Tidy
This commit is contained in:
parent
6e4a874650
commit
4459a47f76
|
@ -107,6 +107,7 @@ sub store {
|
|||
$req->content( to_json($conf) );
|
||||
$req->header( 'Content-Type' => 'application/json' );
|
||||
my $resp = $self->ua->request($req);
|
||||
|
||||
if ( $resp->is_success ) {
|
||||
my $res;
|
||||
eval { $res = from_json( $resp->content, { allow_nonref => 1 } ) };
|
||||
|
|
|
@ -41,7 +41,7 @@ sub available {
|
|||
closedir D;
|
||||
@conf =
|
||||
sort { $a <=> $b }
|
||||
map { /lmConf-(\d+)\.yaml/ ? ( $1 + 0 ) : () } @conf;
|
||||
map { /lmConf-(\d+)\.yaml/ ? ( $1 + 0 ) : () } @conf;
|
||||
return @conf;
|
||||
}
|
||||
|
||||
|
|
|
@ -198,8 +198,8 @@ sub virtualHosts {
|
|||
# If rule contains a comment or an AuthLevel, split them
|
||||
if ( $query eq 'locationRules' ) {
|
||||
$res->{comment} = '';
|
||||
$res->{level} = '';
|
||||
$res->{level} = $1 if ( $r =~ s/\(\?#AuthnLevel=(-?\d+)\)// );
|
||||
$res->{level} = '';
|
||||
$res->{level} = $1 if ( $r =~ s/\(\?#AuthnLevel=(-?\d+)\)// );
|
||||
if ( $r =~ s/\(\?#(.*?)\)// ) {
|
||||
$res->{title} = $res->{comment} = $1;
|
||||
}
|
||||
|
@ -710,9 +710,9 @@ sub combModules {
|
|||
my $res = [];
|
||||
foreach my $mod ( keys %$val ) {
|
||||
my $tmp;
|
||||
$tmp->{title} = $mod;
|
||||
$tmp->{id} = "combModules/$mod";
|
||||
$tmp->{type} = 'cmbModule';
|
||||
$tmp->{title} = $mod;
|
||||
$tmp->{id} = "combModules/$mod";
|
||||
$tmp->{type} = 'cmbModule';
|
||||
$tmp->{data}->{$_} = $val->{$mod}->{$_} foreach (qw(type for));
|
||||
my $over = $val->{$mod}->{over} // {};
|
||||
$tmp->{data}->{over} = [ map { [ $_, $over->{$_} ] } keys %$over ];
|
||||
|
@ -786,8 +786,8 @@ sub metadata {
|
|||
}
|
||||
|
||||
# Find next and previous conf
|
||||
my @a = $self->confAcc->available;
|
||||
my $id = -1;
|
||||
my @a = $self->confAcc->available;
|
||||
my $id = -1;
|
||||
my ($ind) = map { $id++; $_ == $res->{cfgNum} ? ($id) : () } @a;
|
||||
if ($ind) { $res->{prev} = $a[ $ind - 1 ]; }
|
||||
if ( defined $ind and $ind < $#a ) {
|
||||
|
|
|
@ -166,9 +166,9 @@ sub serviceToXML {
|
|||
|
||||
foreach (@param_assertion) {
|
||||
my @_tab = split( /;/, $self->getValue( $_, $conf ) );
|
||||
$template->param( $_ . 'Default', $_tab[0] ? 'true' : 'false' );
|
||||
$template->param( $_ . 'Index', $_tab[1] );
|
||||
$template->param( $_ . 'Binding', $_tab[2] );
|
||||
$template->param( $_ . 'Default', $_tab[0] ? 'true' : 'false' );
|
||||
$template->param( $_ . 'Index', $_tab[1] );
|
||||
$template->param( $_ . 'Binding', $_tab[2] );
|
||||
$template->param( $_ . 'Location', $_tab[3] );
|
||||
}
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ sub import {
|
|||
}
|
||||
|
||||
has extension => (
|
||||
is => 'rw',
|
||||
is => 'rw',
|
||||
default => 'json'
|
||||
);
|
||||
|
||||
|
@ -39,7 +39,9 @@ has notifField => (
|
|||
sub BUILD {
|
||||
my $self = shift;
|
||||
$self->extension('xml') if $self->p->conf->{oldNotifFormat};
|
||||
$self->logger->debug('Use extension "' . $self->extension . '" to store notification files');
|
||||
$self->logger->debug( 'Use extension "'
|
||||
. $self->extension
|
||||
. '" to store notification files' );
|
||||
}
|
||||
|
||||
sub getNotifications {
|
||||
|
@ -62,8 +64,9 @@ sub getNotifications {
|
|||
|
||||
sub getAcceptedNotifs {
|
||||
my ( $self, $uid, $ref ) = @_;
|
||||
my $forAll = $self->getAccepted( $self->conf->{notificationWildcard}, $ref );
|
||||
my $forUser = $self->getAccepted($uid, $ref);
|
||||
my $forAll =
|
||||
$self->getAccepted( $self->conf->{notificationWildcard}, $ref );
|
||||
my $forUser = $self->getAccepted( $uid, $ref );
|
||||
if ( $forUser and $forAll ) {
|
||||
return { %$forUser, %$forAll };
|
||||
}
|
||||
|
|
|
@ -86,7 +86,7 @@ sub getAccepted {
|
|||
# keys date, uid, ref and condition.
|
||||
sub getAll {
|
||||
my $self = shift;
|
||||
my $ext = $self->extension;
|
||||
my $ext = $self->extension;
|
||||
opendir D, $self->{dirName};
|
||||
my @notif;
|
||||
my $fns = $self->{fileNameSeparator};
|
||||
|
@ -112,7 +112,7 @@ sub getAll {
|
|||
# keys date, uid, ref and condition.
|
||||
sub getExisting {
|
||||
my $self = shift;
|
||||
my $ext = $self->extension;
|
||||
my $ext = $self->extension;
|
||||
opendir D, $self->{dirName};
|
||||
my @notif;
|
||||
my $fns = $self->{fileNameSeparator};
|
||||
|
|
|
@ -42,10 +42,11 @@ sub newNotification {
|
|||
|
||||
unless ( exists $notif->{condition} ) {
|
||||
$self->userLogger->info(
|
||||
"Set defaultCondition ($defaultCond) for notification $notif->{reference}");
|
||||
"Set defaultCondition ($defaultCond) for notification $notif->{reference}"
|
||||
);
|
||||
$notif->{condition} = $defaultCond;
|
||||
}
|
||||
|
||||
|
||||
push @data, ( $notif->{condition} );
|
||||
$notif->{date} =~ s/^(\d{4}-\d{2}-\d{2}).*$/$1/;
|
||||
my $body = to_json($notif);
|
||||
|
|
|
@ -45,7 +45,7 @@ sub newNotification {
|
|||
$self->logger->error("$err");
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
# Prevent to store time. Keep date only
|
||||
$tmp =~ s/^(\d{4}-\d{2}-\d{2}).*$/$1/;
|
||||
push @data, $tmp;
|
||||
|
@ -59,8 +59,8 @@ sub newNotification {
|
|||
}
|
||||
else {
|
||||
$self->userLogger->info(
|
||||
"Set defaultCondition ($defaultCond) for notification " . $notif->{reference}
|
||||
);
|
||||
"Set defaultCondition ($defaultCond) for notification "
|
||||
. $notif->{reference} );
|
||||
push @data, $defaultCond;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -34,7 +34,7 @@ sub init {
|
|||
foreach my $k ( keys %$args ) {
|
||||
$self->{$k} = $args->{$k} unless ( $k eq 'logger' );
|
||||
}
|
||||
unless ( ref($self->logger) and ref($self->userLogger) ) {
|
||||
unless ( ref( $self->logger ) and ref( $self->userLogger ) ) {
|
||||
my $logger =
|
||||
$args->{logger}
|
||||
|| $ENV{LLNG_DEFAULTLOGGER}
|
||||
|
|
|
@ -49,7 +49,8 @@ sub userData {
|
|||
return $self->{userData}
|
||||
|| {
|
||||
( $Lemonldap::NG::Handler::Main::tsv->{whatToTrace}
|
||||
|| '_whatToTrace' ) => $self->{user}, };
|
||||
|| '_whatToTrace' ) => $self->{user},
|
||||
};
|
||||
}
|
||||
|
||||
sub respHeaders {
|
||||
|
|
|
@ -64,8 +64,8 @@ sub checkLogonHours {
|
|||
# Use time_correction
|
||||
if ($time_correction) {
|
||||
my ( $sign, $time ) = ( $time_correction =~ /([+|-]?)(\d+)/ );
|
||||
if ( $sign =~ /-/ ) { $hourpos -= $time; }
|
||||
else { $hourpos += $time; }
|
||||
if ( $sign =~ /-/ ) { $hourpos -= $time; }
|
||||
else { $hourpos += $time; }
|
||||
}
|
||||
|
||||
# Get the corresponding byte
|
||||
|
|
|
@ -283,11 +283,11 @@ sub getMod {
|
|||
my ( $self, $req ) = @_;
|
||||
my ( $s, $m );
|
||||
unless ( $s = $req->params('sessionType') ) {
|
||||
$self->error($req->error('Session type is required'));
|
||||
$self->error( $req->error('Session type is required') );
|
||||
return ();
|
||||
}
|
||||
unless ( $m = $self->sessionTypes->{$s} ) {
|
||||
$self->error($req->error('Unknown (or unconfigured) session type'));
|
||||
$self->error( $req->error('Unknown (or unconfigured) session type') );
|
||||
return ();
|
||||
}
|
||||
if ( my $kind = $req->params('kind') ) {
|
||||
|
|
|
@ -66,7 +66,7 @@ q"I refuse to compile rules.json when useSafeJail isn't activated! Yes I know, I
|
|||
$json->{rules} ||= { default => 1 };
|
||||
$json->{headers} //= { 'Auth-User' => '$uid' };
|
||||
$class->locationRulesInit( undef, { $vhost => $json->{rules} } );
|
||||
$class->headersInit( undef, { $vhost => $json->{headers} } );
|
||||
$class->headersInit( undef, { $vhost => $json->{headers} } );
|
||||
$class->tsv->{lastVhostUpdate}->{$vhost} = time;
|
||||
return;
|
||||
}
|
||||
|
|
|
@ -75,11 +75,13 @@ sub fetchId {
|
|||
|
||||
# Get access token session
|
||||
my $infos = $class->getOIDCInfos($access_token);
|
||||
|
||||
# If this token is tied to a regular session ID
|
||||
if ( my $_session_id = $infos->{user_session_id} ) {
|
||||
$class->logger->debug( 'Get user session id ' . $_session_id );
|
||||
return $_session_id;
|
||||
}
|
||||
|
||||
# If this token is tied to an Offline session
|
||||
if ( my $_session_id = $infos->{offline_session_id} ) {
|
||||
$class->logger->debug( 'Get offline session id ' . $_session_id );
