Test URIs (#2600)

2021-09-08 22:10:45 +02:00 · 2021-09-08 22:10:45 +02:00 · 258e4fe731
commit 258e4fe731
parent d3b8b27f0a
2 changed files with 23 additions and 15 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm
@ -5,6 +5,7 @@ use JSON;
 use Mouse;
 use Lemonldap::NG::Common::UserAgent;
 use Lemonldap::NG::Portal::Main::Constants qw(
+  URIRE
  PE_OK
  PE_ERROR
  PE_BADCREDENTIALS
@ -21,15 +22,22 @@ has sessionService => ( is => 'rw' );
 sub init {
    my ($self) = @_;

-    unless ( defined $self->conf->{proxyAuthService} ) {
-        $self->error("Missing proxyAuthService parameter");
+    unless ( defined $self->conf->{proxyAuthService}
+        && $self->conf->{proxyAuthService} =~ URIRE )
+    {
+        $self->error("Bad or missing proxyAuthService parameter");
        return 0;
    }

    my $sessionService = $self->conf->{proxySessionService}
      || $self->conf->{proxyAuthService} . '/session/my';
    $sessionService =~ s#/*$##;
+    unless ( $sessionService =~ URIRE ) {
+        $self->error("Malformed proxySessionService parameter");
+        return 0;
+    }
    $self->sessionService($sessionService);
+
    $self->ua( Lemonldap::NG::Common::UserAgent->new( $self->conf ) );
    $self->ua->default_header( Accept => 'application/json' );

@ -57,7 +65,8 @@ sub getUser {
                : ()
            ),
            (
-                $self->conf->{proxyAuthServiceImpersonation} && $req->param('spoofId')
+                $self->conf->{proxyAuthServiceImpersonation}
+                  && $req->param('spoofId')
                ? ( spoofId => $req->param('spoofId') )
                : ()
            )
--- a/lemonldap-ng-portal/t/27-AuthProxy-with-choice.t
+++ b/lemonldap-ng-portal/t/27-AuthProxy-with-choice.t
@ -8,22 +8,21 @@ require 't/test-lib.pm';

 my $client = LLNG::Manager::Test->new( {
        ini => {
-            logLevel                    => 'error',
-            useSafeJail                 => 1,
-            authentication              => 'Proxy',
-            userDB                      => 'Same',
-            proxyAuthService            => 'http://auth.example.com',
-            proxyAuthServiceChoiceParam => 'lmAuth',
-            proxyAuthServiceChoiceValue => '2_Password',
-            proxyAuthServiceImpersonation           => 1
+            logLevel                      => 'error',
+            useSafeJail                   => 1,
+            authentication                => 'Proxy',
+            userDB                        => 'Same',
+            proxyAuthService              => 'http://auth.example.com',
+            proxyAuthServiceChoiceParam   => 'lmAuth',
+            proxyAuthServiceChoiceValue   => '2_Password',
+            proxyAuthServiceImpersonation => 1
        }
    }
 );
 ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get menu' );
 ok( $res->[2]->[0] =~ m#<input name="spoofId" type="text"#,
-    'SpoofId input found' 
-) or explain( $res->[2]->[0], 'SpoofId' );
-
+    'spoofId input found' )
+  or explain( $res->[2]->[0], 'spoofId' );
 ok(
    $res = $client->_post(
        '/',
@ -34,11 +33,11 @@ ok(
 );
 expectOK($res);
 my $id = expectCookie($res);
+count(11);

 $client->logout($id);
 clean_sessions();

-count(11);
 done_testing( count() );

 # Redefine LWP methods for tests