Improve unit test (#2398)
This commit is contained in:
parent
6e4c0620a7
commit
40113b6829
|
@ -23,7 +23,13 @@ my $client = LLNG::Manager::Test->new( {
|
||||||
checkUserDisplayPersistentInfo => 0,
|
checkUserDisplayPersistentInfo => 0,
|
||||||
checkUserDisplayComputedSession => 1,
|
checkUserDisplayComputedSession => 1,
|
||||||
checkUserDisplayEmptyValues => 0,
|
checkUserDisplayEmptyValues => 0,
|
||||||
|
checkUserDisplayEmptyHeaders => 1,
|
||||||
impersonationMergeSSOgroups => 0,
|
impersonationMergeSSOgroups => 0,
|
||||||
|
checkUserHiddenHeaders => {
|
||||||
|
'test1.example.com' => 'Auth-User emptyHeader',
|
||||||
|
'test2.example.com' => '',
|
||||||
|
'*.example.llng' => '',
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
@ -117,7 +123,7 @@ count(1);
|
||||||
expectOK($res);
|
expectOK($res);
|
||||||
my $id2 = expectCookie($res);
|
my $id2 = expectCookie($res);
|
||||||
|
|
||||||
# Try chckUser with a forbidden identity existing in DB
|
# Try checkUser with a forbidden identity existing in DB
|
||||||
$query =~ s/user=msmith/user=rtyler/;
|
$query =~ s/user=msmith/user=rtyler/;
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
|
@ -208,6 +214,7 @@ $client->logout($id2);
|
||||||
|
|
||||||
# Try checkUser with a forbidden identity
|
# Try checkUser with a forbidden identity
|
||||||
$query =~ s/user=dwho/user=rtyler/;
|
$query =~ s/user=dwho/user=rtyler/;
|
||||||
|
$query =~ s/url=/url=test1/;
|
||||||
ok(
|
ok(
|
||||||
$res = $client->_post(
|
$res = $client->_post(
|
||||||
'/checkuser',
|
'/checkuser',
|
||||||
|
@ -225,6 +232,122 @@ ok( $res->{MSG} eq 'checkUserComputedSession', 'Computed session' )
|
||||||
or print STDERR Dumper($res);
|
or print STDERR Dumper($res);
|
||||||
count(2);
|
count(2);
|
||||||
|
|
||||||
|
# Headers are not masked
|
||||||
|
my @auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
my @empty = map { $_->{key} eq 'emptyHeader' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
ok( $auth_user[0]->{value} eq 'rtyler', 'Auth-User is not masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'Auth-User header value' );
|
||||||
|
ok( $empty[0]->{value} eq '', 'emptyHeader is not masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'emptyHeader header value' );
|
||||||
|
count(2);
|
||||||
|
|
||||||
|
## Try to authenticate
|
||||||
|
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu', );
|
||||||
|
count(1);
|
||||||
|
( $host, $url, $query ) = expectForm( $res, '#', undef, 'user', 'password' );
|
||||||
|
|
||||||
|
$query =~ s/user=/user=dwho/;
|
||||||
|
$query =~ s/password=/password=dwho/;
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/',
|
||||||
|
IO::String->new($query),
|
||||||
|
length => length($query),
|
||||||
|
accept => 'text/html',
|
||||||
|
),
|
||||||
|
'Auth query'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
$id = expectCookie($res);
|
||||||
|
expectRedirection( $res, 'http://auth.example.com/' );
|
||||||
|
|
||||||
|
# CheckUser form
|
||||||
|
ok(
|
||||||
|
$res = $client->_get(
|
||||||
|
'/checkuser',
|
||||||
|
cookie => "lemonldap=$id",
|
||||||
|
accept => 'text/html'
|
||||||
|
),
|
||||||
|
'CheckUser form',
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
( $host, $url, $query ) =
|
||||||
|
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||||
|
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
|
||||||
|
or explain( $res->[2]->[0], 'trspan="checkUser"' );
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
# Headers are masked
|
||||||
|
$query =~ s/url=/url=test1/;
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/checkuser',
|
||||||
|
IO::String->new($query),
|
||||||
|
cookie => "lemonldap=$id",
|
||||||
|
length => length($query),
|
||||||
|
),
|
||||||
|
'POST checkuser'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
|
||||||
|
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||||
|
or print STDERR "$@\n" . Dumper($res);
|
||||||
|
|
||||||
|
@auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
@empty = map { $_->{key} eq 'emptyHeader' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
my @test = map { $_->{key} eq 'testHeader1' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
ok( $auth_user[0]->{value} eq '******', 'Auth-User is masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'Auth-User header value' );
|
||||||
|
ok( $empty[0]->{value} eq '', 'emptyHeader is not masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'emptyHeader header value' );
|
||||||
|
ok( $test[0]->{value} eq 'testHeader_value', 'testHeader1 is not masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'testHeader1 header value' );
|
||||||
|
count(4);
|
||||||
|
|
||||||
|
$query =~ s/url=test1/url=test2/;
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/checkuser',
|
||||||
|
IO::String->new($query),
|
||||||
|
cookie => "lemonldap=$id",
|
||||||
|
length => length($query),
|
||||||
|
),
|
||||||
|
'POST checkuser'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||||
|
or print STDERR "$@\n" . Dumper($res);
|
||||||
|
|
||||||
|
@auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
@empty = map { $_->{key} eq 'emptyHeader' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
ok( $auth_user[0]->{value} eq '******', 'Auth-User is masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'Auth-User header value' );
|
||||||
|
count(2);
|
||||||
|
|
||||||
|
$query =~ s/url=test2/url=*.example.llng/;
|
||||||
|
ok(
|
||||||
|
$res = $client->_post(
|
||||||
|
'/checkuser',
|
||||||
|
IO::String->new($query),
|
||||||
|
cookie => "lemonldap=$id",
|
||||||
|
length => length($query),
|
||||||
|
),
|
||||||
|
'POST checkuser'
|
||||||
|
);
|
||||||
|
count(1);
|
||||||
|
ok( $res = eval { from_json( $res->[2]->[0] ) }, 'Response is JSON' )
|
||||||
|
or print STDERR "$@\n" . Dumper($res);
|
||||||
|
|
||||||
|
@auth_user = map { $_->{key} eq 'Auth-User' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
@test = map { $_->{key} eq 'testHeader1' ? $_ : () } @{ $res->{HEADERS} };
|
||||||
|
ok( $auth_user[0]->{value} eq '******', 'Auth-User is masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'Auth-User header value' );
|
||||||
|
ok( $test[0]->{value} eq '******', 'testHeader1 is masked' )
|
||||||
|
or explain( $res->{HEADERS}, 'testHeader1 header value' );
|
||||||
|
count(3);
|
||||||
|
|
||||||
$client->logout($id);
|
$client->logout($id);
|
||||||
|
|
||||||
clean_sessions();
|
clean_sessions();
|
||||||
done_testing( count() );
|
done_testing( count() );
|
||||||
|
|
|
@ -49,6 +49,10 @@
|
||||||
},
|
},
|
||||||
"test2.example.com": {
|
"test2.example.com": {
|
||||||
"Auth-User": "$uid"
|
"Auth-User": "$uid"
|
||||||
|
},
|
||||||
|
"*.example.llng": {
|
||||||
|
"Auth-User": "$uid",
|
||||||
|
"testHeader1": "'testHeader_value'"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"exportedVars": {
|
"exportedVars": {
|
||||||
|
|
Loading…
Reference in New Issue
Block a user