Set admin password when creating the user

This commit is contained in:
Valentin Tolmer 2021-07-05 09:42:54 +02:00 committed by nitnelave
parent d891529da9
commit ab66a36fe6
2 changed files with 32 additions and 30 deletions

View File

@ -213,6 +213,34 @@ impl OpaqueHandler for SqlOpaqueHandler {
} }
} }
/// Convenience function to set a user's password.
pub(crate) async fn register_password(
opaque_handler: &SqlOpaqueHandler,
username: &str,
password: &str,
) -> Result<()> {
let mut rng = rand::rngs::OsRng;
use registration::*;
let registration_start = opaque::client::registration::start_registration(password, &mut rng)?;
let start_response = opaque_handler
.registration_start(ClientRegistrationStartRequest {
username: username.to_string(),
registration_start_request: registration_start.message,
})
.await?;
let registration_finish = opaque::client::registration::finish_registration(
registration_start.state,
start_response.registration_response,
&mut rng,
)?;
opaque_handler
.registration_finish(ClientRegistrationFinishRequest {
server_data: start_response.server_data,
registration_upload: registration_finish.message,
})
.await
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
@ -279,34 +307,6 @@ mod tests {
Ok(()) Ok(())
} }
async fn attempt_registration(
opaque_handler: &SqlOpaqueHandler,
username: &str,
password: &str,
) -> Result<()> {
let mut rng = rand::rngs::OsRng;
use registration::*;
let registration_start =
opaque::client::registration::start_registration(password, &mut rng)?;
let start_response = opaque_handler
.registration_start(ClientRegistrationStartRequest {
username: username.to_string(),
registration_start_request: registration_start.message,
})
.await?;
let registration_finish = opaque::client::registration::finish_registration(
registration_start.state,
start_response.registration_response,
&mut rng,
)?;
opaque_handler
.registration_finish(ClientRegistrationFinishRequest {
server_data: start_response.server_data,
registration_upload: registration_finish.message,
})
.await
}
#[tokio::test] #[tokio::test]
async fn test_flow() -> Result<()> { async fn test_flow() -> Result<()> {
let sql_pool = get_initialized_db().await; let sql_pool = get_initialized_db().await;
@ -317,7 +317,7 @@ mod tests {
attempt_login(&opaque_handler, "bob", "bob00") attempt_login(&opaque_handler, "bob", "bob00")
.await .await
.unwrap_err(); .unwrap_err();
attempt_registration(&opaque_handler, "bob", "bob00").await?; register_password(&opaque_handler, "bob", "bob00").await?;
attempt_login(&opaque_handler, "bob", "wrong_password") attempt_login(&opaque_handler, "bob", "wrong_password")
.await .await
.unwrap_err(); .unwrap_err();

View File

@ -3,7 +3,8 @@
use crate::{ use crate::{
domain::{ domain::{
handler::BackendHandler, sql_backend_handler::SqlBackendHandler, sql_tables::PoolOptions, handler::BackendHandler, sql_backend_handler::SqlBackendHandler,
sql_opaque_handler::register_password, sql_tables::PoolOptions,
}, },
infra::{configuration::Configuration, db_cleaner::Scheduler}, infra::{configuration::Configuration, db_cleaner::Scheduler},
}; };
@ -21,6 +22,7 @@ async fn create_admin_user(handler: &SqlBackendHandler, config: &Configuration)
user_id: config.ldap_user_dn.clone(), user_id: config.ldap_user_dn.clone(),
..Default::default() ..Default::default()
}) })
.and_then(|_| register_password(handler, &config.ldap_user_dn, &config.ldap_user_pass))
.await .await
.map_err(|e| anyhow!("Error creating admin user: {}", e))?; .map_err(|e| anyhow!("Error creating admin user: {}", e))?;
let admin_group_id = handler let admin_group_id = handler