Bug in confirm (#595)
This commit is contained in:
parent
cdbe7d89e9
commit
45e5f28808
|
@ -11,7 +11,6 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
PE_SAML_CONDITIONS_ERROR
|
||||
PE_SAML_DESTINATION_ERROR
|
||||
PE_SAML_ERROR
|
||||
PM_SAML_IDPCHOOSEN
|
||||
PE_SAML_IDPSSOINITIATED_NOTALLOWED
|
||||
PE_SAML_SESSION_ERROR
|
||||
PE_SAML_SIGNATURE_ERROR
|
||||
|
@ -820,11 +819,11 @@ sub extractFormInfo {
|
|||
my ( $idp, $idp_cookie ) = $self->getIDP($req);
|
||||
|
||||
# Get confirmation flag
|
||||
my $confirm_flag = $req->param("confirm") // '';
|
||||
my $confirm_flag = $req->param("confirm") // 0;
|
||||
|
||||
# If confirmation is -1 from resolved IDP screen,
|
||||
# or IDP was not resolve, let the user choose its IDP
|
||||
if ( $confirm_flag eq '-1' or !$idp ) {
|
||||
if ( $confirm_flag == -1 or !$idp ) {
|
||||
$self->lmLog( "Redirecting user to IDP list", 'debug' );
|
||||
|
||||
# Control url parameter
|
||||
|
@ -860,7 +859,7 @@ sub extractFormInfo {
|
|||
}
|
||||
|
||||
# If IDP is found but not confirmed, let the user confirm it
|
||||
elsif ( $confirm_flag eq '1' ) {
|
||||
elsif ( $confirm_flag != 1 ) {
|
||||
$self->lmLog( "IDP $idp selected, need user confirmation", 'debug' );
|
||||
|
||||
# Control url parameter
|
||||
|
@ -868,19 +867,20 @@ sub extractFormInfo {
|
|||
return $urlcheck unless ( $urlcheck == PE_OK );
|
||||
|
||||
# Choosen IDP
|
||||
my $html = '<h3>'
|
||||
. $self->msg(PM_SAML_IDPCHOOSEN)
|
||||
. "</h3>\n" . "<h4>"
|
||||
my $html =
|
||||
'<h3 trspan="redirectionToIdp">Redirection to your Identity Provider</h3><h4>'
|
||||
. $self->idpList->{$idp}->{name}
|
||||
. "</h4>\n"
|
||||
. "<p><i>"
|
||||
. $idp
|
||||
. "</i></p>\n"
|
||||
. "<input type=\"hidden\" name=\"url\" value=\""
|
||||
. $req->param("url") . "\" />"
|
||||
. ( $req->param("url")
|
||||
? "<input type=\"hidden\" name=\"url\" value=\""
|
||||
. $req->param("url") . "\" />"
|
||||
: '' )
|
||||
. "<input type=\"hidden\" name=\"idp\" value=\"$idp\" />\n";
|
||||
|
||||
$self->info( $req, $html );
|
||||
$self->p->info( $req, $html );
|
||||
|
||||
$req->datas->{login} = 1;
|
||||
return PE_CONFIRM;
|
||||
|
@ -1385,7 +1385,7 @@ sub authLogout {
|
|||
return PE_OK;
|
||||
}
|
||||
else {
|
||||
$self->lmLog("Lasso method $method not implemented here",'error');
|
||||
$self->lmLog( "Lasso method $method not implemented here", 'error' );
|
||||
return PE_SAML_SLO_ERROR;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -86,7 +86,6 @@
|
|||
"PM6":"authentications remaining, change your password!",
|
||||
"PM7":"%d days, %d hours, %d minutes and %d seconds before password expiration, change it!",
|
||||
"PM8":"Select your Identity Provider",
|
||||
"PM9":"Redirection to your Identity Provider",
|
||||
"PM10":"Remember my choice",
|
||||
"PM11":"Logout from service providers...",
|
||||
"PM12":"Redirection in progress...",
|
||||
|
@ -171,6 +170,7 @@
|
|||
"redirectedFrom":"You were redirect from ",
|
||||
"redirectedIn":"You'll be redirected in 10 seconds",
|
||||
"redirectionInProgres":"Redirection in progress...",
|
||||
"redirectionToIdp":"Redirection to your Identity Provider",
|
||||
"refuse":"Refuse",
|
||||
"registerRequestAlreadyIssued":"A register request for this account was already issued on ",
|
||||
"rememberChoice":"Remember my choice",
|
||||
|
@ -196,7 +196,7 @@
|
|||
"yourEmail":"Your email",
|
||||
"yourIdentity":"Your identity",
|
||||
"yourIdentityIs":"Your identity is",
|
||||
"yourLoginIs":"Your login is"
|
||||
"yourLoginIs":"Your login is",
|
||||
"yourPhone":"Your phone number",
|
||||
"yourProfile":"Your profile",
|
||||
"yourProfile":"Your profile"
|
||||
}
|
||||
|
|
|
@ -86,7 +86,6 @@
|
|||
"PM6":"authentifications restantes, changez votre mot de passe !",
|
||||
"PM7":"%d jours, %d heures, %d minutes et %d secondes avant expiration de votre mot de passe, pensez à le changer !",
|
||||
"PM8":"Choisissez votre fournisseur d'identité",
|
||||
"PM9":"Redirection vers votre fournisseur d'identité",
|
||||
"PM10":"Se souvenir de mon choix",
|
||||
"PM11":"Déconnexion des services...",
|
||||
"PM12":"Redirection en cours...",
|
||||
|
@ -171,6 +170,7 @@
|
|||
"redirectedFrom":"Vous avez été redirigé depuis ",
|
||||
"redirectedIn":"Vous allez être redirigé(e) automatiquement dans 10 secondes",
|
||||
"redirectionInProgres":"Redirection en cours...",
|
||||
"redirectionToIdp":"Redirection vers votre fournisseur d'identité",
|
||||
"refuse":"Refuser",
|
||||
"registerRequestAlreadyIssued":"Une demande de création pour ce compte a déjà été faite le ",
|
||||
"rememberChoice":"Se souvenir de mon choix",
|
||||
|
@ -196,7 +196,7 @@
|
|||
"yourEmail":"Votre adresse électronique",
|
||||
"yourIdentity":"Votre identité",
|
||||
"yourIdentityIs":"Votre identité est ",
|
||||
"yourLoginIs":"Votre identifiant est"
