1#!/bin/sh 2# 3# Test the XOAUTH2 support in send 4# 5 6if test -z "${MH_OBJ_DIR}"; then 7 srcdir=`dirname "$0"`/../.. 8 MH_OBJ_DIR=`cd "${srcdir}" && pwd`; export MH_OBJ_DIR 9fi 10 11. "${srcdir}/test/oauth/common.sh" 12 13check_exit '-eq 1' send - 14 15test_send_only_fakehttp() { 16 start_fakehttp 17 test_send_no_servers "$@" 18 check_http_req 19} 20 21# 22# success cases 23# 24 25export XOAUTH 26XOAUTH='dXNlcj1ub2JvZHlAZXhhbXBsZS5jb20BYXV0aD1CZWFyZXIgdGVzdC1hY2Nlc3MBAQ==' 27 28# TEST 29start_test 'access token ready, smtp server accepts message' 30 31setup_draft 32 33fake_creds <<EOF 34access-nobody@example.com: test-access 35refresh-nobody@example.com: test-refresh 36expire-nobody@example.com: 2000000000 37EOF 38 39start_fakesmtp 40run_test "send -draft -server 127.0.0.1 -port ${smtp_port} -sasl -saslmech xoauth2 -authservice test -user nobody@example.com" 41 42# TEST 43start_test 'expired access token, refresh works, smtp server accepts message' 44 45setup_draft 46 47fake_creds <<EOF 48access-nobody@example.com: old-access 49refresh-nobody@example.com: test-refresh 50expire-nobody@example.com: 1414303986 51EOF 52 53expect_http_post_refresh 54 55fake_json_response <<EOF 56{ 57 "access_token": "test-access", 58 "token_type": "Bearer", 59 "expires_in": 3600 60} 61EOF 62 63expect_creds <<EOF 64access-nobody@example.com: test-access 65refresh-nobody@example.com: test-refresh 66expire-nobody@example.com: 67EOF 68 69test_send 70 71check_creds_private 72check_creds 73 74# TEST 75start_test 'expired access token, refresh works and gets updated, smtp server accepts message' 76 77setup_draft 78 79fake_creds <<EOF 80access-nobody@example.com: old-access 81refresh-nobody@example.com: old-refresh 82expire-nobody@example.com: 1414303986 83EOF 84 85expect_http_post_old_refresh 86 87fake_json_response <<EOF 88{ 89 "access_token": "test-access", 90 "refresh_token": "test-refresh", 91 "token_type": "Bearer" 92} 93EOF 94 95expect_creds <<EOF 96access-nobody@example.com: test-access 97refresh-nobody@example.com: test-refresh 98EOF 99 100test_send 101 102check_creds 103 104# TEST 105start_test 'access token has no expiration, refresh works, smtp server accepts message' 106 107setup_draft 108 109fake_creds <<EOF 110access-nobody@example.com: old-access 111refresh-nobody@example.com: test-refresh 112EOF 113 114expect_http_post_refresh 115 116fake_json_response <<EOF 117{ 118 "access_token": "test-access", 119 "token_type": "Bearer" 120} 121EOF 122 123expect_creds <<EOF 124access-nobody@example.com: test-access 125refresh-nobody@example.com: test-refresh 126EOF 127 128test_send 129 130check_creds 131 132# TEST 133start_test 'no access token, refresh works, smtp server accepts message' 134 135setup_draft 136 137fake_creds <<EOF 138refresh-nobody@example.com: test-refresh 139EOF 140 141expect_http_post_refresh 142 143fake_json_response <<EOF 144{ 145 "access_token": "test-access", 146 "token_type": "Bearer" 147} 148EOF 149 150expect_creds <<EOF 151access-nobody@example.com: test-access 152refresh-nobody@example.com: test-refresh 153EOF 154 155test_send 156 157check_creds 158 159# 160# fail cases 161# 162 163setup_draft 164 165# TEST 166start_test 'no service definition' 167 168run_test "send -draft -server 127.0.0.1 -port ${smtp_port} -sasl -saslmech xoauth2 -authservice bogus -user nobody@example.com" 'send: Unable to retrieve oauth profile entries: scope is missing' 169 170# TEST 171start_test 'no creds file -- should tell user to mhlogin' 172 173rm -f "${MHTMPDIR}/oauth-test" 174 175test_send_only_fakesmtp 'post: no credentials -- run mhlogin -saslmech xoauth2 -authservice test 176send: message not delivered to anyone' 177 178# TEST 179start_test 'empty creds file -- should tell user to mhlogin' 180 181fake_creds < /dev/null 182 183test_send_only_fakesmtp 'post: user not found in cred file: nobody@example.com 184send: message not delivered to anyone' 185 186# TEST 187start_test 'garbage creds file' 188 189echo bork | fake_creds 190 191test_send_only_fakesmtp 'post: eof encountered in field "bork" 192post: error loading cred file 193send: message not delivered to anyone' 194 195# TEST 196start_test 'unexpected field in creds file' 197 198fake_creds <<EOF 199bork: bork 200access-nobody@example.com: test-access 201EOF 202 203test_send_only_fakesmtp 'post: error loading cred file: unexpected field 204send: message not delivered to anyone' 205 206# TEST 207start_test 'garbage expiration time' 208 209fake_creds <<EOF 210access-nobody@example.com: test-access 211expire-nobody@example.com: 99999999999999999999999999999999 212EOF 213 214test_send_only_fakesmtp 'post: error loading cred file: invalid expiration time 215send: message not delivered to anyone' 216 217# TEST 