diff --git a/internals/api/user.go b/internals/api/user.go index 95fcead1..5099fecc 100644 --- a/internals/api/user.go +++ b/internals/api/user.go @@ -85,56 +85,3 @@ func (u User) ToAuditActor() *AuditActor { User: u.Trim(), } } - -// CreateUserRequest contains the required fields for signing up -type CreateUserRequest struct { - Username string `json:"username"` - Email string `json:"email"` - FullName string `json:"full_name"` - Password string `json:"password,omitempty"` - Credential *CreateCredentialRequest `json:"credential,omitempty"` -} - -// Validate validates the request fields. -func (req *CreateUserRequest) Validate() error { - err := ValidateUsername(req.Username) - if err != nil { - return err - } - - if req.Credential == nil && req.Password == "" { - return ErrNoPasswordNorCredential - } - - if req.Credential != nil { - err = req.Credential.Validate() - if err != nil { - return err - } - } - - err = ValidateEmail(req.Email) - if err != nil { - return err - } - - err = ValidateFullName(req.FullName) - if err != nil { - return err - } - return nil -} - -// CreateFederatedUserRequest contains the required fields for signing up with a federated user -type CreateFederatedUserRequest struct { - Username string `json:"username"` -} - -// Validate validates the request fields. -func (req CreateFederatedUserRequest) Validate() error { - err := ValidateUsername(req.Username) - if err != nil { - return err - } - return nil -} diff --git a/internals/api/user_test.go b/internals/api/user_test.go index feef638a..043c6a2b 100644 --- a/internals/api/user_test.go +++ b/internals/api/user_test.go @@ -4,8 +4,6 @@ import ( "fmt" "strings" "testing" - - "github.com/secrethub/secrethub-go/internals/assert" ) func TestValidateUsername(t *testing.T) { @@ -168,78 +166,3 @@ func TestValidateFullName(t *testing.T) { } } } - -func TestCreateUserRequest_Validate(t *testing.T) { - cases := map[string]struct { - req CreateUserRequest - err error - }{ - "valid using password": { - req: CreateUserRequest{ - Username: "test.-_UserTestT", - Email: "test-account.dev1@secrethub.io", - FullName: "Test Tester", - Password: "hello world", - }, - err: nil, - }, - "valid using credential": { - req: CreateUserRequest{ - Username: "test.-_UserTestT", - Email: "test-account.dev1@secrethub.io", - FullName: "Test Tester", - Credential: &CreateCredentialRequest{ - Type: CredentialTypeKey, - Fingerprint: "88c9eae68eb300b2971a2bec9e5a26ff4179fd661d6b7d861e4c6557b9aaee14", - Verifier: []byte("verifier"), - }, - }, - err: nil, - }, - "invalid no password nor credential": { - req: CreateUserRequest{ - Username: "test.-_UserTestT", - Email: "test-account.dev1@secrethub.io", - FullName: "Test Tester", - }, - err: ErrNoPasswordNorCredential, - }, - "invalid username": { - req: CreateUserRequest{ - Username: "", - Email: "test-account.dev1@secrethub.io", - FullName: "Test Tester", - Password: "hello world", - }, - err: ErrInvalidUsername, - }, - "invalid email": { - req: CreateUserRequest{ - Username: "test", - Email: "notanemail", - FullName: "Test Tester", - Password: "hello world", - }, - err: ErrInvalidEmail, - }, - "invalid full name": { - req: CreateUserRequest{ - Username: "test", - Email: "test-account.dev1@secrethub.io", - FullName: "", - Password: "hello world", - }, - err: ErrInvalidFullName, - }, - } - - for name, tc := range cases { - t.Run(name, func(t *testing.T) { - // Do - err := tc.req.Validate() - - // Assert - assert.Equal(t, err, tc.err) - }) - } -} diff --git a/pkg/secrethub/fakeclient/user.go b/pkg/secrethub/fakeclient/user.go index 2952290c..06cc551f 100644 --- a/pkg/secrethub/fakeclient/user.go +++ b/pkg/secrethub/fakeclient/user.go @@ -4,14 +4,12 @@ package fakeclient import ( "github.com/secrethub/secrethub-go/internals/api" - "github.com/secrethub/secrethub-go/pkg/secrethub/credentials" ) // UserService