Unit tests for #2762

2022-06-21 17:40:44 +02:00 · 2022-06-21 17:40:44 +02:00 · 4b9f788bf9
parent 181f8c4be1
commit 4b9f788bf9
4 changed files with 464 additions and 42 deletions
--- a/lemonldap-ng-portal/t/72-2F-REST-CodeActivation-Resend.t
+++ b/lemonldap-ng-portal/t/72-2F-REST-CodeActivation-Resend.t
@ -0,0 +1,179 @@
+use lib 'inc';
+use Test::More;
+use strict;
+use IO::String;
+use LWP::UserAgent;
+use LWP::Protocol::PSGI;
+use Plack::Request;
+use JSON qw/from_json/;
+
+require 't/test-lib.pm';
+
+our $receivedCode;
+
+LWP::Protocol::PSGI->register(
+    sub {
+        my $req = Plack::Request->new(@_);
+        if ( $req->path_info eq '/init' ) {
+            my $json = from_json( $req->content );
+            is( $json->{user}, "dwho", ' Init req gives dwho' );
+            is( $json->{uid},  "dwho", ' Found uid attribute' );
+            my $code = $json->{code};
+            ok( $code, "Received code from LLNG" );
+            $receivedCode = $code;
+        }
+        elsif ( $req->path_info eq '/vrfy' ) {
+            die "Not supposed to happen";
+        }
+        else {
+            fail( ' Bad REST call ' . $req->path_info );
+        }
+        return [
+            200,
+            [ 'Content-Type' => 'application/json', 'Content-Length' => 12 ],
+            ['{"result":1}']
+        ];
+    }
+);
+
+sub validateCode {
+    my ( $res, $client, $code ) = @_;
+
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/rest2fcheck?skin=bootstrap', 'token', 'code' );
+    $query =~ s/code=/code=$receivedCode/;
+
+    ok(
+        $res = $client->_post(
+            '/rest2fcheck',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post code'
+    );
+
+    return $res;
+}
+
+sub resendCode {
+    my ( $res, $client ) = @_;
+
+    $receivedCode = "";
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/rest2fcheck?skin=bootstrap', 'token', 'code' );
+
+    like(
+        $res->[2]->[0],
+        qr,formaction=\"/rest2fresend\?skin=bootstrap\",,
+        "Found resend button"
+    );
+
+    ok(
+        $res = $client->_post(
+            '/rest2fresend',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post code'
+    );
+
+    return ($res);
+}
+
+sub expectTooSoon {
+    my ($res) = @_;
+    like( $res->[2]->[0],
+        qr,trspan=\"resendTooSoon\",, "Received invitation to try later" );
+    ok( !$receivedCode, "No code sent" );
+}
+
+sub expectSentCode {
+    my ($res) = @_;
+    ok(
+        $res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
+        'Found custom Main Logo'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+    count(1);
+
+    like(
+        $res->[2]->[0],
+        qr,trspan=\"enterRest2fCode\",,
+        "Prompt indicates success"
+    );
+
+    ok( $receivedCode, "REST service received code" );
+    return $receivedCode;
+}
+
+sub init_login {
+
+    my ($client) = @_;
+    ok(
+        my $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho&checkLogins=1'),
+            length => 37,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    return $res;
+}
+
+my $client = LLNG::Manager::Test->new( {
+        ini => {
+            logLevel             => 'error',
+            rest2fActivation     => 1,
+            rest2fCodeActivation => '\d{6}',
+            rest2fResendInterval => 30,
+            rest2fInitUrl        => 'http://auth.example.com/init',
+            rest2fInitArgs       => { uid => 'uid' },
+            rest2fVerifyUrl      => 'http://auth.example.com/vrfy',
+            loginHistoryEnabled  => 1,
+            authentication       => 'Demo',
+            userDB               => 'Same',
+            portalMainLogo       => 'common/logos/logo_llng_old.png',
+        }
+    }
+);
+
+subtest 'Login on first try' => sub {
+
+    # Login on first try
+    my $res  = init_login($client);
+    my $code = expectSentCode($res);
+    $res = validateCode( $res, $client, $code );
+
+    ok( $res->[2]->[0] =~ /trspan="lastLogins"/, 'History found' )
+      or print STDERR Dumper( $res->[2]->[0] );
+    my @c = ( $res->[2]->[0] =~ /<td>127.0.0.1/gs );
+    ok( @c == 1, 'One entry found' );
+
+    my $id = expectCookie($res);
+    $client->logout($id);
+};
+
+subtest 'Login after several resend' => sub {
+    my $res  = init_login($client);
+    my $code = expectSentCode($res);
+
+    $res = resendCode( $res, $client );
+    expectTooSoon($res);
+
+    Time::Fake->offset("+1m");
+
+    $res = resendCode( $res, $client );
+    my $new_code = expectSentCode($res);
+    is( $new_code, $code, "Code hasn't changed" );
+
+    $res = validateCode( $res, $client, $code );
+    my $id = expectCookie($res);
+    $client->logout($id);
+};
+
+clean_sessions();
+
+done_testing();
+
--- a/lemonldap-ng-portal/t/76-2F-Ext-with-CodeActivation-Resend.t
+++ b/lemonldap-ng-portal/t/76-2F-Ext-with-CodeActivation-Resend.t
@ -0,0 +1,167 @@
+use Test::More;
+use strict;
+use IO::String;
+use Data::Dumper;
+
+require 't/test-lib.pm';
+
+# used by sendCode to store result. Use a random name so multiple tests using
+# sendCode can run in paralell.
+# (Change this value when copying this test!)
+$ENV{llngtmpfile} = $main::tmpDir . "/Vonu2oom.out";
+
+use_ok('Lemonldap::NG::Common::FormEncode');
+count(1);
+
+sub removeFile {
+    my $filename = $ENV{llngtmpfile};
+    unlink $filename;
+}
+
+sub getCodeFromFile {
+    return do {
+        local $/;
+        my $filename = $ENV{llngtmpfile};
+        open my $fh, $filename;
+        <$fh>;
+    };
+}
+
+sub validateCode {
+    my ( $res, $client, $code ) = @_;
+
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/ext2fcheck?skin=bootstrap', 'token', 'code' );
+
+    $query =~ s/code=/code=${code}/;
+    ok(
+        $res = $client->_post(
+            '/ext2fcheck',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post code'
+    );
+    return $res;
+
+}
+
+sub resendCode {
+    my ( $res, $client ) = @_;
+
+    removeFile;
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/ext2fcheck?skin=bootstrap', 'token', 'code' );
+
+    like(
+        $res->[2]->[0],
+        qr,formaction=\"/ext2fresend\?skin=bootstrap\",,
+        "Found resend button"
+    );
+
+    ok(
+        $res = $client->_post(
+            '/ext2fresend',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post code'
+    );
+
+    return ($res);
+}
+
+sub expectTooSoon {
+    my ($res) = @_;
+    like( $res->[2]->[0],
+        qr,trspan=\"resendTooSoon\",, "Received invitation to try later" );
+    ok( !getCodeFromFile, "No mail sent" );
+}
+
+sub expectSentCode {
+    my ($res) = @_;
+
+    ok(
+        $res->[2]->[0] =~
+qr%<input name="code" value="" type="text" class="form-control" id="extcode" trplaceholder="code" autocomplete="one-time-code" />%,
+        'Found EXTCODE input'
+    ) or print STDERR Dumper( $res->[2]->[0] );
+    count(1);
+
+    like( $res->[2]->[0],
+        qr,trspan=\"enterExt2fCode\",, "Prompt indicates success" );
+
+    my $code = getCodeFromFile;
+    like( $code, qr/\d{6}/, "Code has the correct format" );
+
+    return $code;
+}
+
+sub init_login {
+
+    my ($client) = @_;
+
+    removeFile;
+
+    ok(
+        my $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    return $res;
+}
+
+my $client = LLNG::Manager::Test->new( {
+        ini => {
+            logLevel            => 'error',
+            ext2fActivation     => 1,
+            ext2fCodeActivation => '\d{6}',
+            ext2FSendCommand    => 't/sendCode.pl -uid $uid -code $code',
+            ext2fResendInterval => 30,
+            authentication      => 'Demo',
+            userDB              => 'Same',
+        }
+    }
+);
+
+# Try to authenticate
+# -------------------
+
+subtest 'Login on first try' => sub {
+
+    # Login on first try
+    my $res  = init_login($client);
+    my $code = expectSentCode($res);
+    $res = validateCode( $res, $client, $code );
+    my $id = expectCookie($res);
+    $client->logout($id);
+};
+
+subtest 'Login after several resend' => sub {
+    my $res  = init_login($client);
+    my $code = expectSentCode($res);
+
+    $res = resendCode( $res, $client );
+    expectTooSoon($res);
+
+    Time::Fake->offset("+1m");
+
+    $res = resendCode( $res, $client );
+    my $new_code = expectSentCode($res);
+    is( $new_code, $code, "Code hasn't changed" );
+
+    $res = validateCode( $res, $client, $code );
+    my $id = expectCookie($res);
+    $client->logout($id);
+};
+
+clean_sessions();
+
+done_testing();
+
--- a/lemonldap-ng-portal/t/77-2F-Mail.t
+++ b/lemonldap-ng-portal/t/77-2F-Mail.t
@ -7,63 +7,134 @@ require 't/test-lib.pm';
 require 't/smtp.pm';

