nixos/pam-oath-login: Port test to python

2024-11-25 08:23:09 +00:00 · 2019-12-03 16:59:11 +01:00 · 2019-12-03 16:59:11 +01:00 · a16695578b
commit a16695578b
parent e05ae69904
1 changed files with 40 additions and 56 deletions
--- a/nixos/tests/pam-oath-login.nix
+++ b/nixos/tests/pam-oath-login.nix
@ -1,4 +1,4 @@
-import ./make-test.nix ({ ... }:
+import ./make-test-python.nix ({ ... }:

 let
  oathSnakeoilSecret = "cdd4083ef8ff1fa9178c6d46bfb1a3";
@ -55,70 +55,54 @@ in
      };
    };

-  testScript =
-    ''
-      $machine->waitForUnit('multi-user.target');
-      $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty1'");
-      $machine->screenshot("postboot");
+  testScript = ''
+    def switch_to_tty(tty_number):
+        machine.fail(f"pgrep -f 'agetty.*tty{tty_number}'")
+        machine.send_key(f"alt-f{tty_number}")
+        machine.wait_until_succeeds(f"[ $(fgconsole) = {tty_number} ]")
+        machine.wait_for_unit(f"getty@tty{tty_number}.service")
+        machine.wait_until_succeeds(f"pgrep -f 'agetty.*tty{tty_number}'")


-      subtest "Invalid password", sub {
-        $machine->fail("pgrep -f 'agetty.*tty2'");
-        $machine->sendKeys("alt-f2");
-        $machine->waitUntilSucceeds("[ \$(fgconsole) = 2 ]");
-        $machine->waitForUnit('getty@tty2.service');
-        $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty2'");
+    def enter_user_alice(tty_number):
+        machine.wait_until_tty_matches(tty_number, "login: ")
+        machine.send_chars("alice\n")
+        machine.wait_until_tty_matches(tty_number, "login: alice")
+        machine.wait_until_succeeds("pgrep login")
+        machine.wait_until_tty_matches(tty_number, "One-time password")

-        $machine->waitUntilTTYMatches(2, "login: ");
-        $machine->sendChars("alice\n");
-        $machine->waitUntilTTYMatches(2, "login: alice");
-        $machine->waitUntilSucceeds("pgrep login");

-        $machine->waitUntilTTYMatches(2, "One-time password");
-        $machine->sendChars("${oathSnakeOilPassword1}\n");
-        $machine->waitUntilTTYMatches(2, "Password: ");
-        $machine->sendChars("blorg\n");
-        $machine->waitUntilTTYMatches(2, "Login incorrect");
-      };
+    machine.wait_for_unit("multi-user.target")
+    machine.wait_until_succeeds("pgrep -f 'agetty.*tty1'")
+    machine.screenshot("postboot")

-      subtest "Invalid oath token", sub {
-        $machine->fail("pgrep -f 'agetty.*tty3'");
-        $machine->sendKeys("alt-f3");
-        $machine->waitUntilSucceeds("[ \$(fgconsole) = 3 ]");
-        $machine->waitForUnit('getty@tty3.service');
-        $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty3'");
+    with subtest("Invalid password"):
+        switch_to_tty(2)
+        enter_user_alice(2)

-        $machine->waitUntilTTYMatches(3, "login: ");
-        $machine->sendChars("alice\n");
-        $machine->waitUntilTTYMatches(3, "login: alice");
-        $machine->waitUntilSucceeds("pgrep login");
-        $machine->waitUntilTTYMatches(3, "One-time password");
-        $machine->sendChars("000000\n");
-        $machine->waitUntilTTYMatches(3, "Login incorrect");
-        $machine->waitUntilTTYMatches(3, "login:");
-      };
+        machine.send_chars("${oathSnakeOilPassword1}\n")
+        machine.wait_until_tty_matches(2, "Password: ")
+        machine.send_chars("blorg\n")
+        machine.wait_until_tty_matches(2, "Login incorrect")

-      subtest "Happy path (both passwords are mandatory to get us in)", sub {
-        $machine->fail("pgrep -f 'agetty.*tty4'");
-        $machine->sendKeys("alt-f4");
-        $machine->waitUntilSucceeds("[ \$(fgconsole) = 4 ]");
-        $machine->waitForUnit('getty@tty4.service');
-        $machine->waitUntilSucceeds("pgrep -f 'agetty.*tty4'");
+    with subtest("Invalid oath token"):
+        switch_to_tty(3)
+        enter_user_alice(3)

-        $machine->waitUntilTTYMatches(4, "login: ");
-        $machine->sendChars("alice\n");
-        $machine->waitUntilTTYMatches(4, "login: alice");
-        $machine->waitUntilSucceeds("pgrep login");
-        $machine->waitUntilTTYMatches(4, "One-time password");
-        $machine->sendChars("${oathSnakeOilPassword2}\n");
-        $machine->waitUntilTTYMatches(4, "Password: ");
-        $machine->sendChars("${alicePassword}\n");
+        machine.send_chars("000000\n")
+        machine.wait_until_tty_matches(3, "Login incorrect")
+        machine.wait_until_tty_matches(3, "login:")

-        $machine->waitUntilSucceeds("pgrep -u alice bash");
-        $machine->sendChars("touch  done4\n");
-        $machine->waitForFile("/home/alice/done4");
-      };
+    with subtest("Happy path: Both passwords are mandatory to get us in"):
+        switch_to_tty(4)
+        enter_user_alice(4)

+        machine.send_chars("${oathSnakeOilPassword2}\n")
+        machine.wait_until_tty_matches(4, "Password: ")
+        machine.send_chars("${alicePassword}\n")
+
+        machine.wait_until_succeeds("pgrep -u alice bash")
+        machine.send_chars("touch  done4\n")
+        machine.wait_for_file("/home/alice/done4")
    '';
-
 })