diff --git a/go.mod b/go.mod index 67f8782e..ab24986d 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( github.com/aws/aws-sdk-go v1.44.100 github.com/codeready-toolchain/api v0.0.0-20250121053759-af12adf8e938 - github.com/codeready-toolchain/toolchain-common v0.0.0-20250121053752-f7e2c17c3c6b + github.com/codeready-toolchain/toolchain-common v0.0.0-20250127073039-8ef21eb833fa github.com/go-logr/logr v1.4.1 github.com/gofrs/uuid v4.2.0+incompatible github.com/pkg/errors v0.9.1 diff --git a/go.sum b/go.sum index 75fda8dc..d44bf5bd 100644 --- a/go.sum +++ b/go.sum @@ -53,8 +53,8 @@ github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBS github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc= github.com/codeready-toolchain/api v0.0.0-20250121053759-af12adf8e938 h1:cj2H8bhNTjHVMUJnPEpLW8nLV9YMnG2nQ3oTgMJWsbI= github.com/codeready-toolchain/api v0.0.0-20250121053759-af12adf8e938/go.mod h1:2KYfJlFwZtiKfa5QDhQfXTFh6RyALilURWBXyfKmKso= -github.com/codeready-toolchain/toolchain-common v0.0.0-20250121053752-f7e2c17c3c6b h1:AjguQB0pvRBaArWMs6pzdKu0IimYcfK4MIpM+vwf8us= -github.com/codeready-toolchain/toolchain-common v0.0.0-20250121053752-f7e2c17c3c6b/go.mod h1:YAvlMiumFFmUR8A3eF5TDjyn1KyhKbpdwCMdLKtupGA= +github.com/codeready-toolchain/toolchain-common v0.0.0-20250127073039-8ef21eb833fa h1:75flfyrKUpq8Ppi/BRSaAUdBGD9wtWMDvL3kYqSRt1s= +github.com/codeready-toolchain/toolchain-common v0.0.0-20250127073039-8ef21eb833fa/go.mod h1:YAvlMiumFFmUR8A3eF5TDjyn1KyhKbpdwCMdLKtupGA= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= diff --git a/pkg/controller/signup_test.go b/pkg/controller/signup_test.go index c557e930..7b321680 100644 --- a/pkg/controller/signup_test.go +++ b/pkg/controller/signup_test.go @@ -28,7 +28,7 @@ import ( testconfig "github.com/codeready-toolchain/toolchain-common/pkg/test/config" testsocialevent "github.com/codeready-toolchain/toolchain-common/pkg/test/socialevent" testusersignup "github.com/codeready-toolchain/toolchain-common/pkg/test/usersignup" - apiv1 "k8s.io/api/core/v1" + "github.com/codeready-toolchain/toolchain-common/pkg/usersignup" "sigs.k8s.io/controller-runtime/pkg/client" "github.com/gin-gonic/gin" @@ -71,20 +71,15 @@ func (s *TestSignupSuite) TestSignupPostHandler() { req, err := http.NewRequest(http.MethodPost, "/api/v1/signup", nil) require.NoError(s.T(), err) - svc := &FakeSignupService{} - - _, application := testutil.PrepareInClusterAppWithOption(s.T(), func(serviceFactory *factory.ServiceFactory) { - serviceFactory.WithSignupService(svc) - }) - // Check if the config is set to testing mode, so the handler may use this. assert.True(s.T(), configuration.IsTestingMode(), "testing mode not set correctly to true") - // Create signup instance. - signupCtrl := controller.NewSignup(application) - handler := gin.HandlerFunc(signupCtrl.PostHandler) - s.Run("signup created", func() { + // given + fakeClient, application := testutil.PrepareInClusterApp(s.T()) + signupCtrl := controller.NewSignup(application) + handler := gin.HandlerFunc(signupCtrl.PostHandler) + // We create a ResponseRecorder (which satisfies http.ResponseWriter) to record the response. rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) @@ -95,35 +90,37 @@ func (s *TestSignupSuite) TestSignupPostHandler() { require.NoError(s.T(), err) expectedUserID := ob.String() ctx.Set(context.SubKey, expectedUserID) - ctx.Set(context.UsernameKey, "bill") + ctx.Set(context.UsernameKey, "bill@kubesaw") ctx.Set(context.EmailKey, expectedUserID+"@test.com") - signup := testusersignup.NewUserSignup( - testusersignup.WithName("bill"), - IncompleteUserSignupCondition(), - ) - - svc.MockSignup = func(ctx *gin.Context) (*crtapi.UserSignup, error) { - assert.Equal(s.T(), expectedUserID, ctx.GetString(context.SubKey)) - assert.Equal(s.T(), "bill", ctx.GetString(context.UsernameKey)) - assert.Equal(s.T(), expectedUserID+"@test.com", ctx.GetString(context.EmailKey)) - return signup, nil - } + + // when handler(ctx) // Check the status code is what we expect. require.Equal(s.T(), http.StatusAccepted, rr.Code) + userSignup := &crtapi.UserSignup{} + require.NoError(s.T(), fakeClient.Get(ctx, + commontest.NamespacedName(commontest.HostOperatorNs, usersignup.EncodeUserIdentifier("bill@kubesaw")), userSignup)) + assert.Equal(s.T(), expectedUserID, userSignup.Spec.IdentityClaims.Sub) + assert.Equal(s.T(), "bill@kubesaw", userSignup.Spec.IdentityClaims.PreferredUsername) + assert.Equal(s.T(), expectedUserID+"@test.com", userSignup.Spec.IdentityClaims.Email) }) s.Run("signup error", func() { + // given + fakeClient, application := testutil.PrepareInClusterApp(s.T()) + signupCtrl := controller.NewSignup(application) + handler := gin.HandlerFunc(signupCtrl.PostHandler) // We create a ResponseRecorder (which satisfies http.ResponseWriter) to record the response. rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Request = req - svc.MockSignup = func(_ *gin.Context) (*crtapi.UserSignup, error) { - return nil, errors.New("blah") + fakeClient.MockCreate = func(_ gocontext.Context, _ client.Object, _ ...client.CreateOption) error { + return errors.New("blah") } + // when handler(ctx) // Check the error is what we expect. @@ -131,11 +128,20 @@ func (s *TestSignupSuite) TestSignupPostHandler() { }) s.Run("signup forbidden error", func() { + // given + svc := &FakeSignupService{} + _, application := testutil.PrepareInClusterAppWithOption(s.T(), func(serviceFactory *factory.ServiceFactory) { + serviceFactory.WithSignupService(svc) + }) + + signupCtrl := controller.NewSignup(application) + handler := gin.HandlerFunc(signupCtrl.PostHandler) // We create a ResponseRecorder (which satisfies http.ResponseWriter) to record the response. rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Request = req + // when svc.MockSignup = func(_ *gin.Context) (*crtapi.UserSignup, error) { return nil, apierrors.NewForbidden(schema.GroupResource{}, "", errors.New("forbidden test error")) } @@ -147,19 +153,6 @@ func (s *TestSignupSuite) TestSignupPostHandler() { }) } -func IncompleteUserSignupCondition() testusersignup.Modifier { - return func(userSignup *crtapi.UserSignup) { - userSignup.Status.Conditions = []crtapi.Condition{ - { - Type: crtapi.UserSignupComplete, - Status: apiv1.ConditionFalse, - Reason: "test_reason", - Message: "test_message", - }, - } - } -} - func (s *TestSignupSuite) TestSignupGetHandler() { // Create a request to pass to our handler. We don't have any query parameters for now, so we'll // pass 'nil' as the third parameter. @@ -175,7 +168,7 @@ func (s *TestSignupSuite) TestSignupGetHandler() { // Create UserSignup ob, err := uuid.NewV4() require.NoError(s.T(), err) - userID := ob.String() + username := ob.String() // Create Signup controller instance. ctrl := controller.NewSignup(application) @@ -186,7 +179,7 @@ func (s *TestSignupSuite) TestSignupGetHandler() { rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Request = req - ctx.Set(context.SubKey, userID) + ctx.Set(context.UsernameKey, username) targetCluster, err := uuid.NewV4() require.NoError(s.T(), err) @@ -200,8 +193,8 @@ func (s *TestSignupSuite) TestSignupGetHandler() { Reason: "Provisioning", }, } - svc.MockGetSignup = func(_ *gin.Context, id, _ string, _ bool) (*signup.Signup, error) { - if id == userID { + svc.MockGetSignup = func(_ *gin.Context, _, name string, _ bool) (*signup.Signup, error) { + if name == username { return expected, nil } return nil, nil @@ -225,7 +218,7 @@ func (s *TestSignupSuite) TestSignupGetHandler() { rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Request = req - ctx.Set(context.SubKey, userID) + ctx.Set(context.UsernameKey, username) svc.MockGetSignup = func(_ *gin.Context, _, _ string, _ bool) (*signup.Signup, error) { return nil, nil @@ -242,7 +235,7 @@ func (s *TestSignupSuite) TestSignupGetHandler() { rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Request = req - ctx.Set(context.SubKey, userID) + ctx.Set(context.UsernameKey, username) svc.MockGetSignup = func(_ *gin.Context, _, _ string, _ bool) (*signup.Signup, error) { return nil, errors.New("oopsie woopsie") @@ -261,12 +254,10 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { // Create UserSignup userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johnny"), + testusersignup.WithEncodedName("johnny@kubesaw"), testusersignup.WithAnnotation(crtapi.UserSignupVerificationCounterAnnotationKey, "0"), testusersignup.WithAnnotation(crtapi.UserSignupVerificationCodeAnnotationKey, ""), testusersignup.VerificationRequiredAgo(time.Second)) - userID := userSignup.Spec.IdentityClaims.UserID - fakeClient, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), userSignup) defer gock.Off() @@ -280,7 +271,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { BodyString("") data := []byte(fmt.Sprintf(`{"phone_number": "%s", "country_code": "1"}`, phoneNumber)) - rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, userID, "johnny", http.MethodPut, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, "johnny@kubesaw", http.MethodPut, "/api/v1/signup/verification") require.Equal(s.T(), http.StatusNoContent, rr.Code) updatedUserSignup := &crtapi.UserSignup{} @@ -314,7 +305,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { BodyString("") data := []byte(`{"phone_number": "2268213044", "country_code": "(1)"}`) - rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, userID, "johnny", http.MethodPut, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, "johnny@kubesaw", http.MethodPut, "/api/v1/signup/verification") require.Equal(s.T(), http.StatusBadRequest, rr.Code) bodyParams := make(map[string]interface{}) @@ -328,7 +319,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { }) s.Run("init verification request body could not be read", func() { data := []byte(`{"test_number": "2268213044", "test_code": "1"}`) - rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, userID, "johnny", http.MethodPut, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, "johnny@kubesaw", http.MethodPut, "/api/v1/signup/verification") // Check the status code is what we expect. assert.Equal(s.T(), http.StatusBadRequest, rr.Code) @@ -352,7 +343,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { defer s.SetConfig(testconfig.RegistrationService().Verification().DailyLimit(originalValue)) data := []byte(`{"phone_number": "2268213044", "country_code": "1"}`) - rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, userID, "johnny", http.MethodPut, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, "johnny@kubesaw", http.MethodPut, "/api/v1/signup/verification") // Check the status code is what we expect. assert.Equal(s.T(), http.StatusForbidden, rr.Code, "handler returned wrong status code") @@ -360,8 +351,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { s.Run("init verification handler fails when verification not required", func() { // Create UserSignup - userSignup := testusersignup.NewUserSignup(testusersignup.WithName("johnny")) - userID := userSignup.Spec.IdentityClaims.UserID + userSignup := testusersignup.NewUserSignup(testusersignup.WithEncodedName("johnny@kubesaw")) _, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), userSignup) @@ -370,7 +360,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { handler := gin.HandlerFunc(ctrl.InitVerificationHandler) data := []byte(`{"phone_number": "2268213044", "country_code": "1"}`) - rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, userID, "johnny", http.MethodPut, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, "johnny@kubesaw", http.MethodPut, "/api/v1/signup/verification") // Check the status code is what we expect. assert.Equal(s.T(), http.StatusBadRequest, rr.Code) @@ -386,26 +376,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { }) s.Run("init verification handler fails when invalid phone number provided", func() { - // Create UserSignup - ob, err := uuid.NewV4() - require.NoError(s.T(), err) - userID := ob.String() - - // Create a mock SignupService - svc := &FakeSignupService{ - MockGetUserSignupFromIdentifier: func(_, _ string) (userSignup *crtapi.UserSignup, e error) { - return testusersignup.NewUserSignup( - testusersignup.WithName("johnny"), - testusersignup.VerificationRequiredAgo(time.Second)), nil - }, - MockPhoneNumberAlreadyInUse: func(_, _, _ string) error { - return nil - }, - } - - _, application := testutil.PrepareInClusterAppWithOption(s.T(), func(serviceFactory *factory.ServiceFactory) { - serviceFactory.WithSignupService(svc) - }, userSignup) + _, application := testutil.PrepareInClusterApp(s.T(), userSignup) // Create Signup controller instance. ctrl := controller.NewSignup(application) @@ -413,7 +384,7 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { // We create a ResponseRecorder (which satisfies http.ResponseWriter) to record the response. data := []byte(`{"phone_number": "!226%213044", "country_code": "1"}`) - rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, userID, "johnny", http.MethodPut, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, gin.Param{}, data, "johnny@kubesaw", http.MethodPut, "/api/v1/signup/verification") // Check the status code is what we expect. assert.Equal(s.T(), http.StatusBadRequest, rr.Code) @@ -423,11 +394,10 @@ func (s *TestSignupSuite) TestInitVerificationHandler() { func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { // Create UserSignup userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johnny"), + testusersignup.WithEncodedName("johnny@kubesaw"), testusersignup.WithAnnotation(crtapi.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(crtapi.UserSignupVerificationCodeAnnotationKey, "999888"), testusersignup.WithAnnotation(crtapi.UserVerificationExpiryAnnotationKey, time.Now().Add(10*time.Second).Format(service.TimestampLayout))) - userID := userSignup.Spec.IdentityClaims.UserID s.Run("verification successful", func() { // Create Signup controller instance. @@ -439,7 +409,7 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { Key: "code", Value: "999888", } - rr := initPhoneVerification(s.T(), handler, param, nil, userID, "johnny", http.MethodGet, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, param, nil, "johnny@kubesaw", http.MethodGet, "/api/v1/signup/verification") // Check the status code is what we expect. require.Equal(s.T(), http.StatusOK, rr.Code) @@ -470,7 +440,7 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { Key: "code", Value: "111233", } - rr := initPhoneVerification(s.T(), handler, param, nil, userID, "johnny", http.MethodGet, "/api/v1/signup/verification") + rr := initPhoneVerification(s.T(), handler, param, nil, "johnny@kubesaw", http.MethodGet, "/api/v1/signup/verification") // Check the status code is what we expect. require.Equal(s.T(), http.StatusInternalServerError, rr.Code) @@ -481,7 +451,7 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { require.Equal(s.T(), "Internal Server Error", bodyParams["status"]) require.InDelta(s.T(), float64(500), bodyParams["code"], 0.01) - require.Equal(s.T(), fmt.Sprintf("no user: error retrieving usersignup: %s", userID), bodyParams["message"]) + require.Equal(s.T(), "no user: error retrieving usersignup: ", bodyParams["message"]) require.Equal(s.T(), "error while verifying phone code", bodyParams["details"]) }) @@ -496,7 +466,7 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { Key: "code", Value: "111233", } - rr := initPhoneVerification(s.T(), handler, param, nil, userID, "jsmith", http.MethodGet, "/api/v1/signup/verification/111233") + rr := initPhoneVerification(s.T(), handler, param, nil, "jsmith@kubesaw", http.MethodGet, "/api/v1/signup/verification/111233") // Check the status code is what we expect. require.Equal(s.T(), http.StatusNotFound, rr.Code) @@ -507,7 +477,8 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { require.Equal(s.T(), "Not Found", bodyParams["status"]) require.InDelta(s.T(), float64(404), bodyParams["code"], 0.01) - require.Equal(s.T(), "usersignups.toolchain.dev.openshift.com \"jsmith\" not found: user not found", bodyParams["message"]) + // the fdebf2d6-jsmithkubesaw is an encoded version of the jsmith@kubesaw username (removed @ and prefixed with crc32 hash of the original value) + require.Equal(s.T(), "usersignups.toolchain.dev.openshift.com \"fdebf2d6-jsmithkubesaw\" not found: user not found", bodyParams["message"]) require.Equal(s.T(), "error while verifying phone code", bodyParams["details"]) }) @@ -524,7 +495,7 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { Key: "code", Value: "555555", } - rr := initPhoneVerification(s.T(), handler, param, nil, userID, "johnny", http.MethodGet, + rr := initPhoneVerification(s.T(), handler, param, nil, "johnny@kubesaw", http.MethodGet, "/api/v1/signup/verification/555555") // Check the status code is what we expect. @@ -558,7 +529,7 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { Key: "code", Value: "333333", } - rr := initPhoneVerification(s.T(), handler, param, nil, userID, "johnny", http.MethodGet, "/api/v1/signup/verification/333333") + rr := initPhoneVerification(s.T(), handler, param, nil, "johnny@kubesaw", http.MethodGet, "/api/v1/signup/verification/333333") // Check the status code is what we expect. require.Equal(s.T(), http.StatusTooManyRequests, rr.Code) @@ -583,55 +554,20 @@ func (s *TestSignupSuite) TestVerifyPhoneCodeHandler() { Key: "code", Value: "", } - rr := initPhoneVerification(s.T(), handler, param, nil, userID, "", http.MethodGet, "/api/v1/signup/verification/") + rr := initPhoneVerification(s.T(), handler, param, nil, "", http.MethodGet, "/api/v1/signup/verification/") // Check the status code is what we expect. require.Equal(s.T(), http.StatusBadRequest, rr.Code) }) - - s.Run("usersignup stored by its username", func() { - // Create another UserSignup - otherUserSignup := testusersignup.NewUserSignup( - testusersignup.WithName("jsmith"), - testusersignup.WithAnnotation(crtapi.UserVerificationAttemptsAnnotationKey, "0"), - testusersignup.WithAnnotation(crtapi.UserSignupVerificationCodeAnnotationKey, "999127"), - testusersignup.WithAnnotation(crtapi.UserVerificationExpiryAnnotationKey, time.Now().Add(10*time.Second).Format(service.TimestampLayout))) - - fakeClient, application := testutil.PrepareInClusterApp(s.T(), otherUserSignup, userSignup) - - // Create Signup controller instance. - ctrl := controller.NewSignup(application) - handler := gin.HandlerFunc(ctrl.VerifyPhoneCodeHandler) - - param := gin.Param{ - Key: "code", - Value: "999127", - } - rr := initPhoneVerification(s.T(), handler, param, nil, "", otherUserSignup.Spec.IdentityClaims.PreferredUsername, http.MethodGet, "/api/v1/signup/verification") - - // Check the status code is what we expect. - require.Equal(s.T(), http.StatusOK, rr.Code) - - updatedUserSignup := &crtapi.UserSignup{} - err := fakeClient.Get(gocontext.TODO(), client.ObjectKeyFromObject(otherUserSignup), updatedUserSignup) - require.NoError(s.T(), err) - - // Check that the correct UserSignup is passed into the FakeSignupService for update - require.False(s.T(), states.VerificationRequired(updatedUserSignup)) - require.Empty(s.T(), updatedUserSignup.Annotations[crtapi.UserVerificationAttemptsAnnotationKey]) - require.Empty(s.T(), updatedUserSignup.Annotations[crtapi.UserSignupVerificationCodeAnnotationKey]) - require.Empty(s.T(), updatedUserSignup.Annotations[crtapi.UserVerificationExpiryAnnotationKey]) - }) } -func initPhoneVerification(t *testing.T, handler gin.HandlerFunc, params gin.Param, data []byte, userID, username, httpMethod, url string) *httptest.ResponseRecorder { +func initPhoneVerification(t *testing.T, handler gin.HandlerFunc, params gin.Param, data []byte, username, httpMethod, url string) *httptest.ResponseRecorder { // We create a ResponseRecorder (which satisfies http.ResponseWriter) to record the response. rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) req, err := http.NewRequest(httpMethod, url, bytes.NewBuffer(data)) require.NoError(t, err) ctx.Request = req - ctx.Set(context.SubKey, userID) ctx.Set(context.UsernameKey, username) ctx.Params = append(ctx.Params, params) @@ -782,7 +718,6 @@ func initActivationCodeVerification(t *testing.T, handler gin.HandlerFunc, usern req, err := http.NewRequest(http.MethodPost, "/api/v1/signup/verification/activation-code", bytes.NewBuffer([]byte(payload))) require.NoError(t, err) ctx.Request = req - ctx.Set(context.SubKey, username) ctx.Set(context.UsernameKey, username) handler(ctx) return rr diff --git a/pkg/proxy/handlers/spacelister.go b/pkg/proxy/handlers/spacelister.go index fb1c8b15..0137d88a 100644 --- a/pkg/proxy/handlers/spacelister.go +++ b/pkg/proxy/handlers/spacelister.go @@ -41,10 +41,9 @@ func NewSpaceLister(client namespaced.Client, app application.Application, proxy } func (s *SpaceLister) GetProvisionedUserSignup(ctx echo.Context) (*signup.Signup, error) { - userID, _ := ctx.Get(context.SubKey).(string) username, _ := ctx.Get(context.UsernameKey).(string) - userSignup, err := s.GetSignupFunc(nil, userID, username, false) + userSignup, err := s.GetSignupFunc(nil, "", username, false) if err != nil { ctx.Logger().Error(errs.Wrap(err, "error retrieving signup")) return nil, err diff --git a/pkg/signup/service/signup_service.go b/pkg/signup/service/signup_service.go index 61c5de1f..d5e4f9c9 100644 --- a/pkg/signup/service/signup_service.go +++ b/pkg/signup/service/signup_service.go @@ -3,7 +3,6 @@ package service import ( gocontext "context" "fmt" - "hash/crc32" "regexp" "sort" "strings" @@ -21,6 +20,7 @@ import ( "github.com/codeready-toolchain/toolchain-common/pkg/condition" "github.com/codeready-toolchain/toolchain-common/pkg/hash" "github.com/codeready-toolchain/toolchain-common/pkg/states" + signupcommon "github.com/codeready-toolchain/toolchain-common/pkg/usersignup" "github.com/gin-gonic/gin" errs "github.com/pkg/errors" apiv1 "k8s.io/api/core/v1" @@ -103,7 +103,7 @@ func (s *ServiceImpl) newUserSignup(ctx *gin.Context) (*toolchainv1alpha1.UserSi userSignup := &toolchainv1alpha1.UserSignup{ ObjectMeta: metav1.ObjectMeta{ - Name: EncodeUserIdentifier(ctx.GetString(context.UsernameKey)), + Name: signupcommon.EncodeUserIdentifier(ctx.GetString(context.UsernameKey)), Namespace: configuration.Namespace(), Annotations: map[string]string{ toolchainv1alpha1.UserSignupVerificationCounterAnnotationKey: "0", @@ -233,60 +233,17 @@ func extractEmailHost(email string) string { return email[i+1:] } -// EncodeUserIdentifier transforms a subject value (the user's UserID) to make it DNS-1123 compliant, -// by removing invalid characters, trimming the length and prefixing with a CRC32 checksum if required. -// ### WARNING ### changing this function will cause breakage, as it is used to lookup existing UserSignup -// resources. If a change is absolutely required, then all existing UserSignup instances must be migrated -// to the new value -func EncodeUserIdentifier(subject string) string { - // Sanitize subject to be compliant with DNS labels format (RFC-1123) - encoded := sanitizeDNS1123(subject) - - // Add a checksum prefix if the encoded value is different to the original subject value - if encoded != subject { - encoded = fmt.Sprintf("%x-%s", crc32.Checksum([]byte(subject), crc32.IEEETable), encoded) - } - - // Trim if the length exceeds the maximum - if len(encoded) > DNS1123NameMaximumLength { - encoded = encoded[0:DNS1123NameMaximumLength] - } - - return encoded -} - -func sanitizeDNS1123(str string) string { - // convert to lowercase - lstr := strings.ToLower(str) - - // remove unwanted characters - b := strings.Builder{} - for _, r := range lstr { - switch { - case r >= '0' && r <= '9': - fallthrough - case r >= 'a' && r <= 'z': - fallthrough - case r == '-': - b.WriteRune(r) - } - } - - // remove leading and trailing '-' - return strings.Trim(b.String(), "-") -} - // Signup reactivates the deactivated UserSignup resource or creates a new one with the specified username and userID // if doesn't exist yet. func (s *ServiceImpl) Signup(ctx *gin.Context) (*toolchainv1alpha1.UserSignup, error) { - encodedUserID := EncodeUserIdentifier(ctx.GetString(context.SubKey)) + encodedUserID := signupcommon.EncodeUserIdentifier(ctx.GetString(context.SubKey)) // Retrieve UserSignup resource from the host cluster userSignup := &toolchainv1alpha1.UserSignup{} if err := s.Get(ctx, s.NamespacedName(encodedUserID), userSignup); err != nil { if apierrors.IsNotFound(err) { // The UserSignup could not be located by its encoded UserID, attempt to load it using its encoded PreferredUsername instead - encodedUsername := EncodeUserIdentifier(ctx.GetString(context.UsernameKey)) + encodedUsername := signupcommon.EncodeUserIdentifier(ctx.GetString(context.UsernameKey)) if err := s.Get(ctx, s.NamespacedName(encodedUsername), userSignup); err != nil { if apierrors.IsNotFound(err) { // New Signup @@ -557,10 +514,10 @@ func (s *ServiceImpl) GetUserSignupFromIdentifier(userID, username string) (*too func (s *ServiceImpl) DoGetUserSignupFromIdentifier(cl namespaced.Client, userID, username string) (*toolchainv1alpha1.UserSignup, error) { // Retrieve UserSignup resource from the host cluster userSignup := &toolchainv1alpha1.UserSignup{} - if err := cl.Get(gocontext.TODO(), cl.NamespacedName(EncodeUserIdentifier(username)), userSignup); err != nil { + if err := cl.Get(gocontext.TODO(), cl.NamespacedName(signupcommon.EncodeUserIdentifier(username)), userSignup); err != nil { if apierrors.IsNotFound(err) { // Capture any error here in a separate var, as we need to preserve the original - if err2 := cl.Get(gocontext.TODO(), cl.NamespacedName(EncodeUserIdentifier(userID)), userSignup); err2 != nil { + if err2 := cl.Get(gocontext.TODO(), cl.NamespacedName(signupcommon.EncodeUserIdentifier(userID)), userSignup); err2 != nil { if apierrors.IsNotFound(err2) { return nil, err } diff --git a/pkg/signup/service/signup_service_test.go b/pkg/signup/service/signup_service_test.go index 91d98b42..f568cae4 100644 --- a/pkg/signup/service/signup_service_test.go +++ b/pkg/signup/service/signup_service_test.go @@ -25,6 +25,7 @@ import ( "github.com/codeready-toolchain/toolchain-common/pkg/test/masteruserrecord" "github.com/codeready-toolchain/toolchain-common/pkg/test/space" testusersignup "github.com/codeready-toolchain/toolchain-common/pkg/test/usersignup" + signupcommon "github.com/codeready-toolchain/toolchain-common/pkg/usersignup" "sigs.k8s.io/controller-runtime/pkg/client" toolchainv1alpha1 "github.com/codeready-toolchain/api/api/v1alpha1" @@ -65,9 +66,6 @@ func (s *TestSignupServiceSuite) ServiceConfiguration(verificationEnabled bool, func (s *TestSignupServiceSuite) TestSignup() { s.ServiceConfiguration(true, "", 5) // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - assertUserSignupExists := func(cl client.Client, username string) toolchainv1alpha1.UserSignup { userSignups := &toolchainv1alpha1.UserSignupList{} @@ -77,7 +75,7 @@ func (s *TestSignupServiceSuite) TestSignup() { val := userSignups.Items[0] require.Equal(s.T(), commontest.HostOperatorNs, val.Namespace) - require.Equal(s.T(), username, val.Name) + require.Equal(s.T(), signupcommon.EncodeUserIdentifier(username), val.Name) require.True(s.T(), states.VerificationRequired(&val)) require.Equal(s.T(), "a7b1b413c1cbddbcd19a51222ef8e20a", val.Labels[toolchainv1alpha1.UserSignupUserEmailHashLabelKey]) require.Empty(s.T(), val.Annotations[toolchainv1alpha1.SkipAutoCreateSpaceAnnotationKey]) // skip auto create space annotation is not set by default @@ -87,7 +85,7 @@ func (s *TestSignupServiceSuite) TestSignup() { require.Equal(s.T(), "jane", val.Spec.IdentityClaims.GivenName) require.Equal(s.T(), "doe", val.Spec.IdentityClaims.FamilyName) require.Equal(s.T(), "red