lemonldap-ng/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t

use Test::More;
use strict;
use IO::String;
use MIME::Base64;

BEGIN {
    require 't/test-lib.pm';
}

my $maintests = 9;
my $debug     = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );

SKIP: {
    eval { require Net::OpenID::Consumer; require Net::OpenID::Server; };
    if ($@) {
        skip 'Net::OpenID::* notfound', $maintests;
    }
    ok( $issuer = issuer(), 'Issuer portal' );
    $handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
    switch ('sp');

    ok( $sp = sp(), 'SP portal' );
    $handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;

    # Simple SP access
    my $res;
    ok(
        $res = $sp->_get(
            '/', accept => 'text/html',
        ),
        'Unauth SP request'
    );
    my ( $host, $url, $query ) = expectForm( $res, '#', undef );
    ok( $res->[2]->[0] =~ /name="openid_identifier"/,
        ' Ask for OpenID identity' );

    $query .=
      '&openid_identifier=http%3A%2F%2Fauth.idp.com%2Fopenidserver%2Fdwho';

    ok(
        $res = $sp->_post(
            '/', IO::String->new($query),
            length => length($query),
            accept => 'text/html',
        ),
        'Post OpenID identity'
    );
    my $uri;
    ( $uri, $query ) = expectRedirection( $res,
        qr#http://auth.idp.com(/openidserver/?)\?(openid.*)$# );

    # Follow redirection do IdP
    switch ('issuer');
    ok( $res = $issuer->_get( $uri, query => $query, accept => 'text/html' ),
        'Follow redirection to IdP' );
    expectOK($res);
    my ($tmp);
    ( $host, $tmp, $query ) = expectForm( $res, '#', undef );
    $query .= '&user=dwho&password=dwho';

    # Try to authenticate
    ok(
        $res = $issuer->_post(
            $uri, IO::String->new($query),
            length => length($query),
            accept => 'text/html'
        ),
        'Try to authenticate'
    );
    my $idpId = expectCookie($res);
    ( $host, $tmp, $query ) = expectForm( $res, '#', undef, 'confirm' );

    # Confirm
    ok(
        $res = $issuer->_post(
            $uri, IO::String->new($query),
            length => length($query),
            cookie => "lemonldap=$idpId",
            accept => 'text/html'
        ),
        'Confirm choice'
    );
    ($query) = expectRedirection( $res, qr#^http://auth.sp.com/?\?(.*)# );

    # Push redirection to SP
    switch ('sp');
    ok( $res = $sp->_get( '/', query => $query, accept => 'text/html' ),
        'Follow redirection to SP' );
    my $spId = expectCookie($res);
    expectRedirection( $res, qr#^http://auth.sp.com/?$# );

    #print STDERR Dumper($res);
}

count($maintests);
clean_sessions();
done_testing( count() );

sub switch {
    my $type = shift;
    @Lemonldap::NG::Handler::Main::_onReload = @{
        $handlerOR{$type};
    };
}

no warnings 'redefine';

sub LWP::UserAgent::request {
    my ( $self, $req ) = @_;
    ok( $req->uri =~ m#http://auth.idp.com(.*)#, ' Request from SP to IdP' );
    my $url = $1;
    my ($res);
    count(1);
    if ( $req->method =~ /^post$/i ) {
        my $s = $req->content;
        ok(
            $res = $issuer->_post(
                $url, IO::String->new($s),
                length => length($s),
                type   => $req->header('Content-Type'),
                accept => 'text/plain',
            ),
            '  Execute request'
        );
    }
    else {
        ok( $res = $issuer->_get( $url, accept => 'text/plain', ),
            '  Execute post request' );
    }
    expectOK($res);
    my $httpResp = HTTP::Response->new( $res->[0], 'OK' );

    while ( my $name = shift @{ $res->[1] } ) {
        $httpResp->header( $name, shift( @{ $res->[1] } ) );
    }
    $httpResp->request($req);
    $httpResp->content( join( '', @{ $res->[2] } ) );
    count(1);
    return $httpResp;
}