is a mock of the UserService interface. type UserService struct { - GetFunc func(username string) (*api.User, error) - MeFunc func() (*api.User, error) - CreateFunc func(username, email, fullName string, credentialCreator credentials.Creator) (*api.User, error) + GetFunc func(username string) (*api.User, error) + MeFunc func() (*api.User, error) } // Get implements the UserService interface Get function. @@ -23,8 +21,3 @@ func (s *UserService) Get(username string) (*api.User, error) { func (s *UserService) Me() (*api.User, error) { return s.MeFunc() } - -// Create implements the UserService interface Create function. -func (s *UserService) Create(username, email, fullName string, credentialCreator credentials.CreatorProvider) (*api.User, error) { - return s.CreateFunc(username, email, fullName, credentialCreator) -} diff --git a/pkg/secrethub/internals/http/client.go b/pkg/secrethub/internals/http/client.go index c3b6256c..a93e07a6 100644 --- a/pkg/secrethub/internals/http/client.go +++ b/pkg/secrethub/internals/http/client.go @@ -48,8 +48,7 @@ const ( pathCreateAccountKey = "%s/me/credentials/%s/key" // Users - pathUsers = "%s/users" - pathUser = "%s/users/%s" + pathUser = "%s/users/%s" // Repositories pathRepos = "%s/namespaces/%s/repos" @@ -217,14 +216,6 @@ func (c *Client) GetAccount(name api.AccountName) (*api.Account, error) { // USERS -// SignupUser creates a new user at SecretHub -func (c *Client) SignupUser(in *api.CreateUserRequest) (*api.User, error) { - out := &api.User{} - rawURL := fmt.Sprintf(pathUsers, c.base.String()) - err := c.post(rawURL, false, http.StatusCreated, in, out) - return out, errio.Error(err) -} - // GetUser gets a user by its username from SecretHub func (c *Client) GetUser(username string) (*api.User, error) { out := &api.User{} diff --git a/pkg/secrethub/user.go b/pkg/secrethub/user.go index ffd28882..c9247a6a 100644 --- a/pkg/secrethub/user.go +++ b/pkg/secrethub/user.go @@ -9,8 +9,6 @@ import ( // UserService handles operations on users from SecretHub. type UserService interface { - // Create creates a new user at SecretHub. - Create(username, email, fullName string, credential credentials.CreatorProvider) (*api.User, error) // Me gets the account's user if it exists. Me() (*api.User, error) // Get a user by their username. @@ -32,68 +30,6 @@ func (s userService) Me() (*api.User, error) { return s.client.httpClient.GetMyUser() } -// Create creates a new user at SecretHub and authenticates the client as this user. -func (s userService) Create(username, email, fullName string, credentials credentials.CreatorProvider) (*api.User, error) { - err := api.ValidateUsername(username) - if err != nil { - return nil, errio.Error(err) - } - - err = api.ValidateEmail(email) - if err != nil { - return nil, errio.Error(err) - } - - err = api.ValidateFullName(fullName) - if err != nil { - return nil, errio.Error(err) - } - - err = credentials.Create() - if err != nil { - return nil, err - } - - accountKey, err := generateAccountKey() - if err != nil { - return nil, errio.Error(err) - } - - return s.create(username, email, fullName, accountKey, credentials.Verifier(), credentials.Encrypter(), credentials.Metadata(), credentials) -} - -func (s userService) create(username, email, fullName string, accountKey crypto.RSAPrivateKey, verifier credentials.Verifier, encrypter credentials.Encrypter, metadata map[string]string, credentials credentials.Provider) (*api.User, error) { - credentialRequest, err := s.client.createCredentialRequest(encrypter, accountKey, verifier, metadata) - if err != nil { - return nil, errio.Error(err) - } - - err = credentialRequest.Validate() - if err != nil { - return nil, err - } - - userRequest := &api.CreateUserRequest{ - Username: username, - Email: email, - FullName: fullName, - Credential: credentialRequest, - } - - user, err := s.client.httpClient.SignupUser(userRequest) - if err != nil { - return nil, errio.Error(err) - } - - // Authenticate the client with the new credential. - err = WithCredentials(credentials)(s.client) - if err != nil { - return nil, err - } - - return user, nil -} - // Get retrieves the user with the given username from SecretHub. func (s userService) Get(username string) (*api.User, error) { err := api.ValidateUsername(username) diff --git a/pkg/secrethub/user_test.go b/pkg/secrethub/user_test.go index fdf07ce6..b9573f93 100644 --- a/pkg/secrethub/user_test.go +++ b/pkg/secrethub/user_test.go @@ -11,7 +11,6 @@ import ( "github.com/secrethub/secrethub-go/internals/api/uuid" "github.com/secrethub/secrethub-go/internals/assert" - "github.com/secrethub/secrethub-go/internals/crypto" ) const ( @@ -20,122 +19,6 @@ const ( email = "dev1@testing.com" ) -func TestSignup(t *testing.T) { - - // Arrange - router, opts, cleanup := setup() - defer cleanup() - - userService := userService{ - client: Must(NewClient(opts...)), - } - - accountKey, err := crypto.GenerateRSAPrivateKey(512) - assert.OK(t, err) - - publicAccountKey, err := accountKey.Public().Encode() - assert.OK(t, err) - - expectedCreateUserRequest := api.CreateUserRequest{ - Username: username, - FullName: fullName, - Email: email, - Credential: &api.CreateCredentialRequest{ - Type: api.CredentialTypeKey, - Fingerprint: cred1Fingerprint, - Verifier: cred1Verifier, - Proof: &api.CredentialProofKey{}, - AccountKey: &api.CreateAccountKeyRequest{ - PublicKey: publicAccountKey, - }, - }, - } - - now := time.Now().UTC() - expectedResponse := &api.User{ - AccountID: uuid.New(), - PublicKey: publicAccountKey, - Username: username, - FullName: fullName, - Email: email, - CreatedAt: &now, - LastLoginAt: &now, - } - router.Post("/users", func(w http.ResponseWriter, r *http.Request) { - // Assert - req := new(api.CreateUserRequest) - err := json.NewDecoder(r.Body).Decode(&req) - assert.OK(t, err) - - assert.OK(t, req.Validate()) - - // We cannot predict the output of the encrypted key, therefore we do not test it here. - req.Credential.AccountKey.EncryptedPrivateKey = nil - assert.Equal(t, req, expectedCreateUserRequest) - - // Respond - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(http.StatusCreated) - _ = json.NewEncoder(w).Encode(expectedResponse) - }) - - // Act - actual, err := userService.create(username, email, fullName, accountKey, cred1, cred1, nil, cred1) - - // Assert - assert.OK(t, err) - assert.Equal(t, actual, expectedResponse) -} - -func TestSignup_AlreadyExists(t *testing.T) { - - // Arrange - router, opts, cleanup := setup() - defer cleanup() - - userService := userService{ - client: Must(NewClient(opts...)), - } - - expected := api.ErrUserEmailAlreadyExists - - router.Post("/users", func(w http.ResponseWriter, r *http.Request) { - // Respond - w.Header().Set("Content-Type", "application/json") - w.WriteHeader(expected.StatusCode) - _ = json.NewEncoder(w).Encode(expected) - }) - - key, err := crypto.GenerateRSAPrivateKey(512) - assert.OK(t, err) - - // Act - _, err = userService.create("dev1", "dev1@testing.com", "Developer Uno", key, cred1, cred1, nil, cred1) - - // Assert - assert.Equal(t, err, expected) -} - -func TestSignup_InvalidArgument(t *testing.T) { - - // Arrange - _, opts, cleanup := setup() - defer cleanup() - - userService := userService{ - client: Must(NewClient(opts...)), - } - - key, err := crypto.GenerateRSAPrivateKey(512) - assert.OK(t, err) - - // Act - _, err = userService.create("invalidname$#@%%", "dev1@testing.com", "Developer Uno", key, cred1, cred1, nil, cred1) - - // Assert - assert.Equal(t, err, api.ErrInvalidUsername) -} - func TestGetUser(t *testing.T) { // Arrange