diff --git a/src/tests/system/tests/test_passkey.py b/src/tests/system/tests/test_passkey.py index 3ce26a68a38..5a021456693 100644 --- a/src/tests/system/tests/test_passkey.py +++ b/src/tests/system/tests/test_passkey.py @@ -411,3 +411,41 @@ def test_passkey__su_same_key_for_multi_user( ioctl=f"{moduledatadir}/umockdev.ioctl", script=f"{testdatadir}/umockdev.script.{suffix}.{user}", ) + + +@pytest.mark.importance("high") +@pytest.mark.ticket(jira="SSSD-7011", gh=7066) +@pytest.mark.topology(KnownTopologyGroup.AnyAD) +@pytest.mark.builtwith(client="passkey", provider="passkey") +def test_passkey__ssh_key_as_passkey_mapping_token(client: Client, provider: GenericADProvider): + """ + :title: Check ssh key as a passkey mapping token with AD and Samba server. + :setup: + 1. Add a users in AD and Samba server and add a ssh key a passkey mapping. + 2. Setup SSSD client with FIDO, start SSSD service. + :steps: + 1. Required error message in pam log. + :expectedresults: + 1. Successfully get the expected message in pam log. + :customerscenario: False + """ + + ssh_key = ( + "ssh-rsa\20AAAAB3NzaC1yc2EAAAADAQABAAABgQCa+l8uZ6Q5G58PVMe1na7NrOMTzo2wOZfFwo0fM3RbvfAdlz/ws" + "Gwln2+EXA19FiXu/nNj4EwYGP9hymKuYaXzpq40k0VbhEL1v/qzXQvuKZgNx42vxi7NITaaAXuYj8OZQsZTvv+xgkREZ" + "mhQ6YqEjTJ0JzpD9fj8Gf8Mgn8pdsb/ZODLMAwEKtQ2DaWqH5jCqzoGEJlRl+kRbnrHc+RQrmj7NnY1voEJNrmzCyJFH" + "5awZyBl/ZdbvpnwCKnVEleBFULrOIfJ9lc/QMmURCMa6RfW5CFrxdtjUwiIxfMiHe+zUY5T9L0Q6FWnlfNz/63Xdcrw1" + "Gc90OCZKcqf/4P9N5flGSGSfiO5fD8gCCJ0c3WhxSVMREDP3ibKDsz8yhw2OuyGcfRo4nnchxy9G7031m2t9rUXc12eS" + "1EKGJiPiT9IuTQ9nCG2PslkqR+KUMiYoS9MqTsAj9HhuTMkFhcYFyufxFmt/S4rIqVwmP8lY4GwwJwOnZwNLj/I2HwC+" + "pk=\20testuser@fedora.test.local" + ) + provider.user("user1").add().passkey_add(ssh_key) + + client.sssd.start() + + # We are running simple su not to check authentication with passkey but just to get + # expected log message. + client.auth.su.password("user1", "Secret123"), "login with wrong password succeeded" + + pam_log = client.fs.read(client.sssd.logs.pam) + assert "Mapping data found is not passkey related" in pam_log, "String was not found in the logs"