Merge branch 'v2.0'
This commit is contained in:
commit
6453a04a55
|
@ -541,10 +541,15 @@ sub authChoiceModules {
|
|||
my @res;
|
||||
foreach my $k ( sort keys %$value ) {
|
||||
my $data = [ split /;/, $value->{$k} ];
|
||||
eval { $data->[5] = from_json( $data->[5] ) if $data->[5] };
|
||||
if ($@) {
|
||||
$self->logger->error(
|
||||
"Bad value in choice over parameters, deleted ($@)");
|
||||
if ( $data->[5] ) {
|
||||
my $over;
|
||||
eval { $over = from_json( $data->[5] ) };
|
||||
if ($@) {
|
||||
$self->logger->error(
|
||||
"Bad value in choice over parameters, deleted ($@)");
|
||||
} else {
|
||||
$data->[5] = [ map { [ $_, $over->{$_} ] } keys %{$over} ];
|
||||
}
|
||||
}
|
||||
push @res,
|
||||
{
|
||||
|
|
|
@ -27,9 +27,9 @@ sub new {
|
|||
if ( $self->env->{X_ORIGINAL_URI} );
|
||||
$self->env->{PATH_INFO} =~ s|//+|/|g;
|
||||
|
||||
if ( my $tmp = $self->script_name ) {
|
||||
$self->env->{PATH_INFO} =~ s|^$tmp|/|;
|
||||
}
|
||||
#if ( my $tmp = $self->script_name ) {
|
||||
# $self->env->{PATH_INFO} =~ s|^$tmp|/|;
|
||||
#}
|
||||
$self->env->{PATH_INFO} ||= '/';
|
||||
$self->env->{REQUEST_URI} =~ s|^//+|/|g;
|
||||
$self->{uri} = uri_unescape( $self->env->{REQUEST_URI} );
|
||||
|
@ -49,7 +49,10 @@ sub uri { $_[0]->{uri} }
|
|||
sub userData {
|
||||
my ( $self, $v ) = @_;
|
||||
return $self->{userData} = $v if ($v);
|
||||
return $self->{userData} || { _whatToTrace => $self->{user}, };
|
||||
return $self->{userData}
|
||||
|| {
|
||||
( $Lemonldap::NG::Handler::Main::tsv->{whatToTrace}
|
||||
|| '_whatToTrace' ) => $self->{user}, };
|
||||
}
|
||||
|
||||
sub respHeaders {
|
||||
|
|
|
@ -252,7 +252,7 @@ sub newConf {
|
|||
|
||||
if ( $cfgNum ne $req->params('cfgNum') ) { $parser->confChanged(1); }
|
||||
|
||||
my $res = { result => $parser->check };
|
||||
my $res = { result => $parser->check($self) };
|
||||
|
||||
# "message" fields: note that words enclosed by "__" (__word__) will be
|
||||
# translated
|
||||
|
|
|
@ -94,12 +94,14 @@ sub hdebug {
|
|||
# Main method
|
||||
#@return result
|
||||
sub check {
|
||||
my $self = shift;
|
||||
my $self = shift;
|
||||
my $localConf = shift;
|
||||
|
||||
hdebug("# check()");
|
||||
unless ( $self->newConf ) {
|
||||
return 0 unless ( $self->scanTree );
|
||||
}
|
||||
unless ( $self->testNewConf ) {
|
||||
unless ( $self->testNewConf($localConf) ) {
|
||||
hdebug(" testNewConf() failed");
|
||||
return 0;
|
||||
}
|
||||
|
@ -846,9 +848,11 @@ sub _scanNodes {
|
|||
|
||||
# authChoiceModules
|
||||
if ( $name eq 'authChoiceModules' ) {
|
||||
hdebug(' combModules');
|
||||
hdebug(' authChoiceModules');
|
||||
$n->{data}->[5] ||= {};
|
||||
$n->{data}->[5] = to_json( $n->{data}->[5] );
|
||||
$n->{data}->[5] =
|
||||
to_json( { map { @$_ } @{ $n->{data}->[5] } } )
|
||||
if ref( $n->{data}->[5] ) eq 'ARRAY';
|
||||
}
|
||||
|
||||
$n->{data} = join ';', @{ $n->{data} };
|
||||
|
@ -1078,9 +1082,12 @@ sub defaultValue {
|
|||
#
|
||||
#@return true if tests succeed
|
||||
sub testNewConf {
|
||||
my $self = shift;
|
||||
my $self = shift;
|
||||
my $localConf = shift;
|
||||
|
||||
hdebug('# testNewConf()');
|
||||
return $self->_unitTest( $self->newConf(), '' ) && $self->_globalTest();
|
||||
return $self->_unitTest( $self->newConf(), $localConf )
|
||||
&& $self->_globalTest($localConf);
|
||||
}
|
||||
|
||||
##@method private boolean _unitTest()
|
||||
|
@ -1088,23 +1095,24 @@ sub testNewConf {
|
|||
#
|
||||
#@return true if tests succeed
|
||||
sub _unitTest {
|
||||
my ( $self, $conf ) = @_;
|
||||
my ( $self, $conf, $localConf ) = @_;
|
||||
hdebug('# _unitTest()');
|
||||
my $types = &Lemonldap::NG::Manager::Attributes::types();
|
||||
my $attrs = &Lemonldap::NG::Manager::Attributes::attributes();
|
||||
my $res = 1;
|
||||
|
||||
foreach my $key ( keys %$conf ) {
|
||||
if ( $self->{skippedUnitTests}
|
||||
and $self->{skippedUnitTests} =~ /\b$key\b/ )
|
||||
if ( $localConf->{skippedUnitTests}
|
||||
and $localConf->{skippedUnitTests} =~ /\b$key\b/ )
|
||||
{
|
||||
$self->logger->debug("Ignore test for $key");
|
||||
$localConf->logger->debug("-> Ignore test for $key\n");
|
||||
next;
|
||||
}
|
||||
hdebug("Testing $key");
|
||||
my $attr = $attrs->{$key};
|
||||
my $type = $types->{ $attr->{type} };
|
||||
unless ( $type or $attr->{test} ) {
|
||||
print STDERR "Unknown attribute $key, deleting it\n";
|
||||
$localConf->logger->debug("Unknown attribute $key, deleting it\n");
|
||||
delete $conf->{$key};
|
||||
next;
|
||||
}
|
||||
|
@ -1227,16 +1235,19 @@ sub _execTest {
|
|||
#
|
||||
#@return true if tests succeed
|
||||
sub _globalTest {
|
||||
my $self = shift;
|
||||
my $self = shift;
|
||||
my $localConf = shift;
|
||||
|
||||
require Lemonldap::NG::Manager::Conf::Tests;
|
||||
hdebug('# _globalTest()');
|
||||
my $result = 1;
|
||||
my $tests = &Lemonldap::NG::Manager::Conf::Tests::tests( $self->newConf );
|
||||
|
||||
foreach my $name ( keys %$tests ) {
|
||||
if ( $self->{skippedGlobalTests}
|
||||
and $self->{skippedGlobalTests} =~ /\b$name\b/ )
|
||||
if ( $localConf->{skippedGlobalTests}
|
||||
and $localConf->{skippedGlobalTests} =~ /\b$name\b/ )
|
||||
{
|
||||
$self->logger->debug("Ignore test for $name");
|
||||
$localConf->logger->debug("-> Ignore test for $name\n");
|
||||
next;
|
||||
}
|
||||
my $sub = $tests->{$name};
|
||||
|
@ -1258,7 +1269,7 @@ sub _globalTest {
|
|||
};
|
||||
if ($@) {
|
||||
push @{ $self->warnings }, "Test $name failed: $@";
|
||||
print STDERR "Test $name failed: $@\n";
|
||||
$localConf->logger->debug("Test $name failed: $@\n");
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
diff.html script
|
||||
###
|
||||
|
||||
llapp = angular.module 'llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'] , ($rootScopeProvider) -> $rootScopeProvider.digestTtl(15)
|
||||
llapp = angular.module 'llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'] , ['$rootScopeProvider', ($rootScopeProvider) -> $rootScopeProvider.digestTtl(15)]
|
||||
llapp.controller 'DiffCtrl', [ '$scope', '$http', '$q', '$translator', '$location', ($scope, $http, $q, $translator, $location) ->
|
||||
$scope.links = links
|
||||
$scope.menulinks = menulinks
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
diff.html script
|
||||
###
|
||||
|
||||
llapp = angular.module 'llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'] , ($rootScopeProvider) -> $rootScopeProvider.digestTtl(15)
|
||||
llapp = angular.module 'llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'] , ['$rootScopeProvider', ($rootScopeProvider) -> $rootScopeProvider.digestTtl(15)]
|
||||
llapp.controller 'DiffCtrl', [ '$scope', '$http', '$q', '$translator', '$location', ($scope, $http, $q, $translator, $location) ->
|
||||
$scope.links = links
|
||||
$scope.menulinks = menulinks
|
||||
|
|
|
@ -42,8 +42,9 @@
|
|||
<input class="form-control" ng-model="t[1]" />
|
||||
</td>
|
||||
<td>
|
||||
<span class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.data.over,$index)"/>
|
||||
<span ng-if="$last" class="link text-success glyphicon glyphicon-plus-sign" ng-click="menuClick({title:'newCmbOver'})"/>
|
||||
<span class="link text-danger glyphicon glyphicon-minus-sign" ng-click="del(currentNode.data[5],$index)"/>
|
||||
<span ng-if="$last" class="link text-success glyphicon glyphicon-plus-sign"
|
||||
ng-click="menuClick({title:'newCmbOver', action:'newChoiceOver'})" />
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
|
||||
/*
|
||||
