ -17,45 +17,70 @@ # <http://www.gnu.org/licenses/> # -# Exit, with status code "skip" (no 'real' failure) -function exit_skip() { - echo $1 - exit 77 +# Cleanup to run whenever we exit +function my_cleanup() +{ + for n in $(jobs -p) + do + kill "$n" 2> /dev/null || true + done + wait + if [ -n "${LAST_RESPONSE+x}" ] + then + rm -f "${LAST_RESPONSE}" + fi } -. initialize_taler_system.sh +. setup.sh +setup -c test_template.conf -m +CONF="test_template.conf.edited" +LAST_RESPONSE=$(mktemp -p "${TMPDIR:-/tmp}" test_response.conf-XXXXXX) -echo -n "Configuring 'default' instance ..." +echo -n "Configuring 'default' instance ..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"token","token":"secret-token:new_value"},"payto_uris":["payto://x-taler-bank/localhost/43"],"id":"default","name":"default","address":{},"jurisdiction":{},"default_max_wire_fee":"TESTKUDOS:1", "default_max_deposit_fee":"TESTKUDOS:1","default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"token","token":"secret-token:new_value"},"id":"default","name":"default","user_type":"business","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] then - echo 'should respond ok, instance created. got:' $STATUS - exit 1 + exit_fail "Expected 204, instance created. got: $STATUS" >&2 fi -echo " OK" +STATUS=$(curl -H "Content-Type: application/json" -X POST \ + -H 'Authorization: Bearer secret-token:new_value' \ + http://localhost:9966/private/accounts \ + -d '{"payto_uri":"payto://x-taler-bank/localhost:8082/43?receiver-name=user43"}' \ + -w "%{http_code}" -s -o /dev/null) + + +if [ "$STATUS" != "200" ] +then + exit_fail "Expected 200 OK. Got: $STATUS" +fi + +echo " OK" >&2 +# Kill merchant +kill -TERM "$SETUP_PID" +wait +unset SETUP_PID -kill $MERCHANT_HTTPD_PID -wait $MERCHANT_HTTPD_PID +setup -c test_template.conf -ef -u "exchange-account-2" NEW_SECRET=secret-token:different_value taler-merchant-httpd -a "${NEW_SECRET}" -c "${CONF}" -L DEBUG 2> taler-merchant-httpd.log & -MERCHANT_HTTPD_PID=$! -#taler-merchant-httpd -c $CONF -L DEBUG 2> taler-merchant-httpd.log & +# Install cleanup handler (except for kill -9) +trap my_cleanup EXIT -echo -n "Waiting for the merchant..." +echo -n "Waiting for the merchant..." >&2 # Wait for merchant to be available (usually the slowest) -for n in `seq 1 50` +for n in $(seq 1 50) do - echo -n "." + echo -n "." >&2 sleep 0.1 OK=0 # merchant @@ -65,71 +90,149 @@ do done if [ "x$OK" != "x1" ] -then - exit_skip "Failed to start merchant backend" +then + exit_fail "Failed to (re)start merchant backend" fi -echo -n "Creating order to test auth is ok..." +echo -n "Creating order to test auth is ok..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ - 'http://localhost:9966/instances/default/private/orders' \ - -H 'Authorization: Bearer '$NEW_SECRET \ + 'http://localhost:9966/private/orders' \ + -H 'Authorization: Bearer '"$NEW_SECRET" \ -d '{"order":{"amount":"TESTKUDOS:1","summary":"payme"}}' \ - -w "%{http_code}" -s -o $LAST_RESPONSE) + -w "%{http_code}" -s -o "$LAST_RESPONSE") if [ "$STATUS" != "200" ] then - echo 'should response ok, order created. got:' $STATUS `cat $LAST_RESPONSE` - exit 1 + cat "$LAST_RESPONSE" >&2 + exit_fail "Expected 200, order created. got: $STATUS" fi -ORDER_ID=`jq -e -r .order_id < $LAST_RESPONSE` -TOKEN=`jq -e -r .token < $LAST_RESPONSE` +ORDER_ID=$(jq -e -r .order_id < "$LAST_RESPONSE") +TOKEN=$(jq -e -r .token < "$LAST_RESPONSE") -STATUS=$(curl "http://localhost:9966/instances/default/private/orders/${ORDER_ID}" \ - -H 'Authorization: Bearer '$NEW_SECRET \ - -w "%{http_code}" -s -o $LAST_RESPONSE) +STATUS=$(curl "http://localhost:9966/private/orders/${ORDER_ID}" \ + -H 'Authorization: Bearer '"$NEW_SECRET" \ + -w "%{http_code}" -s -o "$LAST_RESPONSE") if [ "$STATUS" != "200" ] then - echo 'should response ok, getting order info before claming it. got:' $STATUS `cat $LAST_RESPONSE` - exit 1 + cat "$LAST_RESPONSE" >&2 + exit_fail "Expected 200, getting order info before claming it. got: $STATUS" fi -PAY_URL=`jq -e -r .taler_pay_uri < $LAST_RESPONSE` +PAY_URL=$(jq -e -r .taler_pay_uri < "$LAST_RESPONSE") -echo OK order $ORDER_ID with $TOKEN +echo "OK order ${ORDER_ID} with ${TOKEN} and ${PAY_URL}" >&2 -echo -n "Configuring 'second' instance ..." +echo -n "Configuring 'second' instance ..