Update unit tests (#2243)
This commit is contained in:
Christophe Maudoux
parent
ef8aa7cee9
commit
56243712ff
|
|
@ -26,7 +26,7 @@ SKIP: {
|
|||
totp2fSelfRegistration => 1,
|
||||
totp2fActivation => 1,
|
||||
failedLoginNumber => 4,
|
||||
bruteForceProtectionMaxFailed => 0,
|
||||
bruteForceProtectionMaxFailed => 0
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
@ -95,13 +95,28 @@ SKIP: {
|
|||
),
|
||||
'1st Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/, 'Bad credential' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
## Second failed connection
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=ohwd'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'1st Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%5 <span trspan="seconds">seconds</span>%,
|
||||
'LockTime = 5' )
|
||||
ok( $res->[2]->[0] =~ m%(\d{2}) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" );
|
||||
ok( $1 <= 15 && $1 >= 13, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(3);
|
||||
count(4);
|
||||
|
||||
# Waiting
|
||||
Time::Fake->offset("+3s");
|
||||
|
|
@ -115,6 +130,48 @@ SKIP: {
|
|||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d{2}) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" );
|
||||
ok( $1 < 30 && $1 >= 25, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
# Waiting
|
||||
Time::Fake->offset("+6s");
|
||||
## Third failed connection
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=ohwd'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'2nd Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d{2}) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" );
|
||||
ok( $1 < 60 && $1 >= 55, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
# Waiting
|
||||
Time::Fake->offset("+70s");
|
||||
## Try to connect
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trspan="enterTotpCode">/, 'Enter TOTP code' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
|
@ -132,117 +189,6 @@ SKIP: {
|
|||
),
|
||||
'Post code'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%5 <span trspan="seconds">seconds</span>%,
|
||||
'LockTime = 5' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
## Second failed connection
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=ohwd'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'2nd Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%15 <span trspan="seconds">seconds</span>%,
|
||||
'LockTime = 15' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(3);
|
||||
|
||||
# Waiting
|
||||
Time::Fake->offset("+10s");
|
||||
## Try to connect
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trspan="enterTotpCode">/, 'Enter TOTP code' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/totp2fcheck', 'token' );
|
||||
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
|
||||
'Code' );
|
||||
$query =~ s/code=/code=$code/;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/totp2fcheck', IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Post code'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%15 <span trspan="seconds">seconds</span>%,
|
||||
'LockTime = 15' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
## Third failed connection
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=ohwd'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'3rd Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%60 <span trspan="seconds">seconds</span>%,
|
||||
'LockTime = 60' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(3);
|
||||
|
||||
# Waiting
|
||||
Time::Fake->offset("+80s");
|
||||
## Try to connect
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trspan="enterTotpCode"><\/span>/,
|
||||
'Enter TOTP code' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/totp2fcheck', 'token' );
|
||||
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 6 ),
|
||||
'Code' );
|
||||
$query =~ s/code=/code=$code/;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/totp2fcheck', IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Post code'
|
||||
);
|
||||
count(2);
|
||||
$id = expectCookie($res);
|
||||
expectRedirection( $res, 'http://auth.example.com/' );
|
||||
|
|
|
|||
|
|
@ -18,8 +18,8 @@ my $client = LLNG::Manager::Test->new( {
|
|||
bruteForceProtectionIncrementalTempo => 1,
|
||||
failedLoginNumber => 6,
|
||||
bruteForceProtectionMaxLockTime => 600,
|
||||
bruteForceProtectionLockTimes => '5 , 500, bad ,20, -10, 700',
|
||||
bruteForceProtectionMaxFailed => 2,
|
||||
bruteForceProtectionLockTimes => '5 , 500, bad ,20, -10, 700',
|
||||
bruteForceProtectionMaxFailed => 2,
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
@ -49,8 +49,7 @@ ok(
|
|||
),
|
||||
'1st allowed Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/,
|
||||
'Bad credential' )
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/, 'Bad credential' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
|
|
@ -64,8 +63,7 @@ ok(
|
|||
),
|
||||
'2nd allowed Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/,
|
||||
'Bad credential' )
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/, 'Bad credential' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
|
|
@ -104,10 +102,8 @@ ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
|||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $1 <=6 && $1 >= 3 ,
|
||||
'LockTime in range' )
|
||||
"LockTime = $1" );
|
||||
ok( $1 <= 6 && $1 >= 3, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
|
|
@ -128,10 +124,8 @@ ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
|||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d{2}) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $1 <=18 && $1 >= 15 ,
|
||||
'LockTime in range' )
|
||||
"LockTime = $1" );
|
||||
ok( $1 <= 18 && $1 >= 15, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
|
|
@ -152,10 +146,8 @@ ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
|||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d{3}) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $1 <=490 && $1 >= 480 ,
|
||||
'LockTime in range' )
|
||||
"LockTime = $1" );
|
||||
ok( $1 <= 490 && $1 >= 480, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
|
|
@ -190,8 +182,7 @@ ok(
|
|||
),
|
||||
'2nd allowed Bad Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/,
|
||||
'Bad credential' )
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/, 'Bad credential' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
|
|
@ -209,10 +200,8 @@ ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
|||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d{3}) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $1 <=5000 && $1 >= 490 ,
|
||||
'LockTime in range' )
|
||||
"LockTime = $1" );
|
||||
ok( $1 <= 5000 && $1 >= 490, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
|
|
|
|||
|
|
@ -72,7 +72,8 @@ ok(
|
|||
),
|
||||
'4th Bad Auth query -> Rejected'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86">/, 'Protection enabled' );
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86">/, 'Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
# Count down
|
||||
|
|
@ -89,52 +90,35 @@ ok(
|
|||
),
|
||||
'Auth query'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/,
|
||||
'Rejected -> Protection enabled' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
ok( $res->[2]->[0] =~ m%(\d) <span trspan="seconds">seconds</span>%,
|
||||
"LockTime = $1" );
|
||||
ok( $1 < 5 && $1 >= 2, 'LockTime in range' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(4);
|
||||
|
||||
# Cool down
|
||||
Time::Fake->offset("+6s");
|
||||
|
||||
# Try to authenticate again
|
||||
# -------------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho&checkLogins=1'),
|
||||
length => 37,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
my ( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/ext2fcheck?skin=bootstrap', 'token', 'code',
|
||||
'checkLogins' );
|
||||
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
qr%<input name="code" value="" type="text" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />%,
|
||||
'Found EXTCODE input'
|
||||
) or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(1);
|
||||
|
||||
$query =~ s/code=/code=123456/;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/ext2fcheck',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Post code'
|
||||
);
|
||||
ok( $res->[2]->[0] =~ /<span trmsg="86">/, 'Protection enabled' );
|
||||
count(2);
|
||||
|
||||
# Cool down
|
||||
Time::Fake->offset("+6s");
|
||||
|
||||
# Try to authenticate again
|
||||
# -------------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho&checkLogins=1'),
|
||||
length => 37,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/ext2fcheck?skin=bootstrap', 'token', 'code',
|
||||
'checkLogins' );
|
||||
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
qr%<input name="code" value="" type="text" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />%,
|
||||
|
|
@ -152,13 +136,12 @@ ok(
|
|||
'Post code'
|
||||
);
|
||||
count(2);
|
||||
|
||||
my $id = expectCookie($res);
|
||||
|
||||
ok( $res->[2]->[0] =~ /trspan="lastLogins"/, 'History found' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
my @c = ( $res->[2]->[0] =~ /<td>127.0.0.1/gs );
|
||||
ok( @c == 6, 'Six entries found' )
|
||||
ok( @c == 4, 'Four entries found' )
|
||||
or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(2);
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue