Test different plugin authentication credentials

2 files changed, 62 insertions, 10 deletions

diff --git a/mullvad-tests/src/lib.rs b/mullvad-tests/src/lib.rs
index d60d19f916..54aea065c8 100644
--- a/mullvad-tests/src/lib.rs
+++ b/mullvad-tests/src/lib.rs
@@ -278,16 +278,29 @@ impl Drop for DaemonRunner {
 }
 
 pub struct MockOpenVpnPluginRpcClient {
+    credentials: String,
     rpc: WsIpcClient,
 }
 
 impl MockOpenVpnPluginRpcClient {
-    pub fn with_address(address: String) -> Result<Self, String> {
+    pub fn new(address: String, credentials: String) -> Result<Self, String> {
         let rpc = WsIpcClient::connect(&address).map_err(|error| {
             format!("Failed to create Mock OpenVPN plugin RPC client: {}", error)
         })?;
 
-        Ok(MockOpenVpnPluginRpcClient { rpc })
+        Ok(MockOpenVpnPluginRpcClient { rpc, credentials })
+    }
+
+    pub fn authenticate(&mut self) -> Result<bool, String> {
+        self.rpc
+            .call("authenticate", &[&self.credentials])
+            .map_err(|error| format!("Failed to authenticate mock OpenVPN IPC client: {}", error))
+    }
+
+    pub fn authenticate_with(&mut self, credentials: &str) -> Result<bool, String> {
+        self.rpc
+            .call("authenticate", &[credentials])
+            .map_err(|error| format!("Failed to authenticate mock OpenVPN IPC client: {}", error))
     }
 
     pub fn up(&mut self) -> Result<(), String> {
diff --git a/mullvad-tests/tests/connection.rs b/mullvad-tests/tests/connection.rs
index c26246722a..299a5e59ec 100644
--- a/mullvad-tests/tests/connection.rs
+++ b/mullvad-tests/tests/connection.rs
@@ -94,6 +94,36 @@ fn ignores_event_from_unauthorized_connection_from_openvpn_plugin() {
     assert_eq!(rpc_client.get_state().unwrap(), CONNECTING_STATE);
 }
 
+#[test]
+fn authentication_credentials() {
+    let mut daemon = DaemonRunner::spawn();
+    let mut rpc_client = daemon.rpc_client().unwrap();
+    let openvpn_args_file = daemon.mock_openvpn_args_file();
+    let state_events = rpc_client.new_state_subscribe().unwrap();
+
+    rpc_client.set_account(Some("123456".to_owned())).unwrap();
+    rpc_client.connect().unwrap();
+
+    assert_state_event(&state_events, CONNECTING_STATE);
+
+    let mut mock_plugin_client = create_mock_openvpn_plugin_client(openvpn_args_file);
+
+    assert_eq!(
+        mock_plugin_client.authenticate_with(&String::new()),
+        Ok(false)
+    );
+    assert_eq!(
+        mock_plugin_client.authenticate_with(&"fake-secret".to_owned()),
+        Ok(false)
+    );
+    assert_eq!(mock_plugin_client.authenticate(), Ok(true));
+    // Ensure it doesn't accept additional incorrect credentials
+    assert_eq!(
+        mock_plugin_client.authenticate_with(&"different-secret".to_owned()),
+        Ok(false)
+    );
+}
+
 fn assert_state_event(receiver: &mpsc::Receiver<DaemonState>, expected_state: DaemonState) {
     let received_state = receiver
         .recv_timeout(Duration::from_secs(1))
@@ -112,13 +142,13 @@ fn assert_no_state_event(receiver: &mpsc::Receiver<DaemonState>) {
 fn create_mock_openvpn_plugin_client<P: AsRef<Path>>(
     openvpn_args_file_path: P,
 ) -> MockOpenVpnPluginRpcClient {
-    let address = get_plugin_address(openvpn_args_file_path);
+    let (address, credentials) = get_plugin_arguments(openvpn_args_file_path);
 
-    MockOpenVpnPluginRpcClient::with_address(address)
+    MockOpenVpnPluginRpcClient::new(address, credentials)
         .expect("Failed to create mock RPC client to connect to OpenVPN plugin event listener")
 }
 
-fn get_plugin_address<P: AsRef<Path>>(openvpn_args_file_path: P) -> String {
+fn get_plugin_arguments<P: AsRef<Path>>(openvpn_args_file_path: P) -> (String, String) {
     let args_file_path = openvpn_args_file_path.as_ref();
 
     wait_for_file_write_finish(&args_file_path, Duration::from_secs(5));
@@ -128,12 +158,21 @@ fn get_plugin_address<P: AsRef<Path>>(openvpn_args_file_path: P) -> String {
         args_file_path.display(),
     ));
 
-    let args = BufReader::new(args_file).lines();
+    let args_reader = BufReader::new(args_file).lines();
+    let mut arguments = args_reader
+        .skip_while(|element| {
+            element.is_ok() && !element.as_ref().unwrap().contains(OPENVPN_PLUGIN_NAME)
+        })
+        .skip(1);
 
-    args.skip_while(|element| {
-        element.is_ok() && !element.as_ref().unwrap().contains(OPENVPN_PLUGIN_NAME)
-    }).skip(1)
+    let address = arguments
         .next()
         .expect("Missing OpenVPN plugin RPC listener address argument")
-        .expect("Failed to read from mock OpenVPN command line file")
+        .expect("Failed to read from mock OpenVPN arguments file");
+    let credentials = arguments
+        .next()
+        .expect("Missing OpenVPN plugin RPC listener credentials argument")
+        .expect("Failed to read from mock OpenVPN arguments file");
+
+    (address, credentials)
 }