dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update SAML tests (#595)

Browse Source
This commit is contained in:
Xavier Guimard 2016-11-20 05:35:06 +00:00
parent 605514e7bc
commit 13f1ef6aa1
2 changed files with 51 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/SAML.pm
View File

@ -811,11 +811,11 @@ sub extractFormInfo {
my ( $idp, $idp_cookie ) = $self->getIDP($req);
# Get confirmation flag
my $confirm_flag = $req->param("confirm") // 0;
my $confirm_flag = $req->param("confirm") // '';
# If confirmation is -1 from resolved IDP screen,
# or IDP was not resolve, let the user choose its IDP
if ( $confirm_flag == -1 or !$idp ) {
if ( $confirm_flag eq '-1' or !$idp ) {
$self->lmLog( "Redirecting user to IDP list", 'debug' );
# Control url parameter
@ -851,11 +851,11 @@ sub extractFormInfo {
}
# If IDP is found but not confirmed, let the user confirm it
elsif ( $confirm_flag != 1 ) {
elsif ( $confirm_flag eq '1' ) {
$self->lmLog( "IDP $idp selected, need user confirmation", 'debug' );
# Control url parameter
my $urlcheck = $self->controlUrlOrigin();
my $urlcheck = $self->p->controlUrl($req);
return $urlcheck unless ( $urlcheck == PE_OK );
# Choosen IDP
@ -882,14 +882,14 @@ sub extractFormInfo {
$self->lmLog( "Build cookie to remember $idp as IDP choice", 'debug' );
# Control url parameter
my $urlcheck = $self->controlUrlOrigin();
my $urlcheck = $self->p->controlUrl($req);
return $urlcheck unless ( $urlcheck == PE_OK );
# User can choose temporary (0) or persistent cookie (1)
my $cookie_type = $req->param("cookie_type") || "0";
push @{ $req->{respHeaders} },
'Set-Cookie' => $self->cookie(
'Set-Cookie' => $self->p->cookie(
name => $self->conf->{samlIdPResolveCookie},
value => $idp,
domain => $self->conf->{domain},

50
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML.t
View File

@ -1,18 +1,21 @@
use Test::More;
use strict;
use IO::String;
require 't/test-lib.pm';
my $tests = 3;
my $debug = 'debug';
my $maintests = 7;
my $debug = 'debug';
my $res;
my %handlerOR = ( issuer => [], sp => [] );
SKIP: {
eval "use Lasso";
if ($@) {
skip 'Lasso not found', $tests;
skip 'Lasso not found', $maintests;
}
# Initialization
my $issuer;
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::Reload::_onReload;
@ -22,15 +25,51 @@ SKIP: {
ok( $sp = sp(), 'SP portal' );
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::Reload::_onReload;
# Simple SP login
my $res;
ok(
$sp->_get(
$res = $sp->_get(
'/', accept => 'text/html',
),
'Unauth SP request'
);
ok( $res->[0] == 200, 'Response is 200' ) or explain( $res->[0], 200 );
my $cookies = $sp->getCookies($res);
ok(
(
defined( $cookies->{lemonldapidp} )
and $cookies->{lemonldapidp} == 0
),
'IDP cookie defined'
)
or explain( $res->[1],
'Set-Cookie => lemonldapidp=0; domain=.sp.com; path=/; expires=-1d' );
ok(
$res->[2]->[0] =~
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
'Found confirm key'
)
or explain(
$res->[2],
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
);
my $confirm = $1;
# Choose idp on sp
ok(
$res = $sp->_post(
'/',
IO::String->new(
"confirm=$confirm&idp=https://auth.idp.com/saml/metadata"),
accept => 'text/html',
length => length($confirm) + 47,
cookie => 'lemonldapidp=0',
),
'Select IDP'
);
}
count($tests);
count($maintests);
done_testing( count() );
sub switch {
@ -308,6 +347,7 @@ sub sp {
samlIDPMetaDataOptions => {
idp => {
samlIDPMetaDataOptionsEncryptionMode => 'none',
samlIDPMetaDataOptionsSSOBinding => 'POST',
}
},
samlIDPMetaDataXML => {