|
||||
|
|
|
@ -45,7 +45,8 @@ sub fetchId {
|
|||
}
|
||||
|
||||
# Is token in good interval ?
|
||||
my $ttl = $class->localConfig->{vhostOptions}->{$vhost}->{vhostServiceTokenTTL}
|
||||
my $ttl =
|
||||
$class->localConfig->{vhostOptions}->{$vhost}->{vhostServiceTokenTTL}
|
||||
|| $class->tsv->{serviceTokenTTL}->{$vhost};
|
||||
$ttl = $class->tsv->{handlerServiceTokenTTL} unless ( $ttl and $ttl > 0 );
|
||||
my $now = time;
|
||||
|
|
|
@ -69,7 +69,8 @@ sub run {
|
|||
my ( $user, $uri, $code ) = ( $1, $2, $3 );
|
||||
|
||||
# Portal error translation
|
||||
$code = portalConsts->{$code} || $code if ( $code =~ /^\-?\d+$/ );
|
||||
$code = portalConsts->{$code} || $code
|
||||
if ( $code =~ /^\-?\d+$/ );
|
||||
|
||||
# Per user activity
|
||||
$status->{user}->{$user}->{$code}++;
|
||||
|
|
|
@ -439,14 +439,15 @@ sub fetchId {
|
|||
my ( $class, $req ) = @_;
|
||||
my $t = $req->{env}->{HTTP_COOKIE} or return 0;
|
||||
my $vhost = $class->resolveAlias($req);
|
||||
$class->logger->debug("VH $vhost is HTTPS") if $class->_isHttps( $req, $vhost );
|
||||
$class->logger->debug("VH $vhost is HTTPS")
|
||||
if $class->_isHttps( $req, $vhost );
|
||||
my $lookForHttpCookie = ( $class->tsv->{securedCookie} =~ /^(2|3)$/
|
||||
and not $class->_isHttps( $req, $vhost ) );
|
||||
my $cn = $class->tsv->{cookieName};
|
||||
my $value =
|
||||
$lookForHttpCookie
|
||||
? ( $t =~ /${cn}http=([^,; ]+)/o ? $1 : 0 )
|
||||
: ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
|
||||
: ( $t =~ /$cn=([^,; ]+)/o ? $1 : 0 );
|
||||
|
||||
if ( $value && $lookForHttpCookie && $class->tsv->{securedCookie} == 3 ) {
|
||||
$value = $class->tsv->{cipher}->decryptHex( $value, "http" );
|
||||
|
|
|
@ -49,7 +49,7 @@ sub addAuthRouteWithRedirect {
|
|||
sub _auth_and_redirect {
|
||||
my ( $self, $req ) = @_;
|
||||
$self->api->goToPortal( $req, $req->{env}->{REQUEST_URI} );
|
||||
return [ 302, [$req->spliceHdrs], [] ];
|
||||
return [ 302, [ $req->spliceHdrs ], [] ];
|
||||
}
|
||||
|
||||
sub defaultAuthRoute {
|
||||
|
@ -73,7 +73,7 @@ sub _run {
|
|||
if ( $res->[0] < 300 ) {
|
||||
$self->routes( $self->authRoutes );
|
||||
$req->userData( $self->api->data );
|
||||
$req->respHeaders($res->[1]);
|
||||
$req->respHeaders( $res->[1] );
|
||||
}
|
||||
elsif ( $res->[0] != 403 and not $req->data->{noTry} ) {
|
||||
|
||||
|
|
|
@ -36,16 +36,16 @@ ok(
|
|||
( defined($code) and ref($code) eq 'CODE' ),
|
||||
'encode_base64 function is defined'
|
||||
);
|
||||
ok( $res = &$code, "Function works" );
|
||||
ok( $res = &$code, "Function works" );
|
||||
ok( $res eq 'dGVzdA==', 'Get good result' );
|
||||
|
||||
$sub = "sub { return ( listMatch('ABC; DEF; GHI','abc',1) ) }";
|
||||
$sub = "sub { return ( listMatch('ABC; DEF; GHI','abc',1) ) }";
|
||||
$code = $jail->jail_reval($sub);
|
||||
ok( ( defined($code) and ref($code) eq 'CODE' ),
|
||||
'listMatch function is defined' );
|
||||
ok( &$code eq '1', 'Get good result' );
|
||||
|
||||
$sub = "sub { return ( listMatch('ABC; DEF; GHI','ab',1) ) }";
|
||||
$sub = "sub { return ( listMatch('ABC; DEF; GHI','ab',1) ) }";
|
||||
$code = $jail->jail_reval($sub);
|
||||
ok( ( defined($code) and ref($code) eq 'CODE' ),
|
||||
'listMatch function is defined' );
|
||||
|
@ -58,5 +58,5 @@ ok(
|
|||
'checkDate extended function is defined'
|
||||
);
|
||||
ok( $res = &$code, "Function works" );
|
||||
ok( $res == 1, 'Get good result' );
|
||||
ok( $res == 1, 'Get good result' );
|
||||
|
||||
|
|
|
@ -49,7 +49,7 @@ ok( ( defined($listMatch) and ref($listMatch) eq 'CODE' ),
|
|||
'listMatch function is defined' );
|
||||
ok( &$listMatch eq '1', 'Get good result' );
|
||||
|
||||
my $sub5 = "sub { return ( listMatch('ABC; DEF; GHI','ab', 1) ) }";
|
||||
my $sub5 = "sub { return ( listMatch('ABC; DEF; GHI','ab', 1) ) }";
|
||||
$listMatch = $jail->jail_reval($sub5);
|
||||
ok( ( defined($listMatch) and ref($listMatch) eq 'CODE' ),
|
||||
'listMatch function is defined' );
|
||||
|
|
|
@ -41,33 +41,55 @@ ok( $h{'Auth-User'} eq 'dwho', 'Header Auth-User is set to "dwho"' )
|
|||
count(1);
|
||||
|
||||
# Request an URI protected by custom function -> allowed
|
||||
ok( $res = $client->_get( '/test-restricted_uri/dwho/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok( $res->[0] == 200, '/test-restricted_uri -> Code is 200' ) or explain( $res, 200 );
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/test-restricted_uri/dwho/', undef, undef, "lemonldap=$sessionId"
|
||||
),
|
||||
'Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, '/test-restricted_uri -> Code is 200' )
|
||||
or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> denied
|
||||
ok( $res = $client->_get( '/test-restricted_uri/dwho', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, '/test-restricted_uri -> Code is 403' ) or explain( $res->[0], 403 );
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/test-restricted_uri/dwho', undef, undef, "lemonldap=$sessionId"
|
||||
),
|
||||
'Denied query'
|
||||
);
|
||||
ok( $res->[0] == 403, '/test-restricted_uri -> Code is 403' )
|
||||
or explain( $res->[0], 403 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> allowed
|
||||
ok( $res = $client->_get( '/test-uri2/dwho/dummy', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/test-uri2/dwho/dummy', undef, undef, "lemonldap=$sessionId"
|
||||
),
|
||||
'Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, '/test-uri2 -> Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> denied
|
||||
ok( $res = $client->_get( '/test-uri1/dwho/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' ) or explain( $res->[0], 403 );
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/test-uri1/dwho/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query'
|
||||
);
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' )
|
||||
or explain( $res->[0], 403 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> denied
|
||||
ok( $res = $client->_get( '/test-uri1/dwh', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' ) or explain( $res->[0], 403 );
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/test-uri1/dwh', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query'
|
||||
);
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' )
|
||||
or explain( $res->[0], 403 );
|
||||
count(2);
|
||||
|
||||
# Denied query
|
||||
|
|
|
@ -45,27 +45,42 @@ ok( $h{'Headervalue1'} eq 'dwho', 'Headervalue1 is set to "dwho"' )
|
|||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> allowed
|
||||
ok( $res = $client->_get( '/test-uri1/dwho', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/test-uri1/dwho', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, '/test-uri1 -> Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> allowed
|
||||
ok( $res = $client->_get( '/test-uri2/dwho/dummy', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Authentified query' );
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/test-uri2/dwho/dummy', undef, undef, "lemonldap=$sessionId"
|
||||
),
|
||||
'Authentified query'
|
||||
);
|
||||
ok( $res->[0] == 200, '/test-uri2 -> Code is 200' ) or explain( $res, 200 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> denied
|
||||
ok( $res = $client->_get( '/test-uri1/dwho/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' ) or explain( $res->[0], 403 );
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/test-uri1/dwho/', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query'
|
||||
);
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' )
|
||||
or explain( $res->[0], 403 );
|
||||
count(2);
|
||||
|
||||
# Request an URI protected by custom function -> denied
|
||||
ok( $res = $client->_get( '/test-uri1/dwh', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query' );
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' ) or explain( $res->[0], 403 );