* 2ndFA Session explorer
|
||||
|
|
|
@ -7,9 +7,11 @@ diff.html script
|
|||
(function() {
|
||||
var llapp;
|
||||
|
||||
llapp = angular.module('llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'], function($rootScopeProvider) {
|
||||
return $rootScopeProvider.digestTtl(15);
|
||||
});
|
||||
llapp = angular.module('llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'], [
|
||||
'$rootScopeProvider', function($rootScopeProvider) {
|
||||
return $rootScopeProvider.digestTtl(15);
|
||||
}
|
||||
]);
|
||||
|
||||
llapp.controller('DiffCtrl', [
|
||||
'$scope', '$http', '$q', '$translator', '$location', function($scope, $http, $q, $translator, $location) {
|
||||
|
|
|
@ -1 +1 @@
|
|||
(function(){angular.module("llngConfDiff",["ui.tree","ui.bootstrap","llApp","ngCookies"],function(t){return t.digestTtl(15)}).controller("DiffCtrl",["$scope","$http","$q","$translator","$location",function(p,o,l,a,u){var n,i,c,t,s,h,f;return p.links=links,p.menulinks=menulinks,p.staticPrefix=staticPrefix,p.scriptname=scriptname,p.availableLanguages=availableLanguages,p.waiting=!0,p.showM=!1,p.cfg=[],p.data={},p.currentNode=null,p.translateTitle=function(t){return a.translateField(t,"title")},p.translateP=a.translateP,p.translate=a.translate,p.toggle=function(t){return t.toggle()},p.stoggle=function(t,e){return p.currentNode=e,t.toggle()},p.menuClick=function(t){if(t.popup)window.open(t.popup);else switch(t.action||(t.action=t.title),typeof t.action){case"function":t.action(p.currentNode,p);break;case"string":p[t.action]();break;default:console.log(typeof t.action)}return p.showM=!1},p.getLanguage=function(t){return p.lang=t,c(),p.showM=!1},i=function(n,r){var a;return a=l.defer(),null==p.cfg[n]||p.cfg[n]!==r?o.get(""+confPrefix+r).then(function(t){var e;return t&&t.data?(p.cfg[n]=t.data,e=new Date(1e3*t.data.cfgDate),p.cfg[n].date=e.toLocaleString(),console.log("Metadatas of cfg "+r+" loaded"),a.resolve("OK")):a.reject(t)},function(t){return console.log(t),a.reject("NOK")}):a.resolve(),a.promise},c=function(){return p.message=null,p.currentNode=null,l.all([a.init(p.lang),o.get(staticPrefix+"reverseTree.json").then(function(t){return t.data,console.log("Structure loaded")})]).then(function(){return l.defer(),o.get(scriptname+"diff/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum).then(function(t){var e;return[],e=s(t.data[0],t.data[1]),p.data=n(e),p.message="",p.waiting=!1},function(t){return p.message=p.translate("error")+" : "+t.statusLine})}),p.activeModule="conf",p.myStyle={color:"#ffb84d"}},s=function(t,e,n){var r,a,o,l;for(r in null==n&&(n=!0),a=[],t)l=t[r],o=n?{title:p.translate(r),id:r}:{title:r},r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||(null!=l&&"object"==typeof l?"array"===l.constructor?(o.oldvalue=l,o.newvalue=e[r]):"object"==typeof e[r]?o.nodes=s(t[r],e[r],!1):o.oldnodes=f(l,"old"):(o.oldvalue=l,o.newvalue=e[r]),a.push(o));for(r in e)l=e[r],r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||null!=t[r]||(o=n?{title:p.translate(r),id:r}:{title:r},null!=l&&"object"==typeof l?"array"===l.constructor?o.newvalue=l:(console.log("Iteration"),o.newnodes=f(l,"new")):o.newvalue=l,a.push(o));return a},f=function(t,e){var n,r,a,o;for(n in r=[],t)a={title:n},"object"==typeof(o=t[n])?"array"===o.constructor?a[e+"value"]=o:a[e+"nodes"]=f(t[n],e):a[e+"value"]=o,r.push(a);return r},h=[],n=function(t){var e,n,r,a,o,l,u,i,c,s,f,g,d;if(null==h)return t;for(d=[],a=0,l=t.length;a<l;a++){for(e=t[a],f=d,o=0,u=(g=null!=h[e.id]?h[e.id].split("/"):"").length;o<u;o++)if(0<(s=g[o]).length)if(f.length){for(n=-1,r=c=0,i=f.length;c<i;r=++c)f[r].id===s&&(n=r);f=-1!==n?f[n].nodes:(f.push({id:s,title:p.translate(s),nodes:[]}),f[f.length-1].nodes)}else f.push({id:s,title:p.translate(s),nodes:[]}),f=f[0].nodes;f.push(e)}return d},p.newDiff=function(){return u.path("/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum)},t=function(t,e,n){var r;return null===(r=e.match(new RegExp("#!?/(latest|[0-9]+)(?:/(latest|[0-9]+))?$")))?u.path("/latest"):(p.waiting=!0,l.all([a.init(p.lang),o.get(staticPrefix+"reverseTree.json").then(function(t){return h=t.data,console.log("Structure loaded")}),i(0,r[1]),null!=r[2]?i(1,r[2]):void 0]).then(function(){return null!=r[2]?c():p.cfg[0].prev?(p.cfg[1]=p.cfg[0],i(0,p.cfg[1].prev).then(function(){return c()})):(p.data=[],p.waiting=!1)},function(){return p.message=p.translate("error"),p.waiting=!1})),!0},p.$on("$locationChangeSuccess",t)}])}).call(this);
|
||||
(function(){angular.module("llngConfDiff",["ui.tree","ui.bootstrap","llApp","ngCookies"],["$rootScopeProvider",function(t){return t.digestTtl(15)}]).controller("DiffCtrl",["$scope","$http","$q","$translator","$location",function(p,a,l,o,u){var n,i,c,t,s,h,f;return p.links=links,p.menulinks=menulinks,p.staticPrefix=staticPrefix,p.scriptname=scriptname,p.availableLanguages=availableLanguages,p.waiting=!0,p.showM=!1,p.cfg=[],p.data={},p.currentNode=null,p.translateTitle=function(t){return o.translateField(t,"title")},p.translateP=o.translateP,p.translate=o.translate,p.toggle=function(t){return t.toggle()},p.stoggle=function(t,e){return p.currentNode=e,t.toggle()},p.menuClick=function(t){if(t.popup)window.open(t.popup);else switch(t.action||(t.action=t.title),typeof t.action){case"function":t.action(p.currentNode,p);break;case"string":p[t.action]();break;default:console.log(typeof t.action)}return p.showM=!1},p.getLanguage=function(t){return p.lang=t,c(),p.showM=!1},i=function(n,r){var o;return o=l.defer(),null==p.cfg[n]||p.cfg[n]!==r?a.get(""+confPrefix+r).then(function(t){var e;return t&&t.data?(p.cfg[n]=t.data,e=new Date(1e3*t.data.cfgDate),p.cfg[n].date=e.toLocaleString(),console.log("Metadatas of cfg "+r+" loaded"),o.resolve("OK")):o.reject(t)},function(t){return console.log(t),o.reject("NOK")}):o.resolve(),o.promise},c=function(){return p.message=null,p.currentNode=null,l.all([o.init(p.lang),a.get(staticPrefix+"reverseTree.json").then(function(t){return t.data,console.log("Structure loaded")})]).then(function(){return l.defer(),a.get(scriptname+"diff/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum).then(function(t){var e;return[],e=s(t.data[0],t.data[1]),p.data=n(e),p.message="",p.waiting=!1},function(t){return p.message=p.translate("error")+" : "+t.statusLine})}),p.activeModule="conf",p.myStyle={color:"#ffb84d"}},s=function(t,e,n){var r,o,a,l;for(r in null==n&&(n=!0),o=[],t)l=t[r],a=n?{title:p.translate(r),id:r}:{title:r},r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||(null!=l&&"object"==typeof l?"array"===l.constructor?(a.oldvalue=l,a.newvalue=e[r]):"object"==typeof e[r]?a.nodes=s(t[r],e[r],!1):a.oldnodes=f(l,"old"):(a.oldvalue=l,a.newvalue=e[r]),o.push(a));for(r in e)l=e[r],r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||null!=t[r]||(a=n?{title:p.translate(r),id:r}:{title:r},null!=l&&"object"==typeof l?"array"===l.constructor?a.newvalue=l:(console.log("Iteration"),a.newnodes=f(l,"new")):a.newvalue=l,o.push(a));return o},f=function(t,e){var n,r,o,a;for(n in r=[],t)o={title:n},"object"==typeof(a=t[n])?"array"===a.constructor?o[e+"value"]=a:o[e+"nodes"]=f(t[n],e):o[e+"value"]=a,r.push(o);return r},h=[],n=function(t){var e,n,r,o,a,l,u,i,c,s,f,g,d;if(null==h)return t;for(d=[],o=0,l=t.length;o<l;o++){for(e=t[o],f=d,a=0,u=(g=null!=h[e.id]?h[e.id].split("/"):"").length;a<u;a++)if(0<(s=g[a]).length)if(f.length){for(n=-1,r=c=0,i=f.length;c<i;r=++c)f[r].id===s&&(n=r);f=-1!==n?f[n].nodes:(f.push({id:s,title:p.translate(s),nodes:[]}),f[f.length-1].nodes)}else f.push({id:s,title:p.translate(s),nodes:[]}),f=f[0].nodes;f.push(e)}return d},p.newDiff=function(){return u.path("/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum)},t=function(t,e,n){var r;return null===(r=e.match(new RegExp("#!?/(latest|[0-9]+)(?:/(latest|[0-9]+))?$")))?u.path("/latest"):(p.waiting=!0,l.all([o.init(p.lang),a.get(staticPrefix+"reverseTree.json").then(function(t){return h=t.data,console.log("Structure loaded")}),i(0,r[1]),null!=r[2]?i(1,r[2]):void 0]).then(function(){return null!=r[2]?c():p.cfg[0].prev?(p.cfg[1]=p.cfg[0],i(0,p.cfg[1].prev).then(function(){return c()})):(p.data=[],p.waiting=!1)},function(){return p.message=p.translate("error"),p.waiting=!1})),!0},p.$on("$locationChangeSuccess",t)}])}).call(this);