hat", val.Spec.IdentityClaims.Company) - require.Equal(s.T(), userID.String(), val.Spec.IdentityClaims.Sub) + require.Equal(s.T(), "987654321", val.Spec.IdentityClaims.Sub) require.Equal(s.T(), "13349822", val.Spec.IdentityClaims.UserID) require.Equal(s.T(), "45983711", val.Spec.IdentityClaims.AccountID) require.Equal(s.T(), "original-sub-value", val.Spec.IdentityClaims.OriginalSub) @@ -98,8 +96,8 @@ func (s *TestSignupServiceSuite) TestSignup() { rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) - ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.UsernameKey, "jsmith@kubesaw") + ctx.Set(context.SubKey, "987654321") ctx.Set(context.OriginalSubKey, "original-sub-value") ctx.Set(context.EmailKey, "jsmith@gmail.com") ctx.Set(context.GivenNameKey, "jane") @@ -119,7 +117,7 @@ func (s *TestSignupServiceSuite) TestSignup() { assert.Empty(s.T(), userSignup.Annotations[toolchainv1alpha1.UserSignupLastTargetClusterAnnotationKey]) // at this point, the last target cluster annotation is not set require.Equal(s.T(), "original-sub-value", userSignup.Spec.IdentityClaims.OriginalSub) - existing := assertUserSignupExists(fakeClient, "jsmith") + existing := assertUserSignupExists(fakeClient, "jsmith@kubesaw") s.Run("deactivate and reactivate again", func() { // given @@ -135,7 +133,7 @@ func (s *TestSignupServiceSuite) TestSignup() { // then require.NoError(s.T(), err) - assertUserSignupExists(fakeClient, "jsmith") + assertUserSignupExists(fakeClient, "jsmith@kubesaw") assert.Equal(s.T(), "2", deactivatedUS.Annotations[toolchainv1alpha1.UserSignupActivationCounterAnnotationKey]) // value was preserved assert.Equal(s.T(), "member-3", deactivatedUS.Annotations[toolchainv1alpha1.UserSignupLastTargetClusterAnnotationKey]) // value was preserved }) @@ -155,7 +153,7 @@ func (s *TestSignupServiceSuite) TestSignup() { // then require.NoError(s.T(), err) - assertUserSignupExists(fakeClient, "jsmith") + assertUserSignupExists(fakeClient, "jsmith@kubesaw") assert.Empty(s.T(), userSignup.Annotations[toolchainv1alpha1.UserSignupActivationCounterAnnotationKey]) // was initially missing, and was not set assert.Empty(s.T(), userSignup.Annotations[toolchainv1alpha1.UserSignupLastTargetClusterAnnotationKey]) // was initially missing, and was not set }) @@ -167,7 +165,7 @@ func (s *TestSignupServiceSuite) TestSignup() { deactivatedUS.Status.Conditions = deactivated() fakeClient, application := testutil.PrepareInClusterApp(s.T(), deactivatedUS) fakeClient.MockUpdate = func(ctx gocontext.Context, obj client.Object, opts ...client.UpdateOption) error { - if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && obj.GetName() == "jsmith" { + if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && obj.GetName() == signupcommon.EncodeUserIdentifier("jsmith@kubesaw") { return errors.New("an error occurred") } return fakeClient.Client.Update(ctx, obj, opts...) @@ -183,13 +181,10 @@ func (s *TestSignupServiceSuite) TestSignup() { func (s *TestSignupServiceSuite) TestSignupFailsWhenClientReturnsError() { // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "zoeabernathy") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.OriginalSubKey, "original-sub-value") ctx.Set(context.EmailKey, "zabernathy@gmail.com") ctx.Set(context.GivenNameKey, "zoe") @@ -202,20 +197,17 @@ func (s *TestSignupServiceSuite) TestSignupFailsWhenClientReturnsError() { } // when - _, err = application.SignupService().Signup(ctx) + _, err := application.SignupService().Signup(ctx) require.EqualError(s.T(), err, "an internal error: an internal error happened") } func (s *TestSignupServiceSuite) TestSignupFailsWithNotFoundThenOtherError() { // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "lisasmith") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.OriginalSubKey, "original-sub-value") ctx.Set(context.EmailKey, "lsmith@gmail.com") ctx.Set(context.GivenNameKey, "lisa") @@ -224,14 +216,14 @@ func (s *TestSignupServiceSuite) TestSignupFailsWithNotFoundThenOtherError() { fakeClient, application := testutil.PrepareInClusterApp(s.T()) fakeClient.MockGet = func(ctx gocontext.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error { - if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && key.Name != userID.String() { + if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && key.Name == "lisasmith" { return errors2.NewInternalError(errors.New("something bad happened"), "something very bad happened") } return fakeClient.Client.Get(ctx, key, obj, opts...) } // when - _, err = application.SignupService().Signup(ctx) + _, err := application.SignupService().Signup(ctx) require.EqualError(s.T(), err, "something bad happened: something very bad happened") } @@ -239,7 +231,7 @@ func (s *TestSignupServiceSuite) TestGetSignupFailsWithNotFoundThenOtherError() // given fakeClient, application := testutil.PrepareInClusterApp(s.T()) fakeClient.MockGet = func(ctx gocontext.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error { - if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && key.Name != "000" { + if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && key.Name == "abc" { return errors2.NewInternalError(errors.New("something quite unfortunate happened"), "something bad") } return fakeClient.Client.Get(ctx, key, obj, opts...) @@ -248,7 +240,7 @@ func (s *TestSignupServiceSuite) TestGetSignupFailsWithNotFoundThenOtherError() c, _ := gin.CreateTestContext(httptest.NewRecorder()) // when - _, err := application.SignupService().GetSignup(c, "000", "abc", true) + _, err := application.SignupService().GetSignup(c, "", "abc", true) // then require.EqualError(s.T(), err, "something quite unfortunate happened: something bad") @@ -258,13 +250,10 @@ func (s *TestSignupServiceSuite) TestSignupNoSpaces() { s.ServiceConfiguration(true, "", 5) // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.OriginalSubKey, "original-sub-value") ctx.Set(context.EmailKey, "jsmith@gmail.com") ctx.Set(context.GivenNameKey, "jane") @@ -309,13 +298,10 @@ func (s *TestSignupServiceSuite) TestSignupWithCaptchaEnabled() { Verification().CaptchaScoreThreshold("0.8")) // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.OriginalSubKey, "original-sub-value") ctx.Set(context.EmailKey, "jsmith@gmail.com") ctx.Set(context.GivenNameKey, "jane") @@ -346,15 +332,12 @@ func (s *TestSignupServiceSuite) TestUserSignupWithInvalidSubjectPrefix() { s.ServiceConfiguration(true, "", 5) // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - username := "-sjones" rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, username) - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.EmailKey, "sjones@gmail.com") ctx.Set(context.GivenNameKey, "sam") ctx.Set(context.FamilyNameKey, "jones") @@ -383,49 +366,13 @@ func (s *TestSignupServiceSuite) TestUserSignupWithInvalidSubjectPrefix() { require.False(s.T(), strings.HasPrefix(val.Name, "-")) } -func (s *TestSignupServiceSuite) TestEncodeUserID() { - s.Run("test valid user ID unchanged", func() { - userID := "abcde-12345" - encoded := service.EncodeUserIdentifier(userID) - require.Equal(s.T(), userID, encoded) - }) - s.Run("test user ID with invalid characters", func() { - userID := "abcde\\*-12345" - encoded := service.EncodeUserIdentifier(userID) - require.Equal(s.T(), "c0177ca4-abcde-12345", encoded) - }) - s.Run("test user ID with invalid prefix", func() { - userID := "-1234567" - encoded := service.EncodeUserIdentifier(userID) - require.Equal(s.T(), "ca3e1e0f-1234567", encoded) - }) - s.Run("test user ID that exceeds max length", func() { - userID := "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-01234567890123456789" - encoded := service.EncodeUserIdentifier(userID) - require.Equal(s.T(), "e3632025-0123456789abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqr", encoded) - }) - s.Run("test user ID with colon separator", func() { - userID := "abc:xyz" - encoded := service.EncodeUserIdentifier(userID) - require.Equal(s.T(), "a05a4053-abcxyz", encoded) - }) - s.Run("test user ID with invalid end character", func() { - userID := "abc---" - encoded := service.EncodeUserIdentifier(userID) - require.Equal(s.T(), "ed6bd2b5-abc", encoded) - }) -} - func (s *TestSignupServiceSuite) TestUserWithExcludedDomainEmailSignsUp() { s.ServiceConfiguration(true, "redhat.com", 5) - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.EmailKey, "jsmith@redhat.com") ctx.Set(context.GivenNameKey, "jane") ctx.Set(context.FamilyNameKey, "smith") @@ -452,13 +399,10 @@ func (s *TestSignupServiceSuite) TestUserWithExcludedDomainEmailSignsUp() { func (s *TestSignupServiceSuite) TestCRTAdminUserSignup() { s.ServiceConfiguration(true, "redhat.com", 5) - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "jsmith-crtadmin") - ctx.Set(context.SubKey, userID.String()) + ctx.Set(context.SubKey, "987654321") ctx.Set(context.EmailKey, "jsmith@redhat.com") ctx.Set(context.GivenNameKey, "jane") ctx.Set(context.FamilyNameKey, "smith") @@ -476,11 +420,11 @@ func (s *TestSignupServiceSuite) TestCRTAdminUserSignup() { func (s *TestSignupServiceSuite) TestFailsIfUserSignupNameAlreadyExists() { s.ServiceConfiguration(true, "", 5) - signup := testusersignup.NewUserSignup(testusersignup.WithName("jsmith")) + signup := testusersignup.NewUserSignup(testusersignup.WithEncodedName("jsmith@kubesaw")) rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) - ctx.Set(context.UsernameKey, "jsmith") + ctx.Set(context.UsernameKey, "jsmith@kubesaw") ctx.Set(context.SubKey, "userid") ctx.Set(context.EmailKey, "jsmith@gmail.com") @@ -490,23 +434,17 @@ func (s *TestSignupServiceSuite) TestFailsIfUserSignupNameAlreadyExists() { _, err := application.SignupService().Signup(ctx) // then - require.EqualError(s.T(), err, "Operation cannot be fulfilled on \"\": UserSignup [id: userid; username: jsmith]. Unable to create UserSignup because there is already an active UserSignup with such ID") + require.EqualError(s.T(), err, "Operation cannot be fulfilled on \"\": UserSignup [id: userid; username: jsmith@kubesaw]. Unable to create UserSignup because there is already an active UserSignup with such ID") } func (s *TestSignupServiceSuite) TestFailsIfUserBanned() { s.ServiceConfiguration(true, "", 5) // given - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - - bannedUserID, err := uuid.NewV4() - require.NoError(s.T(), err) - bannedUser := &toolchainv1alpha1.BannedUser{ TypeMeta: v1.TypeMeta{}, ObjectMeta: v1.ObjectMeta{ - Name: bannedUserID.String(), + Name: "banned-user", Namespace: commontest.HostOperatorNs, Labels: map[string]string{ toolchainv1alpha1.BannedUserEmailHashLabelKey: "a7b1b413c1cbddbcd19a51222ef8e20a", @@ -516,18 +454,16 @@ func (s *TestSignupServiceSuite) TestFailsIfUserBanned() { Email: "jsmith@gmail.com", }, } - require.NoError(s.T(), err) rr := httptest.NewRecorder() ctx, _ := gin.CreateTestContext(rr) ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) ctx.Set(context.EmailKey, "jsmith@gmail.com") _, application := testutil.PrepareInClusterApp(s.T(), bannedUser) // when - _, err = application.SignupService().Signup(ctx) + _, err := application.SignupService().Signup(ctx) // then require.Error(s.T(), err) @@ -541,16 +477,10 @@ func (s *TestSignupServiceSuite) TestFailsIfUserBanned() { func (s *TestSignupServiceSuite) TestPhoneNumberAlreadyInUseBannedUser() { s.ServiceConfiguration(true, "redhat.com", 5) - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - - bannedUserID, err := uuid.NewV4() - require.NoError(s.T(), err) - bannedUser := &toolchainv1alpha1.BannedUser{ TypeMeta: v1.TypeMeta{}, ObjectMeta: v1.ObjectMeta{ - Name: bannedUserID.String(), + Name: "banneduser", Namespace: commontest.HostOperatorNs, Labels: map[string]string{ toolchainv1alpha1.BannedUserEmailHashLabelKey: "a7b1b413c1cbddbcd19a51222ef8e20a", @@ -561,18 +491,11 @@ func (s *TestSignupServiceSuite) TestPhoneNumberAlreadyInUseBannedUser() { Email: "jane.doe@gmail.com", }, } - require.NoError(s.T(), err) - - rr := httptest.NewRecorder() - ctx, _ := gin.CreateTestContext(rr) - ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) - ctx.Set(context.EmailKey, "jsmith@gmail.com") _, application := testutil.PrepareInClusterApp(s.T(), bannedUser) // when - err = application.SignupService().PhoneNumberAlreadyInUse(bannedUserID.String(), "jsmith", "+12268213044") + err := application.SignupService().PhoneNumberAlreadyInUse("", "jsmith", "+12268213044") // then require.EqualError(s.T(), err, "cannot re-register with phone number: phone number already in use") @@ -581,36 +504,16 @@ func (s *TestSignupServiceSuite) TestPhoneNumberAlreadyInUseBannedUser() { func (s *TestSignupServiceSuite) TestPhoneNumberAlreadyInUseUserSignup() { s.ServiceConfiguration(true, "", 5) - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - - signup := &toolchainv1alpha1.UserSignup{ - TypeMeta: v1.TypeMeta{}, - ObjectMeta: v1.ObjectMeta{ - Name: userID.String(), - Namespace: commontest.HostOperatorNs, - Labels: map[string]string{ - toolchainv1alpha1.UserSignupUserEmailHashLabelKey: "a7b1b413c1cbddbcd19a51222ef8e20a", - toolchainv1alpha1.UserSignupUserPhoneHashLabelKey: "fd276563a8232d16620da8ec85d0575f", - toolchainv1alpha1.UserSignupStateLabelKey: toolchainv1alpha1.UserSignupStateLabelValueApproved, - }, - }, - } - require.NoError(s.T(), err) - - rr := httptest.NewRecorder() - ctx, _ := gin.CreateTestContext(rr) - ctx.Set(context.UsernameKey, "jsmith") - ctx.Set(context.SubKey, userID.String()) - ctx.Set(context.EmailKey, "jsmith@gmail.com") + userSignup := testusersignup.NewUserSignup( + testusersignup.WithEncodedName("johnny@kubesaw"), + testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserEmailHashLabelKey, "a7b1b413c1cbddbcd19a51222ef8e20a"), + testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "fd276563a8232d16620da8ec85d0575f"), + testusersignup.WithLabel(toolchainv1alpha1.UserSignupStateLabelKey, toolchainv1alpha1.UserSignupStateLabelValueApproved)) - newUserID, err := uuid.NewV4() - require.NoError(s.T(), err) - - _, application := testutil.PrepareInClusterApp(s.T(), signup) + _, application := testutil.PrepareInClusterApp(s.T(), userSignup) // when - err = application.SignupService().PhoneNumberAlreadyInUse(newUserID.String(), "jsmith", "+12268213044") + err := application.SignupService().PhoneNumberAlreadyInUse("", "jsmith", "+12268213044") // then require.EqualError(s.T(), err, "cannot re-register with phone number: phone number already in use") @@ -674,7 +577,7 @@ func (s *TestSignupServiceSuite) TestGetUserSignupFails() { fakeClient, application := testutil.PrepareInClusterApp(s.T()) fakeClient.MockGet = func(ctx gocontext.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error { - if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && key.Name != username { + if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok && key.Name == username { return errors.New("an error occurred") } return fakeClient.Client.Get(ctx, key, obj, opts...) @@ -688,14 +591,11 @@ func (s *TestSignupServiceSuite) TestGetUserSignupFails() { } func (s *TestSignupServiceSuite) TestGetSignupNotFound() { - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - c, _ := gin.CreateTestContext(httptest.NewRecorder()) _, application := testutil.PrepareInClusterApp(s.T()) // when - signup, err := application.SignupService().GetSignup(c, userID.String(), "", true) + signup, err := application.SignupService().GetSignup(c, "", "does-not-exist", true) // then require.Nil(s.T(), signup) @@ -706,52 +606,28 @@ func (s *TestSignupServiceSuite) TestGetSignupStatusNotComplete() { // given s.ServiceConfiguration(true, "", 5) - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - c, _ := gin.CreateTestContext(httptest.NewRecorder()) - userSignupNotComplete := &toolchainv1alpha1.UserSignup{ - TypeMeta: v1.TypeMeta{}, - ObjectMeta: v1.ObjectMeta{ - Name: userID.String(), - Namespace: commontest.HostOperatorNs, - }, - Spec: toolchainv1alpha1.UserSignupSpec{ - IdentityClaims: toolchainv1alpha1.IdentityClaimsEmbedded{ - PreferredUsername: "bill", - }, - }, - Status: toolchainv1alpha1.UserSignupStatus{ - CompliantUsername: "bill", - Conditions: []toolchainv1alpha1.Condition{ - { - Type: toolchainv1alpha1.UserSignupComplete, - Status: apiv1.ConditionFalse, - Reason: "test_reason", - Message: "test_message", - }, - { - Type: toolchainv1alpha1.UserSignupApproved, - Status: apiv1.ConditionTrue, - Reason: toolchainv1alpha1.UserSignupApprovedAutomaticallyReason, - }, - }, - }, - } + userSignupNotComplete := testusersignup.NewUserSignup( + testusersignup.WithEncodedName("not-complete@kubesaw"), + testusersignup.WithCompliantUsername("bill"), + testusersignup.SignupIncomplete("test_reason", "test_message"), + testusersignup.ApprovedAutomaticallyAgo(0), + ) + states.SetVerificationRequired(userSignupNotComplete, true) _, application := testutil.PrepareInClusterApp(s.T(), userSignupNotComplete) // when - response, err := application.SignupService().GetSignup(c, userID.String(), "", true) + response, err := application.SignupService().GetSignup(c, "", "not-complete@kubesaw", true) // then require.NoError(s.T(), err) require.NotNil(s.T(), response) - require.Equal(s.T(), userID.String(), response.Name) - require.Equal(s.T(), "bill", response.Username) + require.Equal(s.T(), userSignupNotComplete.Name, response.Name) + require.Equal(s.T(), "not-complete@kubesaw", response.Username) require.Equal(s.T(), "bill", response.CompliantUsername) require.False(s.T(), response.Status.Ready) require.Equal(s.T(), "test_reason", response.Status.Reason) @@ -780,14 +656,14 @@ func (s *TestSignupServiceSuite) TestGetSignupStatusNotComplete() { // when // we set checkUserSignupCompleted to false - response, err := svc.GetSignup(c, userID.String(), userSignupNotComplete.Spec.IdentityClaims.PreferredUsername, false) + response, err := svc.GetSignup(c, "", "not-complete@kubesaw", false) // then require.NoError(s.T(), err) require.NotNil(s.T(), response) - require.Equal(s.T(), userID.String(), response.Name) - require.Equal(s.T(), "bill", response.Username) + require.Equal(s.T(), userSignupNotComplete.Name, response.Name) + require.Equal(s.T(), "not-complete@kubesaw", response.Username) require.Equal(s.T(), "bill", response.CompliantUsername) require.True(s.T(), response.Status.Ready) require.Equal(s.T(), "mur_ready_reason", response.Status.Reason) @@ -833,15 +709,12 @@ func (s *TestSignupServiceSuite) TestGetSignupNoStatusNotCompleteCondition() { } for _, status := range []toolchainv1alpha1.UserSignupStatus{noCondition, pendingApproval, noClusterApproval} { - userID, err := uuid.NewV4() - require.NoError(s.T(), err) - c, _ := gin.CreateTestContext(httptest.NewRecorder()) userSignup := &toolchainv1alpha1.UserSignup{ TypeMeta: v1.TypeMeta{}, ObjectMeta: v1.ObjectMeta{ - Name: userID.String(), + Name: "bill", Namespace: commontest.HostOperatorNs, }, Spec: toolchainv1alpha1.UserSignupSpec{ @@ -857,13 +730,13 @@ func (s *TestSignupServiceSuite) TestGetSignupNoStatusNotCompleteCondition() { _, application := testutil.PrepareInClusterApp(s.T(), userSignup) // when - response, err := application.SignupService().GetSignup(c, userID.String(), "bill", true) + response, err := application.SignupService().GetSignup(c, "", "bill", true) // then require.NoError(s.T(), err) require.NotNil(s.T(), response) - require.Equal(s.T(), userID.String(), response.Name) + require.Equal(s.T(), "bill", response.Name) require.Equal(s.T(), "bill", response.Username) require.Empty(s.T(), response.CompliantUsername) require.False(s.T(), response.Status.Ready) @@ -884,7 +757,7 @@ func (s *TestSignupServiceSuite) TestGetSignupDeactivated() { // given s.ServiceConfiguration(true, "", 5) - us := s.newUserSignupComplete() + username, us := s.newUserSignupComplete() us.Status.Conditions = deactivated() _, application := testutil.PrepareInClusterApp(s.T(), us) @@ -892,7 +765,7 @@ func (s *TestSignupServiceSuite) TestGetSignupDeactivated() { c, _ := gin.CreateTestContext(httptest.NewRecorder()) // when - signup, err := application.SignupService().GetSignup(c, us.Name, "", true) + signup, err := application.SignupService().GetSignup(c, "", username, true) // then require.Nil(s.T(), signup) @@ -906,7 +779,7 @@ func (s *TestSignupServiceSuite) TestGetSignupStatusOK() { s.Run("for apps subdomain: "+appsSubDomain, func() { s.ServiceConfiguration(true, "", 5) - us := s.newUserSignupComplete() + username, us := s.newUserSignupComplete() mur := s.newProvisionedMUR("ted") toolchainStatus := s.newToolchainStatus(appsSubDomain) space := s.newSpace(mur.Name) @@ -917,14 +790,14 @@ func (s *TestSignupServiceSuite) TestGetSignupStatusOK() { c, _ := gin.CreateTestContext(httptest.NewRecorder()) // when - response, err := application.SignupService().GetSignup(c, us.Name, "", true) + response, err := application.SignupService().GetSignup(c, "", username, true) // then require.NoError(s.T(), err) require.NotNil(s.T(), response) require.Equal(s.T(), us.Name, response.Name) - require.Equal(s.T(), "ted", response.Username) + require.Equal(s.T(), username, response.Username) require.Equal(s.T(), "ted", response.CompliantUsername) require.Equal(s.T(), mur.Status.ProvisionedTime.UTC().Format(time.RFC3339), response.StartDate) @@ -944,61 +817,6 @@ func (s *TestSignupServiceSuite) TestGetSignupStatusOK() { } } -func (s *TestSignupServiceSuite) TestGetSignupByUsernameOK() { - // given - s.ServiceConfiguration(true, "", 5) - - us := s.newUserSignupComplete() - us.Name = service.EncodeUserIdentifier(us.Spec.IdentityClaims.PreferredUsername) - // Set the scheduled deactivation timestamp 1 day in the future - deactivationTimestamp := time.Now().Add(time.Hour * 24).Round(time.Second).UTC() - us.Status.ScheduledDeactivationTimestamp = util.Ptr(v1.NewTime(deactivationTimestamp)) - - mur := s.newProvisionedMUR("ted") - // Set the provisioned time 29 days in the past - provisionedTime := time.Now().Add(-time.Hour * 24 * 29).Round(time.Second) - mur.Status.ProvisionedTime = util.Ptr(v1.NewTime(provisionedTime)) - - space := s.newSpace(mur.Name) - spacebinding := s.newSpaceBinding(mur.Name, space.Name) - toolchainStatus := s.newToolchainStatus(".apps.") - - fakeClient := commontest.NewFakeClient(s.T(), us, mur, space, spacebinding, toolchainStatus) - svc := service.NewSignupService(namespaced.NewClient(fakeClient, commontest.HostOperatorNs)) - - c, _ := gin.CreateTestContext(httptest.NewRecorder()) - - // when - response, err := svc.GetSignup(c, "foo", us.Spec.IdentityClaims.PreferredUsername, true) - - // then - require.NoError(s.T(), err) - require.NotNil(s.T(), response) - - // Confirm the StartDate is the same as the provisionedTime - require.Equal(s.T(), provisionedTime.UTC().Format(time.RFC3339), response.StartDate) - - // Confirm the end date is about the same as the deactivationTimestamp - responseEndDate, err := time.ParseInLocation(time.RFC3339, response.EndDate, nil) - require.NoError(s.T(), err) - require.Equal(s.T(), deactivationTimestamp, responseEndDate) - - require.Equal(s.T(), us.Name, response.Name) - require.Equal(s.T(), "ted", response.Username) - require.Equal(s.T(), "ted", response.CompliantUsername) - assert.True(s.T(), response.Status.Ready) - assert.Equal(s.T(), "mur_ready_reason", response.Status.Reason) - assert.Equal(s.T(), "mur_ready_message", response.Status.Message) - assert.False(s.T(), response.Status.VerificationRequired) - assert.Equal(s.T(), "https://console.apps.member-123.com", response.ConsoleURL) - assert.Equal(s.T(), "http://che-toolchain-che.member-123.com", response.CheDashboardURL) - assert.Equal(s.T(), "http://api.devcluster.openshift.com", response.APIEndpoint) - assert.Equal(s.T(), "member-123", response.ClusterName) - assert.Equal(s.T(), "https://proxy-url.com", response.ProxyURL) - assert.Equal(s.T(), "ted-dev", response.DefaultUserNamespace) - assert.Equal(s.T(), "https://rhods-dashboard-redhat-ods-applications.apps.member-123.com", response.RHODSMemberURL) -} - func (s *TestSignupServiceSuite) newToolchainStatus(appsSubDomain string) *toolchainv1alpha1.ToolchainStatus { toolchainStatus := &toolchainv1alpha1.ToolchainStatus{ TypeMeta: v1.TypeMeta{}, @@ -1043,14 +861,14 @@ func (s *TestSignupServiceSuite) TestGetSignupStatusFailGetToolchainStatus() { c, _ := gin.CreateTestContext(httptest.NewRecorder()) - us := s.newUserSignupComplete() + username, us := s.newUserSignupComplete() mur := s.newProvisionedMUR("ted") space := s.newSpace("ted") _, application := testutil.PrepareInClusterApp(s.T(), us, mur, space) // when - _, err := application.SignupService().GetSignup(c, us.Name, "", true) + _, err := application.SignupService().GetSignup(c, "", username, true) // then require.EqualError(s.T(), err, fmt.Sprintf("error when retrieving ToolchainStatus to set Che Dashboard for completed UserSignup %s: toolchainstatuses.toolchain.dev.openshift.com \"toolchain-status\" not found", us.Name)) @@ -1060,7 +878,7 @@ func (s *TestSignupServiceSuite) TestGetSignupMURGetFails() { // given s.ServiceConfiguration(true, "", 5) - us := s.newUserSignupComplete() + username, us := s.newUserSignupComplete() c, _ := gin.CreateTestContext(httptest.NewRecorder()) @@ -1074,7 +892,7 @@ func (s *TestSignupServiceSuite) TestGetSignupMURGetFails() { } // when - _, err := application.SignupService().GetSignup(c, us.Name, "", true) + _, err := application.SignupService().GetSignup(c, "", username, true) // then require.EqualError(s.T(), err, fmt.Sprintf("error when retrieving MasterUserRecord for completed UserSignup %s: an error occurred", us.Name)) @@ -1084,7 +902,7 @@ func (s *TestSignupServiceSuite) TestGetSignupReadyConditionStatus() { // given s.ServiceConfiguration(true, "", 5) - us := s.newUserSignupComplete() + username, us := s.newUserSignupComplete() c, _ := gin.CreateTestContext(httptest.NewRecorder()) @@ -1156,7 +974,7 @@ func (s *TestSignupServiceSuite) TestGetSignupReadyConditionStatus() { _, application := testutil.PrepareInClusterApp(s.T(), us, mur, space, toolchainStatus) // when - response, err := application.SignupService().GetSignup(c, us.Name, "", true) + response, err := application.SignupService().GetSignup(c, "", username, true) // then require.NoError(s.T(), err) @@ -1172,13 +990,11 @@ func (s *TestSignupServiceSuite) TestGetSignupBannedUserEmail() { s.ServiceConfiguration(true, "", 5) us := testusersignup.NewUserSignup( - testusersignup.WithName("ted"), + testusersignup.WithEncodedName("ted@kubesaw"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupUserEmailHashLabelKey, "a7b1b413c1cbddbcd19a51222ef8e20a"), testusersignup.ApprovedAutomaticallyAgo(time.Second), testusersignup.BannedAgo(time.Second), - func(signup *toolchainv1alpha1.UserSignup) { - signup.Status.CompliantUsername = "ted" - }) + testusersignup.WithCompliantUsername("ted")) _, application := testutil.PrepareInClusterApp(s.T(), us) rr := httptest.NewRecorder() @@ -1188,7 +1004,7 @@ func (s *TestSignupServiceSuite) TestGetSignupBannedUserEmail() { ctx.Set(context.EmailKey, "jsmith@gmail.com") // when - response, err := application.SignupService().GetSignup(ctx, us.Name, "", true) + response, err := application.SignupService().GetSignup(ctx, "", "ted@kubesaw", true) // then // return not found signup @@ -1294,41 +1110,6 @@ func (s *TestSignupServiceSuite) TestGetDefaultUserNamespaceFailNoSpace() { assert.Empty(s.T(), targetCluster) } -func (s *TestSignupServiceSuite) TestGetUserSignup() { - s.ServiceConfiguration(true, "", 5) - - s.Run("getusersignup ok", func() { - us := s.newUserSignupComplete() - _, application := testutil.PrepareInClusterApp(s.T(), us) - - val, err := application.SignupService().GetUserSignupFromIdentifier(us.Name, "") - require.NoError(s.T(), err) - require.Equal(s.T(), us.Name, val.Name) - }) - - s.Run("getusersignup returns error", func() { - fakeClient, application := testutil.PrepareInClusterApp(s.T()) - fakeClient.MockGet = func(ctx gocontext.Context, key client.ObjectKey, obj client.Object, opts ...client.GetOption) error { - if _, ok := obj.