2019-06-26 22:01:05 +02:00
|
|
|
use Test::More;
|
|
|
|
use strict;
|
|
|
|
use IO::String;
|
|
|
|
use Data::Dumper;
|
|
|
|
|
|
|
|
require 't/test-lib.pm';
|
|
|
|
require 't/smtp.pm';
|
|
|
|
|
|
|
|
use_ok('Lemonldap::NG::Common::FormEncode');
|
|
|
|
count(1);
|
2019-07-03 22:32:19 +02:00
|
|
|
my $res;
|
2019-06-26 22:01:05 +02:00
|
|
|
|
|
|
|
my $client = LLNG::Manager::Test->new( {
|
|
|
|
ini => {
|
|
|
|
logLevel => 'error',
|
|
|
|
upgradeSession => 1,
|
|
|
|
mail2fActivation => '$_choice eq "strong"',
|
|
|
|
mail2fCodeRegex => '\d{4}',
|
|
|
|
mail2fAuthnLevel => 5,
|
|
|
|
authentication => 'Choice',
|
|
|
|
userDB => 'Same',
|
|
|
|
'authChoiceModules' => {
|
|
|
|
'strong' => 'Demo;Demo;Null;;;{}',
|
|
|
|
'weak' => 'Demo;Demo;Null;;;{}'
|
|
|
|
},
|
|
|
|
'vhostOptions' => {
|
|
|
|
'test1.example.com' => {
|
|
|
|
'vhostAuthnLevel' => 3
|
|
|
|
},
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
);
|
|
|
|
|
|
|
|
# Try to authenticate
|
|
|
|
# -------------------
|
|
|
|
ok(
|
2019-07-03 22:32:19 +02:00
|
|
|
$res = $client->_post(
|
2019-06-26 22:01:05 +02:00
|
|
|
'/',
|
|
|
|
IO::String->new('user=dwho&password=dwho&lmAuth=weak'),
|
|
|
|
length => 35,
|
|
|
|
accept => 'text/html',
|
|
|
|
),
|
|
|
|
'Auth query'
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
|
|
|
my $id = expectCookie($res);
|
|
|
|
|
|
|
|
# After attempting to access test1,
|
|
|
|
# the handler sends up back to /upgradesession
|
|
|
|
# --------------------------------------------
|
|
|
|
|
|
|
|
ok(
|
2019-07-03 22:32:19 +02:00
|
|
|
$res = $client->_get(
|
2019-06-26 22:01:05 +02:00
|
|
|
'/upgradesession',
|
|
|
|
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t',
|
|
|
|
accept => 'text/html',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
),
|
|
|
|
'Upgrade session query'
|
|
|
|
);
|
|
|
|
|
|
|
|
my ( $host, $url, $query ) =
|
|
|
|
expectForm( $res, undef, '/upgradesession', 'confirm', 'url' );
|
2019-10-27 21:13:25 +01:00
|
|
|
ok( $res->[2]->[0] =~ qq%<img src="/static/common/logos/logo_llng_400px.png"%,
|
|
|
|
'Found custom Main Logo' )
|
|
|
|
or print STDERR Dumper( $res->[2]->[0] );
|
|
|
|
ok( $res->[2]->[0] =~ m%<span id="languages"></span>%, ' Language icons found' )
|
|
|
|
or print STDERR Dumper( $res->[2]->[0] );
|
|
|
|
count(3);
|
2019-06-26 22:01:05 +02:00
|
|
|
|
|
|
|
# Accept session upgrade
|
|
|
|
# ----------------------
|
|
|
|
|
|
|
|
ok(
|
2019-07-03 22:32:19 +02:00
|
|
|
$res = $client->_post(
|
2019-06-26 22:01:05 +02:00
|
|
|
'/upgradesession',
|
|
|
|
IO::String->new($query),
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
cookie => "lemonldap=$id",
|
|
|
|
),
|
|
|
|
'Accept session upgrade query'
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
|
|
|
my $pdata = expectCookie( $res, 'lemonldappdata' );
|
|
|
|
|
2019-07-03 22:34:48 +02:00
|
|
|
( $host, $url, $query ) = expectForm( $res, '#', undef, 'upgrading', 'url' );
|
2019-06-26 22:01:05 +02:00
|
|
|
|
|
|
|
$query = $query . "&user=dwho&password=dwho&lmAuth=strong";
|
|
|
|
|
|
|
|
# Attempt login with the "strong" auth choice
|
|
|
|
# this should trigger 2FA
|
|
|
|
# -------------------------------------------
|
|
|
|
|
|
|
|
ok(
|
2019-07-03 22:32:19 +02:00
|
|
|
$res = $client->_post(
|
2019-06-26 22:01:05 +02:00
|
|
|
'/upgradesession',
|
|
|
|
IO::String->new($query),
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
cookie => "lemonldap=$id;lemonldappdata=$pdata",
|
|
|
|
),
|
|
|
|
'Post login'
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
|
2019-07-03 22:34:48 +02:00
|
|
|
$pdata = expectCookie( $res, 'lemonldappdata' );
|
2019-06-26 22:01:05 +02:00
|
|
|
|
|
|
|
( $host, $url, $query ) =
|
2019-09-03 11:56:48 +02:00
|
|
|
expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' );
|
2019-06-26 22:01:05 +02:00
|
|
|
|
|
|
|
ok(
|
|
|
|
$res->[2]->[0] =~
|
2019-12-12 20:04:04 +01:00
|
|
|
qr%<input name="code" value="" type="text" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />%,
|
2019-06-26 22:01:05 +02:00
|
|
|
'Found EXTCODE input'
|
|
|
|
) or print STDERR Dumper( $res->[2]->[0] );
|
|
|
|
count(1);
|
|
|
|
|
|
|
|
ok( mail() =~ m%<b>(\d{4})</b>%, 'Found 2F code in mail' )
|
|
|
|
or print STDERR Dumper( mail() );
|
|
|
|
count(1);
|
|
|
|
|
|
|
|
my $code = $1;
|
|
|
|
|
|
|
|
# Post 2F code
|
|
|
|
# ------------
|
|
|
|
|
|
|
|
$query =~ s/code=/code=${code}/;
|
|
|
|
ok(
|
|
|
|
$res = $client->_post(
|
|
|
|
'/mail2fcheck',
|
|
|
|
IO::String->new($query),
|
|
|
|
length => length($query),
|
|
|
|
accept => 'text/html',
|
|
|
|
cookie => "lemonldap=$id;lemonldappdata=$pdata",
|
|
|
|
),
|
|
|
|
'Post code'
|
|
|
|
);
|
|
|
|
count(1);
|
|
|
|
expectRedirection( $res, 'http://test1.example.com' );
|
2020-02-20 23:34:02 +01:00
|
|
|
$id = expectCookie($res);
|
2019-06-26 22:01:05 +02:00
|
|
|
|
2020-01-03 12:36:35 +01:00
|
|
|
my $cookies = getCookies($res);
|
2020-01-03 23:39:57 +01:00
|
|
|
ok( !$cookies->{lemonldappdata}, " Make sure no pdata is returned" );
|
2019-06-26 22:01:05 +02:00
|
|
|
count(1);
|
|
|
|
|
|
|
|
clean_sessions();
|
|
|
|
|
|
|
|
done_testing( count() );
|
|
|
|
|