|
File diff suppressed because one or more lines are too long
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
(function() {
|
||||
var filterFunctions;
|
||||
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
|
||||
/*
|
||||
LemonLDAP::NG base app module
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
|
||||
/*
|
||||
LemonLDAP::NG Manager client
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
|
||||
/*
|
||||
* LemonLDAP::NG Notifications Explorer client
|
||||
|
|
|
@ -7,9 +7,11 @@ diff.html script
|
|||
(function() {
|
||||
var llapp;
|
||||
|
||||
llapp = angular.module('llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'], function($rootScopeProvider) {
|
||||
return $rootScopeProvider.digestTtl(15);
|
||||
});
|
||||
llapp = angular.module('llngConfDiff', ['ui.tree', 'ui.bootstrap', 'llApp', 'ngCookies'], [
|
||||
'$rootScopeProvider', function($rootScopeProvider) {
|
||||
return $rootScopeProvider.digestTtl(15);
|
||||
}
|
||||
]);
|
||||
|
||||
llapp.controller('DiffCtrl', [
|
||||
'$scope', '$http', '$q', '$translator', '$location', function($scope, $http, $q, $translator, $location) {
|
||||
|
|
|
@ -1 +1 @@
|
|||
(function(){angular.module("llngConfDiff",["ui.tree","ui.bootstrap","llApp","ngCookies"],function(t){return t.digestTtl(15)}).controller("DiffCtrl",["$scope","$http","$q","$translator","$location",function(p,o,l,a,i){var n,u,c,t,s,h,f;return p.links=links,p.menulinks=menulinks,p.staticPrefix=staticPrefix,p.scriptname=scriptname,p.availableLanguages=availableLanguages,p.waiting=!0,p.showM=!1,p.cfg=[],p.data={},p.currentNode=null,p.translateTitle=function(t){return a.translateField(t,"title")},p.translateP=a.translateP,p.translate=a.translate,p.toggle=function(t){return t.toggle()},p.stoggle=function(t,e){return p.currentNode=e,t.toggle()},p.menuClick=function(t){if(t.popup)window.open(t.popup);else switch(t.action||(t.action=t.title),typeof t.action){case"function":t.action(p.currentNode,p);break;case"string":p[t.action]();break;default:console.log(typeof t.action)}return p.showM=!1},p.getLanguage=function(t){return p.lang=t,c(),p.showM=!1},u=function(n,r){var a;return a=l.defer(),null==p.cfg[n]||p.cfg[n]!==r?o.get(""+confPrefix+r).then(function(t){var e;return t&&t.data?(p.cfg[n]=t.data,e=new Date(1e3*t.data.cfgDate),p.cfg[n].date=e.toLocaleString(),console.log("Metadatas of cfg "+r+" loaded"),a.resolve("OK")):a.reject(t)},function(t){return console.log(t),a.reject("NOK")}):a.resolve(),a.promise},c=function(){return p.message=null,p.currentNode=null,l.all([a.init(p.lang),o.get(staticPrefix+"reverseTree.json").then(function(t){return t.data,console.log("Structure loaded")})]).then(function(){return l.defer(),o.get(scriptname+"view/diff/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum).then(function(t){var e;return[],e=s(t.data[0],t.data[1]),p.data=n(e),p.message="",p.waiting=!1},function(t){return p.message=p.translate("error")+" : "+t.statusLine})}),p.activeModule="viewer",p.myStyle={color:"#ffb84d"}},s=function(t,e,n){var r,a,o,l;for(r in null==n&&(n=!0),a=[],t)l=t[r],o=n?{title:p.translate(r),id:r}:{title:r},r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||(null!=l&&"object"==typeof l?"array"===l.constructor?(o.oldvalue=l,o.newvalue=e[r]):"object"==typeof e[r]?o.nodes=s(t[r],e[r],!1):o.oldnodes=f(l,"old"):(o.oldvalue=l,o.newvalue=e[r]),a.push(o));for(r in e)l=e[r],r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||null!=t[r]||(o=n?{title:p.translate(r),id:r}:{title:r},null!=l&&"object"==typeof l?"array"===l.constructor?o.newvalue=l:(console.log("Iteration"),o.newnodes=f(l,"new")):o.newvalue=l,a.push(o));return a},f=function(t,e){var n,r,a,o;for(n in r=[],t)a={title:n},"object"==typeof(o=t[n])?"array"===o.constructor?a[e+"value"]=o:a[e+"nodes"]=f(t[n],e):a[e+"value"]=o,r.push(a);return r},h=[],n=function(t){var e,n,r,a,o,l,i,u,c,s,f,g,d;if(null==h)return t;for(d=[],a=0,l=t.length;a<l;a++){for(e=t[a],f=d,o=0,i=(g=null!=h[e.id]?h[e.id].split("/"):"").length;o<i;o++)if(0<(s=g[o]).length)if(f.length){for(n=-1,r=c=0,u=f.length;c<u;r=++c)f[r].id===s&&(n=r);f=-1!==n?f[n].nodes:(f.push({id:s,title:p.translate(s),nodes:[]}),f[f.length-1].nodes)}else f.push({id:s,title:p.translate(s),nodes:[]}),f=f[0].nodes;f.push(e)}return d},p.newDiff=function(){return i.path("/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum)},t=function(t,e,n){var r;return null===(r=e.match(new RegExp("#!?/(latest|[0-9]+)(?:/(latest|[0-9]+))?$")))?i.path("/latest"):(p.waiting=!0,l.all([a.init(p.lang),o.get(staticPrefix+"reverseTree.json").then(function(t){return h=t.data,console.log("Structure loaded")}),u(0,r[1]),null!=r[2]?u(1,r[2]):void 0]).then(function(){return null!=r[2]?c():p.cfg[0].prev?(p.cfg[1]=p.cfg[0],u(0,p.cfg[1].prev).then(function(){return c()})):(p.data=[],p.waiting=!1)},function(){return p.message=p.translate("error"),p.waiting=!1})),!0},p.$on("$locationChangeSuccess",t)}])}).call(this);
|
||||
(function(){angular.module("llngConfDiff",["ui.tree","ui.bootstrap","llApp","ngCookies"],["$rootScopeProvider",function(t){return t.digestTtl(15)}]).controller("DiffCtrl",["$scope","$http","$q","$translator","$location",function(p,o,l,a,i){var n,u,c,t,s,h,f;return p.links=links,p.menulinks=menulinks,p.staticPrefix=staticPrefix,p.scriptname=scriptname,p.availableLanguages=availableLanguages,p.waiting=!0,p.showM=!1,p.cfg=[],p.data={},p.currentNode=null,p.translateTitle=function(t){return a.translateField(t,"title")},p.translateP=a.translateP,p.translate=a.translate,p.toggle=function(t){return t.toggle()},p.stoggle=function(t,e){return p.currentNode=e,t.toggle()},p.menuClick=function(t){if(t.popup)window.open(t.popup);else switch(t.action||(t.action=t.title),typeof t.action){case"function":t.action(p.currentNode,p);break;case"string":p[t.action]();break;default:console.log(typeof t.action)}return p.showM=!1},p.getLanguage=function(t){return p.lang=t,c(),p.showM=!1},u=function(n,r){var a;return a=l.defer(),null==p.cfg[n]||p.cfg[n]!==r?o.get(""+confPrefix+r).then(function(t){var e;return t&&t.data?(p.cfg[n]=t.data,e=new Date(1e3*t.data.cfgDate),p.cfg[n].date=e.toLocaleString(),console.log("Metadatas of cfg "+r+" loaded"),a.resolve("OK")):a.reject(t)},function(t){return console.log(t),a.reject("NOK")}):a.resolve(),a.promise},c=function(){return p.message=null,p.currentNode=null,l.all([a.init(p.lang),o.get(staticPrefix+"reverseTree.json").then(function(t){return t.data,console.log("Structure loaded")})]).then(function(){return l.defer(),o.get(scriptname+"view/diff/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum).then(function(t){var e;return[],e=s(t.data[0],t.data[1]),p.data=n(e),p.message="",p.waiting=!1},function(t){return p.message=p.translate("error")+" : "+t.statusLine})}),p.activeModule="viewer",p.myStyle={color:"#ffb84d"}},s=function(t,e,n){var r,a,o,l;for(r in null==n&&(n=!0),a=[],t)l=t[r],o=n?