|
||||
ok(
|
||||
$res =
|
||||
$client->_get( '/test-uri1/dwh', undef, undef, "lemonldap=$sessionId" ),
|
||||
'Denied query'
|
||||
);
|
||||
ok( $res->[0] == 403, '/test-uri1 -> Code is 403' )
|
||||
or explain( $res->[0], 403 );
|
||||
count(2);
|
||||
|
||||
# Denied query
|
||||
|
|
|
@ -39,7 +39,7 @@ my $res;
|
|||
|
||||
# Unauth tests
|
||||
ok( $res = $client->_get('/test'), 'Get response' );
|
||||
ok( $res->[0] == 200, 'Response code is 200' )
|
||||
ok( $res->[0] == 200, 'Response code is 200' )
|
||||
or print "Expect 200, got $res->[0]\n";
|
||||
ok( $res->[2]->[0] eq 'Unauth', 'Get unauth result' )
|
||||
or print "Expect Unauth, got $res->[2]->[0]\n";
|
||||
|
@ -64,7 +64,7 @@ count(3);
|
|||
# Bad path test
|
||||
|
||||
ok( $res = $client->_get('/[]/test'), 'Try a bad path' );
|
||||
ok( $res->[0] == 400, 'Response is 400' );
|
||||
ok( $res->[0] == 400, 'Response is 400' );
|
||||
count(2);
|
||||
|
||||
clean();
|
||||
|
|
|
@ -38,8 +38,9 @@ my $crypt = Lemonldap::NG::Common::Crypto->new('qwertyui');
|
|||
my $token = $crypt->encrypt(
|
||||
join ':', time,
|
||||
$sessionId, 'test1.example.com',
|
||||
'XFromVH=app1-auth.example.com', "serviceHeader1=$sessionId","serviceHeader2=$sessionId",
|
||||
'test2.example.com', '*.example.com'
|
||||
'XFromVH=app1-auth.example.com', "serviceHeader1=$sessionId",
|
||||
"serviceHeader2=$sessionId", 'test2.example.com',
|
||||
'*.example.com'
|
||||
);
|
||||
|
||||
ok(
|
||||
|
|
|
@ -24,7 +24,7 @@ extends 'Lemonldap::NG::Common::Conf::AccessLib',
|
|||
|
||||
has csp => ( is => 'rw' );
|
||||
|
||||
has loadedPlugins => ( is => 'rw', default => sub { [] } );
|
||||
has loadedPlugins => ( is => 'rw', default => sub { [] } );
|
||||
has hLoadedPlugins => ( is => 'rw', default => sub { {} } );
|
||||
|
||||
## @method boolean init($args)
|
||||
|
@ -56,7 +56,7 @@ sub init {
|
|||
}
|
||||
|
||||
my $conf = $self->confAcc->getConf;
|
||||
$conf->{$_} = $args->{$_} foreach(keys %$args);
|
||||
$conf->{$_} = $args->{$_} foreach ( keys %$args );
|
||||
|
||||
$self->{enabledModules} ||= "conf, sessions, notifications, 2ndFA, api";
|
||||
my @links;
|
||||
|
@ -163,16 +163,20 @@ sub init {
|
|||
|
||||
sub tplParams {
|
||||
my ( $self, $req ) = @_;
|
||||
my $res = eval { $self->hLoadedPlugins->{viewer}->brwRule->( $req, $req->{userData} ) } || 0;
|
||||
my $res = eval {
|
||||
$self->hLoadedPlugins->{viewer}->brwRule->( $req, $req->{userData} );
|
||||
} || 0;
|
||||
return ( VERSION => $VERSION, ALLOWBROWSER => $res );
|
||||
}
|
||||
|
||||
sub javascript {
|
||||
my ( $self, $req ) = @_;
|
||||
my $res = eval { $self->hLoadedPlugins->{viewer}->diffRule->( $req, $req->{userData} )} || 0;
|
||||
my $res = eval {
|
||||
$self->hLoadedPlugins->{viewer}->diffRule->( $req, $req->{userData} );
|
||||
} || 0;
|
||||
print STDERR $@ if $@;
|
||||
my $impPrefix = $self->{impersonationPrefix} || 'real_';
|
||||
my $ttl = $self->{timeout} || 72000;
|
||||
my $ttl = $self->{timeout} || 72000;
|
||||
|
||||
return
|
||||
'var formPrefix=staticPrefix+"forms/";var confPrefix=scriptname+"confs/";var viewPrefix=scriptname+"view/";'
|
||||
|
|
|
@ -60,8 +60,8 @@ sub _hasAllowedAttributes {
|
|||
|
||||
sub _listAttributes {
|
||||
my ( $self, $rootNode ) = @_;
|
||||
my $mainTree = Lemonldap::NG::Manager::Build::CTrees::cTrees();
|
||||
my $rootNodes = [ grep { ref($_) eq "HASH" } @{ $mainTree->{$rootNode} } ];
|
||||
my $mainTree = Lemonldap::NG::Manager::Build::CTrees::cTrees();
|
||||
my $rootNodes = [ grep { ref($_) eq "HASH" } @{ $mainTree->{$rootNode} } ];
|
||||
my @attributes = map { $self->_listNodeAttributes($_) } @$rootNodes;
|
||||
|
||||
return @attributes;
|
||||
|
|
|
@ -456,15 +456,16 @@ our \$VERSION = '$Lemonldap::NG::Manager::Build::Attributes::VERSION';
|
|||
use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main';
|
||||
use constant {
|
||||
EOF
|
||||
for my $pe ( sort { $portalConstants{$a} <=> $portalConstants{$b} }
|
||||
keys %portalConstants )
|
||||
for my $pe (
|
||||
sort { $portalConstants{$a} <=> $portalConstants{$b} }
|
||||
keys %portalConstants
|
||||
)
|
||||
{
|
||||
my $str = $portalConstants{$pe};
|
||||
$content .= " $pe => $str,\n";
|
||||
}
|
||||
|
||||
my $exports = join ", ",
|
||||
map { "'$_'" }
|
||||
my $exports = join ", ", map { "'$_'" }
|
||||
sort { $portalConstants{$a} <=> $portalConstants{$b} }
|
||||
keys %portalConstants;
|
||||
|
||||
|
@ -569,7 +570,7 @@ sub scanTree {
|
|||
# Subnode
|
||||
elsif ( ref($leaf) ) {
|
||||
$jleaf->{title} = $jleaf->{id} = $leaf->{title};
|
||||
$jleaf->{type} = $leaf->{form} if ( $leaf->{form} );
|
||||
$jleaf->{type} = $leaf->{form} if ( $leaf->{form} );
|
||||
if ( $leaf->{title} =~ /^((?:oidc|saml|cas)Service)MetaData$/ ) {
|
||||
no strict 'refs';
|
||||
my @tmp = $self->scanLeaf( $leaf->{nodes} );
|
||||
|
|
|
@ -28,7 +28,7 @@ our $VERSION = '2.0.8';
|
|||
|
||||
use constant defaultRoute => 'manager.html';
|
||||
|
||||
has ua => ( is => 'rw' );
|
||||
has ua => ( is => 'rw' );
|
||||
|
||||
sub init {
|
||||
my ( $self, $conf ) = @_;
|
||||
|
@ -309,8 +309,9 @@ sub newRawConf {
|
|||
# chances to be equal to last config cfgNum
|
||||
my $s = $self->confAcc->saveConf( $new, force => 1 );
|
||||
if ( $s > 0 ) {
|
||||
$self->userLogger->notice(
|
||||
'User ' . $self->p->userId($req) . " has stored (raw) conf $s" );
|
||||
$self->userLogger->notice( 'User '
|
||||
. $self->p->userId($req)
|
||||
. " has stored (raw) conf $s" );
|
||||
$res->{result} = 1;
|
||||
$res->{cfgNum} = $s;
|
||||
}
|
||||
|
|
|
@ -12,7 +12,7 @@ use feature 'state';
|
|||
extends 'Lemonldap::NG::Manager::Conf';
|
||||
|
||||
has diffRule => ( is => 'rw', default => sub { 0 } );
|
||||
has brwRule => ( is => 'rw', default => sub { 0 } );
|
||||
has brwRule => ( is => 'rw', default => sub { 0 } );
|
||||
|
||||
our $VERSION = '2.0.8';
|
||||
|
||||
|
@ -109,7 +109,8 @@ sub viewDiff {
|
|||
# Check Diff activation rule
|
||||
unless ( $self->diffRule->( $req, $req->{userData} ) ) {
|
||||
my $user = $req->{userData}->{_whatToTrace} || 'anonymous';
|
||||
$self->userLogger->warn("$user is not authorized to compare configurations");
|
||||
$self->userLogger->warn(
|
||||
"$user is not authorized to compare configurations");
|
||||
return $self->sendJSONresponse( $req, { 'value' => '_Hidden_' } );
|
||||
}
|
||||
|
||||
|
@ -173,7 +174,8 @@ sub viewKey {
|
|||
$self->logger->debug(
|
||||
" $req->{env}->{REQUEST_URI} -> URI FORBIDDEN");
|
||||
my $user = $req->{userData}->{_whatToTrace} || 'anonymous';
|
||||
$self->userLogger->warn("$user is not authorized to browse configurations");
|
||||
$self->userLogger->warn(
|
||||
"$user is not authorized to browse configurations");
|
||||
$self->rejectKey( $req, @args );
|
||||
}
|
||||
}
|
||||
|
|
|
@ -41,7 +41,8 @@ sub newSession {
|
|||
_session_kind => $kind,
|
||||
_2fDevices => to_json($sfaDevices),
|
||||
}
|
||||
), "New $kind session for $uid"
|
||||
),
|
||||
"New $kind session for $uid"
|
||||
);
|
||||
count(1);
|
||||
}
|
||||
|
@ -96,7 +97,7 @@ sub checkGet {
|
|||
my ( $uid, $id ) = splice @_;
|
||||
my ( $test, $res, $ret );
|
||||
$test = "$uid should have one 2F with id \"$id\"";
|
||||
$res = get( $test, $uid, undef, $id );
|
||||
$res = get( $test, $uid, undef, $id );
|
||||
check200( $test, $res );
|
||||
|
||||
#diag Dumper($res);
|
||||
|
@ -110,7 +111,7 @@ sub checkGet404 {
|
|||
my ( $uid, $id ) = splice @_;
|
||||
my ( $test, $res, $ret );
|
||||
$test = "$uid should not have any 2F with id \"$id\"";
|
||||
$res = get( $test, $uid, undef, $id );
|
||||
$res = get( $test, $uid, undef, $id );
|
||||
check404( $test, $res );
|
||||
}
|
||||
|
||||
|
@ -138,7 +139,7 @@ sub checkGetBadType {
|
|||
my ( $uid, $type ) = splice @_;
|
||||
my ( $test, $res );
|
||||
$test = "Get for uid $uid and type \"$type\" should get rejected.";
