lemonldap-ng/lemonldap-ng-portal/t/test-lib.pm

# Base library for portal tests
package main;

use strict;
use Data::Dumper;
use LWP::UserAgent;
use URI::Escape;
use Lemonldap::NG::Common::FormEncode;
use 5.10.0;

no warnings 'redefine';

BEGIN {
    use_ok('Lemonldap::NG::Portal::Main');
}

our $count = 1;
$Data::Dumper::Deparse  = 1;
$Data::Dumper::Sortkeys = 1;
$Data::Dumper::Useperl  = 1;
my $ini;

sub count {
    my $c = shift;
    $count += $c if ($c);
    return $count;
}

sub main::explain {
    my ( $get, $ref ) = @_;
    $get = Dumper($get) if ( ref $get );
    diag("Expect $ref, get $get\n");
}

sub clean_sessions {
    opendir D, 't/sessions' or die $!;
    foreach ( grep { /^[^\.]/ } readdir(D) ) {
        unlink "t/sessions/$_", "t/sessions/lock/Apache-Session-$_.lock";
    }
    foreach my $dir (qw(t/sessions/lock t/sessions/saml/lock t/sessions/saml)) {
        if ( -d $dir ) {
            opendir D, $dir or die $!;
            foreach ( grep { /^[^\.]/ } readdir(D) ) {
                unlink "$dir/$_";
            }
        }
    }
    my $cache = getCache();
    $cache->clear;
}

sub getCache {
    require Cache::FileCache;
    return Cache::FileCache->new(
        {
            namespace   => 'lemonldap-ng-session',
            cache_root  => 't/',
            cache_depth => 0,
        }
    );
}

sub expectRedirection {
    my ( $res, $location ) = @_;
    ok( $res->[0] == 302, ' Get redirection' )
      or explain( $res->[0], 302 );
    count(1);
    if ( ref $location ) {
        my @match;
        @match = ( getRedirection($res) =~ $location );
        ok( @match, ' Location header found' )
          or explain( $res->[1], "Location match: " . Dumper($location) );
        count(1);
        return @match;
    }
    else {
        ok( getRedirection($res) eq $location, " Location is $location" )
          or explain( $res->[1], "Location => $location" );
        count(1);
    }
}

sub expectAutoPost {
    my @r      = expectForm(@_);
    my $method = pop @r;
    ok( $method =~ /^post$/i, ' Method is POST' ) or explain( $method, 'POST' );
    count(1);
    return @r;
}

sub expectForm {
    my ( $res, $hostRe, $uriRe, @requiredFields ) = @_;
    expectOK($res);
    count(1);
    if (
        ok(
            $res->[2]->[0] =~
m@<form.+?action="(?:(?:http://([^/]+))?(/.*?)?|(#))".+method="(post|get)"@is,
            ' Page contains a form'
        )
      )
    {
        my ( $host, $uri, $hash, $method ) = ( $1, $2, $3, $4 );
        if ( $hash and $hash eq '#' ) {
            $host = '#';
            $uri  = '';
        }
        if ($hostRe) {
            if ( ref $hostRe ) {
                ok( $host =~ $hostRe, ' Host match' )
                  or explain( $host, $hostRe );
            }
            else {
                ok( $host eq $hostRe, ' Host match' )
                  or explain( $host, $hostRe );
            }
            count(1);
        }
        if ($uriRe) {
            if ( ref $uriRe ) {
                ok( $uri =~ $uriRe, ' URI match' ) or explain( $uri, $uriRe );
            }
            else {
                ok( $uri eq $uriRe, ' URI match' ) or explain( $uri, $uriRe );
            }
            count(1);
        }
        my %fields =
          ( $res->[2]->[0] =~
              m#<input.+?name="([^"]+)"[^>]+?value="([^"]*?)"#gs );
        my $query = join( '&',
            map { "$_=" . uri_escape( uri_unescape( $fields{$_} ) ) }
              keys(%fields) );
        foreach my $f (@requiredFields) {
            ok( defined $fields{$f}, qq{ Field "$f" is defined} );
            count(1);
        }
        exceptCspFormOK( $res, $host );
        return ( $host, $uri, $query, $method );
    }
    else {
        return ();
    }
}

sub expectAuthenticatedAs {
    my ( $res, $user ) = @_;
    ok( getHeader( $res, 'Lm-Remote-User' ) eq $user,
        " Authenticated as $user" )
      or explain( $res->[1], "Lm-Remote-User => $user" );
    count(1);
}

sub expectOK {
    my ($res) = @_;
    ok( $res->[0] == 200, ' HTTP code is 200' ) or explain( $res, 200 );
    count(1);
}

sub expectBadRequest {
    my ($res) = @_;
    ok( $res->[0] == 400, ' HTTP code is 400' ) or explain( $res->[0], 400 );
    count(1);
}

