2019-09-28 19:46:10 +02:00
|
|
|
use Test::More;
|
|
|
|
|
|
|
|
BEGIN {
|
|
|
|
require 't/test-psgi-lib.pm';
|
|
|
|
}
|
|
|
|
|
2019-09-29 13:14:20 +02:00
|
|
|
my $maintests = 12;
|
2019-09-28 19:46:10 +02:00
|
|
|
|
|
|
|
SKIP: {
|
|
|
|
eval { require Cache::Memcached; };
|
|
|
|
if ($@) {
|
|
|
|
skip 'Cache::Memcached not found', $maintests;
|
|
|
|
}
|
2019-11-01 00:23:38 +01:00
|
|
|
my $testmemd = new Cache::Memcached { 'servers' => ["127.0.0.1:11211"] };
|
|
|
|
unless ( $testmemd->stats->{hosts} ) {
|
|
|
|
skip 'Memcached not started', $maintests;
|
|
|
|
}
|
|
|
|
|
2019-09-28 19:46:10 +02:00
|
|
|
eval { require Apache::Session::Generate::MD5; };
|
|
|
|
if ($@) {
|
|
|
|
skip 'Apache::Session::Generate::MD5 not found', $maintests;
|
|
|
|
}
|
|
|
|
init(
|
|
|
|
'Lemonldap::NG::Handler::Server',
|
|
|
|
{
|
2019-09-29 13:14:20 +02:00
|
|
|
logLevel => 'error',
|
|
|
|
secureTokenUrls => [ '^/secured$', '/test$' ],
|
|
|
|
secureTokenHeader => 'AuthToken',
|
|
|
|
vhostOptions => {
|
2019-09-28 19:46:10 +02:00
|
|
|
'test1.example.com' => {
|
|
|
|
vhostHttps => 0,
|
|
|
|
vhostPort => 80,
|
|
|
|
vhostMaintenance => 0,
|
|
|
|
vhostServiceTokenTTL => -1,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
exportedHeaders => {
|
|
|
|
'test1.example.com' => {
|
|
|
|
'Auth-User' => '$uid',
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
2019-09-29 13:14:20 +02:00
|
|
|
## Request secured URLs
|
|
|
|
# First URL
|
2019-09-28 19:46:10 +02:00
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/secured', undef,
|
|
|
|
'test1.example.com', "lemonldap=$sessionId",
|
|
|
|
VHOSTTYPE => 'SecureToken',
|
|
|
|
),
|
2019-09-29 13:14:20 +02:00
|
|
|
'Auth secured URL query 1'
|
2019-09-28 19:46:10 +02:00
|
|
|
);
|
|
|
|
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
|
|
|
|
|
|
|
# Check headers
|
|
|
|
%h = @{ $res->[1] };
|
2019-09-29 13:14:20 +02:00
|
|
|
ok( $h{'AuthToken'} =~ m%[0-9a-f]{32}%, 'Header "AuthToken" found' )
|
|
|
|
or explain( \%h, 'AuthToken => "md5 value"' );
|
2019-09-28 19:46:10 +02:00
|
|
|
ok( $h{'Auth-User'} eq 'dwho', 'Header Auth-User is set to "dwho"' )
|
|
|
|
or explain( \%h, 'Auth-User => "dwho"' );
|
2019-09-29 13:14:20 +02:00
|
|
|
|
|
|
|
# Second URL
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/try/test', undef,
|
|
|
|
'test1.example.com', "lemonldap=$sessionId",
|
|
|
|
VHOSTTYPE => 'SecureToken',
|
|
|
|
),
|
|
|
|
'Auth secured URL query 2'
|
|
|
|
);
|
|
|
|
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
|
|
|
|
|
|
|
# Check headers
|
|
|
|
%h = @{ $res->[1] };
|
|
|
|
ok( $h{'AuthToken'} =~ m%[0-9a-f]{32}%, 'Header "AuthToken" found' )
|
|
|
|
or explain( \%h, 'AuthToken => "md5 value"' );
|
|
|
|
ok( $h{'Auth-User'} eq 'dwho', 'Header Auth-User is set to "dwho"' )
|
|
|
|
or explain( \%h, 'Auth-User => "dwho"' );
|
|
|
|
|
|
|
|
## Request an unsecured URL
|
|
|
|
ok(
|
|
|
|
$res = $client->_get(
|
|
|
|
'/try', undef,
|
|
|
|
'test1.example.com', "lemonldap=$sessionId",
|
|
|
|
VHOSTTYPE => 'SecureToken',
|
|
|
|
),
|
|
|
|
'Auth unsecured URL query'
|
|
|
|
);
|
|
|
|
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
|
|
|
|
|
|
|
|
# Check headers
|
|
|
|
%h = @{ $res->[1] };
|
|
|
|
ok( !defined $h{'AuthToken'}, 'Header "AuthToken" not found' )
|
|
|
|
or explain( \%h, 'AuthToken => "md5 value"' );
|
|
|
|
ok( $h{'Auth-User'} eq 'dwho', 'Header Auth-User is set to "dwho"' )
|
|
|
|
or explain( \%h, 'Auth-User => "dwho"' );
|
|
|
|
|
2019-09-28 19:46:10 +02:00
|
|
|
}
|
|
|
|
|
2019-09-29 08:30:39 +02:00
|
|
|
count($maintests);
|
2019-09-28 19:46:10 +02:00
|
|
|
done_testing( count() );
|
|
|
|
clean();
|