2019-06-27 21:13:10 +02:00
|
|
|
use Test::More;
|
|
|
|
use strict;
|
|
|
|
use IO::String;
|
|
|
|
|
|
|
|
BEGIN {
|
|
|
|
require 't/test-lib.pm';
|
|
|
|
}
|
|
|
|
|
|
|
|
my $res;
|
|
|
|
|
|
|
|
my $client = LLNG::Manager::Test->new( {
|
|
|
|
ini => {
|
|
|
|
logLevel => 'error',
|
|
|
|
authentication => 'Demo',
|
|
|
|
userDB => 'Same',
|
|
|
|
loginHistoryEnabled => 0,
|
|
|
|
brutForceProtection => 0,
|
|
|
|
portalMainLogo => 'common/logos/logo_llng_old.png',
|
|
|
|
requireToken => 0,
|
2019-06-29 00:16:37 +02:00
|
|
|
checkUser => 0,
|
2019-06-27 21:13:10 +02:00
|
|
|
impersonationPrefix => 'testPrefix_',
|
2019-06-27 22:02:11 +02:00
|
|
|
securedCookie => 0,
|
2019-06-27 21:13:10 +02:00
|
|
|
https => 0,
|
|
|
|
checkUserDisplayPersistentInfo => 0,
|
|
|
|
checkUserDisplayEmptyValues => 0,
|
|
|
|
contextSwitchingRule => '$uid eq "dwho"',
|
|
|
|
contextSwitchingIdRule => '$uid ne "msmith"',
|
2019-06-27 22:02:11 +02:00
|
|
|
contextSwitchingStopWithLogout => 0,
|
2019-06-27 21:13:10 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
|
|
|
##
|
|
|
|
## Try to authenticate with a user not authorized to switch context
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/',
|
|
|
|
IO::String->new('user=rtyler&password=rtyler'),
|
|
|
|
length => 27,
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'Auth query'
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
my $id = expectCookie($res);
|
|
|
|
expectRedirection( $res, 'http://auth.example.com/' );
|
|
|
|
|
|
|
|
# Get Menu
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
expectOK($res);
|
2019-06-27 22:02:11 +02:00
|
|
|
ok(
|
|
|
|
$res->[2]->[0] =~ m%<span trspan="connectedAs">Connected as</span> rtyler%,
|
|
|
|
'Connected as rtyler'
|
|
|
|
) or print STDERR Dumper( $res->[2]->[0] );
|
2019-06-27 21:13:10 +02:00
|
|
|
expectAuthenticatedAs( $res, 'rtyler' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] !~ m%contextSwitching_ON%, 'Connected as dwho' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or print STDERR Dumper( $res->[2]->[0] );
|
|
|
|
count(2);
|
|
|
|
|
|
|
|
$client->logout($id);
|
|
|
|
|
|
|
|
##
|
|
|
|
## Try to authenticate with a user authorized to switch context
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/',
|
|
|
|
IO::String->new('user=dwho&password=dwho'),
|
|
|
|
length => 23,
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'Auth query'
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
$id = expectCookie($res);
|
|
|
|
expectRedirection( $res, 'http://auth.example.com/' );
|
|
|
|
|
|
|
|
# Get Menu
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
expectOK($res);
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="connectedAs">Connected as</span> dwho%,
|
|
|
|
'Connected as dwho' )
|
|
|
|
or print STDERR Dumper( $res->[2]->[0] );
|
|
|
|
expectAuthenticatedAs( $res, 'dwho' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok(
|
|
|
|
$res->[2]->[0] =~
|
|
|
|
m%<span trspan="contextSwitching_ON">contextSwitching_ON</span>%,
|
|
|
|
'Connected as dwho'
|
|
|
|
) or print STDERR Dumper( $res->[2]->[0] );
|
2019-06-27 21:13:10 +02:00
|
|
|
count(2);
|
|
|
|
|
|
|
|
# ContextSwitching form -> PE_MALFORMEDUSER
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'ContextSwitching form',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
|
|
|
my ( $host, $url, $query ) =
|
|
|
|
expectForm( $res, undef, '/switchcontext', 'spoofId' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
count(1);
|
|
|
|
$query =~ s/spoofId=/spoofId=msmith/;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/switchcontext',