sub expectReject {
    my ( $res, $code ) = @_;
    ok( $res->[0] == 401, ' Response is 401' ) or explain( $res->[0], 401 );
    eval { $res = JSON::from_json( $res->[2]->[0] ) };
    ok( not($@), 'Content is JSON' )
      or explain( $res->[2]->[0], 'JSON content' );
    if ( defined $code ) {
        ok( $res->{error} == $code, "Error code is $code" )
          or explain( $res->{error}, $code );
    }
    else {
        pass("Error code is $res->{error}");
    }
    count(3);
}

sub expectCookie {
    my ( $res, $cookieName ) = @_;
    $cookieName ||= 'lemonldap';
    my $cookies = getCookies($res);
    my $id;
    ok(
        defined( $id = $cookies->{$cookieName} ),
        " Get cookie $cookieName ($id)"
    ) or explain( $res->[1], "Set-Cookie: $cookieName=something" );
    count(1);
    return $id;
}

sub exceptCspFormOK {
    my ( $res, $host ) = @_;
    return 1 unless ($host);
    my $csp = getHeader( $res, 'Content-Security-Policy' );
    return 1 unless ($csp);
    unless ( $csp =~ s/^.*form-action (.*?)(?:;.*)?$/$1/ ) {
        $csp =~ s/^.*default-src (.*?)(?:;.*)?$/$1/;
    }
    if (   $csp =~ /\s\*(?:\s.*)?\s*$/
        or ( $host eq '#' and $csp =~ /'self'/ )
        or $csp =~ m#\bhttps?://$host\b# )
    {
        pass(" CSP header authorize POST request to $host");
    }
    else {
        fail(" CSP header authorize POST request to $host");
        explain( $res->[1], "form-action ... $host" );
    }
    count(1);
}

sub getCookies {
    my ($resp) = @_;
    my @hdrs   = @{ $resp->[1] };
    my $res    = {};
    while ( my $name = shift @hdrs ) {
        my $v = shift @hdrs;
        if ( $name eq 'Set-Cookie' ) {
            if ( $v =~ /^(\w+)=([^;]*)/ ) {
                $res->{$1} = $2;
            }
        }
    }
    return $res;
}

sub getHeader {
    my ( $resp, $hname ) = @_;
    my @hdrs = @{ $resp->[1] };
    my $res  = {};
    while ( my $name = shift @hdrs ) {
        my $v = shift @hdrs;
        if ( $name eq $hname ) {
            return $v;
        }
    }
    return undef;
}

sub getRedirection {
    my ($resp) = @_;
    return getHeader( $resp, 'Location' );
}

sub getUser {
    my ($resp) = @_;
    return getHeader( $resp, 'Lm-Remote-User' );
}

package LLNG::Manager::Test;

use strict;
use Mouse;

extends 'Lemonldap::NG::Common::PSGI::Cli::Lib';

our $defaultIni = {
    configStorage => {
        type    => 'File',
        dirName => 't',
    },
    localSessionStorage        => 'Cache::FileCache',
    localSessionStorageOptions => {
        namespace   => 'lemonldap-ng-session',
        cache_root  => 't/',
        cache_depth => 0,
    },
    logLevel      => 'error',
    cookieName    => 'lemonldap',
    domain        => 'example.com',
    templateDir   => 'site/templates',
    staticPrefix  => '/static',
    securedCookie => 0,
    https         => 0,
};

has app => (
    is  => 'rw',
    isa => 'CodeRef',
);

has class => ( is => 'ro', default => 'Lemonldap::NG::Portal::Main' );

has p => ( is => 'rw' );

has ini => (
    is      => 'rw',
    default => sub { $defaultIni; },
    trigger => sub {
        my ( $self, $ini ) = @_;
        foreach my $k ( keys %$defaultIni ) {
            $ini->{$k} //= $defaultIni->{$k};
        }
        $self->{ini} = $ini;
        main::ok( $self->{p} = $self->class->new(), 'Portal object' );
        main::ok( $self->{p}->init($ini), 'Init' );
        main::ok( $self->{app} = $self->{p}->run(), 'Portal app' );
        main::count(3);
        no warnings 'redefine';
        eval
'sub Lemonldap::NG::Common::Logger::Std::error {return $_[0]->warn($_[1])}';
        $Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{french} = {
            uid  => 'french',
            cn   => 'Frédéric Accents',
            mail => 'fa@badwolf.org',
        };
        $Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{russian} = {
            uid  => 'russian',
            cn   => 'Русский',
            mail => 'ru@badwolf.org',
        };
        $self;
    }
);