218start_test 'refresh response has no access token' 219 220fake_creds <<EOF 221refresh-nobody@example.com: test-refresh 222EOF 223 224expect_http_post_refresh 225 226fake_json_response <<EOF 227{ 228 "refresh_token": "refresh-token", 229 "token_type": "Bearer" 230} 231EOF 232 233test_send 'post: error refreshing OAuth2 token 234post: invalid response: no access token 235send: message not delivered to anyone' 236 237# TEST 238start_test 'expired access token, no refresh token -- tell user to mhlogin' 239 240fake_creds <<EOF 241access-nobody@example.com: test-access 242expire-nobody@example.com: 1414303986 243EOF 244 245test_send_only_fakesmtp 'post: no valid credentials -- run mhlogin -saslmech xoauth2 -authservice test 246send: message not delivered to anyone' 247 248# TEST 249start_test 'access token has no expiration, no refresh token -- tell user to mhlogin' 250 251fake_creds <<EOF 252access-nobody@example.com: test-access 253EOF 254 255test_send_only_fakesmtp 'post: no valid credentials -- run mhlogin -saslmech xoauth2 -authservice test 256send: message not delivered to anyone' 257 258# TEST 259start_test 'refresh finds no http server' 260 261fake_creds <<EOF 262access-nobody@example.com: test-access 263refresh-nobody@example.com: test-refresh 264EOF 265 266cat > "${testname}.expected-send-output" <<EOF 267post: error refreshing OAuth2 token 268post: error making HTTP request to OAuth2 authorization endpoint: [details] 269send: message not delivered to anyone 270EOF 271 272start_fakesmtp 273run_prog send -draft -server 127.0.0.1 -port ${smtp_port} \ 274 -sasl -saslmech xoauth2 -authservice test -user nobody@example.com > "${testname}.send-output" 2>&1 || true 275# Clear out an error message we get from libcurl on some systems (seen at least 276# 3 different versions of this error message, on FreeBSD 10.1, Ubuntu 12.04, and 277# Ubuntu 14.04). 278f="${testname}.send-output" 279sed 's/\(post: error making HTTP request to OAuth2 authorization endpoint:\).*/\1 [details]/' "$f" > "$f".clean 280check "$f".clean "${testname}.expected-send-output" 281rm "$f" 282 283# TEST 284start_test 'refresh gets bogus 200 response from http server' 285 286expect_http_post_refresh 287 288fake_http_response '200 OK' <<EOF 289Content-Type: text/html 290 291<html>doh!</htmxl> 292EOF 293 294test_send 'post: error refreshing OAuth2 token 295post: invalid response 296send: message not delivered to anyone' 297 298# TEST 299start_test 'refresh gets 500 response from http server' 300 301expect_http_post_refresh 302 303fake_http_response '500 Server Error' <<EOF 304Content-Type: text/html 305 306<html>doh!</html> 307EOF 308 309test_send 'post: error refreshing OAuth2 token 310post: invalid response 311send: message not delivered to anyone' 312 313# TEST 314start_test 'refresh gets proper error from http' 315 316expect_http_post_refresh 317 318fake_http_response '400 Bad Request' <<EOF 319Content-Type: application/json 320 321{ 322 "error": "invalid_grant" 323} 324EOF 325 326test_send 'post: credentials rejected -- run mhlogin -saslmech xoauth2 -authservice test 327send: message not delivered to anyone' 328 329# TEST 330start_test 'refresh gets response too big' 331 332fake_creds <<EOF 333refresh-nobody@example.com: test-refresh 334EOF 335 336expect_http_post_refresh 337 338fake_json_response <<EOF 339{ 340 "access_token": "test-access", 341 "token_type": "Bearer", 342 "expires_in": 3600 343} 344EOF 345 346awk 'BEGIN { for (i = 0; i < 8192; i++) { print "." } }' \ 347 >> "${testname}.http-res" 348 349test_send 'post: error refreshing OAuth2 token 350post: refusing to process response body larger than 8192 bytes 351send: message not delivered to anyone' 352 353# TEST 354start_test 'smtp server rejects token' 355 356XOAUTH='not-that-one' 357 358fake_creds <<EOF 359access-nobody@example.com: test-access 360expire-nobody@example.com: 2000000000 361EOF 362 363test_send_only_fakesmtp 'post: problem initializing server; [BHST] Authentication failed: Not no way, not no how! 364send: message not delivered to anyone' 365 366# TEST 367start_test 'botched json response' 368 369fake_creds <<EOF 370refresh-nobody@example.com: test-refresh 371EOF 372 373expect_http_post_refresh 374 375fake_json_response <<EOF 376{ 377 "refresh_token": "refresh-toke 378} 379EOF 380 381test_send 'post: error refreshing OAuth2 token 382post: invalid response 383send: message not delivered to anyone' 384 385# TEST 386start_test "smtp server doesn't support oauth" 387 388unset XOAUTH 389 390test_send_only_fakesmtp 'post: problem initializing server; [BHST] SMTP server does not support SASL 391send: message not delivered to anyone' 392 393clean_fakesmtp 394clean_fakehttp 395finish_test 396 397exit ${failed:-0} 398