|
||||
$res = get( $test, $uid, $type );
|
||||
$res = get( $test, $uid, $type );
|
||||
check405( $test, $res );
|
||||
}
|
||||
|
||||
|
@ -176,7 +177,7 @@ sub checkDelete {
|
|||
my ( $uid, $id ) = splice @_;
|
||||
my ( $test, $res );
|
||||
$test = "$uid should have a 2F with id \"$id\" to be deleted.";
|
||||
$res = del( $test, $uid, undef, $id );
|
||||
$res = del( $test, $uid, undef, $id );
|
||||
check200( $test, $res );
|
||||
}
|
||||
|
||||
|
@ -184,7 +185,7 @@ sub checkDelete404 {
|
|||
my ( $uid, $id ) = splice @_;
|
||||
my ( $test, $res );
|
||||
$test = "$uid should not have a 2F with id \"$id\" to be deleted.";
|
||||
$res = del( $test, $uid, undef, $id );
|
||||
$res = del( $test, $uid, undef, $id );
|
||||
check404( $test, $res );
|
||||
}
|
||||
|
||||
|
@ -209,7 +210,7 @@ sub checkDeleteBadType {
|
|||
my ( $uid, $type ) = splice @_;
|
||||
my ( $test, $res );
|
||||
$test = "Delete for uid $uid and type \"$type\" should get rejected.";
|
||||
$res = del( $test, $uid, $type );
|
||||
$res = del( $test, $uid, $type );
|
||||
check405( $test, $res );
|
||||
}
|
||||
|
||||
|
@ -218,7 +219,7 @@ my $ret;
|
|||
|
||||
## Sessions creation
|
||||
# msmith
|
||||
newSession( 'msmith', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'msmith', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'msmith', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||
|
||||
# dwho
|
||||
|
@ -242,7 +243,7 @@ $sfaDevices = [ {
|
|||
"epoch" => time
|
||||
}
|
||||
];
|
||||
newSession( 'dwho', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'dwho', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'dwho', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||
|
||||
# rtyler
|
||||
|
@ -266,7 +267,7 @@ $sfaDevices = [ {
|
|||
"epoch" => time
|
||||
}
|
||||
];
|
||||
newSession( 'rtyler', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'rtyler', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'rtyler', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||
|
||||
# davros
|
||||
|
@ -284,7 +285,7 @@ $sfaDevices = [ {
|
|||
"epoch" => time
|
||||
}
|
||||
];
|
||||
newSession( 'davros', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'davros', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'davros', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||
|
||||
# tof
|
||||
|
@ -296,7 +297,7 @@ $sfaDevices = [ {
|
|||
"epoch" => time
|
||||
}
|
||||
];
|
||||
newSession( 'tof', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'tof', '127.10.0.1', 'SSO', $sfaDevices );
|
||||
newSession( 'tof', '127.10.0.1', 'Persistent', $sfaDevices );
|
||||
|
||||
# dwho
|
||||
|
|
|
@ -90,7 +90,7 @@ sub checkGet {
|
|||
my $res = get( $test, $type, $confKey );
|
||||
check200( $test, $res );
|
||||
my @path = split '/', $attrPath;
|
||||
my $key = from_json( $res->[2]->[0] );
|
||||
my $key = from_json( $res->[2]->[0] );
|
||||
for (@path) {
|
||||
$key = $key->{$_};
|
||||
}
|
||||
|
|
|
@ -58,7 +58,7 @@ while (<F>) {
|
|||
close F;
|
||||
|
||||
ok( $hstruct = from_json($hstruct), 'struct.json is JSON' );
|
||||
ok( ref $hstruct eq 'ARRAY', 'struct.json is an array' )
|
||||
ok( ref $hstruct eq 'ARRAY', 'struct.json is an array' )
|
||||
or print STDERR "Expected: ARRAY, got: " . ( ref $hstruct ) . "\n";
|
||||
count(2);
|
||||
|
||||
|
|
|
@ -25,7 +25,7 @@ ok(
|
|||
),
|
||||
"Request succeed"
|
||||
);
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $key = from_json( $res->[2]->[0] ), 'Response is JSON' );
|
||||
count(3);
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ mkdir 't/sessions';
|
|||
my ( $res, $resBody );
|
||||
ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ),
|
||||
"Request succeed" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
|
||||
|
||||
ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" )
|
||||
|
@ -248,7 +248,7 @@ sub changes {
|
|||
},
|
||||
{
|
||||
'confCompacted' => '1',
|
||||
'removedKeys' => 'some; keys'
|
||||
'removedKeys' => 'some; keys'
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -25,7 +25,8 @@ ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
|
|||
ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" )
|
||||
or print STDERR Dumper($resBody);
|
||||
ok(
|
||||
$resBody->{details}->{__warnings__} and @{ $resBody->{details}->{__warnings__} } == 2,
|
||||
$resBody->{details}->{__warnings__}
|
||||
and @{ $resBody->{details}->{__warnings__} } == 2,
|
||||
'JSON response contains 2 warnings'
|
||||
) or print STDERR Dumper($resBody);
|
||||
|
||||
|
@ -38,18 +39,18 @@ foreach my $i ( 0 .. 1 ) {
|
|||
}
|
||||
|
||||
ok(
|
||||
$resBody->{details}->{__changes__} and @{ $resBody->{details}->{__changes__} } == 24,
|
||||
$resBody->{details}->{__changes__}
|
||||
and @{ $resBody->{details}->{__changes__} } == 24,
|
||||
'JSON response contains 24 changes'
|
||||
) or print STDERR Dumper($resBody);
|
||||
ok(
|
||||
$resBody->{details}->{__changes__}->[23]->{confCompacted} == 1,
|
||||
'Conf. has been compacted'
|
||||
) or print STDERR Dumper($resBody);
|
||||
ok( $resBody->{details}->{__changes__}->[23]->{confCompacted} == 1,
|
||||
'Conf. has been compacted' )
|
||||
or print STDERR Dumper($resBody);
|
||||
|
||||
my @removedKeys = split /; /, $resBody->{details}->{__changes__}->[23]->{removedKeys};
|
||||
ok(
|
||||
@removedKeys == 60, 'All removed keys found'
|
||||
) or print STDERR Dumper(\@removedKeys);
|
||||
my @removedKeys = split /; /,
|
||||
$resBody->{details}->{__changes__}->[23]->{removedKeys};
|
||||
ok( @removedKeys == 60, 'All removed keys found' )
|
||||
or print STDERR Dumper( \@removedKeys );
|
||||
|
||||
#print STDERR Dumper($resBody);
|
||||
ok( -f $confFiles->[1], 'File is created' );
|
||||
|
@ -105,8 +106,7 @@ ok( @c2 == 15, '15 keys changed or created in conf 2' )
|
|||
|
||||
count(5);
|
||||
|
||||
ok( $res = &client->jsonResponse('/confs/latest'),
|
||||
'Get last config metadata' );
|
||||
ok( $res = &client->jsonResponse('/confs/latest'), 'Get last config metadata' );
|
||||
ok( $res->{prev} == 1, ' Get previous configuration' );
|
||||
count(2);
|
||||
|
||||
|
@ -119,8 +119,7 @@ done_testing( count() );
|
|||
`rm -rf t/sessions`;
|
||||
|
||||
sub changes {
|
||||
return [
|
||||
{
|
||||
return [ {
|
||||
'key' => 'portal',
|
||||
'new' => 'http://auth2.example.com/',
|
||||
'old' => 'http://auth.example.com/'
|
||||
|
|
|
@ -16,7 +16,7 @@ unlink 't/conf/lmConf-2.json';
|
|||
my ( $res, $resBody );
|
||||
ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ),
|
||||
"Request succeed" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
|
||||
ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" )
|
||||
or print STDERR Dumper($res);
|
||||
|
|
|
@ -17,7 +17,7 @@ mkdir 't/sessions';
|
|||
my ( $res, $resBody );
|
||||
ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ),
|
||||
"Request succeed" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
|
||||
ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" )
|
||||
or print STDERR Dumper($res);
|
||||
|
|
|
@ -57,7 +57,6 @@ SKIP: {
|
|||
@cmd = qw(-yes 1 set locationRules/test1.example.com/default deny);
|
||||
Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
|
||||
|
||||
# Test 'save' command
|
||||
@cmd = ('save');
|
||||
$res = Capture::Tiny::capture_stdout( sub { $client->run(@cmd) } );
|
||||
|
@ -95,16 +94,10 @@ SKIP: {
|
|||
qr#\bAuthor IP\b#s,
|
||||
'"Author IP" OK'
|
||||
);
|
||||
Test::Output::combined_like(
|
||||
$res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bLog\b#s,
|
||||
'"Log" OK'
|
||||
);
|
||||
Test::Output::combined_like(
|
||||
$res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bVersion\b#s,
|
||||
'"Version" OK'
|
||||
);
|
||||
Test::Output::combined_like( $res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bLog\b#s, '"Log" OK' );
|