sub logout {
    my ( $self, $id ) = @_;
    my $res;
    main::ok(
        $res = $self->_get(
            '/',
            query  => 'logout',
            cookie => "lemonldap=$id",
            accept => 'text/html'
        ),
        'Logout request'
    );
    main::ok( $res->[0] == 200, ' Response is 200' )
      or main::explain( $res->[0], 200 );
    my $c;
    main::ok(
        ( defined( $c = main::getCookies($res)->{lemonldap} ) and not $c ),
        ' Cookie is deleted' )
      or main::explain( $res->[1], "Set-Cookie => 'lemonldap='" );
    main::ok( not( main::getCookies($res)->{lemonldappdata} ), ' No pdata' );
    main::ok( $res = $self->_get( '/', cookie => "lemonldap=$id" ),
        'Disconnect request' )
      or explain( $res, '[<code>,<hdrs>,<content>]' );
    main::ok( $res->[0] == 401, ' Response is 401' )
      or main::explain( $res, 401 );
    main::count(6);

}

sub _get {
    my ( $self, $path, %args ) = @_;
    my $res = $self->app->(
        {
            'HTTP_ACCEPT' => $args{accept}
              || 'application/json, text/plain, */*',
            'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
            'HTTP_CACHE_CONTROL'   => 'max-age=0',
            ( $args{cookie} ? ( HTTP_COOKIE => $args{cookie} ) : () ),
            'HTTP_HOST' => 'auth.example.com',
            'HTTP_USER_AGENT' =>
              'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
            'PATH_INFO' => $path,
            ( $args{referer} ? ( REFERER => $args{referer} ) : () ),
            (
                $args{ip} ? ( 'REMOTE_ADDR' => $args{ip} )
                : ( 'REMOTE_ADDR' => '127.0.0.1' )
            ),
            (
                $args{remote_user} ? ( 'REMOTE_USER' => $args{remote_user} )
                : ()
            ),
            'REQUEST_METHOD' => $args{method} || 'GET',
            'REQUEST_URI'    => $path . ( $args{query} ? "?$args{query}" : '' ),
            ( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),
            'SCRIPT_NAME'     => '',
            'SERVER_NAME'     => 'auth.example.com',
            'SERVER_PORT'     => '80',
            'SERVER_PROTOCOL' => 'HTTP/1.1',
            ( $args{custom} ? %{ $args{custom} } : () ),
        }
    );
    return $res;
}

sub _post {
    my ( $self, $path, $body, %args ) = @_;
    die "$body must be a IO::Handle"
      unless ( ref($body) and $body->can('read') );
    my $res = $self->app->(
        {
            'HTTP_ACCEPT' => $args{accept}
              || 'application/json, text/plain, */*',
            'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
            'HTTP_CACHE_CONTROL'   => 'max-age=0',
            ( $args{cookie} ? ( HTTP_COOKIE => $args{cookie} ) : () ),
            'HTTP_HOST' => 'auth.example.com',
            'HTTP_USER_AGENT' =>
              'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
            'PATH_INFO' => $path,
            ( $args{query}   ? ( QUERY_STRING => $args{query} )   : () ),
            ( $args{referer} ? ( REFERER      => $args{referer} ) : () ),
            'REMOTE_ADDR' => '127.0.0.1',
            (
                $args{remote_user}
                ? ( 'REMOTE_USER' => $args{remote_user} )
                : ()
            ),
            'REQUEST_METHOD' => $args{method} || 'POST',
            'REQUEST_URI'    => $path . ( $args{query} ? "?$args{query}" : '' ),
            'SCRIPT_NAME'    => '',
            'SERVER_NAME'    => 'auth.example.com',
            'SERVER_PORT'    => '80',
            'SERVER_PROTOCOL' => 'HTTP/1.1',
            ( $args{custom} ? %{ $args{custom} } : () ),
            'psgix.input.buffered' => 0,
            'psgi.input'           => $body,
            'CONTENT_LENGTH' => $args{length} // scalar( ( stat $body )[7] ),
            'CONTENT_TYPE'   => $args{type}
              || 'application/x-www-form-urlencoded',
        }
    );
    return $res;
}

sub _delete {
    my ( $self, $path, %args ) = @_;
    $args{method} = 'DELETE';
    return $self->_get( $path, %args );
}

sub _put {
    my ( $self, $path, $body, %args ) = @_;
    $args{method} = 'PUT';
    return $self->_post( $path, $body, %args );
}

1;
First running test (#595) 2016-04-03 18:27:13 +02:00			`# Base library for portal tests`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`package main;`
First running test (#595) 2016-04-03 18:27:13 +02:00
			`use strict;`
			`use Data::Dumper;`
SAML in progress (#595) 2016-11-29 22:44:33 +01:00			`use LWP::UserAgent;`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`use URI::Escape;`
Some errors in CAS (#1461) 2018-06-26 21:45:55 +02:00			`use Lemonldap::NG::Common::FormEncode;`
First running test (#595) 2016-04-03 18:27:13 +02:00			`use 5.10.0;`
Improve tests (#595) 2016-04-05 07:23:42 +02:00
Clean warnings (#595) 2016-12-20 12:53:31 +01:00			`no warnings 'redefine';`