{title:p.translate(r),id:r}:{title:r},r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||(null!=l&&"object"==typeof l?"array"===l.constructor?(o.oldvalue=l,o.newvalue=e[r]):"object"==typeof e[r]?o.nodes=s(t[r],e[r],!1):o.oldnodes=f(l,"old"):(o.oldvalue=l,o.newvalue=e[r]),a.push(o));for(r in e)l=e[r],r.match(/^cfg(?:Num|Log|Author(?:IP)?|Date)$/)||null!=t[r]||(o=n?{title:p.translate(r),id:r}:{title:r},null!=l&&"object"==typeof l?"array"===l.constructor?o.newvalue=l:(console.log("Iteration"),o.newnodes=f(l,"new")):o.newvalue=l,a.push(o));return a},f=function(t,e){var n,r,a,o;for(n in r=[],t)a={title:n},"object"==typeof(o=t[n])?"array"===o.constructor?a[e+"value"]=o:a[e+"nodes"]=f(t[n],e):a[e+"value"]=o,r.push(a);return r},h=[],n=function(t){var e,n,r,a,o,l,i,u,c,s,f,g,d;if(null==h)return t;for(d=[],a=0,l=t.length;a<l;a++){for(e=t[a],f=d,o=0,i=(g=null!=h[e.id]?h[e.id].split("/"):"").length;o<i;o++)if(0<(s=g[o]).length)if(f.length){for(n=-1,r=c=0,u=f.length;c<u;r=++c)f[r].id===s&&(n=r);f=-1!==n?f[n].nodes:(f.push({id:s,title:p.translate(s),nodes:[]}),f[f.length-1].nodes)}else f.push({id:s,title:p.translate(s),nodes:[]}),f=f[0].nodes;f.push(e)}return d},p.newDiff=function(){return i.path("/"+p.cfg[0].cfgNum+"/"+p.cfg[1].cfgNum)},t=function(t,e,n){var r;return null===(r=e.match(new RegExp("#!?/(latest|[0-9]+)(?:/(latest|[0-9]+))?$")))?i.path("/latest"):(p.waiting=!0,l.all([a.init(p.lang),o.get(staticPrefix+"reverseTree.json").then(function(t){return h=t.data,console.log("Structure loaded")}),u(0,r[1]),null!=r[2]?u(1,r[2]):void 0]).then(function(){return null!=r[2]?c():p.cfg[0].prev?(p.cfg[1]=p.cfg[0],u(0,p.cfg[1].prev).then(function(){return c()})):(p.data=[],p.waiting=!1)},function(){return p.message=p.translate("error"),p.waiting=!1})),!0},p.$on("$locationChangeSuccess",t)}])}).call(this);
|
File diff suppressed because one or more lines are too long
|
@ -1,4 +1,4 @@
|
|||
// Generated by CoffeeScript 1.12.8
|
||||
// Generated by CoffeeScript 1.12.7
|
||||
|
||||
/*
|
||||
LemonLDAP::NG Viewer client
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
<link rel="prefetch" href="<TMPL_VAR NAME="STATIC_PREFIX">struct.json" />
|
||||
</head>
|
||||
|
||||
<body ng-app="llngConfDiff" ng-controller="DiffCtrl" ng-csp>
|
||||
<body ng-app="llngConfDiff" ng-strict-di ng-controller="DiffCtrl" ng-csp>
|
||||
|
||||
<TMPL_INCLUDE NAME="menubar.tpl">
|
||||
|
||||
|
|
|
@ -94,7 +94,7 @@
|
|||
</table>
|
||||
</div>
|
||||
<div ng-if="!node.nodes">
|
||||
<th ng-if="node.td!='1' && node.td!='2'">{{node.title}}</th>
|
||||
<th ng-if="node.td!='1' && node.td!='2'"><span title="{{node.title}}">{{translate(node.title)}}</span></th>
|
||||
<td class="data-{{node.epoch}}" ng-if="node.td>='1'">{{node.title}}</td>
|
||||
<th ng-if="node.title=='type' || node.title=='rp'">{{translate(node.value)}}</th>
|
||||
<td id="v-{{node.title}}" class="col-md-4 data-{{node.epoch}}" ng-if="node.title!='type' && node.title!='rp'">{{node.value}}</td>
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
<link rel="prefetch" href="<TMPL_VAR NAME="STATIC_PREFIX">struct.json" />
|
||||
</head>
|
||||
|
||||
<body ng-app="llngConfDiff" ng-controller="DiffCtrl" ng-csp>
|
||||
<body ng-app="llngConfDiff" ng-strict-di ng-controller="DiffCtrl" ng-csp>
|
||||
|
||||
<TMPL_INCLUDE NAME="menubar.tpl">
|
||||
|
||||
|
|
|
@ -38,8 +38,8 @@ foreach my $i ( 0 .. 1 ) {
|
|||
}
|
||||
|
||||
ok(
|
||||
@{ $resBody->{details}->{__changes__} } == 23,
|
||||
'JSON response contains 22 changes'
|
||||
@{ $resBody->{details}->{__changes__} } == 24,
|
||||
'JSON response contains 24 changes'
|
||||
) or print STDERR Dumper($resBody);
|
||||
|
||||
#print STDERR Dumper($resBody);
|
||||
|
@ -91,8 +91,8 @@ ok( ( @c1 = sort keys %{ $res->[0] } ), 'diff() detects changes in conf 1' );
|
|||
ok( ( @c2 = sort keys %{ $res->[1] } ), 'diff() detects changes in conf 2' );
|
||||
ok( @c1 == 11, '11 keys changed in conf 1' )
|
||||
or print STDERR "Expect: 11 keys, get: " . join( ', ', @c1 ) . "\n";
|
||||
ok( @c2 == 14, '14 keys changed or created in conf 2' )
|
||||
or print STDERR "Expect: 14 keys, get: " . join( ',', @c2 ) . "\n";
|
||||
ok( @c2 == 15, '15 keys changed or created in conf 2' )
|
||||
or print STDERR "Expect: 15 keys, get: " . join( ',', @c2 ) . "\n";
|
||||
|
||||
count(5);
|
||||
|
||||
|
@ -232,6 +232,11 @@ sub changes {
|
|||
{
|
||||
'confCompacted' => '1',
|
||||
'removedKeys' => 'some; keys'
|
||||
}
|
||||
},
|
||||
{
|
||||
'key' => 'cookieExpiration',
|
||||
'old' => undef,
|
||||
'new' => '10'
|
||||
},
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1209,7 +1209,9 @@
|
|||
"data": 1
|
||||
}, {
|
||||
"id": "cookieExpiration",
|
||||
"title": "cookieExpiration"
|
||||
"title": "cookieExpiration",
|
||||
"type": "int",
|
||||
"data": "a"
|
||||
}]
|
||||
}, {
|
||||
"id": "sessionParams",
|
||||
|
|
|
@ -22,6 +22,9 @@ useRedirectOnError = 0
|
|||
|
||||
[manager]
|
||||
|
||||
skippedUnitTests = cookieExpiration
|
||||
skippedGlobalTests = cookieTTL
|
||||
|
||||
protection = manager
|
||||
staticPrefix = app/
|
||||
languages = fr, en, vi, ar
|
||||
|
|
|
@ -475,6 +475,7 @@ t/26-AuthRemote.t
|
|||
t/27-AuthProxy.t
|
||||
t/28-AuthChoice-and-password.t
|
||||
t/28-AuthChoice-with-captcha.t
|
||||
t/28-AuthChoice-with-over.t
|
||||
t/28-AuthChoice-with-rules.t
|
||||
t/28-AuthChoice-with-token.t
|
||||
t/29-AuthGPG.t
|
||||
|
@ -493,6 +494,7 @@ t/30-Auth-SAML-with-choice.t
|
|||
t/30-CDC.t
|
||||
t/30-SAML-Head-to-Tail-POST.t
|
||||
t/30-SAML-POST-Logout-when-expired.t
|
||||
t/30-SAML-POST-with-2F-and-Notification.t
|
||||
t/30-SAML-POST-with-Notification.t
|
||||
t/30-SAML-ReAuth-with-choice.t
|
||||
t/30-SAML-ReAuth.t
|
||||
|
|
|
@ -43,9 +43,6 @@ has authnLevel => (
|
|||
|
||||
sub authenticate {
|
||||
my ( $self, $req ) = @_;
|
||||
unless ( $self->ldap ) {
|
||||
return PE_LDAPCONNECTFAILED;
|
||||
}
|
||||
|
||||
# Set the dn unless done before
|
||||
unless ( $req->data->{dn} ) {
|
||||
|
@ -76,8 +73,15 @@ sub authenticate {
|
|||
# Security: never create session here
|
||||
return $res || PE_DONE;
|
||||
}
|
||||
|
||||
$self->validateLdap;
|
||||
|
||||
unless ( $self->ldap ) {
|
||||
return PE_LDAPCONNECTFAILED;
|
||||
}
|
||||
|
||||
my $res =
|
||||
$self->userBind( $req, $req->data->{dn},
|
||||
$self->ldap->userBind( $req, $req->data->{dn},
|
||||
password => $req->data->{password} );
|
||||
$self->setSecurity($req) if ( $res > PE_OK );
|
||||
|
||||
|
|
|
@ -14,6 +14,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
PE_UNAUTHORIZEDPARTNER
|
||||
PE_OIDC_SERVICE_NOT_ALLOWED
|
||||
);
|
||||
use String::Random qw/random_string/;
|
||||
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
|
|
|
@ -113,6 +113,7 @@ sub init {
|
|||
|
||||
sub getUser {
|
||||
my ( $self, $req, %args ) = @_;
|
||||
|
||||
return PE_LDAPCONNECTFAILED unless $self->ldap and $self->bind();
|
||||
my $mesg = $self->ldap->search(
|
||||
base => $self->conf->{ldapBase},
|
||||
|
@ -126,7 +127,8 @@ sub getUser {
|
|||
attrs => $self->attrs,
|
||||
);
|
||||
if ( $mesg->code() != 0 ) {
|
||||
$self->logger->error( 'LDAP Search error: ' . $mesg->error );
|
||||
$self->logger->error(
|
||||
'LDAP Search error ' . $mesg->code . ": " . $mesg->error );
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
if ( $mesg->count() > 1 ) {