||||
Test::Output::combined_like( $res = sub { $commonClient->run(@cmd) },
|
||||
qr#\bVersion\b#s, '"Version" OK' );
|
||||
}
|
||||
|
||||
count($tests);
|
||||
|
|
|
@ -17,7 +17,7 @@ mkdir 't/sessions';
|
|||
my ( $res, $resBody );
|
||||
ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ),
|
||||
"Request succeed" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $res->[0] == 200, "Result code is 200" );
|
||||
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
|
||||
ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" )
|
||||
or print STDERR Dumper($res);
|
||||
|
|
|
@ -148,7 +148,7 @@ count(5);
|
|||
foreach (@ids) {
|
||||
my $res;
|
||||
ok( $res = &client->_del("/sessions/global/$_"), "Delete $_" );
|
||||
ok( $res->[0] == 200, 'Result code is 200' );
|
||||
ok( $res->[0] == 200, 'Result code is 200' );
|
||||
ok( from_json( $res->[2]->[0] )->{result} == 1,
|
||||
'Body is JSON and result==1' );
|
||||
count(3);
|
||||
|
|
|
@ -44,7 +44,8 @@ SKIP: {
|
|||
$client->jsonPostResponse( 'notifications/actives', '',
|
||||
IO::String->new($notif),
|
||||
'application/json', length($notif) );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/, 'Notification not inserted' );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/,
|
||||
'Notification not inserted' );
|
||||
|
||||
$notif =
|
||||
'{"date":"2099-13-30","uid":"dwho","reference":"Test","xml":"{\"title\":\"Test\"}"}';
|
||||
|
@ -52,7 +53,8 @@ SKIP: {
|
|||
$client->jsonPostResponse( 'notifications/actives', '',
|
||||
IO::String->new($notif),
|
||||
'application/json', length($notif) );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/, 'Notification not inserted' );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/,
|
||||
'Notification not inserted' );
|
||||
|
||||
$notif =
|
||||
'{"date":"2099-05_12","uid":"dwho","reference":"Test","xml":"{\"title\":\"Test\"}"}';
|
||||
|
@ -98,7 +100,7 @@ SKIP: {
|
|||
$res =
|
||||
$client->jsonResponse( 'notifications/done', 'groupBy=substr(uid,1)' );
|
||||
ok( $res->{result} == 1, 'Result = 1' );
|
||||
ok( $res->{count} == 0, 'Count = 0' ) or diag Dumper($res);
|
||||
ok( $res->{count} == 0, 'Count = 0' ) or diag Dumper($res);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
}
|
||||
|
|
|
@ -16,7 +16,8 @@ my $res =
|
|||
&client->jsonPostResponse( 'notifications/actives', '',
|
||||
IO::String->new($notif),
|
||||
'application/json', length($notif) );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/, 'Notification not inserted' );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/,
|
||||
'Notification not inserted' );
|
||||
count(1);
|
||||
|
||||
$notif =
|
||||
|
@ -25,7 +26,8 @@ $res =
|
|||
&client->jsonPostResponse( 'notifications/actives', '',
|
||||
IO::String->new($notif),
|
||||
'application/json', length($notif) );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/, 'Notification not inserted' );
|
||||
ok( $res->{error} =~ /^Notification not created: Bad date/,
|
||||
'Notification not inserted' );
|
||||
count(1);
|
||||
|
||||
$notif =
|
||||
|
|
|
@ -277,7 +277,7 @@ $res = &client->jsonResponse( '/sfa/persistent',
|
|||
'uid=*&groupBy=substr(uid,0)&U2FCheck=2&TOTPCheck=2&UBKCheck=2' );
|
||||
ok( $res->{result} == 1,
|
||||
'Search "uid"=* & UBK & TOTP & UBK - Result code = 1' );
|
||||
ok( $res->{count} == 1, 'Found 1 result' ) or print STDERR Dumper($res);
|
||||
ok( $res->{count} == 1, 'Found 1 result' ) or print STDERR Dumper($res);
|
||||
ok( @{ $res->{values} } == 1, 'List 1 result' );
|
||||
ok( $res->{values}->[0]->{value} && $res->{values}->[0]->{value} eq 'd',
|
||||
'Result match "uid=d"' )
|
||||
|
|
|
@ -32,7 +32,8 @@ count(2);
|
|||
|
||||
# Try to display latest conf
|
||||
$res = &client->jsonResponse('/view/latest');
|
||||
ok( $res->{cfgNum} eq '1', 'Latest conf loaded' ) or explain($res,"cfgNum => 1");
|
||||
ok( $res->{cfgNum} eq '1', 'Latest conf loaded' )
|
||||
or explain( $res, "cfgNum => 1" );
|
||||
count(1);
|
||||
|
||||
ok(
|
||||
|
@ -59,8 +60,8 @@ count(2);
|
|||
$res = &client->jsonResponse('/view/diff/1/2');
|
||||
|
||||
ok( $res->[1]->{captcha_login_enabled} eq '1', 'Key found' );
|
||||
ok( $res->[1]->{captcha_mail_enabled} eq '0', 'Key found' );
|
||||
ok( 7 == keys %{ $res->[1] }, 'Right number of keys found' )
|
||||
ok( $res->[1]->{captcha_mail_enabled} eq '0', 'Key found' );
|
||||
ok( 7 == keys %{ $res->[1] }, 'Right number of keys found' )
|
||||
or print STDERR Dumper($res);
|
||||
count(3);
|
||||
|
||||
|
|
|
@ -136,7 +136,7 @@ sub extractFormInfo {
|
|||
my $portalPath = $self->conf->{portal};
|
||||
$portalPath =~ s#^https?://[^/]+/?#/#;
|
||||
|
||||
$req->data->{list} = $self->srvList;
|
||||
$req->data->{list} = $self->srvList;
|
||||
|
||||
$req->data->{login} = 1;
|
||||
return PE_IDPCHOICE;
|
||||
|
|
|
@ -972,7 +972,7 @@ sub extractFormInfo {
|
|||
or $a->{name} cmp $b->{name}
|
||||
or $a->{val} cmp $b->{val}
|
||||
} @list;
|
||||
$req->data->{list} = \@list;
|
||||
$req->data->{list} = \@list;
|
||||
|
||||
#TODO: check this
|
||||
$req->data->{login} = 1;
|
||||
|
@ -1472,7 +1472,8 @@ sub getIDP {
|
|||
if ( $idpName eq $idpConfKey ) {
|
||||
$idp = $_;
|
||||
$self->logger->debug(
|
||||
"IDP $idp selected from idpName URL Parameter ($idpName)");
|
||||
"IDP $idp selected from idpName URL Parameter ($idpName)"
|
||||
);
|
||||
last;
|
||||
}
|
||||
}
|
||||
|
@ -1510,7 +1511,7 @@ sub getIDP {
|
|||
$idp = undef;
|
||||
}
|
||||
|
||||
return $idp;
|
||||
return $idp;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -13,7 +13,8 @@ sub new {
|
|||
|
||||
my $res = $self->{p}->loadModule( $self->{conf}->{customResetCertByMail} );
|
||||
unless ($res) {
|
||||
die 'Unable to load register module ' . $self->{conf}->{customResetCertByMail};
|
||||
die 'Unable to load register module '
|
||||
. $self->{conf}->{customResetCertByMail};
|
||||
}
|
||||
|
||||
return $res;
|
||||
|
|
|
@ -24,9 +24,9 @@ sub modifCertificate {
|
|||
mail => $uid . '@badwolf.org',
|
||||
newCert => $newCertif,
|
||||
userCert => $userCertif,
|
||||
};
|
||||
};
|
||||
|
||||
return PE_OK;
|
||||
return PE_OK;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -76,7 +76,7 @@ sub getCaptcha {
|
|||
$image->random;
|
||||
$image->create( 'normal', 'default', $self->fgColor, $self->bgColor );
|
||||
my ( $imageData, $mimeType, $rdm ) = $image->out( force => 'png' );
|
||||
my $img = 'data:image/png;base64,' . encode_base64( $imageData, '' );
|
||||
my $img = 'data:image/png;base64,' . encode_base64( $imageData, '' );
|
||||
my $token = $self->ott->createToken( { captcha => $rdm } );
|
||||
return ( $token, $img );
|
||||
}
|
||||
|
|
|
@ -38,7 +38,8 @@ sub checkHeader {
|
|||
my $slave_header = 'HTTP_' . uc( $self->{conf}->{slaveHeaderName} );
|
||||
$slave_header =~ s/\-/_/g;
|
||||
my $headerContent = $req->env->{$slave_header};
|
||||
$self->logger->debug("Required Slave header => $self->{conf}->{slaveHeaderName}");
|
||||
$self->logger->debug(
|
||||
"Required Slave header => $self->{conf}->{slaveHeaderName}");
|
||||
$self->logger->debug("Received Slave header content => $headerContent");
|
||||
return 1
|
||||
if ( $headerContent
|
||||
|
|
|
@ -122,7 +122,8 @@ sub display {
|
|||
|
||||
# 1.3 There is a message to display
|
||||
elsif ( my $info = $req->info ) {
|
||||
my $method = $req->data->{infoFormMethod} || $self->conf->{infoFormMethod};
|
||||
my $method =
|
||||
$req->data->{infoFormMethod} || $self->conf->{infoFormMethod};
|
||||
$self->logger->debug('Display: info detected');
|
||||
$self->logger->debug('Hidden values :');
|
||||
$self->logger->debug( " $_: " . $req->{portalHiddenFormValues}->{$_} )
|
||||
|
@ -311,13 +312,14 @@ sub display {
|
|||
ASK_LOGINS => $req->param('checkLogins') || 0,
|
||||
DISPLAY_RESETPASSWORD => $self->conf->{portalDisplayResetPassword},
|
||||
DISPLAY_REGISTER => $self->conf->{portalDisplayRegister},
|
||||
DISPLAY_UPDATECERTIF => $self->conf->{portalDisplayCertificateResetByMail},
|
||||
MAILCERTIF_URL => $self->conf->{certificateResetByMailURL},
|
||||
MAIL_URL => $self->conf->{mailUrl},
|
||||
REGISTER_URL => $self->conf->{registerUrl},
|
||||
HIDDEN_INPUTS => $self->buildHiddenForm($req),
|
||||
STAYCONNECTED => $self->conf->{stayConnected},
|
||||
SPOOFID => $self->conf->{impersonationRule},
|
||||
DISPLAY_UPDATECERTIF =>
|
||||
$self->conf->{portalDisplayCertificateResetByMail},
|
||||
MAILCERTIF_URL => $self->conf->{certificateResetByMailURL},
|
||||
MAIL_URL => $self->conf->{mailUrl},
|
||||
REGISTER_URL => $self->conf->{registerUrl},
|
||||
HIDDEN_INPUTS => $self->buildHiddenForm($req),
|
||||
STAYCONNECTED => $self->conf->{stayConnected},
|
||||
SPOOFID => $self->conf->{impersonationRule},
|
||||
(
|
||||
$req->data->{customScript}
|
||||
? ( CUSTOM_SCRIPT => $req->data->{customScript} )
|
||||
|
|
|
@ -140,24 +140,24 @@ sub init {
|
|||
|
||||
# psgi.js
|
||||
->addUnauthRoute( 'psgi.js' => 'sendJs', ['GET'] )
|
||||
->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )
|
||||
->addAuthRoute( 'psgi.js' => 'sendJs', ['GET'] )
|
||||
|
||||
# portal.css
|
||||
->addUnauthRoute( 'portal.css' => 'sendCss', ['GET'] )
|
||||
->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )
|
||||
->addAuthRoute( 'portal.css' => 'sendCss', ['GET'] )
|
||||
|
||||
# lmerror
|
||||
->addUnauthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
|
||||
->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
|
||||
->addAuthRoute( lmerror => { ':code' => 'lmError' }, ['GET'] )
|
||||
|
||||
# Core REST API
|
||||
->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
|
||||
->addUnauthRoute( ping => 'pleaseAuth', ['GET'] )
|
||||
->addAuthRoute( ping => 'authenticated', ['GET'] )
|
||||
|
||||
# Refresh session
|
||||
->addAuthRoute( refresh => 'refresh', ['GET'] )
|
||||
|
||||
->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
|
||||
->addAuthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
|
||||
->addUnauthRoute( '*' => 'corsPreflight', ['OPTIONS'] )
|
||||
|
||||
# Logout
|
||||
|
|
|
@ -78,7 +78,7 @@ sub enabledPlugins {
|
|||
push @res, '::Plugins::Register'
|
||||
if ( $conf->{registerDB} and $conf->{registerDB} ne 'Null' );
|
||||
push @res, '::Plugins::CertificateResetByMail'
|
||||
if ( $conf->{portalDisplayCertificateResetByMail});
|
||||
if ( $conf->{portalDisplayCertificateResetByMail} );
|
||||
|
||||
# Check if custom plugins are required
|
||||
# TODO: change this name
|
||||
|
|
|
@ -102,14 +102,22 @@ sub error_type {
|
|||
if (
|
||||
scalar(
|
||||
grep { /^$code$/ } (
|
||||
PE_INFO, PE_SESSIONEXPIRED,
|
||||
PE_FORMEMPTY, PE_FIRSTACCESS,
|
||||
PE_PP_GRACE, PE_PP_EXP_WARNING,
|
||||
PE_NOTIFICATION, PE_BADURL,
|
||||
PE_CONFIRM, PE_MAILFORMEMPTY,
|
||||
PE_MAILCONFIRMATION_ALREADY_SENT, PE_PASSWORDFORMEMPTY,
|
||||
PE_CAPTCHAEMPTY, PE_REGISTERFORMEMPTY,
|
||||
PE_PP_CHANGE_AFTER_RESET, PE_RESETCERTIFICATE_FORMEMPTY,
|
||||
PE_INFO,
|
||||
PE_SESSIONEXPIRED,
|
||||
PE_FORMEMPTY,
|
||||
PE_FIRSTACCESS,
|
||||
PE_PP_GRACE,
|
||||
PE_PP_EXP_WARNING,
|
||||
PE_NOTIFICATION,
|
||||
PE_BADURL,
|
||||
PE_CONFIRM,
|
||||
PE_MAILFORMEMPTY,
|
||||
PE_MAILCONFIRMATION_ALREADY_SENT,
|
||||
PE_PASSWORDFORMEMPTY,
|
||||
PE_CAPTCHAEMPTY,
|
||||
PE_REGISTERFORMEMPTY,
|
||||
PE_PP_CHANGE_AFTER_RESET,
|
||||
PE_RESETCERTIFICATE_FORMEMPTY,
|
||||
)
|
||||
)
|
||||
);
|
||||
|
|
|
@ -33,8 +33,7 @@ sub groupsAndMacros {
|
|||
sub authProcess { qw(extractFormInfo getUser authenticate) }
|
||||
|
||||
sub sessionData {
|
||||
return
|
||||
qw(setAuthSessionInfo setSessionInfo), $_[0]->groupsAndMacros,
|
||||
return qw(setAuthSessionInfo setSessionInfo), $_[0]->groupsAndMacros,
|
||||
qw(setPersistentSessionInfo setLocalGroups store secondFactor);
|
||||
}
|
||||
|
||||
|
@ -1041,7 +1040,7 @@ sub registerLogin {
|
|||
}
|
||||
|
||||
my $history = $req->sessionInfo->{_loginHistory} ||= {};
|
||||
my $type = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login';
|
||||
my $type = ( $req->authResult > 0 ? 'failed' : 'success' ) . 'Login';
|
||||
$history->{$type} ||= [];
|
||||
$self->logger->debug("Current login saved into $type");
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ sub init {
|
|||
return 0;
|
||||
}
|
||||
$self->addUnauthRoute( checkstate => 'check', ['GET'] );
|
||||
$self->addAuthRoute( checkstate => 'check', ['GET'] );
|
||||
$self->addAuthRoute( checkstate => 'check', ['GET'] );
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -46,7 +46,7 @@ sub persistentAttrs {
|
|||
sub init {
|
||||
my ($self) = @_;
|
||||
my $hd = $self->p->HANDLER;
|
||||
$self->addAuthRoute( checkuser => 'check', ['POST'] );
|
||||
$self->addAuthRoute( checkuser => 'check', ['POST'] );
|
||||
$self->addAuthRouteWithRedirect( checkuser => 'display', ['GET'] );
|
||||
|
||||
# Parse identity rule
|
||||
|
@ -69,7 +69,7 @@ sub init {
|
|||
|
||||
# RUNNING METHOD
|
||||
sub display {
|
||||
my ( $self, $req ) = @_;
|
||||
my ( $self, $req ) = @_;
|
||||
my ( $attrs, $array_attrs ) = ( {}, [] );
|
||||
|
||||
$self->logger->debug("Display current session data...");
|
||||
|
@ -129,7 +129,7 @@ sub display {
|
|||
sub check {
|
||||
my ( $self, $req ) = @_;
|
||||
my ( $attrs, $array_attrs, $array_hdrs ) = ( {}, [], [] );
|
||||
my $msg = my $auth = my $compute = '';
|
||||
my $msg = my $auth = my $compute = '';
|
||||
my $authLevel = $req->userData->{authenticationLevel};
|
||||
my $authMode = $req->userData->{_auth};
|
||||
|
||||
|
@ -448,7 +448,7 @@ sub _splitAttributes {
|
|||
if ( $element->{key} eq 'groups' ) {
|
||||
$self->logger->debug('Key "groups" found');
|
||||
my $separator = $self->{conf}->{multiValuesSeparator};
|
||||
my @tmp = split /\Q$separator/, $element->{value};
|
||||
my @tmp = split /\Q$separator/, $element->{value};
|
||||
$grps = [ map { { value => $_ } } sort @tmp ];
|
||||
next;
|
||||
}
|
||||
|
@ -491,8 +491,8 @@ sub _splitAttributes {
|
|||
|
||||
sub _removePersistentAttributes {
|
||||
my ( $self, $attrs ) = @_;
|
||||
my $regex = join '|', split /\s+/, $self->persistentAttrs;
|
||||
my @keys = grep /$regex/, keys %$attrs;
|
||||
my $regex = join '|', split /\s+/, $self->persistentAttrs;
|
||||
my @keys = grep /$regex/, keys %$attrs;
|
||||
$self->logger->debug("Remove persistent session attributes");
|
||||
delete @$attrs{@keys};
|
||||
|
||||
|
|
|
@ -40,7 +40,7 @@ has idRule => ( is => 'rw', default => sub { 1 } );
|
|||
sub init {
|
||||
my ($self) = @_;
|
||||
my $hd = $self->p->HANDLER;
|
||||
$self->addAuthRoute( switchcontext => 'run', ['POST'] )
|
||||
$self->addAuthRoute( switchcontext => 'run', ['POST'] )
|
||||
->addAuthRoute( switchcontext => 'display', ['GET'] );
|
||||
|
||||
# Parse activation rule
|
||||
|
|
|
@ -9,7 +9,7 @@ our $VERSION = '2.0.0';
|
|||
|
||||
sub init {
|
||||
my ($self) = @_;
|
||||
$self->addAuthRoute( public => { ':tpl' => 'run' }, ['GET'] );
|
||||
$self->addAuthRoute( public => { ':tpl' => 'run' }, ['GET'] );
|
||||
$self->addUnauthRoute( public => { ':tpl' => 'run' }, ['GET'] );
|
||||
return 1;
|
||||
}
|
||||
|
|
|
@ -578,7 +578,7 @@ sub removeSessions {
|
|||
}
|
||||
|
||||
sub sendCaptcha {
|
||||
my ( $self, $req ) = @_;
|
||||
my ( $self, $req ) = @_;
|
||||
$self->logger->info("User request for captcha renew");
|
||||
my ( $token, $image ) = $self->captcha->getCaptcha($req);
|
||||
|
||||
|
|
|
@ -132,7 +132,7 @@ sub init {
|
|||
}
|
||||
if ( $self->conf->{wsdlServer} ) {
|
||||
$self->addUnauthRoute( 'portal.wsdl' => 'getWsdl', ['GET'] );
|
||||
$self->addAuthRoute( 'portal.wsdl' => 'getWsdl', ['GET'] );
|
||||
$self->addAuthRoute( 'portal.wsdl' => 'getWsdl', ['GET'] );
|
||||
}
|
||||
1;
|
||||
}
|
||||
|
|
|
@ -20,7 +20,7 @@ extends 'Lemonldap::NG::Portal::Main::Plugin';