SAML in progress (#595) 2016-11-29 22:44:33 +01:00			`BEGIN {`
			`use_ok('Lemonldap::NG::Portal::Main');`
			`}`

Improve tests (#595) 2016-04-05 07:23:42 +02:00			`our $count = 1;`
Clean some Dumper usage (#1416) 2018-05-07 17:17:55 +02:00			`$Data::Dumper::Deparse = 1;`
			`$Data::Dumper::Sortkeys = 1;`
			`$Data::Dumper::Useperl = 1;`
Improve tests (#595) 2016-04-05 07:23:42 +02:00			`my $ini;`
First running test (#595) 2016-04-03 18:27:13 +02:00
			`sub count {`
			`my $c = shift;`
			`$count += $c if ($c);`
			`return $count;`
			`}`

SAML in progress (#595) 2016-11-29 22:44:33 +01:00			`sub main::explain {`
First running test (#595) 2016-04-03 18:27:13 +02:00			`my ( $get, $ref ) = @_;`
			`$get = Dumper($get) if ( ref $get );`
More tests on errors (#595) 2017-03-22 19:11:45 +01:00			`diag("Expect $ref, get $get\n");`
First running test (#595) 2016-04-03 18:27:13 +02:00			`}`

Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`sub clean_sessions {`
			`opendir D, 't/sessions' or die $!;`
			`foreach ( grep { /^[^\.]/ } readdir(D) ) {`
			`unlink "t/sessions/$_", "t/sessions/lock/Apache-Session-$_.lock";`
			`}`
SAML in progress (#595) 2016-11-22 21:55:10 +01:00			`foreach my $dir (qw(t/sessions/lock t/sessions/saml/lock t/sessions/saml)) {`
			`if ( -d $dir ) {`
			`opendir D, $dir or die $!;`
			`foreach ( grep { /^[^\.]/ } readdir(D) ) {`
			`unlink "$dir/$_";`
			`}`
			`}`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`}`
Use local cache by default for tokens (#1140) 2017-03-11 19:11:57 +01:00			`my $cache = getCache();`
			`$cache->clear;`
			`}`

			`sub getCache {`
Require cache 2017-03-13 10:16:34 +01:00			`require Cache::FileCache;`
Use local cache by default for tokens (#1140) 2017-03-11 19:11:57 +01:00			`return Cache::FileCache->new(`
			`{`
			`namespace => 'lemonldap-ng-session',`
			`cache_root => 't/',`
			`cache_depth => 0,`
			`}`
			`);`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`}`

Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`sub expectRedirection {`
			`my ( $res, $location ) = @_;`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $res->[0] == 302, ' Get redirection' )`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`or explain( $res->[0], 302 );`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`count(1);`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`if ( ref $location ) {`
			`my @match;`
			`@match = ( getRedirection($res) =~ $location );`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( @match, ' Location header found' )`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`or explain( $res->[1], "Location match: " . Dumper($location) );`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`count(1);`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`return @match;`
			`}`
			`else {`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( getRedirection($res) eq $location, " Location is $location" )`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`or explain( $res->[1], "Location => $location" );`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`count(1);`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`}`
			`}`

Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`sub expectAutoPost {`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`my @r = expectForm(@_);`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`my $method = pop @r;`
#1477 in progress 2018-07-19 08:38:51 +02:00			`ok( $method =~ /^post$/i, ' Method is POST' ) or explain( $method, 'POST' );`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`count(1);`
Bug in confirm (#595) 2017-01-01 13:32:38 +01:00			`return @r;`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`}`