 use_ok('Lemonldap::NG::Common::FormEncode');
-count(1);
+
+sub validateCode {
+    my ( $res, $client, $code ) = @_;
+
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' );
+
+    $query =~ s/code=/code=${code}/;
+    ok(
+        $res = $client->_post(
+            '/mail2fcheck',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post code'
+    );
+    return $res;
+
+}
+
+sub resendCode {
+    my ( $res, $client ) = @_;
+
+    clear_mail();
+    my ( $host, $url, $query ) =
+      expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' );
+
+    like(
+        $res->[2]->[0],
+        qr,formaction=\"/mail2fresend\?skin=bootstrap\",,
+        "Found resend button"
+    );
+
+    ok(
+        $res = $client->_post(
+            '/mail2fresend',
+            IO::String->new($query),
+            length => length($query),
+            accept => 'text/html',
+        ),
+        'Post code'
+    );
+
+    return ($res);
+}
+
+sub expectTooSoon {
+    my ($res) = @_;
+    like( $res->[2]->[0],
+        qr,trspan=\"resendTooSoon\",, "Received invitation to try later" );
+    ok( !mail(), "No mail sent" );
+}
+
+sub expectSentCode {
+    my ($res) = @_;
+    like(
+        $res->[2]->[0],
+        qr,trspan=\"enterMail2fCode\",,
+        "Prompt indicates success"
+    );
+
+    like( mail() , qr%Doctor Who%, 'Found session attribute in mail' );
+    like( mail() , qr%<b>(\d{4})</b>%, 'Found 2F code in mail' );
+
+    mail () =~ qr%<b>(\d{4})</b>%;
+    return $1;
+}
+
+sub init_login {
+
+    my ($client) = @_;
+    ok(
+        my $res = $client->_post(
+            '/',
+            IO::String->new('user=dwho&password=dwho'),
+            length => 23,
+            accept => 'text/html',
+        ),
+        'Auth query'
+    );
+    return $res;
+}

