Force cleaning pdata cookie if redirect url match _url & Improve unit test (#2061)
This commit is contained in:
parent
6f31d98710
commit
138ef363d4
|
@ -9,7 +9,7 @@
|
|||
#
|
||||
package Lemonldap::NG::Portal::Main::Run;
|
||||
|
||||
our $VERSION = '2.0.7';
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
package Lemonldap::NG::Portal::Main;
|
||||
|
||||
|
@ -346,6 +346,8 @@ sub autoRedirect {
|
|||
$req->data->{redirectFormMethod} = "get";
|
||||
}
|
||||
else {
|
||||
my $url64 = encode_base64( $req->{urldc}, '' );
|
||||
$req->pdata( {} ) if ( $req->{pdata}->{_url} =~ /$url64/ );
|
||||
return [ 302, [ Location => $req->{urldc}, $req->spliceHdrs ], [] ];
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,7 +6,7 @@ BEGIN {
|
|||
eval "use GSSAPI";
|
||||
}
|
||||
|
||||
my $maintests = 9;
|
||||
my $maintests = 12;
|
||||
my $debug = 'error';
|
||||
|
||||
SKIP: {
|
||||
|
@ -43,9 +43,16 @@ SKIP: {
|
|||
}
|
||||
}
|
||||
);
|
||||
ok( $res = $client->_get( '/', accept => 'text/html' ),
|
||||
'First access with JS' );
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/',
|
||||
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29tCg==',
|
||||
accept => 'text/html'
|
||||
),
|
||||
'First access with JS'
|
||||
);
|
||||
|
||||
my $pdata = expectCookie( $res, "lemonldappdata" );
|
||||
expectForm( $res, '#', undef, 'kerberos' );
|
||||
ok(
|
||||
$res->[2]->[0] =~ m%<input type="hidden" name="kerberos" value="0" />%,
|
||||
|
@ -56,22 +63,45 @@ SKIP: {
|
|||
$res = $client->_get(
|
||||
'/',
|
||||
query => 'kerberos=1',
|
||||
accept => 'application/json'
|
||||
accept => 'application/json',
|
||||
cookie => "lemonldappdata=$pdata"
|
||||
),
|
||||
'Ajax access'
|
||||
);
|
||||
ok( $res->[0] == 401, 'Get 401' ) or explain( $res->[0], 401 );
|
||||
$pdata = expectCookie( $res, "lemonldappdata" );
|
||||
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/',
|
||||
query => 'kerberos=1',
|
||||
accept => 'application/json',
|
||||
custom => { HTTP_AUTHORIZATION => 'Negotiate c29tZXRoaW5n' }
|
||||
custom => { HTTP_AUTHORIZATION => 'Negotiate c29tZXRoaW5n' },
|
||||
cookie => "lemonldappdata=$pdata"
|
||||
),
|
||||
'Push fake kerberos'
|
||||
);
|
||||
expectCookie($res);
|
||||
my $id = expectCookie($res);
|
||||
$pdata = expectCookie( $res, "lemonldappdata" );
|
||||
ok( !$pdata, "Persistent data removed" );
|
||||
|
||||
# Redirect to application
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/',
|
||||
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29tCg==&kerberos=0',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id"
|
||||
),
|
||||
'Go to portal after authentication'
|
||||
);
|
||||
|
||||
expectRedirection( $res, qr#http://test1.example.com# );
|
||||
my $cookies = getCookies($res);
|
||||
ok(
|
||||
!defined( $cookies->{lemonldappdata} ),
|
||||
" Make sure no pdata is returned"
|
||||
);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user