Append DoubleCookies unit test & Update manifest (#1749)

2019-05-19 14:06:43 +02:00 · 2019-05-19 14:06:43 +02:00 · 2b49ce5bd0
commit 2b49ce5bd0
parent 29b7341345
2 changed files with 99 additions and 0 deletions
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@ -515,8 +515,10 @@ t/66-CDA-already-auth.t
 t/66-CDA-with-REST.t
 t/66-CDA-with-SOAP.t
 t/66-CDA.t
+t/67-CheckUser-with-Global-token.t
 t/67-CheckUser-with-token.t
 t/67-CheckUser.t
+t/68-doubleCookies.t
 t/68-Impersonation-with-doubleCookies.t
 t/68-Impersonation-with-merge.t
 t/68-Impersonation.t
--- a/lemonldap-ng-portal/t/68-doubleCookies.t
+++ b/lemonldap-ng-portal/t/68-doubleCookies.t
@ -0,0 +1,97 @@
+use Test::More;
+use strict;
+use IO::String;
+
+BEGIN {
+    require 't/test-lib.pm';
+}
+
+my $res;
+
+my $client = LLNG::Manager::Test->new( {
+        ini => {
+            logLevel                       => 'error',
+            authentication                 => 'Demo',
+            userDB                         => 'Same',
+            loginHistoryEnabled            => 0,
+            brutForceProtection            => 0,
+            portalMainLogo                 => 'common/logos/logo_llng_old.png',
+            requireToken                   => 0,
+            checkUser                      => 0,
+            impersonationRule              => 0,
+            impersonationIdRule            => '$uid ne "msmith"',
+            impersonationPrefix            => 'testPrefix_',
+            securedCookie                  => 3,
+            https                          => 0,
+            impersonationMergeSSOgroups    => 0,
+            macros                         => {
+                test_impersonation => '"$testPrefix__user/$_user"',
+                _whatToTrace =>
+                  '$_auth eq "SAML" ? "$_user@$_idpConfKey" : $_user',
+            },
+        }
+    }
+);
+
+## Try to impersonate with a bad spoofed user
+ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
+count(1);
+my ( $host, $url, $query ) =
+  expectForm( $res, '#', undef, 'user', 'password');#, 'spoofId' );
+
+$query =~ s/user=/user=rtyler/;
+$query =~ s/password=/password=rtyler/;
+#$query =~ s/spoofId=/spoofId=dwho/;
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new($query),
+        length => length($query),
+        accept => 'text/html',
+    ),
+    'Auth query'
+);
+count(1);
+
+my $id1 = expectCookie($res);
+ok( $id1 =~ /\w+/, " -> Get cookie : lemonldap=something" )
+  or explain( $res, "Set-Cookie: lemonldap=$id1" );
+my $id2 = expectCookie( $res, 'lemonldaphttp' );
+ok( $id2 =~ /\w+/, " -> Get cookie lemonldaphttp=something" )
+  or explain( $res, "Set-Cookie: lemonldaphttp=$id2" );
+expectRedirection( $res, 'http://auth.example.com/' );
+count(2);
+
+# # CheckUser form
+# # ------------------------
+# ok(
+#     $res = $client->_get(
+#         '/checkuser',
+#         cookie => "lemonldap=$id1",
+#         accept => 'text/html'
+#     ),
+#     'CheckUser form',
+# );
+# count(1);
+# ( $host, $url, $query ) =
+#   expectForm( $res, undef, '/checkuser', 'user', 'url' );
+# ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
+#   or explain( $res->[2]->[0], 'trspan="checkUser"' );
+# count(1);
+
+# ok(
+#     $res = $client->_post(
+#         '/checkuser',
+#         IO::String->new($query),
+#         cookie => "lemonldap=$id1",
+#         length => length($query),
+#         accept => 'text/html',
+#     ),
+#     'POST checkuser'
+# );
+# count(1);
+
+$client->logout($id1);
+clean_sessions();
+
+done_testing( count() );