(*toolchainv1alpha1.UserSignup); ok { - return errors.New("get failed") - } - return fakeClient.Client.Get(ctx, key, obj, opts...) - } - - val, err := application.SignupService().GetUserSignupFromIdentifier("foo", "") - require.EqualError(s.T(), err, "get failed") - require.Nil(s.T(), val) - }) - - s.Run("getusersignup with unknown user", func() { - _, application := testutil.PrepareInClusterApp(s.T()) - - val, err := application.SignupService().GetUserSignupFromIdentifier("unknown", "") - require.True(s.T(), apierrors.IsNotFound(err)) - require.Nil(s.T(), val) - }) -} - func (s *TestSignupServiceSuite) TestIsPhoneVerificationRequired() { commontest.SetEnvVarAndRestore(s.T(), commonconfig.WatchNamespaceEnvVar, commontest.HostOperatorNs) @@ -1452,7 +1233,7 @@ func (s *TestSignupServiceSuite) TestGetSignupUpdatesUserSignupIdentityClaims() s.ServiceConfiguration(false, "", 5) // Create a new UserSignup, set its UserID and AccountID annotations - userSignup := s.newUserSignupComplete() + username, userSignup := s.newUserSignupComplete() mur := &toolchainv1alpha1.MasterUserRecord{ TypeMeta: v1.TypeMeta{}, @@ -1478,7 +1259,7 @@ func (s *TestSignupServiceSuite) TestGetSignupUpdatesUserSignupIdentityClaims() c.Set(context.UsernameKey, "cocochanel") fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, mur) - _, err := application.SignupService().GetSignup(c, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, true) + _, err := application.SignupService().GetSignup(c, "", username, true) require.NoError(s.T(), err) modified := &toolchainv1alpha1.UserSignup{} @@ -1501,7 +1282,7 @@ func (s *TestSignupServiceSuite) TestGetSignupUpdatesUserSignupIdentityClaims() c, _ := gin.CreateTestContext(httptest.NewRecorder()) c.Set(context.GivenNameKey, "Jonathan") - _, err := application.SignupService().GetSignup(c, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, true) + _, err := application.SignupService().GetSignup(c, "", username, true) require.NoError(s.T(), err) modified := &toolchainv1alpha1.UserSignup{} @@ -1527,7 +1308,7 @@ func (s *TestSignupServiceSuite) TestGetSignupUpdatesUserSignupIdentityClaims() c.Set(context.FamilyNameKey, "Smythe") c.Set(context.CompanyKey, "Red Hat") - _, err := application.SignupService().GetSignup(c, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, true) + _, err := application.SignupService().GetSignup(c, "", username, true) require.NoError(s.T(), err) modified := &toolchainv1alpha1.UserSignup{} @@ -1555,7 +1336,7 @@ func (s *TestSignupServiceSuite) TestGetSignupUpdatesUserSignupIdentityClaims() c.Set(context.OriginalSubKey, "jsmythe-original-sub") c.Set(context.EmailKey, "jsmythe@redhat.com") - _, err := application.SignupService().GetSignup(c, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, true) + _, err := application.SignupService().GetSignup(c, "", username, true) require.NoError(s.T(), err) modified := &toolchainv1alpha1.UserSignup{} @@ -1579,17 +1360,15 @@ func (s *TestSignupServiceSuite) TestGetSignupUpdatesUserSignupIdentityClaims() }) } -func (s *TestSignupServiceSuite) newUserSignupComplete() *toolchainv1alpha1.UserSignup { - return testusersignup.NewUserSignup( - testusersignup.WithName("ted"), +func (s *TestSignupServiceSuite) newUserSignupComplete() (string, *toolchainv1alpha1.UserSignup) { + return "ted@kubesaw", testusersignup.NewUserSignup( + testusersignup.WithEncodedName("ted@kubesaw"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupUserEmailHashLabelKey, "90cb861692508c36933b85dfe43f5369"), testusersignup.SignupComplete(""), testusersignup.ApprovedAutomaticallyAgo(time.Second), - func(signup *toolchainv1alpha1.UserSignup) { - signup.Status.CompliantUsername = "ted" - signup.Status.HomeSpace = "ted" - signup.Status.ScheduledDeactivationTimestamp = util.Ptr(v1.NewTime(time.Now().Add(30 * time.Hour * 24))) - }) + testusersignup.WithCompliantUsername("ted"), + testusersignup.WithHomeSpace("ted"), + testusersignup.WithScheduledDeactivationTimestamp(util.Ptr(v1.NewTime(time.Now().Add(30*time.Hour*24))))) } func (s *TestSignupServiceSuite) newProvisionedMUR(name string) *toolchainv1alpha1.MasterUserRecord { diff --git a/pkg/verification/service/verification_service_test.go b/pkg/verification/service/verification_service_test.go index 394eb858..93d9208e 100644 --- a/pkg/verification/service/verification_service_test.go +++ b/pkg/verification/service/verification_service_test.go @@ -135,14 +135,13 @@ func (s *TestVerificationServiceSuite) TestInitVerification() { gock.Observe(obs) userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johnny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.VerificationRequiredAgo(time.Second)) - // Create a second UserSignup which we will test by username lookup instead of UserID lookup. This will also function - // as some additional noise for the test + // Create a second UserSignup as some additional noise for the test userSignup2 := testusersignup.NewUserSignup( - testusersignup.WithName("jsmith"), + testusersignup.WithEncodedName("jsmith@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+61NUMBER"), testusersignup.VerificationRequiredAgo(time.Second)) @@ -151,7 +150,7 @@ func (s *TestVerificationServiceSuite) TestInitVerification() { // Test the init verification for the first UserSignup ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + err := application.VerificationService().InitVerification(ctx, "", "johnny@kubesaw", "+1NUMBER", "1") require.NoError(s.T(), err) signup := &toolchainv1alpha1.UserSignup{} @@ -186,8 +185,8 @@ func (s *TestVerificationServiceSuite) TestInitVerification() { gock.Observe(obs) ctx, _ = gin.CreateTestContext(httptest.NewRecorder()) - // This time we won't pass in the UserID, just the username yet still expect the UserSignup to be found - err = application.VerificationService().InitVerification(ctx, "", userSignup2.Spec.IdentityClaims.PreferredUsername, "+61NUMBER", "1") + // for the second usersignup + err = application.VerificationService().InitVerification(ctx, "", "jsmith@kubesaw", "+61NUMBER", "1") require.NoError(s.T(), err) signup2 := &toolchainv1alpha1.UserSignup{} @@ -245,7 +244,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationClientFailure() { gock.Observe(obs) userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johnny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.VerificationRequiredAgo(time.Second)) @@ -261,8 +260,8 @@ func (s *TestVerificationServiceSuite) TestInitVerificationClientFailure() { } ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") - require.EqualError(s.T(), err, "get failed: error retrieving usersignup: johny", err.Error()) + err := application.VerificationService().InitVerification(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + require.EqualError(s.T(), err, "get failed: error retrieving usersignup: ", err.Error()) }) s.Run("when client UPDATE call fails indefinitely should return error", func() { @@ -275,7 +274,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationClientFailure() { } ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + err := application.VerificationService().InitVerification(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") require.EqualError(s.T(), err, "there was an error while updating your account - please wait a moment before "+ "trying again. If this error persists, please contact the Developer Sandbox team at devsandbox@redhat.com "+ "for assistance: error while verifying phone code") @@ -295,7 +294,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationClientFailure() { } ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + err := application.VerificationService().InitVerification(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") require.NoError(s.T(), err) signup := &toolchainv1alpha1.UserSignup{} @@ -337,7 +336,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationPassesWhenMaxCountRea gock.Observe(obs) userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationInitTimestampAnnotationKey, now.Add(-25*time.Hour).Format(verificationservice.TimestampLayout)), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCounterAnnotationKey, "3"), @@ -347,7 +346,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationPassesWhenMaxCountRea fakeClient, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + err := application.VerificationService().InitVerification(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") require.NoError(s.T(), err) signup := &toolchainv1alpha1.UserSignup{} @@ -379,7 +378,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationFailsWhenCountContain now := time.Now() userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCounterAnnotationKey, "abc"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationInitTimestampAnnotationKey, now.Format(verificationservice.TimestampLayout)), @@ -388,7 +387,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationFailsWhenCountContain _, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + err := application.VerificationService().InitVerification(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") require.EqualError(s.T(), err, "daily limit exceeded: cannot generate new verification code") } @@ -405,7 +404,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationFailsDailyCounterExce now := time.Now() userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCounterAnnotationKey, strconv.Itoa(cfg.Verification().DailyLimit())), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationInitTimestampAnnotationKey, now.Format(verificationservice.TimestampLayout)), @@ -414,7 +413,7 @@ func (s *TestVerificationServiceSuite) TestInitVerificationFailsDailyCounterExce _, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") + err := application.VerificationService().InitVerification(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "+1NUMBER", "1") require.EqualError(s.T(), err, "daily limit exceeded: cannot generate new verification code", err.Error()) require.Empty(s.T(), userSignup.Annotations[toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey]) } @@ -434,19 +433,19 @@ func (s *TestVerificationServiceSuite) TestInitVerificationFailsWhenPhoneNumberI phoneHash := hash.EncodeString(e164PhoneNumber) alphaUserSignup := testusersignup.NewUserSignup( - testusersignup.WithName("alpha"), + testusersignup.WithEncodedName("alpha@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, phoneHash), testusersignup.WithLabel(toolchainv1alpha1.UserSignupStateLabelKey, toolchainv1alpha1.UserSignupStateLabelValueApproved), testusersignup.ApprovedManually()) bravoUserSignup := testusersignup.NewUserSignup( - testusersignup.WithName("bravo"), + testusersignup.WithEncodedName("bravo@kubesaw"), testusersignup.VerificationRequiredAgo(time.Second)) fakeClient, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), alphaUserSignup, bravoUserSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, bravoUserSignup.Name, bravoUserSignup.Spec.IdentityClaims.PreferredUsername, e164PhoneNumber, "1") + err := application.VerificationService().InitVerification(ctx, "", bravoUserSignup.Spec.IdentityClaims.PreferredUsername, e164PhoneNumber, "1") require.Error(s.T(), err) require.Equal(s.T(), "phone number already in use: cannot register using phone number: +19875551122", err.Error()) @@ -473,20 +472,20 @@ func (s *TestVerificationServiceSuite) TestInitVerificationOKWhenPhoneNumberInUs phoneHash := hash.EncodeString(e164PhoneNumber) alphaUserSignup := testusersignup.NewUserSignup( - testusersignup.WithName("alpha"), + testusersignup.WithEncodedName("alpha@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, phoneHash), testusersignup.WithLabel(toolchainv1alpha1.UserSignupStateLabelKey, toolchainv1alpha1.UserSignupStateLabelValueDeactivated), testusersignup.ApprovedManually(), testusersignup.Deactivated()) bravoUserSignup := testusersignup.NewUserSignup( - testusersignup.WithName("bravo"), + testusersignup.WithEncodedName("bravo@kubesaw"), testusersignup.VerificationRequiredAgo(time.Second)) fakeClient, application := testutil.PrepareInClusterAppWithOption(s.T(), httpClientFactoryOption(), alphaUserSignup, bravoUserSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().InitVerification(ctx, bravoUserSignup.Name, bravoUserSignup.Spec.IdentityClaims.PreferredUsername, e164PhoneNumber, "1") + err := application.VerificationService().InitVerification(ctx, "", bravoUserSignup.Spec.IdentityClaims.PreferredUsername, e164PhoneNumber, "1") require.NoError(s.T(), err) // Reload bravoUserSignup @@ -505,7 +504,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { s.Run("verification ok", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupCaptchaScoreAnnotationKey, "0.8"), @@ -516,7 +515,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") require.NoError(s.T(), err) signup := &toolchainv1alpha1.UserSignup{} @@ -529,7 +528,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { s.Run("verification ok for usersignup with username identifier", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("employee085"), + testusersignup.WithEncodedName("employee085@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupCaptchaScoreAnnotationKey, "0.7"), @@ -540,7 +539,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, "", "employee085", "654321") + err := application.VerificationService().VerifyPhoneCode(ctx, "", "employee085@kubesaw", "654321") require.NoError(s.T(), err) signup := &toolchainv1alpha1.UserSignup{} @@ -553,7 +552,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { s.Run("when verification code is invalid", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey, "000000"), @@ -563,7 +562,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { _, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") require.Error(s.T(), err) e := &crterrors.Error{} require.ErrorAs(s.T(), err, &e) @@ -574,7 +573,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { s.Run("when verification code has expired", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey, "123456"), @@ -584,7 +583,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { _, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") e := &crterrors.Error{} require.ErrorAs(s.T(), err, &e) require.Equal(s.T(), "expired: verification code expired", e.Error()) @@ -594,7 +593,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { s.Run("when verifications exceeded maximum attempts", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "3"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey, "123456"), @@ -604,14 +603,14 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { _, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") require.EqualError(s.T(), err, "too many verification attempts", err.Error()) }) s.Run("when verifications attempts has invalid value", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "ABC"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey, "123456"), @@ -621,7 +620,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") require.EqualError(s.T(), err, "too many verification attempts", err.Error()) signup := &toolchainv1alpha1.UserSignup{} @@ -634,7 +633,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { s.Run("when verifications expiry is corrupt", func() { userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey, "123456"), @@ -644,7 +643,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { _, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") require.EqualError(s.T(), err, "parsing time \"ABC\" as \"2006-01-02T15:04:05.000Z07:00\": cannot parse \"ABC\" as \"2006\": error parsing expiry timestamp", err.Error()) }) @@ -727,7 +726,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { ) userSignup := testusersignup.NewUserSignup( - testusersignup.WithName("johny"), + testusersignup.WithEncodedName("johny@kubesaw"), testusersignup.WithLabel(toolchainv1alpha1.UserSignupUserPhoneHashLabelKey, "+1NUMBER"), testusersignup.WithAnnotation(toolchainv1alpha1.UserVerificationAttemptsAnnotationKey, "0"), testusersignup.WithAnnotation(toolchainv1alpha1.UserSignupVerificationCodeAnnotationKey, "123456"), @@ -743,7 +742,7 @@ func (s *TestVerificationServiceSuite) TestVerifyPhoneCode() { fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup) ctx, _ := gin.CreateTestContext(httptest.NewRecorder()) - err := application.VerificationService().VerifyPhoneCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "123456") + err := application.VerificationService().VerifyPhoneCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "123456") // then signup := &toolchainv1alpha1.UserSignup{} @@ -777,7 +776,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, event) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) // then require.NoError(s.T(), err) @@ -795,7 +794,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, event) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) // then require.NoError(s.T(), err) @@ -815,7 +814,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, event) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) // then require.EqualError(s.T(), err, "too many verification attempts: 3") @@ -834,7 +833,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "invalid") + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "invalid") // then require.EqualError(s.T(), err, "invalid code: the provided code is invalid") @@ -853,7 +852,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, "invalid") + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, "invalid") // then require.EqualError(s.T(), err, "invalid code: the provided code is invalid") @@ -872,7 +871,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, event) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) // then require.EqualError(s.T(), err, "invalid code: the event is full") @@ -891,7 +890,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, event) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) // then require.EqualError(s.T(), err, "invalid code: the provided code is invalid") @@ -910,7 +909,7 @@ func (s *TestVerificationServiceSuite) testVerifyActivationCode(targetCluster st fakeClient, application := testutil.PrepareInClusterApp(s.T(), userSignup, event) // when - err := application.VerificationService().VerifyActivationCode(ctx, userSignup.Name, userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) + err := application.VerificationService().VerifyActivationCode(ctx, "", userSignup.Spec.IdentityClaims.PreferredUsername, event.Name) // then require.EqualError(s.T(), err, "invalid code: the provided code is invalid")