Set admin password when creating the user

2023-04-12 14:25:13 +00:00 · 2021-07-05 09:42:54 +02:00 · 2021-07-05 09:42:54 +02:00 · 6d885e7665
commit 6d885e7665
parent d891529da9
2 changed files with 32 additions and 30 deletions
--- a/src/domain/sql_opaque_handler.rs
+++ b/src/domain/sql_opaque_handler.rs
@ -213,6 +213,34 @@ impl OpaqueHandler for SqlOpaqueHandler {
    }
 }

+/// Convenience function to set a user's password.
+pub(crate) async fn register_password(
+    opaque_handler: &SqlOpaqueHandler,
+    username: &str,
+    password: &str,
+) -> Result<()> {
+    let mut rng = rand::rngs::OsRng;
+    use registration::*;
+    let registration_start = opaque::client::registration::start_registration(password, &mut rng)?;
+    let start_response = opaque_handler
+        .registration_start(ClientRegistrationStartRequest {
+            username: username.to_string(),
+            registration_start_request: registration_start.message,
+        })
+        .await?;
+    let registration_finish = opaque::client::registration::finish_registration(
+        registration_start.state,
+        start_response.registration_response,
+        &mut rng,
+    )?;
+    opaque_handler
+        .registration_finish(ClientRegistrationFinishRequest {
+            server_data: start_response.server_data,
+            registration_upload: registration_finish.message,
+        })
+        .await
+}
+
 #[cfg(test)]
 mod tests {
    use super::*;
@ -279,34 +307,6 @@ mod tests {
        Ok(())
    }

-    async fn attempt_registration(
-        opaque_handler: &SqlOpaqueHandler,
-        username: &str,
-        password: &str,
-    ) -> Result<()> {
-        let mut rng = rand::rngs::OsRng;
-        use registration::*;
-        let registration_start =
-            opaque::client::registration::start_registration(password, &mut rng)?;
-        let start_response = opaque_handler
-            .registration_start(ClientRegistrationStartRequest {
-                username: username.to_string(),
-                registration_start_request: registration_start.message,
-            })
-            .await?;
-        let registration_finish = opaque::client::registration::finish_registration(
-            registration_start.state,
-            start_response.registration_response,
-            &mut rng,
-        )?;
-        opaque_handler
-            .registration_finish(ClientRegistrationFinishRequest {
-                server_data: start_response.server_data,
-                registration_upload: registration_finish.message,
-            })
-            .await
-    }
-
    #[tokio::test]
    async fn test_flow() -> Result<()> {
        let sql_pool = get_initialized_db().await;
@ -317,7 +317,7 @@ mod tests {
        attempt_login(&opaque_handler, "bob", "bob00")
            .await
            .unwrap_err();
-        attempt_registration(&opaque_handler, "bob", "bob00").await?;
+        register_password(&opaque_handler, "bob", "bob00").await?;
        attempt_login(&opaque_handler, "bob", "wrong_password")
            .await
            .unwrap_err();
--- a/src/main.rs
+++ b/src/main.rs
@ -3,7 +3,8 @@

 use crate::{
    domain::{
-        handler::BackendHandler, sql_backend_handler::SqlBackendHandler, sql_tables::PoolOptions,
+        handler::BackendHandler, sql_backend_handler::SqlBackendHandler,
+        sql_opaque_handler::register_password, sql_tables::PoolOptions,
    },
    infra::{configuration::Configuration, db_cleaner::Scheduler},
 };
@ -21,6 +22,7 @@ async fn create_admin_user(handler: &SqlBackendHandler, config: &Configuration)
            user_id: config.ldap_user_dn.clone(),
            ..Default::default()
        })
+        .and_then(|_| register_password(handler, &config.ldap_user_dn, &config.ldap_user_pass))
        .await
        .map_err(|e| anyhow!("Error creating admin user: {}", e))?;
    let admin_group_id = handler