|
||||
|
@ -143,15 +145,23 @@ sub getUser {
|
|||
PE_OK;
|
||||
}
|
||||
|
||||
# Test LDAP connection before trying to bind
|
||||
sub bind {
|
||||
my $self = shift;
|
||||
# Validate LDAP connection before use
|
||||
sub validateLdap {
|
||||
my ($self) = @_;
|
||||
unless ($self->ldap
|
||||
and $self->ldap->root_dse( attrs => ['supportedLDAPVersion'] ) )
|
||||
{
|
||||
$self->ldap->DESTROY if ( $self->ldap );
|
||||
$self->ldap( $self->newLdap );
|
||||
}
|
||||
}
|
||||
|
||||
# Bind
|
||||
sub bind {
|
||||
my $self = shift;
|
||||
|
||||
$self->validateLdap;
|
||||
|
||||
return undef unless ( $self->ldap );
|
||||
my $msg = $self->ldap->bind(@_);
|
||||
if ( $msg->code ) {
|
||||
|
|
|
@ -183,7 +183,15 @@ sub userBind {
|
|||
$self->{portal}->userLogger->warn("Bad password");
|
||||
return PE_BADCREDENTIALS;
|
||||
}
|
||||
return ( $mesg->code == 0 ? PE_OK : PE_LDAPERROR );
|
||||
elsif ( $mesg->code == 0 ) {
|
||||
return PE_OK;
|
||||
}
|
||||
else {
|
||||
$self->{portal}->logger->error( "Bind failed with error "
|
||||
. $mesg->code . ": "
|
||||
. $mesg->error );
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
}
|
||||
|
||||
# Check for ppolicy error
|
||||
|
@ -399,7 +407,13 @@ sub userModifyPassword {
|
|||
# Standard errors
|
||||
return PE_WRONGMANAGERACCOUNT
|
||||
if ( $mesg->code == 50 || $mesg->code == 8 );
|
||||
return PE_LDAPERROR unless ( $mesg->code == 0 );
|
||||
unless ( $mesg->code == 0 ) {
|
||||
$self->{portal}
|
||||
->logger->error( "Password modification failed with LDAP error "
|
||||
. $mesg->code . ": "
|
||||
. $mesg->error );
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
|
||||
$self->{portal}->userLogger->notice("Password changed for $dn");
|
||||
|
||||
|
@ -562,6 +576,9 @@ sub userModifyPassword {
|
|||
}
|
||||
}
|
||||
else {
|
||||
$self->{portal}->logger->error(
|
||||
"Missing PPolicy control from server response. Code: "
|
||||
. $mesg->code );
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -91,6 +91,7 @@ sub _redirect {
|
|||
'Add ' . $self->ipath . ', ' . $self->ipath . 'Path in keepPdata' );
|
||||
push @{ $req->pdata->{keepPdata} }, $self->ipath, $self->ipath . 'Path';
|
||||
$req->{urldc} = $self->conf->{portal} . '/' . $self->path;
|
||||
$req->pdata->{_url} = encode_base64($req->urldc, '');
|
||||
}
|
||||
else {
|
||||
$self->logger->debug('Not seen as Issuer request, skipping');
|
||||
|
|
|
@ -118,7 +118,6 @@ sub _verify {
|
|||
$req->id( delete $req->sessionInfo->{_2fRealSession} );
|
||||
$req->urldc( delete $req->sessionInfo->{_2fUrldc} );
|
||||
$req->{sessionInfo}->{_utime} = delete $req->{sessionInfo}->{_2fUtime};
|
||||
$self->p->rebuildCookies($req);
|
||||
$req->mustRedirect(1);
|
||||
$self->userLogger->notice( $self->prefix
|
||||
. '2F verification for '
|
||||
|
@ -133,6 +132,7 @@ sub _verify {
|
|||
[
|
||||
@{ $self->p->afterData },
|
||||
$self->p->validSession,
|
||||
'rebuildCookies',
|
||||
@{ $self->p->endAuth },
|
||||
sub { PE_OK }
|
||||
]
|
||||
|
|
|
@ -2,8 +2,12 @@ package Lemonldap::NG::Portal::Password::AD;
|
|||
|
||||
use strict;
|
||||
use Mouse;
|
||||
use Lemonldap::NG::Portal::Main::Constants
|
||||
qw(PE_PASSWORD_OK PE_LDAPERROR PE_ERROR);
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||
PE_PASSWORD_OK
|
||||
PE_LDAPERROR
|
||||
PE_LDAPCONNECTFAILED
|
||||
PE_ERROR
|
||||
);
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Lib::LDAP',
|
||||
'Lemonldap::NG::Portal::Password::Base';
|
||||
|
@ -30,6 +34,10 @@ sub modifyPassword {
|
|||
return PE_ERROR;
|
||||
}
|
||||
|
||||
# Ensure connection is valid
|
||||
$self->bind;
|
||||
return PE_LDAPCONNECTFAILED unless $self->ldap;
|
||||
|
||||
# Call the modify password method
|
||||
my $code =
|
||||
$self->ldap->userModifyPassword( $dn, $pwd, $req->data->{oldpassword},
|
||||
|
@ -49,8 +57,9 @@ sub modifyPassword {
|
|||
);
|
||||
|
||||
unless ( $result->code == 0 ) {
|
||||
$self->logger->error(
|
||||
"LDAP modify pwdLastSet error: " . $result->code );
|
||||
$self->logger->error( "LDAP modify pwdLastSet error "
|
||||
. $result->code . ": "
|
||||
. $result->error );
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
|
||||
|
|
|
@ -2,8 +2,12 @@ package Lemonldap::NG::Portal::Password::LDAP;
|
|||
|
||||
use strict;
|
||||
use Mouse;
|
||||
use Lemonldap::NG::Portal::Main::Constants
|
||||
qw(PE_PASSWORD_OK PE_LDAPERROR PE_ERROR);
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||
PE_PASSWORD_OK
|
||||
PE_LDAPERROR
|
||||
PE_LDAPCONNECTFAILED
|
||||
PE_ERROR
|
||||
);
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Lib::LDAP',
|
||||
'Lemonldap::NG::Portal::Password::Base';
|
||||
|
@ -38,6 +42,10 @@ sub modifyPassword {
|
|||
return PE_ERROR;
|
||||
}
|
||||
|
||||
# Ensure connection is valid
|
||||
$self->bind;
|
||||
return PE_LDAPCONNECTFAILED unless $self->ldap;
|
||||
|
||||
# Call the modify password method
|
||||
my $code =
|
||||
$self->ldap->userModifyPassword( $dn, $pwd, $req->data->{oldpassword} );
|
||||
|
@ -62,8 +70,9 @@ sub modifyPassword {
|
|||
unless ( $result->code == 0 ) {
|
||||
$self->logger->error( "LDAP modify "
|
||||
. $self->conf->{ldapPasswordResetAttribute}
|
||||
. " error: "
|
||||
. $result->code );
|
||||
. " error "
|
||||
. $result->code . ": "
|
||||
. $result->error );
|
||||
return PE_LDAPERROR;
|
||||
}
|
||||
|
||||
|
|
|
@ -133,7 +133,10 @@ sub checkNotifDuringAuth {
|
|||
# Cipher id
|
||||
$req->id( $self->p->HANDLER->tsv->{cipher}->encrypt( $req->id ) );
|
||||
$self->p->rebuildCookies($req);
|
||||
if ( not $req->data->{_url} and $req->env->{PATH_INFO} ne '/' ) {
|
||||
if ( not $req->pdata->{_url}
|
||||
and not $req->data->{_url}
|
||||
and $req->env->{PATH_INFO} ne '/' )
|
||||
{
|
||||
$req->data->{_url} =
|
||||
encode_base64( $self->conf->{portal} . $req->env->{PATH_INFO},
|
||||
'' );
|
||||
|
|
|
@ -40,7 +40,8 @@ sub createUser {
|
|||
if ( $mesg->is_error ) {
|
||||
$self->userLogger->error(
|
||||
"Can not create entry for " . $req->data->{registerInfo}->{login} );
|
||||
$self->logger->error( "LDAP error " . $mesg->error );
|
||||
$self->logger->error(
|
||||
"LDAP error " . $mesg->code . ": " . $mesg->error );
|
||||
|
||||
$self->ldap->unbind();
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
|
|
|
@ -73,7 +73,8 @@ sub createUser {
|
|||
if ( $mesg->is_error ) {
|
||||
$self->userLogger->error(
|
||||
"Can not create entry for " . $req->data->{registerInfo}->{login} );
|
||||
$self->logger->error( "LDAP error " . $mesg->error );
|
||||
$self->logger->error(
|
||||
"LDAP error " . $mesg->code . ": " . $mesg->error );
|
||||
|
||||
$self->ldap->unbind();
|
||||
$self->{flags}->{ldapActive} = 0;
|
||||
|
|
70
lemonldap-ng-portal/t/28-AuthChoice-with-over.t
Normal file
70
lemonldap-ng-portal/t/28-AuthChoice-with-over.t
Normal file
|
@ -0,0 +1,70 @@
|
|||
use Test::More;
|
||||
use strict;
|
||||
use IO::String;
|
||||
use JSON qw(from_json);
|
||||
|
||||
require 't/test-lib.pm';
|
||||
|
||||
my $res;
|
||||
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'error',
|
||||
useSafeJail => 1,
|
||||
portalMainLogo => 'common/logos/logo_llng_old.png',
|
||||
authentication => 'Choice',
|
||||
restSessionServer => 1,
|
||||
nullAuthnLevel => 1,
|
||||
userDB => 'Same',
|
||||
authChoiceParam => 'test',
|
||||
authChoiceModules => {
|
||||
'1_securenull' => 'Null;Null;Null;;;{"nullAuthnLevel": 3}',
|
||||
'2_null' => 'Null;Null;Null;;;{}',
|
||||
},
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu' );