|
|||
sub init {
|
||||
my ($self) = @_;
|
||||
$self->addUnauthRoute( portalStatus => 'status', ['GET'] );
|
||||
$self->addAuthRoute( portalStatus => 'status', ['GET'] );
|
||||
$self->addAuthRoute( portalStatus => 'status', ['GET'] );
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
|
|
@ -16,8 +16,8 @@ extends 'Lemonldap::NG::Portal::Main::Plugin';
|
|||
|
||||
# INTERFACE
|
||||
|
||||
use constant endAuth => 'newDevice';
|
||||
use constant beforeAuth => 'check';
|
||||
use constant endAuth => 'newDevice';
|
||||
use constant beforeAuth => 'check';
|
||||
use constant beforeLogout => 'logout';
|
||||
|
||||
# INITIALIZATION
|
||||
|
@ -119,7 +119,8 @@ sub storeBrowser {
|
|||
}
|
||||
}
|
||||
else {
|
||||
$self->userLogger->error("StayConnected called with an expired token");
|
||||
$self->userLogger->error(
|
||||
"StayConnected called with an expired token");
|
||||
}
|
||||
}
|
||||
else {
|
||||
|
|
|
@ -7,8 +7,7 @@ require 't/test-lib.pm';
|
|||
|
||||
my $res;
|
||||
|
||||
my $client = LLNG::Manager::Test->new(
|
||||
{
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
useSafeJail => 1,
|
||||
|
|
|
@ -108,19 +108,19 @@ SKIP: {
|
|||
);
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
useSafeJail => 1,
|
||||
authentication => 'DBI',
|
||||
userDB => 'Same',
|
||||
dbiAuthChain => "dbi:SQLite:dbname=$userdb",
|
||||
dbiAuthUser => '',
|
||||
dbiAuthPassword => '',
|
||||
dbiAuthTable => 'users',
|
||||
dbiAuthLoginCol => 'user',
|
||||
dbiAuthPasswordCol => 'password',
|
||||
dbiAuthPasswordHash => '',
|
||||
dbiDynamicHashEnabled => 1,
|
||||
dbiDynamicHashValidSchemes => 'sha sha256 sha512',
|
||||
logLevel => 'error',
|
||||
useSafeJail => 1,
|
||||
authentication => 'DBI',
|
||||
userDB => 'Same',
|
||||
dbiAuthChain => "dbi:SQLite:dbname=$userdb",
|
||||
dbiAuthUser => '',
|
||||
dbiAuthPassword => '',
|
||||
dbiAuthTable => 'users',
|
||||
dbiAuthLoginCol => 'user',
|
||||
dbiAuthPasswordCol => 'password',
|
||||
dbiAuthPasswordHash => '',
|
||||
dbiDynamicHashEnabled => 1,
|
||||
dbiDynamicHashValidSchemes => 'sha sha256 sha512',
|
||||
dbiDynamicHashValidSaltedSchemes => 'ssha ssha256 ssha512',
|
||||
dbiDynamicHashNewPasswordScheme => 'ssha256',
|
||||
passwordDB => 'DBI',
|
||||
|
|
|
@ -15,7 +15,7 @@ my $client = LLNG::Manager::Test->new( {
|
|||
userDB => 'Same',
|
||||
passwordDB => 'Choice',
|
||||
authChoiceModules => {
|
||||
'1_Demo' => 'Demo;Demo;Null',
|
||||
'1_Demo' => 'Demo;Demo;Null',
|
||||
'2_Slave' => 'Slave;Demo;Null',
|
||||
},
|
||||
slaveUserHeader => 'My-Test',
|
||||
|
@ -30,11 +30,11 @@ my $client = LLNG::Manager::Test->new( {
|
|||
ok(
|
||||
$res = $client->_get(
|
||||
'/',
|
||||
query => 'lmAuth=1_Slave',
|
||||
query => 'lmAuth=1_Slave',
|
||||
ip => '127.0.0.1',
|
||||
custom => {
|
||||
HTTP_MY_TEST => 'dwho',
|
||||
HTTP_NAME => 'Dr Who',
|
||||
HTTP_MY_TEST => 'dwho',
|
||||
HTTP_NAME => 'Dr Who',
|
||||
}
|
||||
|
||||
),
|
||||
|
@ -51,7 +51,7 @@ count(4);
|
|||
ok(
|
||||
$res = $client->_get(
|
||||
'/',
|
||||
query => 'lmAuth=2_Slave',
|
||||
query => 'lmAuth=2_Slave',
|
||||
ip => '127.0.0.2',
|
||||
custom => {
|
||||
HTTP_MY_TEST => 'dwho',
|
||||
|
|
|
@ -116,8 +116,7 @@ m%<form id="lformKerberos" action="#" method="post" class="login Kerberos">%,
|
|||
my $header = getHeader( $res, 'Content-Security-Policy' );
|
||||
ok( $header =~ m%;form-action \* https://test.example.com;%,
|
||||
' CSP URL found' )
|
||||
or
|
||||
explain( $res->[1], 'form-action * https://test.example.com;' );
|
||||
or explain( $res->[1], 'form-action * https://test.example.com;' );
|
||||
ok( $res->[2]->[0] !~ /4_demo/, '4_Demo not displayed' );
|
||||
ok(
|
||||
$res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
|
||||
|
|
|
@ -23,8 +23,8 @@ SKIP: {
|
|||
|
||||
# Initialization
|
||||
my ( $issuer, $sp );
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -175,7 +175,7 @@ m%<img src="http://auth.sp.com/static/common/icons/sfa_manager.png" class="mr-2"
|
|||
'SAMLResponse' );
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
|
@ -339,9 +339,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
}
|
||||
}
|
||||
|
@ -378,10 +378,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
|
|
@ -50,8 +50,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple authentication on IdP
|
||||
switch ('issuer');
|
||||
|
@ -113,7 +113,7 @@ SKIP: {
|
|||
expectOK($res);
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
|
@ -189,10 +189,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML => <<EOF
|
||||
<?xml version="1.0"?>
|
||||
|
@ -585,9 +585,9 @@ EOF
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -49,9 +49,9 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
|
||||
$sp = register('sp', \&sp);
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -150,7 +150,7 @@ SKIP: {
|
|||
#ok($res=$issuer->_get($url,query=>$query,accept=>'text/html',cookie=>"lemonldap=$idpId"),'Follow redirection');
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
# Test if logout is done
|
||||
switch ('issuer');
|
||||
|
@ -209,10 +209,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML => <<EOF
|
||||
<?xml version="1.0"?>
|
||||
|
@ -604,9 +604,9 @@ EOF
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -19,12 +19,12 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
|
||||
ok( $res = $issuer->_get('/saml/metadata'), 'Get metadata' );
|
||||
ok( $res = $issuer->_get('/saml/metadata'), 'Get metadata' );
|
||||
ok( $res->[2]->[0] =~ m#^<\?xml version="1.0"\?>#s, 'Metadata is XML' );
|
||||
|
||||
ok( $res = $issuer->_get('/saml/metadata/idp'), 'Get IDP metadata' );
|
||||
ok( $res = $issuer->_get('/saml/metadata/idp'), 'Get IDP metadata' );
|
||||
ok( $res->[2]->[0] =~ m#^<\?xml version="1.0"\?>#s, 'Metadata is XML' );
|
||||
ok(
|
||||
$res->[2]->[0] !~ m#<SPSSODescriptor#s,
|
||||
|
@ -33,7 +33,7 @@ SKIP: {
|
|||
ok( $res->[2]->[0] =~ m#entityID="urn:example\.com"#s,
|
||||
'IDP EntityID is overriden' );
|
||||
|
||||
ok( $res = $issuer->_get('/saml/metadata/sp'), 'Get SP metadata' );
|
||||
ok( $res = $issuer->_get('/saml/metadata/sp'), 'Get SP metadata' );
|
||||
ok( $res->[2]->[0] =~ m#^<\?xml version="1.0"\?>#s, 'Metadata is XML' );
|
||||
ok(
|
||||
$res->[2]->[0] !~ m#<IDPSSODescriptor#s,
|
||||
|
@ -78,10 +78,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML => <<EOF
|
||||
<?xml version="1.0"?>
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple authentication on IdP
|
||||
switch ('issuer');
|
||||
|
@ -102,7 +102,7 @@ SKIP: {
|
|||
expectOK($res);
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
|
@ -218,10 +218,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -278,9 +278,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -181,7 +181,7 @@ SKIP: {
|
|||
ok( $res->[2]->[0] =~ /trmsg="47"/, 'Found logout message' );
|
||||
|
||||
my $logoutCookie = expectCookie($res);
|
||||
is($logoutCookie, 0, "IDP cookie removed");
|
||||
is( $logoutCookie, 0, "IDP cookie removed" );
|
||||
|
||||
# Test if logout is done
|
||||
ok(
|
||||
|
@ -240,10 +240,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML => <<EOF
|
||||
<?xml version="1.0"?>
|
||||
|
@ -368,9 +368,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -183,7 +183,7 @@ SKIP: {
|
|||
'SAMLResponse' );
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "IDP Cookie removed");
|
||||
is( $removedCookie, 0, "IDP Cookie removed" );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
|
@ -255,10 +255,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -314,9 +314,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple authentication on IdP
|
||||
switch ('issuer');
|
||||
|
@ -125,7 +125,7 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#,
|
|||
'Content-Security-Policy => ...child-src auth.idp.com' );