 my $client = LLNG::Manager::Test->new( {
        ini => {
-            logLevel         => 'error',
-            mail2fActivation => 1,
-            mail2fCodeRegex  => '\d{4}',
-            authentication   => 'Demo',
-            userDB           => 'Same',
+            logLevel             => 'error',
+            mail2fActivation     => 1,
+            mail2fCodeRegex      => '\d{4}',
+            mail2fResendInterval => 30,
+            authentication       => 'Demo',
+            userDB               => 'Same',
        }
    }
 );

 # Try to authenticate
 # -------------------
-ok(
-    my $res = $client->_post(
-        '/',
-        IO::String->new('user=dwho&password=dwho'),
-        length => 23,
-        accept => 'text/html',
-    ),
-    'Auth query'
-);
-count(1);

-my ( $host, $url, $query ) =
-  expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' );
+subtest 'Login on first try' => sub {

-ok(
-    $res->[2]->[0] =~
-qr%<input name="code" value="" type="text" class="form-control" id="extcode" trplaceholder="code" autocomplete="one-time-code" />%,
-    'Found EXTCODE input'
-) or print STDERR Dumper( $res->[2]->[0] );
-count(1);
+    # Login on first try
+    my $res  = init_login($client);
+    my $code = expectSentCode($res);
+    $res = validateCode( $res, $client, $code );
+    my $id = expectCookie($res);
+    $client->logout($id);
+};

-ok( mail() =~ m%<b>(\d{4})</b>%, 'Found 2F code in mail' )
-  or print STDERR Dumper( mail() );
+subtest 'Login after several resend' => sub {
+    my $res  = init_login($client);
+    my $code = expectSentCode($res);

-my $code = $1;
-count(1);
+    $res = resendCode( $res, $client );
+    expectTooSoon($res);

-$query =~ s/code=/code=${code}/;
-ok(
-    $res = $client->_post(
-        '/mail2fcheck',
-        IO::String->new($query),
-        length => length($query),
-        accept => 'text/html',
-    ),
-    'Post code'
-);
-count(1);
-my $id = expectCookie($res);
-$client->logout($id);
+    Time::Fake->offset("+1m");
+
+    $res = resendCode( $res, $client );
+    my $new_code = expectSentCode($res);
+    is( $new_code, $code, "Code hasn't changed" );
+
+    $res = validateCode( $res, $client, $code );
+    my $id = expectCookie($res);
+    $client->logout($id);
+};

 clean_sessions();

-done_testing( count() );
+done_testing();

--- a/lemonldap-ng-portal/t/sendCode.pl
+++ b/lemonldap-ng-portal/t/sendCode.pl
@ -3,6 +3,11 @@ use strict;
 use warnings;

 my ( $swt1, $user, $swt2, $code ) = @ARGV;
+if ( $ENV{llngtmpfile} ) {
+    open( FH, '>', $ENV{llngtmpfile} ) or die $!;
+    print FH $code;
+    close FH;
+}

 exit !($swt1 eq '-uid'
    && $user eq 'dwho'