|
||||
ok( $res->[2]->[0] =~ /1_securenull/, '1_securenull displayed' );
|
||||
ok( $res->[2]->[0] =~ /2_null/, '2_null displayed' );
|
||||
|
||||
# Authenticate on first choice
|
||||
my $postString = 'user=dwho&password=dwho&test=1_securenull';
|
||||
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new($postString),
|
||||
length => length($postString)
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
expectOK($res);
|
||||
my $id = expectCookie($res);
|
||||
ok( $res = $client->_get("/sessions/global/$id"), 'Get session' );
|
||||
my $sessiondata = from_json( $res->[2]->[0] );
|
||||
is( $sessiondata->{authenticationLevel}, 3, "Overriden authentication level" );
|
||||
$client->logout($id);
|
||||
|
||||
# Authenticate on second choice
|
||||
my $postString = 'user=dwho&password=dwho&test=2_null';
|
||||
|
||||
# Try to authenticate
|
||||
# -------------------
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new($postString),
|
||||
length => length($postString)
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
expectOK($res);
|
||||
my $id = expectCookie($res);
|
||||
ok( $res = $client->_get("/sessions/global/$id"), 'Get session' );
|
||||
my $sessiondata = from_json( $res->[2]->[0] );
|
||||
is( $sessiondata->{authenticationLevel}, 1, "Default authentication level" );
|
||||
$client->logout($id);
|
||||
clean_sessions();
|
||||
done_testing();
|
513
lemonldap-ng-portal/t/30-SAML-POST-with-2F-and-Notification.t
Normal file
513
lemonldap-ng-portal/t/30-SAML-POST-with-2F-and-Notification.t
Normal file
|
@ -0,0 +1,513 @@
|
|||
use lib 'inc';
|
||||
use Test::More;
|
||||
use strict;
|
||||
use IO::String;
|
||||
use LWP::UserAgent;
|
||||
use LWP::Protocol::PSGI;
|
||||
use MIME::Base64;
|
||||
|
||||
BEGIN {
|
||||
require 't/test-lib.pm';
|
||||
require 't/saml-lib.pm';
|
||||
require 't/smtp.pm';
|
||||
}
|
||||
|
||||
my $maintests = 20;
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
# Redefine LWP methods for tests
|
||||
LWP::Protocol::PSGI->register(
|
||||
sub {
|
||||
my $req = Plack::Request->new(@_);
|
||||
fail('POST should not launch SOAP requests');
|
||||
count(1);
|
||||
return [ 500, [], [] ];
|
||||
}
|
||||
);
|
||||
|
||||
SKIP: {
|
||||
eval "use Lasso";
|
||||
if ($@) {
|
||||
skip 'Lasso not found', $maintests;
|
||||
}
|
||||
my $file = "$main::tmpDir/20170531_dwho_dGVzdHJlZjI=.json";
|
||||
|
||||
open F, "> $file" or die($!);
|
||||
print F '[
|
||||
{
|
||||
"uid": "dwho",
|
||||
"date": "2017-05-31",
|
||||
"reference": "testref2",
|
||||
"title": "Test title",
|
||||
"subtitle": "Test subtitle",
|
||||
"text": "This is a test text",
|
||||
"check": ["Accept test","Accept test2"]
|
||||
}
|
||||
]';
|
||||
close F;
|
||||
|
||||
# Initialization
|
||||
ok( $issuer = issuer(), 'Issuer portal' );
|
||||
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
switch ('sp');
|
||||
&Lemonldap::NG::Handler::Main::cfgNum( 0, 0 );
|
||||
|
||||
ok( $sp = sp(), 'SP portal' );
|
||||
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', accept => 'text/html',
|
||||
),
|
||||
'Unauth SP request'
|
||||
);
|
||||
expectOK($res);
|
||||
ok( expectCookie( $res, 'lemonldapidp' ), 'IDP cookie defined' )
|
||||
or explain(
|
||||
$res->[1],
|
||||
'Set-Cookie => lemonldapidp=http://auth.idp.com/saml/metadata; domain=.sp.com; path=/'
|
||||
);
|
||||
my ( $host, $url, $s ) =
|
||||
expectAutoPost( $res, 'auth.idp.com', '/saml/singleSignOn',
|
||||
'SAMLRequest' );
|
||||
|
||||
# Push SAML request to IdP
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
$url,
|
||||
IO::String->new($s),
|
||||
accept => 'text/html',
|
||||
length => length($s)
|
||||
),
|
||||
'Post SAML request to IdP'
|
||||
);
|
||||
expectOK($res);
|
||||
my $pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
|
||||
# Try to authenticate with an authorized user to IdP
|
||||
$s = "user=dwho&password=dwho&$s";
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
$url,
|
||||
IO::String->new($s),
|
||||
accept => 'text/html',
|
||||
cookie => $pdata,
|
||||
length => length($s),
|
||||
),
|
||||
'Post authentication'
|
||||
);
|
||||
|
||||
( $host, $url, $s ) =
|
||||
expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' );
|
||||
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
qr%<input name="code" value="" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />%,
|
||||
'Found EXTCODE input'
|
||||
) or print STDERR Dumper( $res->[2]->[0] );
|
||||
|
||||
ok( mail() =~ m%<b>(\d{4})</b>%, 'Found 2F code in mail' )
|
||||
or print STDERR Dumper( mail() );
|
||||
|
||||
my $code = $1;
|
||||
|
||||
$s =~ s/code=/code=${code}/;
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
'/mail2fcheck',
|
||||
IO::String->new($s),
|
||||
length => length($s),
|
||||
cookie => $pdata,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Post code'
|
||||
);
|
||||
|
||||
my $idpId = expectCookie($res);
|
||||
$pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
( $host, $url, $s ) =
|
||||
expectForm( $res, undef, '/notifback', 'reference1x1' );
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
'/notifback',
|
||||
IO::String->new($s),
|
||||
cookie => "lemonldap=$idpId; $pdata",
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
),
|
||||
"Accept notification"
|
||||
);
|
||||
$idpId = expectCookie($res);
|
||||
|
||||
#expectRedirection( $res, qr/./ );
|
||||
$file =~ s/json$/done/;
|
||||
ok( -e $file, 'Notification was deleted' );
|
||||
$pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
expectRedirection( $res, 'http://auth.idp.com/saml' );
|
||||
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/saml',
|
||||
cookie => "lemonldap=$idpId; $pdata",
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Follow redirection'
|
||||
);
|
||||
|
||||
# Expect pdata to be cleared
|
||||
$pdata = expectCookie( $res, 'lemonldappdata' );
|
||||
ok( $pdata !~ 'issuerRequestsaml', 'SAML request cleared from pdata' );
|
||||
|
||||
( $host, $url, $s ) =
|
||||
expectAutoPost( $res, 'auth.sp.com', '/saml/proxySingleSignOnPost',
|
||||
'SAMLResponse' );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_post(
|
||||
$url, IO::String->new($s),
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
cookie => 'lemonldapidp=http://auth.idp.com/saml/metadata',
|
||||
),
|
||||
'Post SAML response to SP'
|
||||
);
|
||||
|
||||
# Verify authentication on SP
|
||||
expectRedirection( $res, 'http://auth.sp.com' );
|
||||
my $spId = expectCookie($res);
|
||||
|
||||
ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId" ), 'Get / on SP' );
|
||||
expectOK($res);
|
||||
expectAuthenticatedAs( $res, 'dwho@badwolf.org@idp' );
|
||||
|
||||
# Logout initiated by SP
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => 'logout',
|
||||
cookie => "lemonldap=$spId",
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query SP for logout'
|
||||
);
|
||||
( $host, $url, $s ) =
|
||||
expectAutoPost( $res, 'auth.idp.com', '/saml/singleLogout',
|
||||
'SAMLRequest' );
|
||||
|
||||
# Push SAML logout request to IdP
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
$url,
|
||||
IO::String->new($s),
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$idpId",
|
||||
length => length($s)
|
||||
),
|
||||
'Post SAML logout request to IdP'
|
||||
);
|
||||
( $host, $url, $s ) =
|
||||
expectAutoPost( $res, 'auth.sp.com', '/saml/proxySingleLogoutReturn',
|
||||
'SAMLResponse' );
|
||||
|
||||
