Update sessionInfo during auth process to improve handler in-memory sessions security & Improve unit tests

2020-01-03 20:04:33 +01:00 · 2020-01-03 20:04:33 +01:00 · 0f591496b4
commit 0f591496b4
parent d94f974831
5 changed files with 8 additions and 4 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
@ -484,6 +484,7 @@ sub store {
    # Update current request
    $req->id( $session->id );
    $req->{sessionInfo}->{_session_id} = $session->{id};
+    $req->{sessionInfo}->{_session_kind} = $session->{kind};

    # Compute unsecured cookie value if needed
    if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
--- a/lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t
+++ b/lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t
@ -26,7 +26,7 @@ my $client = LLNG::Manager::Test->new( {
            checkUserDisplayPersistentInfo => 0,
            checkUserDisplayEmptyValues    => 0,
            impersonationMergeSSOgroups    => 0,
-            checkUserHiddenAttributes      => '_loginHistory hGroups _session_id',
+            checkUserHiddenAttributes      => '_loginHistory hGroups _session_id _session_kind',
            macros                         => {
                test_impersonation => '"$testPrefix__user/$_user"',
                _whatToTrace =>
--- a/lemonldap-ng-portal/t/68-Impersonation.t
+++ b/lemonldap-ng-portal/t/68-Impersonation.t
@ -321,10 +321,12 @@ ok( $res->[2]->[0] =~ m%<td scope="row">rtyler/dwho</td>%, 'Found rtyler/dwo' )
  or explain( $res->[2]->[0], 'Found rtyler/dwo' );
 ok( $res->[2]->[0] =~ m%<td scope="row">_session_id</td>%, 'Found _session_id' )
  or explain( $res->[2]->[0], 'Found _session_id' );
-count(17);
+ok( $res->[2]->[0] =~ m%<td scope="row">_session_kind</td>%, 'Found _session_id' )
+  or explain( $res->[2]->[0], 'Found _session_kind' );
+count(18);

 my %attributes = map /<td scope="row">(.+)?<\/td>/g, $res->[2]->[0];
-ok( keys %attributes == 34, 'Found 34 attributes' )
+ok( keys %attributes == 35, 'Found 35 attributes' )
  or print STDERR "Missing attributes -> " . scalar %attributes;
 ok( $attributes{'_auth'} eq 'Demo', '_auth' )
  or print STDERR Dumper( \%attributes );
--- a/lemonldap-ng-portal/t/70-2F-TOTP-8-with-global-storage.t
+++ b/lemonldap-ng-portal/t/70-2F-TOTP-8-with-global-storage.t
@ -25,6 +25,7 @@ SKIP: {
                totp2fTTL              => -1,
                formTimeout            => 120,
                requireToken           => 1,
+                tokenUseGlobalStorage  => 1,
            }
        }
    );
--- a/lemonldap-ng-portal/t/77-2F-Mail-with-global-storage.t
+++ b/lemonldap-ng-portal/t/77-2F-Mail-with-global-storage.t
@ -11,7 +11,7 @@ count(1);

 my $client = LLNG::Manager::Test->new( {
        ini => {
-            logLevel              => 'debug',
+            logLevel              => 'error',
            mail2fActivation      => 1,
            mail2fCodeRegex       => '\d{4}',
            authentication        => 'Demo',