Some errors in CAS (#1461)

2018-06-26 21:45:55 +02:00 · 2018-06-26 21:45:55 +02:00 · 28aedcd63c
commit 28aedcd63c
parent 8596b339e8
4 changed files with 5 additions and 7 deletions
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm
@ -32,7 +32,7 @@ sub new {
    }
    $self->env->{PATH_INFO} ||= '/';
    $self->{uri} = uri_unescape( $self->env->{REQUEST_URI} );
-    $self->{uri} =~ s|//+|/|g;
+    $self->{uri} =~ s|^//+|/|g;
    $self->{datas}       = {};
    $self->{error}       = 0;
    $self->{respHeaders} = [];
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Run.pm
@ -657,7 +657,7 @@ sub fullUrl {
    my ( $self, $req ) = @_;
    my $pHost = $self->conf->{portal};
    $pHost =~ s#^(https?://[^/]+)(?:/.*)?$#$1#;
-    return $pHost . $req->uri;
+    return $pHost . $req->env->{REQUEST_URI};
 }

 sub cookie {
--- a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server-with-Choice.t
+++ b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server-with-Choice.t
@ -197,8 +197,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$'
        'Push CAS response to proxy'
    );

-    print STDERR Dumper($url);
-    skip( 'Bug found', 6 );
    my $proxyId = expectCookie($res);
    ( $host, $url, $query ) =
      expectAutoPost( $res, 'auth.sp.com', '/saml/proxySingleSignOnPost',
@ -215,6 +213,7 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$'
        ),
        'Post SAML response to SP'
    );
+    skip( 'Bug found', 5 );

    # Verify authentication on SP
    expectRedirection( $res, 'http://auth.sp.com' );
--- a/lemonldap-ng-portal/t/test-lib.pm
+++ b/lemonldap-ng-portal/t/test-lib.pm
@ -5,6 +5,7 @@ use strict;
 use Data::Dumper;
 use LWP::UserAgent;
 use URI::Escape;
+use Lemonldap::NG::Common::FormEncode;
 use 5.10.0;

 no warnings 'redefine';
@ -127,9 +128,7 @@ m@<form.+?action="(?:(?:http://([^/]+))?(/.*?)?|(#))".+method="(post|get)"@is,
        my %fields =
          ( $res->[2]->[0] =~
              m#<input.+?name="([^"]+)"[^>]+?value="([^"]*?)"#gs );
-        my $query = join( '&',
-            map { "$_=" . uri_escape( uri_unescape( $fields{$_} ) ) }
-              keys(%fields) );
+        my $query = build_urlencoded(%fields);
        foreach my $f (@requiredFields) {
            ok( defined $fields{$f}, qq{ Field "$f" is defined} );
            count(1);