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ - -H 'Authorization: Bearer '$NEW_SECRET \ + -H 'Authorization: Bearer '"$NEW_SECRET" \ http://localhost:9966/management/instances \ - -d '{"auth":{"method":"token","token":"secret-token:second"},"payto_uris":["payto://x-taler-bank/localhost/43"],"id":"second","name":"second","address":{},"jurisdiction":{},"default_max_wire_fee":"TESTKUDOS:1", "default_max_deposit_fee":"TESTKUDOS:1","default_wire_fee_amortization":1,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ + -d '{"auth":{"method":"token","token":"secret-token:second"},"id":"second","name":"second","address":{},"jurisdiction":{},"use_stefan":true,"default_wire_transfer_delay":{"d_us" : 3600000000},"default_pay_delay":{"d_us": 3600000000}}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] then - echo 'should respond ok, instance created. got:' $STATUS - exit 1 + exit_fail "Expected 204, instance created. got: $STATUS" fi -echo "OK" +echo "OK" >&2 -echo -n "Updating 'second' instance token using the 'default' auth token..." +echo -n "Updating 'second' instance token using the 'default' auth token..." >&2 STATUS=$(curl -H "Content-Type: application/json" -X POST \ - -H 'Authorization: Bearer '$NEW_SECRET \ + -H 'Authorization: Bearer '"$NEW_SECRET" \ http://localhost:9966/management/instances/second/auth \ -d '{"method":"token","token":"secret-token:new_one"}' \ -w "%{http_code}" -s -o /dev/null) if [ "$STATUS" != "204" ] then - echo 'should respond ok, instance auth token changed. got:' $STATUS - exit 1 + exit_fail "Expected 204, instance auth token changed. got: $STATUS" +fi +NEW_SECRET="secret-token:new_one" +echo " OK" >&2 + + +echo -n "Requesting login token..." >&2 + +STATUS=$(curl -H "Content-Type: application/json" -X POST \ + -H 'Authorization: Bearer '"$NEW_SECRET" \ + http://localhost:9966/instances/second/private/token \ + -d '{"scope":"readonly","refreshable":true}' \ + -w "%{http_code}" -s -o "$LAST_RESPONSE") + +if [ "$STATUS" != "200" ] +then + jq < "$LAST_RESPONSE" >&2 + exit_fail "Expected 200, login token created. got: $STATUS" +fi + +TOKEN=$(jq -e -r .token < "$LAST_RESPONSE") + +echo " OK" >&2 + +echo -n "Using login token..." >&2 + +STATUS=$(curl "http://localhost:9966/instances/second/private/orders" \ + -H 'Authorization: Bearer '"$TOKEN" \ + -w "%{http_code}" -s -o "$LAST_RESPONSE") + +if [ "$STATUS" != "200" ] +then + jq < "$LAST_RESPONSE" >&2 + exit_fail "Expected 200, getting orders. got: $STATUS" +fi + +echo " OK" >&2 + +echo -n "Refreshing login token..." >&2 + +STATUS=$(curl -H "Content-Type: application/json" -X POST \ + -H 'Authorization: Bearer '"$TOKEN" \ + http://localhost:9966/instances/second/private/token \ + -d '{"scope":"write","refreshable":true}' \ + -w "%{http_code}" -s -o "$LAST_RESPONSE") + +if [ "$STATUS" != "403" ] +then + jq < "$LAST_RESPONSE" >&2 + exit_fail "Expected 403, refused to upgrade login token. got: $STATUS" +fi + +echo " OK" >&2 + + +echo -n "Deleting login token..." >&2 + +STATUS=$(curl -H "Content-Type: application/json" -X DELETE \ + -H 'Authorization: Bearer '"$TOKEN" \ + http://localhost:9966/instances/second/private/token \ + -w "%{http_code}" -s -o "$LAST_RESPONSE") + +if [ "$STATUS" != "204" ] +then + jq < "$LAST_RESPONSE" >&2 + exit_fail "Expected 204, login token deleted. got: $STATUS" fi +echo " OK" >&2 + +echo -n "Using deleted login token..." >&2 + +STATUS=$(curl "http://localhost:9966/instances/second/private/orders" \ + -H 'Authorization: Bearer '"$TOKEN" \ + -w "%{http_code}" -s -o "$LAST_RESPONSE") + +if [ "$STATUS" != "401" ] +then + jq < "$LAST_RESPONSE" >&2 + exit_fail "Expected 401, token was deleted. got: $STATUS" +fi + +echo " OK" >&2 -echo " OK" +echo "Test PASSED" exit 0 |