|
|
|
|
IO::String->new($query),
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'POST switchcontext'
|
|
|
|
);
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trmsg="40">%, 'PE_MALFORMEDUSER' )
|
|
|
|
or explain( $res->[2]->[0], 'PE_MALFORMEDUSER' );
|
|
|
|
count(2);
|
|
|
|
|
|
|
|
# ContextSwitching form -> PE_MALFORMEDUSER
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'ContextSwitching form',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
2019-06-27 22:02:11 +02:00
|
|
|
( $host, $url, $query ) =
|
2019-06-27 21:13:10 +02:00
|
|
|
expectForm( $res, undef, '/switchcontext', 'spoofId' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
count(1);
|
|
|
|
$query =~ s/spoofId=/spoofId=</;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/switchcontext',
|
|
|
|
IO::String->new($query),
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'POST switchcontext'
|
|
|
|
);
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trmsg="40">%, 'PE_MALFORMEDUSER' )
|
|
|
|
or explain( $res->[2]->[0], 'PE_MALFORMEDUSER' );
|
|
|
|
count(2);
|
|
|
|
|
|
|
|
# ContextSwitching form -> PE_MALFORMEDUSER
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'ContextSwitching form',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
2019-06-27 22:02:11 +02:00
|
|
|
( $host, $url, $query ) =
|
2019-06-27 21:13:10 +02:00
|
|
|
expectForm( $res, undef, '/switchcontext', 'spoofId' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
count(1);
|
|
|
|
$query =~ s/spoofId=/spoofId=darkVador/;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/switchcontext',
|
|
|
|
IO::String->new($query),
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'POST switchcontext'
|
|
|
|
);
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trmsg="40">%, 'PE_MALFORMEDUSER' )
|
|
|
|
or explain( $res->[2]->[0], 'PE_MALFORMEDUSER' );
|
|
|
|
count(2);
|
|
|
|
|
|
|
|
# ContextSwitching form -> No impersonation required
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'ContextSwitching form',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
2019-06-27 22:02:11 +02:00
|
|
|
( $host, $url, $query ) =
|
2019-06-27 21:13:10 +02:00
|
|
|
expectForm( $res, undef, '/switchcontext', 'spoofId' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
$query =~ s/spoofId=/spoofId=dwho/;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/switchcontext',
|
|
|
|
IO::String->new($query),
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'POST switchcontext'
|
|
|
|
);
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
count(4);
|
|
|
|
expectAuthenticatedAs( $res, 'dwho' );
|
|
|
|
|
|
|
|
# ContextSwitching form -> PE_OK
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'ContextSwitching form',
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
2019-06-27 22:02:11 +02:00
|
|
|
( $host, $url, $query ) =
|
2019-06-27 21:13:10 +02:00
|
|
|
expectForm( $res, undef, '/switchcontext', 'spoofId' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
$query =~ s/spoofId=/spoofId=rtyler/;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/switchcontext',
|
|
|
|
IO::String->new($query),
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'POST switchcontext'
|
|
|
|
);
|
2019-06-27 22:02:11 +02:00
|
|
|
|
2019-06-29 00:16:37 +02:00
|
|
|
# Refresh cookie value
|
2019-06-27 22:02:11 +02:00
|
|
|
$id = expectCookie($res);
|
2019-06-27 21:13:10 +02:00
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
count(3);
|
|
|
|
