Append DoubleCookies unit test & Update manifest (#1749)
This commit is contained in:
parent
29b7341345
commit
2b49ce5bd0
|
@ -515,8 +515,10 @@ t/66-CDA-already-auth.t
|
||||||
t/66-CDA-with-REST.t
|
t/66-CDA-with-REST.t
|
||||||
t/66-CDA-with-SOAP.t
|
t/66-CDA-with-SOAP.t
|
||||||
t/66-CDA.t
|
t/66-CDA.t
|
||||||
|
t/67-CheckUser-with-Global-token.t
|
||||||
t/67-CheckUser-with-token.t
|
t/67-CheckUser-with-token.t
|
||||||
t/67-CheckUser.t
|
t/67-CheckUser.t
|
||||||
|
t/68-doubleCookies.t
|
||||||
t/68-Impersonation-with-doubleCookies.t
|
t/68-Impersonation-with-doubleCookies.t
|
||||||
t/68-Impersonation-with-merge.t
|
t/68-Impersonation-with-merge.t
|
||||||
t/68-Impersonation.t
|
t/68-Impersonation.t
|
||||||
|
|
97
lemonldap-ng-portal/t/68-doubleCookies.t
Normal file
97
lemonldap-ng-portal/t/68-doubleCookies.t
Normal file
|
@ -0,0 +1,97 @@
|
||||||
|
use Test::More;
|
||||||
|
use strict;
|
||||||
|
use IO::String;
|
||||||
|
|
||||||
|
BEGIN {
|
||||||
|
require 't/test-lib.pm';
|
||||||
|
}
|
||||||
|
|
||||||
|
my $res;
|
||||||
|
|
||||||
|
my $client = LLNG::Manager::Test->new( {
|
||||||
|
ini => {
|
||||||
|
logLevel => 'error',
|
||||||
|
authentication => 'Demo',
|
||||||
|
userDB => 'Same',
|
||||||
|
loginHistoryEnabled => 0,
|
||||||
|
brutForceProtection => 0,
|
||||||
|
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||||
|
requireToken => 0,
|
||||||
|
checkUser => 0,
|
||||||
|
impersonationRule => 0,
|
||||||
|
impersonationIdRule => '$uid ne "msmith"',
|
||||||
|
impersonationPrefix => 'testPrefix_',
|
||||||
|
securedCookie => 3,
|
||||||
|
https => 0,
|
||||||
|
impersonationMergeSSOgroups => 0,
|
||||||
|
macros => {
|
||||||
|
test_impersonation => '"$testPrefix__user/$_user"',
|
||||||
|
_whatToTrace =>
|
||||||
|
'$_auth eq "SAML" ? "$_user@$_idpConfKey" : $_user',
|
||||||
|
},
|
||||||
|
}
|
||||||
|
}
|
||||||
|
);
|
||||||
|
|
||||||
|
## Try to impersonate with a bad spoofed user
|
||||||
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
||||||
|
count(1);
|
||||||
|
my ( $host, $url, $query ) =
|
||||||
|
expectForm( $res, '#', undef, 'user', 'password');#, 'spoofId' );
|
||||||
|
|
||||||
|
$query =~ s/user=/user=rtyler/;
|
||||||
|
$query =~ s/password=/password=rtyler/;
|
||||||
|
#$query =~ s/spoofId=/spoofId=dwho/;
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new($query),
|
||||||
|
length => length($query),
|
||||||
|
accept => 'text/html',
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
my $id1 = expectCookie($res);
|
||||||
|
ok( $id1 =~ /\w+/, " -> Get cookie : lemonldap=something" )
|
||||||
|
or explain( $res, "Set-Cookie: lemonldap=$id1" );
|
||||||
|
my $id2 = expectCookie( $res, 'lemonldaphttp' );
|
||||||
|
ok( $id2 =~ /\w+/, " -> Get cookie lemonldaphttp=something" )
|
||||||
|
or explain( $res, "Set-Cookie: lemonldaphttp=$id2" );
|
||||||
|
expectRedirection( $res, 'http://auth.example.com/' );
|
||||||
|
count(2);
|
||||||
|
|
||||||
|
# # CheckUser form
|
||||||
|
# # ------------------------
|
||||||
|
# ok(
|
||||||
|
# $res = $client->_get(
|
||||||
|
# '/checkuser',
|
||||||
|
# cookie => "lemonldap=$id1",
|
||||||
|
# accept => 'text/html'
|
||||||
|
# ),
|
||||||
|
# 'CheckUser form',
|
||||||
|
# );
|
||||||
|
# count(1);
|
||||||
|
# ( $host, $url, $query ) =
|
||||||
|
# expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||||
|
# ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
|
||||||
|
# or explain( $res->[2]->[0], 'trspan="checkUser"' );
|
||||||
|
# count(1);
|
||||||
|
|
||||||
|
# ok(
|
||||||
|
# $res = $client->_post(
|
||||||
|
# '/checkuser',
|
||||||
|
# IO::String->new($query),
|
||||||
|
# cookie => "lemonldap=$id1",
|
||||||
|
# length => length($query),
|
||||||
|
# accept => 'text/html',
|
||||||
|
# ),
|
||||||
|
# 'POST checkuser'
|
||||||
|
# );
|
||||||
|
# count(1);
|
||||||
|
|
||||||
|
$client->logout($id1);
|
||||||
|
clean_sessions();
|
||||||
|
|
||||||
|
done_testing( count() );
|
Loading…
Reference in New Issue
Block a user