			`sub expectForm {`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`my ( $res, $hostRe, $uriRe, @requiredFields ) = @_;`
			`expectOK($res);`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`count(1);`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`if (`
			`ok(`
			`$res->[2]->[0] =~`
Notif/JSON tested (closes: #868) 2017-02-02 13:29:59 +01:00			`m@<form.+?action="(?:(?:http://([^/]+))?(/.*?)?\|(#))".+method="(post\|get)"@is,`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`' Page contains a form'`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`)`
			`)`
			`{`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`my ( $host, $uri, $hash, $method ) = ( $1, $2, $3, $4 );`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`if ( $hash and $hash eq '#' ) {`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`$host = '#';`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`$uri = '';`
OIDC in progress (#595) 2017-01-01 10:43:48 +01:00			`}`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`if ($hostRe) {`
			`if ( ref $hostRe ) {`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $host =~ $hostRe, ' Host match' )`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`or explain( $host, $hostRe );`
			`}`
			`else {`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $host eq $hostRe, ' Host match' )`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`or explain( $host, $hostRe );`
			`}`
			`count(1);`
			`}`
			`if ($uriRe) {`
			`if ( ref $uriRe ) {`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $uri =~ $uriRe, ' URI match' ) or explain( $uri, $uriRe );`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`}`
			`else {`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $uri eq $uriRe, ' URI match' ) or explain( $uri, $uriRe );`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`}`
			`count(1);`
			`}`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`my %fields =`
Start token test (#1140) 2017-01-25 13:02:27 +01:00			`( $res->[2]->[0] =~`
			`m#<input.+?name="([^"]+)"[^>]+?value="([^"]*?)"#gs );`
More tests (#1461) 2018-06-26 23:27:00 +02:00			`my $query = join( '&',`
			`map { "$_=" . uri_escape( uri_unescape( $fields{$_} ) ) }`
			`keys(%fields) );`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`foreach my $f (@requiredFields) {`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( defined $fields{$f}, qq{ Field "$f" is defined} );`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`count(1);`
			`}`
Verify CSP for POST forms (#1384) 2018-03-21 14:37:44 +01:00			`exceptCspFormOK( $res, $host );`
Bug in confirm (#595) 2017-01-01 13:32:38 +01:00			`return ( $host, $uri, $query, $method );`
Clean SAML tests (#595) 2016-12-27 21:00:20 +01:00			`}`
			`else {`
			`return ();`
			`}`
			`}`

Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`sub expectAuthenticatedAs {`
			`my ( $res, $user ) = @_;`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`ok( getHeader( $res, 'Lm-Remote-User' ) eq $user,`
			`" Authenticated as $user" )`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`or explain( $res->[1], "Lm-Remote-User => $user" );`
			`count(1);`
			`}`

			`sub expectOK {`
			`my ($res) = @_;`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $res->[0] == 200, ' HTTP code is 200' ) or explain( $res, 200 );`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`count(1);`
			`}`

			`sub expectBadRequest {`
			`my ($res) = @_;`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $res->[0] == 400, ' HTTP code is 400' ) or explain( $res->[0], 400 );`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`count(1);`
			`}`

			`sub expectReject {`
More tests on errors (#595) 2017-03-22 19:11:45 +01:00			`my ( $res, $code ) = @_;`
Clean test output (#595) 2017-01-02 21:35:37 +01:00			`ok( $res->[0] == 401, ' Response is 401' ) or explain( $res->[0], 401 );`
More tests on errors (#595) 2017-03-22 19:11:45 +01:00			`eval { $res = JSON::from_json( $res->[2]->[0] ) };`
			`ok( not($@), 'Content is JSON' )`
			`or explain( $res->[2]->[0], 'JSON content' );`
			`if ( defined $code ) {`
			`ok( $res->{error} == $code, "Error code is $code" )`
			`or explain( $res->{error}, $code );`
			`}`
			`else {`
Use App ExportedVars if defined (#1183) 2017-04-14 09:40:01 +02:00			`pass("Error code is $res->{error}");`
More tests on errors (#595) 2017-03-22 19:11:45 +01:00			`}`
			`count(3);`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`}`

			`sub expectCookie {`
			`my ( $res, $cookieName ) = @_;`
			`$cookieName \|\|= 'lemonldap';`
			`my $cookies = getCookies($res);`
			`my $id;`
REST session/conf backends (#970) 2017-01-22 23:51:22 +01:00			`ok(`
			`defined( $id = $cookies->{$cookieName} ),`
			`" Get cookie $cookieName ($id)"`
			`) or explain( $res->[1], "Set-Cookie: $cookieName=something" );`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`count(1);`
			`return $id;`
			`}`

Verify CSP for POST forms (#1384) 2018-03-21 14:37:44 +01:00			`sub exceptCspFormOK {`
			`my ( $res, $host ) = @_;`
			`return 1 unless ($host);`
			`my $csp = getHeader( $res, 'Content-Security-Policy' );`
			`return 1 unless ($csp);`
			`unless ( $csp =~ s/^.form-action (.?)(?:;.*)?$/$1/ ) {`
			`$csp =~ s/^.default-src (.?)(?:;.*)?$/$1/;`
			`}`
			`if ( $csp =~ /\s\(?:\s.)?\s*$/`
			`or ( $host eq '#' and $csp =~ /'self'/ )`
Restrict CSP form-action to URL scheme (#1384) 2018-03-21 14:52:22 +01:00			`or $csp =~ m#\bhttps?://$host\b# )`
Verify CSP for POST forms (#1384) 2018-03-21 14:37:44 +01:00			`{`
Restrict CSP form-action to URL scheme (#1384) 2018-03-21 14:52:22 +01:00			`pass(" CSP header authorize POST request to $host");`
Verify CSP for POST forms (#1384) 2018-03-21 14:37:44 +01:00			`}`
			`else {`
Restrict CSP form-action to URL scheme (#1384) 2018-03-21 14:52:22 +01:00			`fail(" CSP header authorize POST request to $host");`
Verify CSP for POST forms (#1384) 2018-03-21 14:37:44 +01:00			`explain( $res->[1], "form-action ... $host" );`
			`}`
			`count(1);`
			`}`

Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`sub getCookies {`
			`my ($resp) = @_;`
			`my @hdrs = @{ $resp->[1] };`
			`my $res = {};`
			`while ( my $name = shift @hdrs ) {`
			`my $v = shift @hdrs;`
			`if ( $name eq 'Set-Cookie' ) {`
			`if ( $v =~ /^(\w+)=([^;]*)/ ) {`
			`$res->{$1} = $2;`
			`}`
			`}`
			`}`
			`return $res;`
			`}`

			`sub getHeader {`
			`my ( $resp, $hname ) = @_;`
			`my @hdrs = @{ $resp->[1] };`
			`my $res = {};`
			`while ( my $name = shift @hdrs ) {`
			`my $v = shift @hdrs;`
			`if ( $name eq $hname ) {`
			`return $v;`
			`}`
			`}`
			`return undef;`
			`}`

			`sub getRedirection {`
			`my ($resp) = @_;`
			`return getHeader( $resp, 'Location' );`
			`}`

			`sub getUser {`
			`my ($resp) = @_;`
			`return getHeader( $resp, 'Lm-Remote-User' );`
			`}`

Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`package LLNG::Manager::Test;`

			`use strict;`
			`use Mouse;`

			`extends 'Lemonldap::NG::Common::PSGI::Cli::Lib';`

			`our $defaultIni = {`
Use local cache by default for tokens (#1140) 2017-03-11 19:11:57 +01:00			`configStorage => {`
			`type => 'File',`
			`dirName => 't',`
			`},`
			`localSessionStorage => 'Cache::FileCache',`
			`localSessionStorageOptions => {`
			`namespace => 'lemonldap-ng-session',`
			`cache_root => 't/',`
			`cache_depth => 0,`
			`},`
			`logLevel => 'error',`
			`cookieName => 'lemonldap',`
			`domain => 'example.com',`
			`templateDir => 'site/templates',`
Fix last error (#1422) 2018-05-16 13:22:15 +02:00			`staticPrefix => '/static',`
Use local cache by default for tokens (#1140) 2017-03-11 19:11:57 +01:00			`securedCookie => 0,`
			`https => 0,`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`};`

			`has app => (`
Clean handler in SAML test before calling 2nd portal (#LEMONDAP-595) 2016-11-16 11:30:37 +01:00			`is => 'rw',`
			`isa => 'CodeRef',`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`);`

Fix CDC (#1477) 2018-08-02 22:00:41 +02:00			`has class => ( is => 'ro', default => 'Lemonldap::NG::Portal::Main' );`

More OIDC tests (#595) 2017-01-03 21:18:05 +01:00			`has p => ( is => 'rw' );`

Clean handler in SAML test before calling 2nd portal (#LEMONDAP-595) 2016-11-16 11:30:37 +01:00			`has ini => (`
			`is => 'rw',`
			`default => sub { $defaultIni; },`
			`trigger => sub {`
			`my ( $self, $ini ) = @_;`
			`foreach my $k ( keys %$defaultIni ) {`
			`$ini->{$k} //= $defaultIni->{$k};`
			`}`
			`$self->{ini} = $ini;`
make tidy 2018-09-02 17:31:58 +02:00			`main::ok( $self->{p} = $self->class->new(), 'Portal object' );`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`main::ok( $self->{p}->init($ini), 'Init' );`
			`main::ok( $self->{app} = $self->{p}->run(), 'Portal app' );`
More OIDC tests (#595) 2017-01-03 21:18:05 +01:00			`main::count(3);`
Decrease user errors to "warn" in tests (#595) 2017-02-27 22:04:35 +01:00			`no warnings 'redefine';`
			`eval`
			`'sub Lemonldap::NG::Common::Logger::Std::error {return $_[0]->warn($_[1])}';`
First UTF-8 tests (#1118) 2017-03-01 18:35:12 +01:00			`$Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{french} = {`
Clean repo 2017-03-03 18:25:03 +01:00			`uid => 'french',`
			`cn => 'Frédéric Accents',`
First UTF-8 tests (#1118) 2017-03-01 18:35:12 +01:00			`mail => 'fa@badwolf.org',`
			`};`
			`$Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{russian} = {`
Clean repo 2017-03-03 18:25:03 +01:00			`uid => 'russian',`
			`cn => 'Русский',`
First UTF-8 tests (#1118) 2017-03-01 18:35:12 +01:00			`mail => 'ru@badwolf.org',`
			`};`
Clean handler in SAML test before calling 2nd portal (#LEMONDAP-595) 2016-11-16 11:30:37 +01:00			`$self;`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`}`
			`);`

