Test to prove that #1743 is fixed

2019-05-10 18:50:20 +02:00 · 2019-05-10 18:50:20 +02:00 · 22acb06555
commit 22acb06555
parent 1cd50bb353
2 changed files with 80 additions and 0 deletions
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@ -493,6 +493,7 @@ t/42-Register-Demo-with-captcha.t
 t/42-Register-Demo-with-token.t
 t/42-Register-Demo.t
 t/42-Register-LDAP.t
+t/42-Register-Security.t
 t/43-MailPasswordReset-Choice.t
 t/43-MailPasswordReset-DBI.t
 t/43-MailPasswordReset-LDAP.t
--- a/lemonldap-ng-portal/t/42-Register-Security.t
+++ b/lemonldap-ng-portal/t/42-Register-Security.t
@ -0,0 +1,79 @@
+use Test::More;
+use strict;
+use IO::String;
+
+BEGIN {
+    eval {
+        require 't/test-lib.pm';
+        require 't/smtp.pm';
+    };
+}
+
+my $maintests = 5;
+my ( $res, $user, $pwd );
+
+SKIP: {
+    eval 'require Email::Sender::Simple';
+    if ($@) {
+        skip 'Missing dependencies', $maintests;
+    }
+
+    my $client = LLNG::Manager::Test->new( {
+            ini => {
+                logLevel                 => 'error',
+                useSafeJail              => 1,
+                portalDisplayRegister    => 1,
+                authentication           => 'Demo',
+                userDB                   => 'Same',
+                registerDB               => 'Demo',
+                captcha_register_enabled => 0,
+                tokenUseGlobalStorage => 1,
+            }
+        }
+    );
+
+    # Test normal first access
+    # ------------------------
+    ok(
+        $res = $client->_get( '/register', accept => 'text/html' ),
+        'Unauth request',
+    );
+    my ( $host, $url, $query ) =
+      expectForm( $res, '#', undef, 'firstname', 'lastname', 'mail' );
+
+    ok(
+        $res = $client->_post(
+            '/register',
+            IO::String->new(
+                'firstname=fôo&lastname=bar&mail=foobar%40badwolf.org'),
+            length => 53,
+            accept => 'text/html'
+        ),
+        'Ask to create account'
+    );
+    expectOK($res);
+
+    my $mail = mail();
+    ok( $mail =~ m#a href="http://auth.example.com/register\?(.*?)"#,
+        'Found register token' );
+    $query = $1;
+    ok( $query =~ /register_token=([^&]+)/, 'Found register_token' );
+    my $token = $1;
+    print STDERR "$token\n";
+
+    ok(
+        $res = $client->_get(
+            '/',
+            length => 23,
+            cookie => "lemonldap=$token",
+        ),
+        'Try to authenticate'
+    );
+    expectReject($res);
+}
+count($maintests);
+
+clean_sessions();
+
+done_testing( count() );
+