103 lines
3.1 KiB
Rust
103 lines
3.1 KiB
Rust
use arbiter_proto::proto::client::{
|
|
AuthChallengeRequest, AuthChallengeSolution, AuthOk, ClientRequest, ClientResponse,
|
|
client_request::Payload as ClientRequestPayload,
|
|
client_response::Payload as ClientResponsePayload,
|
|
};
|
|
use arbiter_server::{
|
|
actors::client::{ClientActor, ClientError},
|
|
db::{self, schema},
|
|
};
|
|
use diesel::{ExpressionMethods as _, insert_into};
|
|
use diesel_async::RunQueryDsl;
|
|
use ed25519_dalek::Signer as _;
|
|
|
|
#[tokio::test]
|
|
#[test_log::test]
|
|
pub async fn test_unregistered_pubkey_rejected() {
|
|
let db = db::create_test_pool().await;
|
|
|
|
let mut client = ClientActor::new_manual(db.clone());
|
|
|
|
let new_key = ed25519_dalek::SigningKey::generate(&mut rand::rng());
|
|
let pubkey_bytes = new_key.verifying_key().to_bytes().to_vec();
|
|
|
|
let result = client
|
|
.process_transport_inbound(ClientRequest {
|
|
payload: Some(ClientRequestPayload::AuthChallengeRequest(
|
|
AuthChallengeRequest {
|
|
pubkey: pubkey_bytes,
|
|
},
|
|
)),
|
|
})
|
|
.await;
|
|
|
|
match result {
|
|
Err(err) => {
|
|
assert_eq!(err, ClientError::PublicKeyNotRegistered);
|
|
}
|
|
Ok(_) => {
|
|
panic!("Expected error due to unregistered pubkey, but got success");
|
|
}
|
|
}
|
|
}
|
|
|
|
#[tokio::test]
|
|
#[test_log::test]
|
|
pub async fn test_challenge_auth() {
|
|
let db = db::create_test_pool().await;
|
|
|
|
let mut client = ClientActor::new_manual(db.clone());
|
|
|
|
let new_key = ed25519_dalek::SigningKey::generate(&mut rand::rng());
|
|
let pubkey_bytes = new_key.verifying_key().to_bytes().to_vec();
|
|
|
|
{
|
|
let mut conn = db.get().await.unwrap();
|
|
insert_into(schema::program_client::table)
|
|
.values(schema::program_client::public_key.eq(pubkey_bytes.clone()))
|
|
.execute(&mut conn)
|
|
.await
|
|
.unwrap();
|
|
}
|
|
|
|
let result = client
|
|
.process_transport_inbound(ClientRequest {
|
|
payload: Some(ClientRequestPayload::AuthChallengeRequest(
|
|
AuthChallengeRequest {
|
|
pubkey: pubkey_bytes,
|
|
},
|
|
)),
|
|
})
|
|
.await
|
|
.expect("Shouldn't fail to process message");
|
|
|
|
let ClientResponse {
|
|
payload: Some(ClientResponsePayload::AuthChallenge(challenge)),
|
|
} = result
|
|
else {
|
|
panic!("Expected auth challenge response, got {result:?}");
|
|
};
|
|
|
|
let formatted_challenge = arbiter_proto::format_challenge(challenge.nonce, &challenge.pubkey);
|
|
let signature = new_key.sign(&formatted_challenge);
|
|
let serialized_signature = signature.to_bytes().to_vec();
|
|
|
|
let result = client
|
|
.process_transport_inbound(ClientRequest {
|
|
payload: Some(ClientRequestPayload::AuthChallengeSolution(
|
|
AuthChallengeSolution {
|
|
signature: serialized_signature,
|
|
},
|
|
)),
|
|
})
|
|
.await
|
|
.expect("Shouldn't fail to process message");
|
|
|
|
assert_eq!(
|
|
result,
|
|
ClientResponse {
|
|
payload: Some(ClientResponsePayload::AuthOk(AuthOk {})),
|
|
}
|
|
);
|
|
}
|