Enable logout (#LEMONDAP-595) 2016-05-22 19:06:55 +02:00			`sub logout {`
Clean handler in SAML test before calling 2nd portal (#LEMONDAP-595) 2016-11-16 11:30:37 +01:00			`my ( $self, $id ) = @_;`
Enable logout (#LEMONDAP-595) 2016-05-22 19:06:55 +02:00			`my $res;`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`main::ok(`
			`$res = $self->_get(`
Enable logout (#LEMONDAP-595) 2016-05-22 19:06:55 +02:00			`'/',`
			`query => 'logout',`
			`cookie => "lemonldap=$id",`
			`accept => 'text/html'`
			`),`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`'Logout request'`
Enable logout (#LEMONDAP-595) 2016-05-22 19:06:55 +02:00			`);`
Repair LDAP + add register (#595) 2017-01-15 09:10:16 +01:00			`main::ok( $res->[0] == 200, ' Response is 200' )`
Use local cache by default for tokens (#1140) 2017-03-11 19:11:57 +01:00			`or main::explain( $res->[0], 200 );`
Verify that logout deletes cookie (#595) 2016-05-23 18:55:26 +02:00			`my $c;`
Clean handler in SAML test before calling 2nd portal (#LEMONDAP-595) 2016-11-16 11:30:37 +01:00			`main::ok(`
Clean tests (not finished) (#595)' 2016-12-23 07:41:03 +01:00			`( defined( $c = main::getCookies($res)->{lemonldap} ) and not $c ),`
Repair LDAP + add register (#595) 2017-01-15 09:10:16 +01:00			`' Cookie is deleted' )`
Some big changes (#595) Replace uri_escape by WWW::Form::UrlEncoded Replace PSGI:Request by inheritance from Plack::Request 2017-01-04 17:36:54 +01:00			`or main::explain( $res->[1], "Set-Cookie => 'lemonldap='" );`
Delete pdata on logout (#1461) 2018-07-06 12:15:14 +02:00			`main::ok( not( main::getCookies($res)->{lemonldappdata} ), ' No pdata' );`
Prepare tests for SAML (#595) 2016-11-14 13:34:46 +01:00			`main::ok( $res = $self->_get( '/', cookie => "lemonldap=$id" ),`
Verify that logout deletes cookie (#595) 2016-05-23 18:55:26 +02:00			`'Disconnect request' )`
			`or explain( $res, '[<code>,<hdrs>,<content>]' );`
Repair LDAP + add register (#595) 2017-01-15 09:10:16 +01:00			`main::ok( $res->[0] == 401, ' Response is 401' )`
More tests for REST API (#970) 2017-01-10 22:43:34 +01:00			`or main::explain( $res, 401 );`
Delete pdata on logout (#1461) 2018-07-06 12:15:14 +02:00			`main::count(6);`
Enable logout (#LEMONDAP-595) 2016-05-22 19:06:55 +02:00
			`}`

Improve tests (#595) 2016-04-05 07:23:42 +02:00			`sub _get {`
			`my ( $self, $path, %args ) = @_;`
Trying to use pdata for issuers (#1461) 2018-07-04 22:54:09 +02:00			`my $res = $self->app->(`
Improve tests (#595) 2016-04-05 07:23:42 +02:00			`{`
			`'HTTP_ACCEPT' => $args{accept}`
			`\|\| 'application/json, text/plain, /',`
			`'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',`
Apache auth (#595) 2016-05-22 13:27:37 +02:00			`'HTTP_CACHE_CONTROL' => 'max-age=0',`
Working on logout and XSS (#595) 2016-05-23 18:55:23 +02:00			`( $args{cookie} ? ( HTTP_COOKIE => $args{cookie} ) : () ),`
Apache auth (#595) 2016-05-22 13:27:37 +02:00			`'HTTP_HOST' => 'auth.example.com',`
			`'HTTP_USER_AGENT' =>`
			`'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',`
Working on logout and XSS (#595) 2016-05-23 18:55:23 +02:00			`'PATH_INFO' => $path,`
			`( $args{referer} ? ( REFERER => $args{referer} ) : () ),`
Apache auth (#595) 2016-05-22 13:27:37 +02:00			`(`
AutoSignin works now (#1318) TODO: doc 2017-10-27 15:11:30 +02:00			`$args{ip} ? ( 'REMOTE_ADDR' => $args{ip} )`
			`: ( 'REMOTE_ADDR' => '127.0.0.1' )`
			`),`
			`(`
			`$args{remote_user} ? ( 'REMOTE_USER' => $args{remote_user} )`
Apache auth (#595) 2016-05-22 13:27:37 +02:00			`: ()`
			`),`
REST session/conf backends (#970) 2017-01-22 23:51:22 +01:00			`'REQUEST_METHOD' => $args{method} \|\| 'GET',`
make tidy 2018-09-02 17:31:58 +02:00			`'REQUEST_URI' => $path . ( $args{query} ? "?$args{query}" : '' ),`
Working on logout and XSS (#595) 2016-05-23 18:55:23 +02:00			`( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),`
Apache auth (#595) 2016-05-22 13:27:37 +02:00			`'SCRIPT_NAME' => '',`
			`'SERVER_NAME' => 'auth.example.com',`
SAML Artifact in progress (#595) 2016-12-07 23:30:00 +01:00			`'SERVER_PORT' => '80',`
Improve tests (#595) 2016-04-05 07:23:42 +02:00			`'SERVER_PROTOCOL' => 'HTTP/1.1',`
Add slave auth (#595) 2016-05-25 21:30:43 +02:00			`( $args{custom} ? %{ $args{custom} } : () ),`
Improve tests (#595) 2016-04-05 07:23:42 +02:00			`}`
			`);`
Trying to use pdata for issuers (#1461) 2018-07-04 22:54:09 +02:00			`return $res;`
Improve tests (#595) 2016-04-05 07:23:42 +02:00			`}`