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
switch ('sp');
|
||||
ok( $res = $sp->_get( $url, query => $query, accept => 'text/html' ),
|
||||
|
@ -201,10 +201,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-Redirect' )
|
||||
|
@ -261,9 +261,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,9 +32,9 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$sp2 = register('sp2', \&sp2);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
$sp2 = register( 'sp2', \&sp2 );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -195,7 +195,7 @@ SKIP: {
|
|||
ok( $res->[2]->[0] =~ /trmsg="47"/, 'Found logout message' );
|
||||
|
||||
my $logoutCookie = expectCookie($res);
|
||||
is($logoutCookie, 0, "IDP cookie removed");
|
||||
is( $logoutCookie, 0, "IDP cookie removed" );
|
||||
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
|
@ -278,10 +278,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML => <<EOF
|
||||
<?xml version="1.0"?>
|
||||
|
@ -479,9 +479,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
@ -533,9 +533,9 @@ sub sp2 {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp2.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,11 +32,11 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
|
||||
$sp = register('sp', \&sp);
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
$sp2 = register('sp2', \&sp2);
|
||||
$sp2 = register( 'sp2', \&sp2 );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -190,7 +190,7 @@ SKIP: {
|
|||
);
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
my $relaypage = $res;
|
||||
|
||||
|
@ -338,10 +338,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-Redirect' )
|
||||
|
@ -402,9 +402,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
@ -456,9 +456,9 @@ sub sp2 {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp2.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,7 +32,7 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
|
||||
# Do a user login to have an existing session
|
||||
|
||||
|
@ -52,7 +52,7 @@ SKIP: {
|
|||
|
||||
switch ('sp');
|
||||
|
||||
$sp = register('sp', \&sp);
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
@ -174,10 +174,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-Redirect' )
|
||||
|
@ -233,9 +233,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -206,7 +206,7 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)#
|
|||
);
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "IDP Cookie removed");
|
||||
is( $removedCookie, 0, "IDP Cookie removed" );
|
||||
|
||||
# Send SAML response to SP
|
||||
switch ('sp');
|
||||
|
@ -278,10 +278,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-Redirect' )
|
||||
|
@ -337,9 +337,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
use_ok('Lemonldap::NG::Portal::CDC');
|
||||
ok(
|
||||
|
@ -239,10 +239,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -303,9 +303,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -136,7 +136,7 @@ SKIP: {
|
|||
'SAMLResponse' );
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
|
@ -208,10 +208,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -267,9 +267,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -33,8 +33,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -159,7 +159,7 @@ SKIP: {
|
|||
'SAMLRequest' );
|
||||
|
||||
# Jump ahead in time
|
||||
Time::Fake->offset("+".($timeout*1.5)."s");
|
||||
Time::Fake->offset( "+" . ( $timeout * 1.5 ) . "s" );
|
||||
|
||||
# Push SAML logout request to IdP
|
||||
switch ('issuer');
|
||||
|
@ -226,10 +226,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -286,9 +286,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -48,8 +48,8 @@ SKIP: {
|
|||
close F;
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
@ -204,7 +204,7 @@ qr%<input name="code" value="" type="text" class="form-control" id="extcode" trp
|
|||
'SAMLResponse' );
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
|
@ -233,8 +233,7 @@ qr%<input name="code" value="" type="text" class="form-control" id="extcode" trp
|
|||
$res = $sp->_get(
|
||||
'/',
|
||||
accept => 'text/html',
|
||||
cookie =>
|
||||
"lemonldap=$spId"
|
||||
cookie => "lemonldap=$spId"
|
||||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
|
@ -283,10 +282,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -342,9 +341,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -47,8 +47,8 @@ SKIP: {
|
|||
close F;
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
@ -176,7 +176,7 @@ SKIP: {
|
|||
'SAMLResponse' );
|
||||
|
||||
my $removedCookie = expectCookie($res);
|
||||
is($removedCookie, 0, "SSO cookie removed");
|
||||
is( $removedCookie, 0, "SSO cookie removed" );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
|
@ -252,10 +252,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -311,9 +311,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -44,8 +44,8 @@ SKIP: {
|
|||
);
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple authentication on IdP
|
||||
switch ('issuer');
|
||||
|
@ -201,10 +201,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -261,9 +261,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple authentication on IdP
|
||||
switch ('issuer');
|
||||
|
@ -179,10 +179,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
|
@ -239,9 +239,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -32,8 +32,8 @@ SKIP: {
|
|||
}
|
||||
|
||||
# Initialization
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
my $res;
|
||||
|
@ -122,10 +122,10 @@ sub issuer {
|
|||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => saml_key_idp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
samlServicePrivateKeySig => saml_key_idp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_idp_public_enc,
|
||||
samlServicePublicKeySig => saml_key_idp_public_sig,
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-Redirect' )
|
||||
|
@ -181,9 +181,9 @@ sub sp {
|
|||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => saml_key_sp_public_sig,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlServicePrivateKeyEnc => saml_key_sp_private_enc,
|
||||
samlServicePrivateKeySig => saml_key_sp_private_sig,
|
||||
samlServicePublicKeyEnc => saml_key_sp_public_enc,
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register ( 'issuer', \&issuer );
|
||||
$sp = register ('sp', \&sp );
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -57,8 +57,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -55,8 +55,8 @@ LWP::Protocol::PSGI->register(
|
|||
}
|
||||
);
|
||||
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$sp = register('sp', \&sp);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
|
|
|
@ -75,9 +75,10 @@ SKIP: {
|
|||
);
|
||||
|
||||
# Build CAS server
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
|
||||
# Build CAS App
|
||||
$sp = register('sp', \&sp);
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
# Connect to CAS app
|
||||
|
|
|
@ -75,10 +75,10 @@ SKIP: {
|
|||
);
|
||||
|
||||
# Build CAS server
|
||||
$issuer = register('issuer', \&issuer);
|
||||
$issuer = register( 'issuer', \&issuer );
|
||||
|
||||
# Build CAS app
|
||||
$sp = register('sp', \&sp);
|
||||
$sp = register( 'sp', \&sp );
|
||||
|
||||
# Simple SP access
|
||||
# Connect to CAS app
|
||||
|
|
|
@ -241,7 +241,7 @@ sub op {
|
|||
'loa-3' => 3
|
||||
},
|
||||
oidcServicePrivateKeySig => oidc_key_op_private_sig,
|
||||
oidcServicePublicKeySig => oidc_key_op_public_sig,
|
||||
oidcServicePublicKeySig => oidc_key_op_public_sig,
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
|
@ -352,7 +352,7 @@ sub op {
|
|||
'loa-3' => 3
|
||||
},
|
||||
oidcServicePrivateKeySig => oidc_key_op_private_sig,
|
||||
oidcServicePublicKeySig => oidc_key_op_public_sig,
|
||||
oidcServicePublicKeySig => oidc_key_op_public_sig,
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue