REST in progress (#970)
This commit is contained in:
parent
34460af4ee
commit
4d8c25460f
|
@ -71,6 +71,7 @@ lib/Lemonldap/NG/Portal/Lib/OpenID/Server.pm
|
|||
lib/Lemonldap/NG/Portal/Lib/OpenID/SREG.pm
|
||||
lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
|
||||
lib/Lemonldap/NG/Portal/Lib/Remote.pm
|
||||
lib/Lemonldap/NG/Portal/Lib/RESTProxy.pm
|
||||
lib/Lemonldap/NG/Portal/Lib/SAML.pm
|
||||
lib/Lemonldap/NG/Portal/Lib/Slave.pm
|
||||
lib/Lemonldap/NG/Portal/Lib/SMTP.pm
|
||||
|
@ -373,6 +374,7 @@ t/32-Auth-and-issuer-OIDC-authorization_code.t
|
|||
t/32-Auth-and-issuer-OIDC-hybrid.t
|
||||
t/32-Auth-and-issuer-OIDC-implicit.t
|
||||
t/33-Auth-and-issuer-OpenID2.t
|
||||
t/34-Auth-Proxy-and-REST-Server.t
|
||||
t/34-Auth-Proxy-and-SOAP-Server.t
|
||||
t/40-Notifications-DBI.t
|
||||
t/50-IssuerGet.t
|
||||
|
|
|
@ -13,12 +13,12 @@ extends 'Lemonldap::NG::Portal::Auth::_WebForm';
|
|||
sub init {
|
||||
my ($self) = @_;
|
||||
if ( $self->conf->{proxyUseSoap} ) {
|
||||
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
|
||||
'Lemonldap::NG::Portal::Lib::SOAPProxy';
|
||||
extends 'Lemonldap::NG::Portal::Lib::SOAPProxy',
|
||||
'Lemonldap::NG::Portal::Auth::_WebForm';
|
||||
}
|
||||
else {
|
||||
extends 'Lemonldap::NG::Portal::Auth::_WebForm',
|
||||
'Lemonldap::NG::Portal::Lib::RESTProxy';
|
||||
extends 'Lemonldap::NG::Portal::Lib::RESTProxy',
|
||||
'Lemonldap::NG::Portal::Auth::_WebForm';
|
||||
}
|
||||
return $self->SUPER::init();
|
||||
}
|
||||
|
@ -31,10 +31,6 @@ sub setAuthSessionInfo {
|
|||
PE_OK;
|
||||
}
|
||||
|
||||
sub authLogout {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
sub getDisplayType {
|
||||
return "standardform";
|
||||
}
|
||||
|
|
|
@ -9,14 +9,7 @@ use Lemonldap::NG::Common::FormEncode;
|
|||
|
||||
our $VERSION = '2.0.0';
|
||||
|
||||
has ua => (
|
||||
is => 'rw',
|
||||
default => sub {
|
||||
my $ua = LWP::UserAgent->new;
|
||||
$ua->default_header( Accept => 'application/json' );
|
||||
return $ua;
|
||||
}
|
||||
);
|
||||
has ua => ( is => 'rw' );
|
||||
|
||||
# INITIALIZATION
|
||||
|
||||
|
@ -24,7 +17,10 @@ sub init {
|
|||
my ($self) = @_;
|
||||
$self->conf->{remoteCookieName} ||= $self->conf->{cookieName};
|
||||
$self->conf->{proxySessionService} ||=
|
||||
$self->conf->{proxyAuthService} . '/mysession/';
|
||||
$self->conf->{proxyAuthService} . '/mysession';
|
||||
$self->conf->{proxySessionService} =~ s#/*$##;
|
||||
$self->ua( LWP::UserAgent->new );
|
||||
$self->ua->default_header( Accept => 'application/json' );
|
||||
|
||||
unless ( defined $self->conf->{proxyAuthService} ) {
|
||||
$self->error("Missing proxyAuthService parameter");
|
||||
|
@ -61,9 +57,10 @@ sub getUser {
|
|||
return PE_BADCREDENTIALS;
|
||||
}
|
||||
$req->sessionInfo->{_proxyCookies} = join '; ',
|
||||
map { s/;.*$// } $resp->header('Set-Cookie');
|
||||
map { s/;.*$//; $_ } $resp->header('Set-Cookie');
|
||||
$self->lmLog(
|
||||
'Store cookies in session (' . $req->sessionInfo->{_proxyCookies} . ')',
|
||||
'Store remote cookies in session ('
|
||||
. $req->sessionInfo->{_proxyCookies} . ')',
|
||||
'debug'
|
||||
);
|
||||
PE_OK;
|
||||
|
