From 1ecd083b4746a9b10cec98a1254da248d01dce15 Mon Sep 17 00:00:00 2001
From: Leandro Dorileo <dorileo@google.com>
Date: Tue, 19 Sep 2023 13:21:28 -0700
Subject: [PATCH] oslogin test: update tests based on new authorization
 implementation (#792)

The new implementation removes the use of one of the PAM modules and
introduces AuthorizedPrincipalsCommand - for now we are not checking
for AuthorizedPrincipalsCommand until the changes to guest-agent
gets GA'ed.
---
 imagetest/test_suites/oslogin/oslogin_test.go | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/imagetest/test_suites/oslogin/oslogin_test.go b/imagetest/test_suites/oslogin/oslogin_test.go
index b2423300b..fad67af62 100644
--- a/imagetest/test_suites/oslogin/oslogin_test.go
+++ b/imagetest/test_suites/oslogin/oslogin_test.go
@@ -37,17 +37,18 @@ func TestOsLoginEnabled(t *testing.T) {
 	if err != nil {
 		t.Fatalf("cannot read /etc/ssh/sshd_config")
 	}
-	var found bool
+	var foundAuthorizedKeys bool
 	for _, line := range strings.Split(string(data), "\n") {
 		line = strings.TrimSpace(line)
 		if strings.HasPrefix(line, "#") {
 			continue
 		}
 		if strings.Contains(line, "AuthorizedKeysCommand") && strings.Contains(line, "/usr/bin/google_authorized_keys") {
-			found = true
+			foundAuthorizedKeys = true
 		}
 	}
-	if !found {
+
+	if !foundAuthorizedKeys {
 		t.Errorf("AuthorizedKeysCommand not set up for OS Login.")
 	}
 
@@ -57,7 +58,7 @@ func TestOsLoginEnabled(t *testing.T) {
 		t.Fatalf("cannot read /etc/pam.d/sshd")
 	}
 	contents := string(data)
-	if !strings.Contains(contents, "pam_oslogin_login.so") || !strings.Contains(contents, "pam_oslogin_admin.so") {
+	if !strings.Contains(contents, "pam_oslogin_login.so") {
 		t.Errorf("OS Login PAM module missing from pam.d/sshd.")
 	}
 }
@@ -99,7 +100,7 @@ func TestOsLoginDisabled(t *testing.T) {
 		t.Fatalf("cannot read /etc/pam.d/sshd")
 	}
 	contents := string(data)
-	if strings.Contains(contents, "pam_oslogin_login.so") || strings.Contains(contents, "pam_oslogin_admin.so") {
+	if strings.Contains(contents, "pam_oslogin_login.so") {
 		t.Errorf("OS Login PAM module wrongly included in pam.d/sshd when disabled.")
 	}
 }