From 5b0f0c108578cbae5f0804fe1daa60599a71d4bf Mon Sep 17 00:00:00 2001 From: "F. Jason Park" Date: Thu, 24 Nov 2022 21:03:03 -0800 Subject: [PATCH] [POC] Compare :require among auth-source backends --- test/lisp/auth-source-pass-tests.el | 305 ++++++++++++++++++++++++++++ 1 file changed, 305 insertions(+) diff --git a/test/lisp/auth-source-pass-tests.el b/test/lisp/auth-source-pass-tests.el index 1107e09b51..ed88cf5476 100644 --- a/test/lisp/auth-source-pass-tests.el +++ b/test/lisp/auth-source-pass-tests.el @@ -751,6 +751,311 @@ auth-source-pass-extra-query-keywords--user-priorities (:host "g" :user "u" :port 2 :secret "@") ; ** (:host "g" :user "u" :port 2 :secret "/")))))))) +;;;; :require demo + +;; Swapping out smtp.gmail.com and 465 with local-gmail and imap +;; doesn't change the outcome of any cases below. + +;; netrc + +(ert-deftest auth-source-pass-extra-query-keywords--netrc-joao () + (ert-with-temp-file netrc-file + :text "\ +machine local-gmail port imap password a +machine smtp.gmail.com port 465 password b +" + (let* ((auth-sources (list netrc-file)) + (auth-source-do-cache nil) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (should-not results)))) + +(ert-deftest auth-source-pass-extra-query-keywords--netrc-joao-user () + (ert-with-temp-file netrc-file + :text "\ +machine local-gmail login joaotavora@gmail.com port imap password a +machine smtp.gmail.com login joaotavora@gmail.com port 465 password b +" + (let* ((auth-sources (list netrc-file)) + (auth-source-do-cache nil) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (dolist (result results) + (setf (plist-get result :secret) (auth-info-password result))) + (should (equal results '(( :host "local-gmail" + :user "joaotavora@gmail.com" + :port "imap" + :secret "a"))))))) + +;; plstore + +(require 'epg) + +(ert-deftest auth-source-pass-extra-query-keywords--plstore-joao () + (ert-with-temp-file plstore-file + :suffix ".plist" + :text "\ +;;; public entries -*- mode: plstore -*- +((\"7c0d0c60eba2b3da2feebff6a007934b73d6ba8c\" + :secret-secret t + :host \"local-gmail\" + :port \"imap\") + (\"e579bb71ac879a2fbe90462be686ec090bcb995f\" + :secret-secret t + :host \"smtp.gmail.com\" + :port \"465\")) +;;; secret entries +((\"7c0d0c60eba2b3da2feebff6a007934b73d6ba8c\" :secret \"a\") + (\"e579bb71ac879a2fbe90462be686ec090bcb995f\" :secret \"b\")) +" + (cl-letf (((symbol-function 'epg-decrypt-string) + (lambda (&rest r) (prin1-to-string (cadr r)))) + ((symbol-function 'epg-find-configuration) + (lambda (&rest _) '((program . "/bin/true"))))) + (let* ((auth-sources (list plstore-file)) + (auth-source-do-cache nil) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (should-not results))))) + +(ert-deftest auth-source-pass-extra-query-keywords--plstore-joao-user () + (ert-with-temp-file plstore-file + :suffix ".plist" + :text "\ +;;; public entries -*- mode: plstore -*- +((\"b0d8e1b370cff2d4c71cd503905d1bfa80247a82\" + :secret-secret t + :host \"local-gmail\" + :user \"joaotavora@gmail.com\" + :port \"imap\") + (\"5d05df976779ae4690254c6572c1652748ac4b58\" + :secret-secret t + :host \"smtp.gmail.com\" + :user \"joaotavora@gmail.com\" + :port \"465\")) +;;; secret entries +((\"b0d8e1b370cff2d4c71cd503905d1bfa80247a82\" :secret \"a\") + (\"5d05df976779ae4690254c6572c1652748ac4b58\" :secret \"b\")) +" + (cl-letf (((symbol-function 'epg-decrypt-string) + (lambda (&rest r) (prin1-to-string (cadr r)))) + ((symbol-function 'epg-find-configuration) + (lambda (&rest _) '((program . "/bin/true"))))) + (let* ((auth-sources (list plstore-file)) + (auth-source-do-cache nil) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (dolist (result results) + (setf (plist-get result :secret) (auth-info-password result))) + (should (equal results '(( :login nil + :secret "a" + :host "local-gmail" + :user "joaotavora@gmail.com" + :port "imap")))))))) + +;; json + +(ert-deftest auth-source-pass-extra-query-keywords--json-joao () + (ert-with-temp-file json-store + :suffix ".json" + :text "\ +[{\"host\":\"local-gmail\", + \"port\":\"imap\", + \"secret\":\"a\"}, + {\"host\":\"smtp.gmail.com\", + \"port\":\"465\", + \"secret\":\"b\"}] +" + (let ((auth-sources (list json-store)) + (auth-source-do-cache nil)) + (should-not (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))))) + +(ert-deftest auth-source-pass-extra-query-keywords--json-joao-user () + (ert-with-temp-file json-store + :suffix ".json" + :text "\ +[{\"host\":\"local-gmail\", + \"port\":\"imap\", + \"user\":\"joaotavora@gmail.com\", + \"secret\":\"a\"}, + {\"host\":\"smtp.gmail.com\", + \"port\":\"465\", + \"user\":\"joaotavora@gmail.com\", + \"secret\":\"b\"}] +" + (let* ((auth-sources (list json-store)) + (auth-source-do-cache nil) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (dolist (result