@ -73,10 +70,13 @@ sub setSessionInfo {
|
|||
my ( $self, $req ) = @_;
|
||||
return PE_OK if ( $req->datas->{_setSessionInfoDone} );
|
||||
my $q = HTTP::Request->new(
|
||||
GET => $self->conf->{proxySessionService},
|
||||
Cookie => $req->sessionInfo->{_proxyCookies}
|
||||
GET => $self->conf->{proxySessionService} . '/global',
|
||||
[
|
||||
Cookie => $req->sessionInfo->{_proxyCookies},
|
||||
Accept => 'application/json'
|
||||
]
|
||||
);
|
||||
my $resp = $self->ua->get($q);
|
||||
my $resp = $self->ua->request($q);
|
||||
unless ( $resp->is_success ) {
|
||||
$self->lmLog( 'Unable to query session service: ' . $resp->status_line,
|
||||
'error' );
|
||||
|
@ -95,5 +95,19 @@ sub setSessionInfo {
|
|||
PE_OK;
|
||||
}
|
||||
|
||||
sub authLogout {
|
||||
my ( $self, $req ) = @_;
|
||||
$self->lmLog( 'Proxy ask logout to '. $self->conf->{proxyAuthService},'debug');
|
||||
my $q = HTTP::Request->new(
|
||||
GET => $self->conf->{proxyAuthService} . '?logout=1',
|
||||
[
|
||||
Cookie => $req->sessionInfo->{_proxyCookies},
|
||||
Accept => 'application/json'
|
||||
]
|
||||
);
|
||||
my $resp = $self->ua->request($q);
|
||||
return PE_OK;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
|
|
|
@ -84,4 +84,8 @@ sub setSessionInfo {
|
|||
PE_OK;
|
||||
}
|
||||
|
||||
sub authLogout {
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
|
@ -103,6 +103,7 @@ sub init {
|
|||
[ 'GET', 'POST' ]
|
||||
);
|
||||
extends @parents if ($add);
|
||||
$self->setTypes( $self->conf ) if ( $self->conf->{restSessionServer} );
|
||||
return 1;
|
||||
}
|
||||
|
||||
|
@ -167,7 +168,7 @@ sub delSession {
|
|||
|
||||
sub delMySession {
|
||||
my ( $self, $req, $id ) = @_;
|
||||
return $self->delSession( $req, $req->id );
|
||||
return $self->delSession( $req, $req->userData->{_session_id} );
|
||||
}
|
||||
|
||||
sub mysession {
|
||||
|
@ -176,7 +177,7 @@ sub mysession {
|
|||
# 1. whoami
|
||||
if ( defined $req->param('whoami') ) {
|
||||
return $self->p->sendJSONresponse( $req,
|
||||
{ result => $req->sessionInfo->{ $self->conf->{whatToTrace} } } );
|
||||
{ result => $req->userData->{ $self->conf->{whatToTrace} } } );
|
||||
}
|
||||
|
||||
# Verify authorizationfor arg
|
||||
|
@ -209,7 +210,8 @@ sub mysession {
|
|||
|
||||
sub getMyKey {
|
||||
my ( $self, $req, $key ) = @_;
|
||||
return $self->session( $req, $req->id, $key );
|
||||
$self->lmLog( 'Request to get personal session info', 'debug' );
|
||||
return $self->session( $req, $req->userData->{_session_id}, $key );
|
||||
}
|
||||
|
||||
1;
|
||||
|
|
156
lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t
Normal file
156
lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t
Normal file
|
@ -0,0 +1,156 @@
|
|||
use Test::More;
|
||||
use strict;
|
||||
use IO::String;
|
||||
|
||||
BEGIN {
|
||||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
ok( $issuer = issuer(), 'Issuer portal' );
|
||||
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::Reload::_onReload;
|
||||
switch ('sp');
|
||||
|
||||
ok( $sp = sp(), 'SP portal' );
|
||||
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::Reload::_onReload;