expectAuthenticatedAs( $res, 'rtyler' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_OFF">%,
|
2019-07-06 22:57:01 +02:00
|
|
|
'Found trspan="contextSwitching_OFF"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_OFF"' );
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Stop context switching',
|
|
|
|
);
|
2019-06-27 22:02:11 +02:00
|
|
|
|
2019-06-29 00:16:37 +02:00
|
|
|
# Refresh cookie value
|
2019-07-06 22:57:01 +02:00
|
|
|
my $id1 = expectCookie($res);
|
2019-06-27 21:13:10 +02:00
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
2019-07-06 22:57:01 +02:00
|
|
|
cookie => "lemonldap=$id1",
|
2019-06-27 21:13:10 +02:00
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
count(3);
|
|
|
|
expectAuthenticatedAs( $res, 'dwho' );
|
2019-06-27 22:02:11 +02:00
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
2019-06-27 21:13:10 +02:00
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
count(1);
|
|
|
|
|
2019-07-06 22:57:01 +02:00
|
|
|
# ContextSwitching form -> PE_OK
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id1",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'ContextSwitching form',
|
|
|
|
);
|
|
|
|
|
|
|
|
( $host, $url, $query ) =
|
|
|
|
expectForm( $res, undef, '/switchcontext', 'spoofId' );
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_ON">%,
|
|
|
|
'Found trspan="contextSwitching_ON"' )
|
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_ON"' );
|
|
|
|
$query =~ s/spoofId=/spoofId=rtyler/;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/switchcontext',
|
|
|
|
IO::String->new($query),
|
|
|
|
cookie => "lemonldap=$id1",
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'POST switchcontext'
|
|
|
|
);
|
|
|
|
|
|
|
|
# Refresh cookie value
|
|
|
|
my $id2 = expectCookie($res);
|
|
|
|
$client->logout($id1);
|
|
|
|
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
cookie => "lemonldap=$id2",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
|
|
|
|
expectAuthenticatedAs( $res, 'rtyler' );
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trspan="contextSwitching_OFF">%,
|
|
|
|
'Found trspan="contextSwitching_OFF"' )
|
|
|
|
or explain( $res->[2]->[0], 'trspan="contextSwitching_OFF"' );
|
|
|
|
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/switchcontext',
|
|
|
|
cookie => "lemonldap=$id2",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Stop context switching',
|
|
|
|
);
|
|
|
|
count(6);
|
|
|
|
|
|
|
|
ok( $res->[2]->[0] =~ m%<span trmsg="1"></span>%,
|
|
|
|
'Found PE_SESSIONEXPIRED' )
|
|
|
|
or explain( $res->[2]->[0], 'Sessuion expired' );
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
cookie => "lemonldap=$id2",
|
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
expectAuthenticatedAs( $res, 'rtyler' );
|
|
|
|
count(2);
|
|
|
|
|
2019-06-27 22:02:11 +02:00
|
|
|
# Log out request
|
|
|
|
# ------------------------
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/',
|
|
|
|
query => 'logout=1',
|
2019-07-06 22:57:01 +02:00
|
|
|
cookie => "lemonldap=$id2",
|
2019-06-27 22:02:11 +02:00
|
|
|
accept => 'text/html'
|
|
|
|
),
|
|
|
|
'Get Menu',
|
|
|
|
);
|
|
|
|
expectOK($res);
|
|
|
|
|
|
|
|
ok(
|
|
|
|
$res->[2]->[0] =~
|
2019-07-01 20:21:42 +02:00
|
|
|
m%<div class="message message-positive alert"><span trmsg="-7"></span></div>%,
|
2019-06-27 22:02:11 +02:00
|
|
|
'Dwho has been well disconnected'
|
|
|
|
) or print STDERR Dumper( $res->[2]->[0] );
|
2019-07-06 22:57:01 +02:00
|
|
|
count(2);
|
2019-06-27 22:02:11 +02:00
|
|
|
|
2019-06-27 21:13:10 +02:00
|
|
|
clean_sessions();
|
|
|
|
|
|
|
|
done_testing( count() );
|