sub issuer {
    return LLNG::Manager::Test->new(
        {
            ini => {
                logLevel                 => $debug,
                templatesDir             => 'site/htdocs/static',
                domain                   => 'idp.com',
                portal                   => 'http://auth.idp.com',
                authentication           => 'Demo',
                userDB                   => 'Same',
                issuerDBOpenIDActivation => 1,
            }
        }
    );
}

sub sp {
    return LLNG::Manager::Test->new(
        {
            ini => {
                logLevel       => $debug,
                domain         => 'sp.com',
                portal         => 'http://auth.sp.com',
                authentication => 'OpenID',
                userDB         => 'Same',
                openIdSecret   => 'qwerty',
                exportedVars   => {
                    mail => 'email',
                },
                openIdIDPList => '0;',
            },
        }
    );
}
Restore OpenID-2 (#1113) 2017-03-21 17:06:44 +01:00			`use Test::More;`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`use strict;`
			`use IO::String;`
			`use MIME::Base64;`

			`BEGIN {`
			`require 't/test-lib.pm';`
			`}`

OpenID-2 seems ready (#595) 2017-01-06 07:22:31 +01:00			`my $maintests = 9;`
Restore OpenID-2 (#1113) 2017-03-21 17:06:44 +01:00			`my $debug = 'error';`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`my ( $issuer, $sp, $res );`
			`my %handlerOR = ( issuer => [], sp => [] );`

			`SKIP: {`
			`eval { require Net::OpenID::Consumer; require Net::OpenID::Server; };`
			`if ($@) {`
			`skip 'Net::OpenID::* notfound', $maintests;`
			`}`
			`ok( $issuer = issuer(), 'Issuer portal' );`
Start handler reorganization (#1160) 2017-02-08 23:18:52 +01:00			`$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`switch ('sp');`

			`ok( $sp = sp(), 'SP portal' );`
Start handler reorganization (#1160) 2017-02-08 23:18:52 +01:00			`$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00
			`# Simple SP access`
			`my $res;`
			`ok(`
			`$res = $sp->_get(`
			`'/', accept => 'text/html',`
			`),`
			`'Unauth SP request'`
			`);`
Restore OpenID-2 (#1113) 2017-03-21 17:06:44 +01:00			`my ( $host, $url, $query ) = expectForm( $res, '#', undef );`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00			`ok( $res->[2]->[0] =~ /name="openid_identifier"/,`
			`' Ask for OpenID identity' );`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00
Typo 2017-03-21 17:06:50 +01:00			`$query .=`
Better request management in issuers (#595) 2017-03-21 07:23:58 +01:00			`'&openid_identifier=http%3A%2F%2Fauth.idp.com%2Fopenidserver%2Fdwho';`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00
			`ok(`
			`$res = $sp->_post(`
			`'/', IO::String->new($query),`
			`length => length($query),`
			`accept => 'text/html',`
			`),`
			`'Post OpenID identity'`
			`);`
			`my $uri;`
			`( $uri, $query ) = expectRedirection( $res,`
			`qr#http://auth.idp.com(/openidserver/?)\?(openid.*)$# );`

			`# Follow redirection do IdP`
			`switch ('issuer');`
			`ok( $res = $issuer->_get( $uri, query => $query, accept => 'text/html' ),`
			`'Follow redirection to IdP' );`
			`expectOK($res);`
Typo 2017-03-21 17:06:50 +01:00			`my ($tmp);`
Better request management in issuers (#595) 2017-03-21 07:23:58 +01:00			`( $host, $tmp, $query ) = expectForm( $res, '#', undef );`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00			`$query .= '&user=dwho&password=dwho';`

			`# Try to authenticate`
			`ok(`
			`$res = $issuer->_post(`
			`$uri, IO::String->new($query),`
			`length => length($query),`
			`accept => 'text/html'`
			`),`
			`'Try to authenticate'`
			`);`
OpenID-2 in progress (#595) 2017-01-06 07:02:54 +01:00			`my $idpId = expectCookie($res);`
			`( $host, $tmp, $query ) = expectForm( $res, '#', undef, 'confirm' );`

