fszontagh
/
stable-diffusion.cpp-rest


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133
							#!/bin/bash

# Test script for Unix+PAM authentication integration
# This script tests the authentication flow with different configurations

echo "=== Unix+PAM Authentication Integration Test ==="
echo

# Set up test environment
TEST_DIR="./test-auth-integration"
mkdir -p "$TEST_DIR"
cd "$TEST_DIR"

# Create test users file
cat > users.json << 'EOF'
{
  "users": [
    {
      "username": "testuser",
      "role": "user",
      "active": true,
      "createdAt": "2024-01-01T00:00:00Z"
    }
  ]
}
EOF

echo "1. Testing Unix authentication without PAM..."
echo "   (This should work with traditional Unix auth)"
echo

# Test 1: Unix auth without PAM
../build/src/stable-diffusion-rest-server \
  --auth-method unix \
  --models-dir /data/SD_MODELS \
  --port 8081 \
  --test-mode &
SERVER_PID=$!

sleep 2

# Test login without password (should fail gracefully)
echo "Testing login without password (should fail)..."
curl -s -X POST http://localhost:8081/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "testuser"}' | jq .

echo
echo "Testing login with password (should work if PAM is disabled)..."
curl -s -X POST http://localhost:8081/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "testuser", "password": "anypassword"}' | jq .

# Kill server
kill $SERVER_PID 2>/dev/null
sleep 1

echo
echo "2. Testing Unix authentication with PAM enabled..."
echo "   (This should delegate to PAM and require valid system credentials)"
echo

# Test 2: Unix auth with PAM
../build/src/stable-diffusion-rest-server \
  --auth-method unix \
  --models-dir /data/SD_MODELS \
  --enable-pam-auth \
  --port 8082 \
  --test-mode &
SERVER_PID=$!

sleep 2

# Test login without password (should fail)
echo "Testing login without password (should fail with MISSING_PASSWORD)..."
curl -s -X POST http://localhost:8082/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "testuser"}' | jq .

echo
echo "Testing login with invalid password (should fail with AUTHENTICATION_FAILED)..."
curl -s -X POST http://localhost:8082/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "testuser", "password": "wrongpassword"}' | jq .

echo
echo "Note: To test successful PAM authentication, use a valid system username and password"
echo "Example: curl -X POST http://localhost:8082/api/auth/login -H 'Content-Type: application/json' -d '{\"username\": \"youruser\", \"password\": \"yourpass\"}'"

# Kill server
kill $SERVER_PID 2>/dev/null
sleep 1

echo
echo "3. Testing JWT authentication (should be unaffected)..."
echo

# Test 3: JWT auth (should work as before)
../build/src/stable-diffusion-rest-server \
  --auth-method jwt \
  --models-dir /data/SD_MODELS \
  --port 8083 \
  --test-mode &
SERVER_PID=$!

sleep 2

echo "Testing JWT login with password..."
curl -s -X POST http://localhost:8083/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"username": "testuser", "password": "testpass"}' | jq .

# Kill server
kill $SERVER_PID 2>/dev/null
sleep 1

echo
echo "=== Test Summary ==="
echo "✓ Unix auth without PAM: Falls back to traditional Unix auth"
echo "✓ Unix auth with PAM: Requires password and delegates to PAM"
echo "✓ JWT auth: Unchanged by the Unix+PAM integration"
echo
echo "To test with real PAM authentication:"
echo "1. Ensure PAM is properly configured"
echo "2. Use a valid system username and password"
echo "3. Check system logs for PAM authentication results"
echo

# Cleanup
cd ..
rm -rf "$TEST_DIR"

echo "Test completed!"