# Post SAML response to SP
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_post(
|
||||
$url, IO::String->new($s),
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
cookie => 'lemonldapidp=http://auth.idp.com/saml/metadata',
|
||||
),
|
||||
'Post SAML response to SP'
|
||||
);
|
||||
expectRedirection( $res, 'http://auth.sp.com' );
|
||||
|
||||
# Test if logout is done
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/', cookie => "lemonldap=$idpId",
|
||||
),
|
||||
'Test if user is reject on IdP'
|
||||
);
|
||||
expectReject($res);
|
||||
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
accept => 'text/html',
|
||||
cookie =>
|
||||
"lemonldapidp=http://auth.idp.com/saml/metadata; lemonldap=$spId"
|
||||
),
|
||||
'Test if user is reject on SP'
|
||||
);
|
||||
expectOK($res);
|
||||
expectAutoPost( $res, 'auth.idp.com', '/saml/singleSignOn', 'SAMLRequest' );
|
||||
unlink $file;
|
||||
}
|
||||
|
||||
count($maintests);
|
||||
clean_sessions();
|
||||
done_testing( count() );
|
||||
|
||||
sub switch {
|
||||
my $type = shift;
|
||||
@Lemonldap::NG::Handler::Main::_onReload = @{
|
||||
$handlerOR{$type};
|
||||
};
|
||||
}
|
||||
|
||||
sub issuer {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
issuerDBSAMLActivation => 1,
|
||||
mail2fActivation => 1,
|
||||
mail2fCodeRegex => '\d{4}',
|
||||
notification => 1,
|
||||
notificationStorage => 'File',
|
||||
notificationStorageOptions => { dirName => "$main::tmpDir" },
|
||||
oldNotifFormat => 0,
|
||||
samlSPMetaDataOptions => {
|
||||
'sp.com' => {
|
||||
samlSPMetaDataOptionsEncryptionMode => 'none',
|
||||
samlSPMetaDataOptionsSignSSOMessage => 1,
|
||||
samlSPMetaDataOptionsSignSLOMessage => 1,
|
||||
samlSPMetaDataOptionsCheckSSOMessageSignature => 1,
|
||||
samlSPMetaDataOptionsCheckSLOMessageSignature => 1,
|
||||
}
|
||||
},
|
||||
samlSPMetaDataExportedAttributes => {
|
||||
'sp.com' => {
|
||||
cn =>
|
||||
'1;cn;urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
||||
uid =>
|
||||
'1;uid;urn:oasis:names:tc:SAML:2.0:attrname-format:basic',
|
||||
}
|
||||
},
|
||||
samlOrganizationDisplayName => "IDP",
|
||||
samlOrganizationName => "IDP",
|
||||
samlOrganizationURL => "http://www.idp.com/",
|
||||
samlServicePrivateKeyEnc => "-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAnfKBDG/K0TnGT7Xu8q1N45sNWvIK91SqNg8nvN2uVeKoHADT
|
||||
csus5Xn3id5+8Q9TuMFsW9kIEeXiaPKXQa9ryfSNDhWDWloNkpGEeWif2BnHUu46
|
||||
Abu1UBWb0mH6VwcG1PR4qHruLis1odjQ1qnVDNfSEASVIppEBYjDX203ypmURIzU
|
||||
6h53GRRRlf1BLWkbVn9ysmDeR57Xw5Rsx/+tBlcnMrkv/40DSUkehQIl2JmlFrl2
|
||||
Caik+gU4pd20apA/pNLjBZF0OmGoS08AIR5NMd0KFa6CwZUUSHJqH5GFy5Y2yl4l
|
||||
g8K0klAS9q7L7aXI+eFQZhkwidjpxXnHPyxIGQIDAQABAoIBAHnfqjX3eO8SfnP5
|
||||
NURp90Td2mNHirCn0qLd9NKl1ySMPR1GgeH9SQ7Umu32EcteAUL5dOw2PiTZVmeW
|
||||
cKINgsWVftXUQcOQ4xIqWKb51QUBdy0FhxrZRSFjWxXt5iYK1PmzHfsax/g1/S9C
|
||||
RnqtFyjOy1bywkSt9jiy+9YBR2B7BDhLHlILbijWn5zaecaV4YA+L1UK4M/mehdb
|
||||
+0FVPavbGpnlqBRTY+7YXfZ/mRPCfn5DvO9lW1O0pJMmNdBh9kmm3DxHf6AkK47a
|
||||
43gO/dRWiWo2rZ/+Jw7uyqOb23U0MydP7kia0p3tzCUBPsrlgnichYG5RNFp0wqy
|
||||
3VT1TYECgYEA0Y9vENy1jJd+s7WbGrsRtSKxfZgtJr0yjSlQVYrIlwbZSGn+ndxq
|
||||
V2vVlwIgLX3pz6T40BMfk6SNx08jjy0Sgn6OAM0ILrinno8yWcSAMCmfCU0S/3O1
|
||||
55bqtcnk4XTHBHzJ5OrnrPaW5ourvJz0lcWEKMg3BXxLzaF6ZRy85nECgYEAwPMD
|
||||
LNAKLCDrUMyYFOpPyPLe7wvszcFvPipGgerSgFP1c6N7xaMUdHDYqBfuis1khPGF
|
||||
YcMHeNBYmzX6yEGbp3lrB4PHpUySmTU3mv3u9I05aahInK21gXum3uRkCWyyIF6V
|
||||
T/qeszl9mVOCp0CC4eG3IMVpaD0UKDEHVhERYCkCgYAjuTPRyA4a3Wh38ilysRkf
|
||||
q75eDqcDx5Tqg3RyYKo5NK2troP9HSnzpSpQB8i8eI53G0RfFCN5479XjqIdMi3J
|
||||
mRFUCZ+vd0L7wKVwsBK6Ix49U6o9adhElnGEc9pUpLeYiD1SjMjZr1+iBYVNLeRz
|
||||
86vH1/mpMbsqXrCis/dvwQKBgGttomHr/w3s0jftget7PirrFrbP0+wHfDGHhjRF
|
||||
kyhCFtJovrwefYALaIXGtVjw3LusYZA570oT7pGUb2naJZkMYEwR0jG1vZWx7KDO
|
||||
K6JbkxDB0pPxn7JVL2bAkPYyX8boAohCSOQO6WBZ/8+xem3bp4OGhpa0EyoBik0g
|
||||
OaVpAoGATj4SyYsE10hGT676iie8zy3fi5IPC3E+x4QlVuusaLtuY8LJA50stjtx
|
||||
gUa/JAKlZZL+gvzvOviQIxyfIChXOdTt5uiOYkdHJDbAF3NSrji7hrXq4v8UZv75
|
||||
8hBrwJZIpy6y01dRlrriHmPRtEq1pk7JX2uUg0sP5g4BEcsaCbc=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
",
|
||||
samlServicePrivateKeySig => "-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAtR/wgDqWB4Maho5V6TjcL/NbNfjgIh7GcgkrB5RZcVT1GTej
|
||||
JlMjUQdgBKBuZXQN+7/29P6UcGq1kYalURq6S8SpeJ1ofp5rBEoD/TIkvU0JOcid
|
||||
65wp+fdzXGXsfiZvHraU74jSCgjP/wqfVGRyBIQzB0SIxSpnrsigqNsE1E94toDM
|
||||
x4wovjHu/9ABAImREV7Sz83OeFF00/sghrjTEJOD/gHf04JCn9MgNOqvSTysr9LX
|
||||
Wg/oUKQDEYeTq9ux6pq/oqv1MxwONbSZPtN5yD41mi+hT8Rh+W8Je8rsiML4VMxz
|
||||
sb1l9303asw6suo5bLTISKNSbu1nt1NkpNxzywIDAQABAoIBAQCQkbvPPfP+bwC/
|
||||
IeEk1IO7qkzFWa7czR+safD0jc6OjTdNN4F716Q6yt4zEzLKu8VliiW+C23EBQiD
|
||||
7asKf4DvdTun0ExVtHDK7aEdeealSlXwz1ZtdypyILbtq1UGo/rR0v4x601rQPl0
|
||||
IrBmFf6D6FkqleNtLJmxguXpoVfLdYKNwkxH2ux+GOA9r2o5pUCQmJGDap5YWRuQ
|
||||
uB71ewJjVWujaL3e1ac/5cP7/tqWmgAiOaN8sYdD6+oWOR47bHj8JKcMBSl4y2QC
|
||||
dL31cGmmf5KqBbtISki3RXfHHjT7E3Z85CbESkKTZlEb1ar3XmepY6Z7V5UO16oz
|
||||
fFE5R6khAoGBAOl9Qb+qYVVO5ugE65ORjYVeuXykANhM9ssiY5a6zuAakWzw7Zv3
|
||||
k6PXm9p7azlEXAlTnTXVwHYMyuuzZDvQ8LRV1iBOdPuIkUAmaQ5K9ASD7VcoHexh
|
||||
k8DAKf9Ln7sTRaMdvgceRNczOmJOBIEpTZkssA/jVGXZsoyTWYl1en/ZAoGBAMaW
|
||||
RnNbSNprEV2b8UeAJ6i77c4SXwu1I8X2NLtiLScb1ETBjfrdHmdlJglfyd/0gmhH
|
||||
p/43Ku2iGUoY5KtuOI6QmahrJYQscRQhoj252VXadG6fNWWAlpgdCm9houhHb5BF
|
||||
3zge/bTr0anUe9EA7Z/ymav12rEouoNjIlhI9C5DAoGATR85a2SMt8/TB0owwdJu
|
||||
62GpZNkLCmcJkXkvaecUVAOSi2hdI4o4MwMRkK35cbX5rH74y4JqCtQY5pefgP53
|
||||
sykzDAK+MyMdzxGg2764MRGegI5Yq+5jDmSquo+xF+q6srEtRk6iMG7UVwosBLmu
|
||||
zuxqzySoiOfKSRKWnYe3SakCgYEAwWMkVkAmETXE4oDzFSsS8/mW2l//mPocTTK3
|
||||
JWe1CunJ6+8FYbAlZJEW2ngismp8+CoXybNVpbZ+pC7buKoMf6EHUgCNt0pEEFO0
|
||||
mCG9KSMk0XlPWXpArP9S4yaUq1itpzSz7QYZES+4rIcU0HLz9RgeWFyCTJWaFErc
|
||||
7laVG9sCgYBKOtk5WlIOP4BxSd2y4cYzohgwTZIs1/2kTEn1u4eH73M1xvAlHHFB
|
||||
wSF5QXgDKJ8pPAOhNWpdLO/PdtnQn91nOvTNc+ShJZzjdbneUdQVpWpoBf72uA+N
|
||||
6rIVf1JBUL2p7HFHaGdUZC7KGQ+yv6ZHrE1+7202nuDvJdvGEEdFsQ==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
",
|
||||
samlServicePublicKeyEnc => "-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfKBDG/K0TnGT7Xu8q1N
|
||||
45sNWvIK91SqNg8nvN2uVeKoHADTcsus5Xn3id5+8Q9TuMFsW9kIEeXiaPKXQa9r
|
||||
yfSNDhWDWloNkpGEeWif2BnHUu46Abu1UBWb0mH6VwcG1PR4qHruLis1odjQ1qnV
|
||||
DNfSEASVIppEBYjDX203ypmURIzU6h53GRRRlf1BLWkbVn9ysmDeR57Xw5Rsx/+t
|
||||
BlcnMrkv/40DSUkehQIl2JmlFrl2Caik+gU4pd20apA/pNLjBZF0OmGoS08AIR5N
|
||||
Md0KFa6CwZUUSHJqH5GFy5Y2yl4lg8K0klAS9q7L7aXI+eFQZhkwidjpxXnHPyxI
|
||||
GQIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
",
|
||||
samlServicePublicKeySig => "-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtR/wgDqWB4Maho5V6Tjc
|
||||
L/NbNfjgIh7GcgkrB5RZcVT1GTejJlMjUQdgBKBuZXQN+7/29P6UcGq1kYalURq6
|
||||
S8SpeJ1ofp5rBEoD/TIkvU0JOcid65wp+fdzXGXsfiZvHraU74jSCgjP/wqfVGRy
|
||||
BIQzB0SIxSpnrsigqNsE1E94toDMx4wovjHu/9ABAImREV7Sz83OeFF00/sghrjT
|
||||
EJOD/gHf04JCn9MgNOqvSTysr9LXWg/oUKQDEYeTq9ux6pq/oqv1MxwONbSZPtN5
|
||||
yD41mi+hT8Rh+W8Je8rsiML4VMxzsb1l9303asw6suo5bLTISKNSbu1nt1NkpNxz
|
||||
ywIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
",
|
||||
samlSPMetaDataXML => {
|
||||
"sp.com" => {
|
||||
samlSPMetaDataXML =>
|
||||
samlSPMetaDataXML( 'sp', 'HTTP-POST' )
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
sub sp {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'SAML',
|
||||
userDB => 'Same',
|
||||
issuerDBSAMLActivation => 0,
|
||||
restSessionServer => 1,
|
||||