			`# Confirm`
			`ok(`
			`$res = $issuer->_post(`
			`$uri, IO::String->new($query),`
			`length => length($query),`
Restore OpenID-2 (#1113) 2017-03-21 17:06:44 +01:00			`cookie => "lemonldap=$idpId",`
OpenID-2 in progress (#595) 2017-01-06 07:02:54 +01:00			`accept => 'text/html'`
			`),`
			`'Confirm choice'`
			`);`
OpenID-2 seems ready (#595) 2017-01-06 07:22:31 +01:00			`($query) = expectRedirection( $res, qr#^http://auth.sp.com/?\?(.*)# );`
OpenID-2 in progress (#595) 2017-01-06 07:02:54 +01:00
			`# Push redirection to SP`
			`switch ('sp');`
			`ok( $res = $sp->_get( '/', query => $query, accept => 'text/html' ),`
			`'Follow redirection to SP' );`
OpenID-2 seems ready (#595) 2017-01-06 07:22:31 +01:00			`my $spId = expectCookie($res);`
Replace lmLog by logger-> (#857) 2017-02-15 07:41:50 +01:00			`expectRedirection( $res, qr#^http://auth.sp.com/?$# );`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00
OpenID-2 in progress (#595) 2017-01-06 07:02:54 +01:00			`#print STDERR Dumper($res);`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`}`

			`count($maintests);`
			`clean_sessions();`
			`done_testing( count() );`

			`sub switch {`
			`my $type = shift;`
Start handler reorganization (#1160) 2017-02-08 23:18:52 +01:00			`@Lemonldap::NG::Handler::Main::_onReload = @{`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`$handlerOR{$type};`
			`};`
			`}`

OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`no warnings 'redefine';`

			`sub LWP::UserAgent::request {`
			`my ( $self, $req ) = @_;`
			`ok( $req->uri =~ m#http://auth.idp.com(.*)#, ' Request from SP to IdP' );`
			`my $url = $1;`
			`my ($res);`
			`count(1);`
			`if ( $req->method =~ /^post$/i ) {`
			`my $s = $req->content;`
			`ok(`
			`$res = $issuer->_post(`
			`$url, IO::String->new($s),`
			`length => length($s),`
			`type => $req->header('Content-Type'),`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00			`accept => 'text/plain',`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`),`
			`' Execute request'`
			`);`
			`}`
			`else {`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00			`ok( $res = $issuer->_get( $url, accept => 'text/plain', ),`
			`' Execute post request' );`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`}`
			`expectOK($res);`
			`my $httpResp = HTTP::Response->new( $res->[0], 'OK' );`

			`while ( my $name = shift @{ $res->[1] } ) {`
			`$httpResp->header( $name, shift( @{ $res->[1] } ) );`
			`}`
OpenID 2 in progress (#595) 2017-01-06 07:02:52 +01:00			`$httpResp->request($req);`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`$httpResp->content( join( '', @{ $res->[2] } ) );`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00			`count(1);`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`return $httpResp;`
			`}`

Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`sub issuer {`
			`return LLNG::Manager::Test->new(`
			`{`
			`ini => {`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`logLevel => $debug,`
			`templatesDir => 'site/htdocs/static',`
			`domain => 'idp.com',`
			`portal => 'http://auth.idp.com',`
			`authentication => 'Demo',`
Create a "Same" value for userDB and remove some other 2017-02-05 10:13:20 +01:00			`userDB => 'Same',`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`issuerDBOpenIDActivation => 1,`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`}`
			`}`
			`);`
			`}`

			`sub sp {`
			`return LLNG::Manager::Test->new(`
			`{`
			`ini => {`
			`logLevel => $debug,`
			`domain => 'sp.com',`
			`portal => 'http://auth.sp.com',`
			`authentication => 'OpenID',`
Create a "Same" value for userDB and remove some other 2017-02-05 10:13:20 +01:00			`userDB => 'Same',`
OpenID2 in progress (#595) 2017-01-05 17:44:16 +01:00			`openIdSecret => 'qwerty',`
OpenID-2 in progress (#595) 2017-01-05 22:45:34 +01:00			`exportedVars => {`
			`mail => 'email',`
OpenID-2 seems ready (#595) 2017-01-06 07:22:31 +01:00			`},`
			`openIdIDPList => '0;',`
Add UserDB/OpenID (#595) 2017-01-05 16:19:57 +01:00			`},`
			`}`
			`);`
			`}`