Update tests (#595) 2016-05-30 22:20:50 +02:00			`sub _post {`
			`my ( $self, $path, $body, %args ) = @_;`
			`die "$body must be a IO::Handle"`
			`unless ( ref($body) and $body->can('read') );`
Trying to use pdata for issuers (#1461) 2018-07-04 22:54:09 +02:00			`my $res = $self->app->(`
Update tests (#595) 2016-05-30 22:20:50 +02:00			`{`
			`'HTTP_ACCEPT' => $args{accept}`
			`\|\| 'application/json, text/plain, /',`
			`'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',`
			`'HTTP_CACHE_CONTROL' => 'max-age=0',`
			`( $args{cookie} ? ( HTTP_COOKIE => $args{cookie} ) : () ),`
			`'HTTP_HOST' => 'auth.example.com',`
			`'HTTP_USER_AGENT' =>`
			`'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',`
			`'PATH_INFO' => $path,`
Clean handler in SAML test before calling 2nd portal (#LEMONDAP-595) 2016-11-16 11:30:37 +01:00			`( $args{query} ? ( QUERY_STRING => $args{query} ) : () ),`
			`( $args{referer} ? ( REFERER => $args{referer} ) : () ),`
Update tests (#595) 2016-05-30 22:20:50 +02:00			`'REMOTE_ADDR' => '127.0.0.1',`
			`(`
			`$args{remote_user}`
			`? ( 'REMOTE_USER' => $args{remote_user} )`
			`: ()`
			`),`
REST session/conf backends (#970) 2017-01-22 23:51:22 +01:00			`'REQUEST_METHOD' => $args{method} \|\| 'POST',`
make tidy 2018-09-02 17:31:58 +02:00			`'REQUEST_URI' => $path . ( $args{query} ? "?$args{query}" : '' ),`
			`'SCRIPT_NAME' => '',`
			`'SERVER_NAME' => 'auth.example.com',`
			`'SERVER_PORT' => '80',`
Update tests (#595) 2016-05-30 22:20:50 +02:00			`'SERVER_PROTOCOL' => 'HTTP/1.1',`
			`( $args{custom} ? %{ $args{custom} } : () ),`
SOAP server (#970) 2017-01-07 21:37:07 +01:00			`'psgix.input.buffered' => 0,`
Update tests (#595) 2016-05-30 22:20:50 +02:00			`'psgi.input' => $body,`
			`'CONTENT_LENGTH' => $args{length} // scalar( ( stat $body )[7] ),`
			`'CONTENT_TYPE' => $args{type}`
			`\|\| 'application/x-www-form-urlencoded',`
			`}`
			`);`
Trying to use pdata for issuers (#1461) 2018-07-04 22:54:09 +02:00			`return $res;`
Update tests (#595) 2016-05-30 22:20:50 +02:00			`}`

REST session/conf backends (#970) 2017-01-22 23:51:22 +01:00			`sub _delete {`
			`my ( $self, $path, %args ) = @_;`
			`$args{method} = 'DELETE';`
			`return $self->_get( $path, %args );`
			`}`

			`sub _put {`
			`my ( $self, $path, $body, %args ) = @_;`
			`$args{method} = 'PUT';`
			`return $self->_post( $path, $body, %args );`
			`}`

First running test (#595) 2016-04-03 18:27:13 +02:00			`1;`