results) + (setf (plist-get result :secret) (auth-info-password result))) + (should (equal results + '(( :host "local-gmail" + :port "imap" + :user "joaotavora@gmail.com" + :secret "a"))))))) + +;; secrets + +;; With the secrets backend, any "attribute" (keyword) specified in +;; the query must exist in the entry, so `:require' is implied. The +;; mocked search below is so contrived as to be meaningless, but it +;; nevertheless emphasizes the "must match" nature of the upstream +;; SearchItems DBus method (of the Secret Service API's collections +;; interface: org.freedesktop.Secret.Collection.SearchItems). +;; +;; https://specifications.freedesktop.org/secret-service/latest/re02.html +;; #org.freedesktop.Secret.Collection.SearchItems + +(require 'secrets) + +(ert-deftest auth-source-pass-extra-query-keywords--secrets-joao () + (let ((auth-sources '("secrets:Test")) + (auth-source-do-cache nil) + (entries '(("nil@local-gmail:imap" + (:host . "local-gmail") + (:port . "imap") + (:xdg:schema . "org.freedesktop.Secret.Generic")) + ("nil@smtp.gmail.com:465" + (:host . "smtp.gmail.com") + (:port . "465") + (:xdg:schema . "org.freedesktop.Secret.Generic")))) + (secrets '(("nil@local-gmail:imap" . "a") + ("nil@smtp.gmail.com:465" . "b")))) + + (cl-letf (((symbol-function 'secrets-search-items) + (lambda (_ &rest r) + (mapcan (lambda (s) + (and (seq-every-p (pcase-lambda (`(,k . ,v)) + (equal v (alist-get k (cdr s)))) + (map-pairs r)) + (list (car s)))) + entries))) + ((symbol-function 'secrets-get-secret) + (lambda (_ label) (assoc-default label secrets))) + ((symbol-function 'secrets-get-attributes) + (lambda (_ label) (assoc-default label entries)))) + + (should-not (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))))) + +(ert-deftest auth-source-pass-extra-query-keywords--secrets-joao-user () + (let ((auth-sources '("secrets:Test")) + (auth-source-do-cache nil) + (entries '(("joaotavora@gmail.com@local-gmail:imap" + (:host . "local-gmail") + (:user . "joaotavora@gmail.com") + (:port . "imap") + (:xdg:schema . "org.freedesktop.Secret.Generic")) + ("joaotavora@gmail.com@smtp.gmail.com:465" + (:host . "smtp.gmail.com") + (:user . "joaotavora@gmail.com") + (:port . "465") + (:xdg:schema . "org.freedesktop.Secret.Generic")))) + (secrets '(("joaotavora@gmail.com@local-gmail:imap" . "a") + ("joaotavora@gmail.com@smtp.gmail.com:465" . "b")))) + + (cl-letf (((symbol-function 'secrets-search-items) + (lambda (_ &rest r) + (mapcan (lambda (s) + (and (seq-every-p (pcase-lambda (`(,k . ,v)) + (equal v (alist-get k (cdr s)))) + (map-pairs r)) + (list (car s)))) + entries))) + ((symbol-function 'secrets-get-secret) + (lambda (_ label) (assoc-default label secrets))) + ((symbol-function 'secrets-get-attributes) + (lambda (_ label) (assoc-default label entries)))) + + (let ((results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (dolist (result results) + (setf (plist-get result :secret) (auth-info-password result))) + (should (equal results + '(( :login nil + :secret "a" + :host "local-gmail" + :user "joaotavora@gmail.com" + :port "imap" + :xdg:schema "org.freedesktop.Secret.Generic")))))))) + +;; Pass + +(ert-deftest auth-source-pass-extra-query-keywords--pass--joao () + (auth-source-pass--with-store '(("smtp.gmail.com:465" (secret . "a")) + ("local-gmail:imap" (secret . "b"))) + (auth-source-pass-enable) + (let ((auth-source-pass-extra-query-keywords t)) + (should-not (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))))) + +(ert-deftest auth-source-pass-extra-query-keywords--pass--joao-user () + ;; "suffix" syntax + (auth-source-pass--with-store '(("smtp.gmail.com:465/joaotavora@gmail.com" + (secret . "a")) + ("local-gmail:imap/joaotavora@gmail.com" + (secret . "b"))) + (auth-source-pass-enable) + (let* ((auth-source-pass-extra-query-keywords t) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (dolist (result results) + (setf (plist-get result :secret) (auth-info-password result))) + (should (equal results '(( :host "local-gmail" + :user "joaotavora@gmail.com" + :port "imap" + :secret "b")))))) + ;; "prefix" syntax + (auth-source-pass--with-store '(("joaotavora@gmail.com@smtp.gmail.com:465" + (secret . "a")) + ("joaotavora@gmail.com@local-gmail:imap" + (secret . "b"))) + (auth-source-pass-enable) + (let* ((auth-source-pass-extra-query-keywords t) + (results (auth-source-search :max 1 + :host '("local-gmail" "localhost") + :port '("imap" "imap" "143") + :user "joaotavora@gmail.com" + :require '(:user :secret)))) + (dolist (result results) + (setf (plist-get result :secret) (auth-info-password result))) + (should (equal results '(( :host "local-gmail" + :user "joaotavora@gmail.com" + :port "imap" + :secret "b"))))))) + (provide 'auth-source-pass-tests) ;;; auth-source-pass-tests.el ends here -- 2.38.1