From ab66a36fe646bb179fd4267471fdf9655eb5dd7d Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Mon, 5 Jul 2021 09:42:54 +0200 Subject: [PATCH] Set admin password when creating the user --- src/domain/sql_opaque_handler.rs | 58 ++++++++++++++++---------------- src/main.rs | 4 ++- 2 files changed, 32 insertions(+), 30 deletions(-) diff --git a/src/domain/sql_opaque_handler.rs b/src/domain/sql_opaque_handler.rs index 998475f..d5d23ca 100644 --- a/src/domain/sql_opaque_handler.rs +++ b/src/domain/sql_opaque_handler.rs @@ -213,6 +213,34 @@ impl OpaqueHandler for SqlOpaqueHandler { } } +/// Convenience function to set a user's password. +pub(crate) async fn register_password( + opaque_handler: &SqlOpaqueHandler, + username: &str, + password: &str, +) -> Result<()> { + let mut rng = rand::rngs::OsRng; + use registration::*; + let registration_start = opaque::client::registration::start_registration(password, &mut rng)?; + let start_response = opaque_handler + .registration_start(ClientRegistrationStartRequest { + username: username.to_string(), + registration_start_request: registration_start.message, + }) + .await?; + let registration_finish = opaque::client::registration::finish_registration( + registration_start.state, + start_response.registration_response, + &mut rng, + )?; + opaque_handler + .registration_finish(ClientRegistrationFinishRequest { + server_data: start_response.server_data, + registration_upload: registration_finish.message, + }) + .await +} + #[cfg(test)] mod tests { use super::*; @@ -279,34 +307,6 @@ mod tests { Ok(()) } - async fn attempt_registration( - opaque_handler: &SqlOpaqueHandler, - username: &str, - password: &str, - ) -> Result<()> { - let mut rng = rand::rngs::OsRng; - use registration::*; - let registration_start = - opaque::client::registration::start_registration(password, &mut rng)?; - let start_response = opaque_handler - .registration_start(ClientRegistrationStartRequest { - username: username.to_string(), - registration_start_request: registration_start.message, - }) - .await?; - let registration_finish = opaque::client::registration::finish_registration( - registration_start.state, - start_response.registration_response, - &mut rng, - )?; - opaque_handler - .registration_finish(ClientRegistrationFinishRequest { - server_data: start_response.server_data, - registration_upload: registration_finish.message, - }) - .await - } - #[tokio::test] async fn test_flow() -> Result<()> { let sql_pool = get_initialized_db().await; @@ -317,7 +317,7 @@ mod tests { attempt_login(&opaque_handler, "bob", "bob00") .await .unwrap_err(); - attempt_registration(&opaque_handler, "bob", "bob00").await?; + register_password(&opaque_handler, "bob", "bob00").await?; attempt_login(&opaque_handler, "bob", "wrong_password") .await .unwrap_err(); diff --git a/src/main.rs b/src/main.rs index f65ea42..a3f53a5 100644 --- a/src/main.rs +++ b/src/main.rs @@ -3,7 +3,8 @@ use crate::{ domain::{ - handler::BackendHandler, sql_backend_handler::SqlBackendHandler, sql_tables::PoolOptions, + handler::BackendHandler, sql_backend_handler::SqlBackendHandler, + sql_opaque_handler::register_password, sql_tables::PoolOptions, }, infra::{configuration::Configuration, db_cleaner::Scheduler}, }; @@ -21,6 +22,7 @@ async fn create_admin_user(handler: &SqlBackendHandler, config: &Configuration) user_id: config.ldap_user_dn.clone(), ..Default::default() }) + .and_then(|_| register_password(handler, &config.ldap_user_dn, &config.ldap_user_pass)) .await .map_err(|e| anyhow!("Error creating admin user: {}", e))?; let admin_group_id = handler