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', accept => 'text/html',
|
||||
),
|
||||
'Unauth SP request'
|
||||
);
|
||||
expectOK($res);
|
||||
|
||||
# Try to auth
|
||||
ok(
|
||||
$res = $sp->_post(
|
||||
'/', IO::String->new('user=dwho&password=dwho'),
|
||||
length => 23,
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Post user/password'
|
||||
);
|
||||
expectRedirection( $res, 'http://auth.sp.com' );
|
||||
my $spId = expectCookie($res);
|
||||
|
||||
# Logout
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => 'logout',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$spId"
|
||||
),
|
||||
'Ask for logout'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
|
||||
# Test if logout is done
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', cookie => "lemonldap=$spId",
|
||||
),
|
||||
'Test if user is reject on IdP'
|
||||
);
|
||||
count(1);
|
||||
expectReject($res);
|
||||
|
||||
count(4);
|
||||
clean_sessions();
|
||||
done_testing( count() );
|
||||
|
||||
# Redefine LWP methods for tests
|
||||
no warnings 'redefine';
|
||||
|
||||
sub LWP::UserAgent::request {
|
||||
my ( $self, $req ) = @_;
|
||||
ok( $req->uri =~ m#http://auth.idp.com(.*)#, " REST request (uri: $1)" );
|
||||
count(1);
|
||||
my $url = $1;
|
||||
my $res;
|
||||
my $s = $req->content;
|
||||
if ( $req->method =~ /^post$/i ) {
|
||||
my $s = $req->content;
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
$url,
|
||||
IO::String->new($s),
|
||||
length => length($s),
|
||||
type => $req->header('Content-Type'),
|
||||
),
|
||||
' Post request'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
expectCookie($res);
|
||||
}
|
||||
else {
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
$url,
|
||||
accept => $req->header('Accept'),
|
||||
cookie => $req->header('Cookie')
|
||||
),
|
||||
' Execute request'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
}
|
||||
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/json#,
|
||||
'Content is JSON' )
|
||||
or explain( $res->[1], 'Content-Type => application/json' );
|
||||
count(1);
|
||||
my $httpResp;
|
||||
$httpResp = HTTP::Response->new( $res->[0], 'OK' );
|
||||
|
||||
while ( my $name = shift @{ $res->[1] } ) {
|
||||
$httpResp->header( $name, shift( @{ $res->[1] } ) );
|
||||
}
|
||||
$httpResp->content( join( '', @{ $res->[2] } ) );
|
||||
return $httpResp;
|
||||
}
|
||||
|
||||
sub switch {
|
||||
my $type = shift;
|
||||
@Lemonldap::NG::Handler::Main::Reload::_onReload = @{
|
||||
$handlerOR{$type};
|
||||
};
|
||||
}
|
||||
|
||||
sub issuer {
|
||||
return LLNG::Manager::Test->new(
|
||||
{
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
templatesDir => 'site/htdocs/static',
|
||||
domain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Demo',
|
||||
restSessionServer => 1,
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
sub sp {
|
||||
return LLNG::Manager::Test->new(
|
||||
{
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'Proxy',
|
||||
userDB => 'Proxy',
|
||||
proxyAuthService => 'http://auth.idp.com',
|
||||
proxyUseSoap => 0,
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
Loading…
Reference in New Issue
Block a user