samlIDPMetaDataExportedAttributes => {
|
||||
idp => {
|
||||
mail => "0;mail;;",
|
||||
uid => "1;uid",
|
||||
cn => "0;cn"
|
||||
}
|
||||
},
|
||||
samlIDPMetaDataOptions => {
|
||||
idp => {
|
||||
samlIDPMetaDataOptionsEncryptionMode => 'none',
|
||||
samlIDPMetaDataOptionsSSOBinding => 'post',
|
||||
samlIDPMetaDataOptionsSLOBinding => 'post',
|
||||
samlIDPMetaDataOptionsSignSSOMessage => 1,
|
||||
samlIDPMetaDataOptionsSignSLOMessage => 1,
|
||||
samlIDPMetaDataOptionsCheckSSOMessageSignature => 1,
|
||||
samlIDPMetaDataOptionsCheckSLOMessageSignature => 1,
|
||||
samlIDPMetaDataOptionsForceUTF8 => 1,
|
||||
}
|
||||
},
|
||||
samlIDPMetaDataExportedAttributes => {
|
||||
idp => {
|
||||
"uid" => "0;uid;;",
|
||||
"cn" => "1;cn;;",
|
||||
},
|
||||
},
|
||||
samlIDPMetaDataXML => {
|
||||
idp => {
|
||||
samlIDPMetaDataXML =>
|
||||
samlIDPMetaDataXML( 'idp', 'HTTP-POST' )
|
||||
}
|
||||
},
|
||||
samlOrganizationDisplayName => "SP",
|
||||
samlOrganizationName => "SP",
|
||||
samlOrganizationURL => "http://www.sp.com",
|
||||
samlServicePublicKeySig => "-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4iToYAEmWQxgZDihGVz
|
||||
MMql1elPn37domWcvXeU2E4yt2hh5jkQHiFjgodfOlNeRIw5QJVlUBwr+CQvbaKR
|
||||
FXd7BrOhQIDC0TZPRVB0XHarUtsCuDekN4/2GKSzHsoToKUVPWq9thsuek3xkpsJ
|
||||
GZNX7bglfEc9+QQpYTqN1rkdN1PVU0epNMokFFGho5pLRqLUV5+I/QXAL49jfTja
|
||||
Sxsp4UndTI8/+mGSRSq+nrT2zyQRM/vkj5vR9ZVz67HO/+Wk3Mx6RAwkVcMdgMAq
|
||||
Cq8odmbI0yCRZiTL9ybKWRKqWJoKJ0p5+Q2fPEBPupQZR09Jt/JPuLVSsGfCxi9N
|
||||
qwIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
",
|
||||
samlServicePrivateKeyEnc => "-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEogIBAAKCAQEAsRaod2RZ8hMFBl+VhsnhyPM8l/Fj1obnBxfQIaWuHFIFfXiG
|
||||
e/CYHuZ5QJQLnZxHMJX6LL3Sh+Usog3p0jpijpcg0QgfBSEkfopKTgReYN8DiDIl
|
||||
l0rV1XdTni7E85Nd1YyNy3ui/ZD+UShWwqu6jLVLR+QUm+/1LIKYb3OCBTvOlY7x
|
||||
HoP6NSU1+Mr+YzGBUacdO2vnNxe/PQhxIeP1zO0njuqGHkwEpy8rUWRZbbDn31Tm
|
||||
Kjqlhgtsz5HPhbRaYEExhyepKgBiNz+RyxtYXVhuG8OrWQDoS5gYHSjdw1CTJyix
|
||||
eJwyoqA9RGYguG5nh9zndi3LWAh7Z0lx+tIz+wIDAQABAoIBAEkZrk8iiJKJ0WAx
|
||||
IrsyKNbXuWKLTYgnxcRCyzKofrfID+YcU39j8JeI0fKbajQUZ7qhnlTLwtU//+2h
|
||||
SqzyVu6/add/v7ZRWQw3L7cGzKK2THHzKVtLk/t7N3QroDdf1LMrQvkFP2HmcWS0
|
||||
/yN62hXtXHb/qpY4Nn+6JQyUpM5dkv8S/QjDl2NTdyWrXKzWp+4I3QLQ20f4zym+
|
||||
ir7RennziMc0HlQNcTjGAUbFULtdqEfSFWhNK7UjiRY+S0XV2xJIbGjnxUQH62fS
|
||||
w1ZzYsF7sBtoSckvfL4WfGbylhOVnliU05RLU2c67PRjj1Gskoslq1Ow/3DHR7rI
|
||||
BSBpV8ECgYEA1eHfcog7xQGDkW+cshJtFPFx+9MegB58gFW1rl0rn+tfbexvoSEA
|
||||
7G7EOTyaU6OAI+8StiRT6AYTgEU7PMM9zDykdGIWj3h0OpHGA86xhEiiaaM2DDRv
|
||||
/DEKRVlEdmRLLLY28pJVHOMYomia3mb2VKZGg2VfGtSfjg1GXD3I8OECgYEA0/X0
|
||||
U55KjZ1JQTPUgFc1WK1NxX9MaH+NcpDaolEUy3Qf3QTbfws+a9K3vwCn7EpQhrfs
|
||||
I6RVUtwFdCyfl/jzBY9Gykkg03sMgW7Qw2SCCsSt05M+jDtBbNJ7esP6PAeKFvXZ
|
||||
ZWhdeiAa4kM/P6gtvZXQ4tY4LkSbcd6b0SzzFFsCgYBjMsusFzuBd95JyfZnMNye
|
||||
5gzzu0teKMWd0CLfqB7foQ81sH9lwCTpg8ZGtbDuMdrwz6ViDR9NceQBjhqXaAZ1
|
||||
f3rW79d+22Ms9wdcJLV4oSeSzzv2FSwLT8NvvqNeNc4YArshbnVDXKDEUrfhhueh
|
||||
Ay2ZK58clpkaDVYg2hckgQKBgG3KuhtSI/YE4fwXN9yez7A2XNGPZem/IGqWo9lu
|
||||
PGJCrXqT2IqPLW82gB083r6jo+CUhonTxqqb82tA7g4PUvqvQ5Dmnk1NMKYe255K
|
||||
gp3HUO8GF2EWFIak5Hcr6oOLuDi6cjh3/euTk7ld8fYsTD0mzEOjiQhWW1p5X6bT
|
||||
LLp/AoGAHvkxA1NM1HJ3myAREbwNXxRy/nhNt4mwMkZ6hPQsW/Eg/3r7j6MJOFrm
|
||||
U8AJJjDGKe6nlXhhnMoQfJzAc0cYNgjktmJXW27fHGIwt/2QwYNFHPK3s7HTrfH6
|
||||
7T4XKT3yGeeeyC2soKJQPlGB+ETdIUnXa7eo9KVWtMTgISyx1Qk=
|
||||
-----END RSA PRIVATE KEY-----
|
||||
",
|
||||
samlServicePrivateKeySig => "-----BEGIN RSA PRIVATE KEY-----
|
||||
MIIEpAIBAAKCAQEAu4iToYAEmWQxgZDihGVzMMql1elPn37domWcvXeU2E4yt2hh
|
||||
5jkQHiFjgodfOlNeRIw5QJVlUBwr+CQvbaKRFXd7BrOhQIDC0TZPRVB0XHarUtsC
|
||||
uDekN4/2GKSzHsoToKUVPWq9thsuek3xkpsJGZNX7bglfEc9+QQpYTqN1rkdN1PV
|
||||
U0epNMokFFGho5pLRqLUV5+I/QXAL49jfTjaSxsp4UndTI8/+mGSRSq+nrT2zyQR
|
||||
M/vkj5vR9ZVz67HO/+Wk3Mx6RAwkVcMdgMAqCq8odmbI0yCRZiTL9ybKWRKqWJoK
|
||||
J0p5+Q2fPEBPupQZR09Jt/JPuLVSsGfCxi9NqwIDAQABAoIBABE0Cjb6g3F+23vD
|
||||
SsRSeiqzrFrfOEqtXK+VGrfWzHS7V7Ozg6eW/H+HGJXUzUuQcklfg7EFA3JB41a0
|
||||
GxW3oA+UElkfCV/dcAG5NbRqGQKScEz9glZb5FikgDLqiPP+HabS/gvQSu71t2HI
|
||||
3KxSRJdwCNTp26Z28pxxYUpmELTtxd9vlHjffit2Mnt2uc8hOtFHdNavfYwvYH7o
|
||||
bmlckp7b/JVOy2Yy21O94ZWkE498jXyn71Gr+V1cnJ0RrmYbhQqIvFpFHj98Pf4O
|
||||
if3c4YmBcZ4t7PUsZUYF3ooWt8k/mdigQC3D6p80OKe+wUTYKcCN0ZdFbiURv9pg
|
||||
CsqLh+ECgYEA9vA+9QfzvXC7S5yXgTkuRiusPlNye/AiyA/0oGjmjFZ1YNsT7awH
|
||||
6BjW6WE+rS4elKJu1GaefM/cDguH4ZmJc+eKgi4LDCqYw9rr9les3aneBc8demd3
|
||||
O/Ej1Pud1QxXArBNfBYo08vEqwST9P89clJC5090U6bGK2E0rTVu1w0CgYEAwmpG
|
||||
9LbOFeGCPmwX7Avuk7tQQfRSV6q9TFZo+HxDfKYvxec846l1vBenY2rrgYhtolYJ
|
||||
YS795LYgbSWRxGfgr1GuIbP5GsjHy6/1o6bS8M++GJ7KHArb0QLAYyQweqqb164A
|
||||
NvHJkveueWnxzeOlD9j2fcjEnBHwTnqjG+17CZcCgYEAqMXawa4FsNxzpmIISpHC
|
||||
RsNindZ60Kp3mzUMhPYtXI1a/C+/lxmU7dTMTgXgyIxU6lF6XkEk4TlPtWm8HTzK
|
||||
7SS7Te4aLt6OOo5N57hUtct7q4y7IQXGQHm3e8HdRdeBQJ0u2Dhs/xSt/hTK6w/n
|
||||
91Kx11Y+s02w88UkM53pe6ECgYAF/UYwVc1liSv9BlF6WSfBb1zam09KGh1405Sq
|
||||
SxG9LlV8cFJE5TyWTdg/TNTyiaRvAt2JG+yAdkfrdOPXvCeE3yxRJ30+IP9evA4C
|
||||
O6p19sBxe7rYQFFjUAVjSIMh1E22yEqDZtGB8JV0chob8K5uHY4CdAPylu7jTA3o
|
||||
V1maAwKBgQCSGQ3yzsk4EGN2xd/JdgGDzhKyTZTQKMWYqQcsYxRAQ7Paj7u+Wkgv
|
||||
dBeKcI0HwgpLy5ZohSd2erqieIsW0pEbJWCmos4IcO8tgNfEOa5WXYdyLbj5tFwt
|
||||
ctu4/BJdijqfpMAtG8pv6k09gYjfASVytXmydGcs/0rVKYCRQA8Tow==
|
||||
-----END RSA PRIVATE KEY-----
|
||||
",
|
||||
samlServicePublicKeyEnc => "-----BEGIN PUBLIC KEY-----
|
||||
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRaod2RZ8hMFBl+Vhsnh
|
||||
yPM8l/Fj1obnBxfQIaWuHFIFfXiGe/CYHuZ5QJQLnZxHMJX6LL3Sh+Usog3p0jpi
|
||||
jpcg0QgfBSEkfopKTgReYN8DiDIll0rV1XdTni7E85Nd1YyNy3ui/ZD+UShWwqu6
|
||||
jLVLR+QUm+/1LIKYb3OCBTvOlY7xHoP6NSU1+Mr+YzGBUacdO2vnNxe/PQhxIeP1
|
||||
zO0njuqGHkwEpy8rUWRZbbDn31TmKjqlhgtsz5HPhbRaYEExhyepKgBiNz+RyxtY
|
||||
XVhuG8OrWQDoS5gYHSjdw1CTJyixeJwyoqA9RGYguG5nh9zndi3LWAh7Z0lx+tIz
|
||||
+wIDAQAB
|
||||
-----END PUBLIC KEY-----
|
||||
",
|
||||
samlSPSSODescriptorAuthnRequestsSigned => 1,
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
|
@ -31,7 +31,7 @@ SKIP: {
|
|||
if ($@) {
|
||||
skip 'Lasso not found', $maintests;
|
||||
}
|
||||
my $file = 't/20160530_dwho_dGVzdHJlZg==.json';
|
||||
my $file = "$main::tmpDir/20160530_dwho_dGVzdHJlZg==.json";
|
||||
|
||||
open F, "> $file" or die($!);
|
||||
print F '[
|
||||
|
@ -118,11 +118,11 @@ SKIP: {
|
|||
$file =~ s/json$/done/;
|
||||
ok( -e $file, 'Notification was deleted' );
|
||||
$pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
expectRedirection( $res, 'http://auth.idp.com/saml/singleSignOn' );
|
||||
expectRedirection( $res, 'http://auth.idp.com/saml' );
|
||||
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/saml/singleSignOn',
|
||||
'/saml',
|
||||
cookie => "lemonldap=$idpId; $pdata",
|
||||
accept => 'text/html',
|
||||
),
|
||||
|
@ -247,7 +247,7 @@ sub issuer {
|
|||
issuerDBSAMLActivation => 1,
|
||||
notification => 1,
|
||||
notificationStorage => 'File',
|
||||
notificationStorageOptions => { dirName => 't' },
|
||||
notificationStorageOptions => { dirName => "$main::tmpDir" },
|
||||
oldNotifFormat => 0,
|
||||
samlSPMetaDataOptions => {
|
||||
'sp.com' => {
|
||||
|
|
|
@ -38,6 +38,7 @@ my $ini = {
|
|||
checkUser => 1,
|
||||
impersonationRule => 1,
|
||||
contextSwitchingRule => 1,
|
||||
decryptValueRule => 1,
|
||||
grantSessionRules => { a => 1 },
|
||||
checkStateSecret => 'x',
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue
Block a user