|
||||
"yourLoginIs":"Votre identifiant est",
|
||||
"yourPhone":"Votre numéro de téléphone",
|
||||
"yourProfile":"Vos informations personnelles",
|
||||
"yourProfile":"Vos informations personnelles"
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 12;
|
||||
my $maintests = 13;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -116,8 +116,16 @@ m#img src="http://auth.idp.com(/saml/relaySingleLogoutSOAP)\?(relay=.*?)"#s,
|
|||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
expectRedirection( $res,
|
||||
qr#^http://auth.idp.com(/saml/singleSignOnArtifact)\?(SAMLart=.+)# );
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
|
||||
'Found confirm key'
|
||||
)
|
||||
or explain(
|
||||
$res->[2],
|
||||
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
|
||||
);
|
||||
}
|
||||
|
||||
count($maintests);
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 14;
|
||||
my $maintests = 15;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -163,8 +163,16 @@ SKIP: {
|
|||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
expectRedirection( $res,
|
||||
qr#^http://auth.idp.com/saml/singleSignOnArtifact\?(SAMLart=.*)# );
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
|
||||
'Found confirm key'
|
||||
)
|
||||
or explain(
|
||||
$res->[2],
|
||||
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
|
||||
);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 9;
|
||||
my $maintests = 14;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -152,9 +152,16 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s,
|
|||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
( $host, $url, $s ) =
|
||||
expectAutoPost( $res, 'auth.idp.com', '/saml/singleSignOn',
|
||||
'SAMLRequest' );
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
|
||||
'Found confirm key'
|
||||
)
|
||||
or explain(
|
||||
$res->[2],
|
||||
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
|
||||
);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 11;
|
||||
my $maintests = 17;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -181,9 +181,16 @@ SKIP: {
|
|||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
( $host, $url, $s ) =
|
||||
expectAutoPost( $res, 'auth.idp.com', '/saml/singleSignOn',
|
||||
'SAMLRequest' );
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
|
||||
'Found confirm key'
|
||||
)
|
||||
or explain(
|
||||
$res->[2],
|
||||
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
|
||||
);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 14;
|
||||
my $maintests = 15;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -135,8 +135,16 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#,
|
|||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
expectRedirection( $res,
|
||||
qr#^http://auth.idp.com/saml/singleSignOn\?(SAMLRequest=.*)# );
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
|
||||
'Found confirm key'
|
||||
)
|
||||
or explain(
|
||||
$res->[2],
|
||||
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
|
||||
);
|
||||
}
|
||||
|
||||
count($maintests);
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $maintests = 18;
|
||||
my $maintests = 19;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
@ -195,8 +195,16 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)#
|
|||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
( $url, $query ) = expectRedirection( $res,
|
||||
qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# );
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
/<input type="hidden".+?id="confirm".+?value="(.+?)"/s,
|
||||
'Found confirm key'
|
||||
)
|
||||
or explain(
|
||||
$res->[2],
|
||||
'<input type="hidden" id="confirm" name="confirm" value="<base64 value>" />'
|
||||
);
|
||||
|
||||
#print STDERR Dumper($res);
|
||||
}
|
||||
|
|
|
@ -7,7 +7,7 @@ BEGIN {
|
|||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $debug = 'debug';
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
|
|
|
@ -67,8 +67,9 @@ count(1);
|
|||
sub expectAutoPost {
|
||||
my @r = expectForm(@_);
|
||||
my $method = pop @r;
|
||||
ok ( $method =~ /^post$/i );
|
||||
ok ( $method =~ /^post$/i, 'Method is POST' ) or explain (\@r,'POST');
|
||||
count(1);
|
||||
return @r;
|
||||
}
|
||||
|
||||
sub expectForm {
|
||||
|
@ -117,7 +118,7 @@ sub expectForm {
|
|||
ok( defined $fields{$f}, qq{Field "$f" is defined} );
|
||||
count(1);
|
||||
}
|
||||
return ( $host, $uri, $query );
|
||||
return ( $host, $uri, $query, $method );
|
||||
}
|
||||
else {
|
||||
return ();
|
||||
|
@ -267,7 +268,6 @@ sub logout {
|
|||
|
||||
sub _get {
|
||||
my ( $self, $path, %args ) = @_;
|
||||
print STDERR Data::Dumper::Dumper($args{custom});
|
||||
return $self->app->(
|
||||
{
|
||||
'HTTP_ACCEPT' => $args{accept}
|
||||
|
|
Loading…
Reference in New Issue
Block a user