Fix bad request (#2501)
This commit is contained in:
parent
4da7ca8d13
commit
654184dd66
|
@ -8,7 +8,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
PE_TOKENEXPIRED
|
||||
);
|
||||
|
||||
our $VERSION = '2.0.10';
|
||||
our $VERSION = '2.0.12';
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||
|
||||
|
@ -125,7 +125,7 @@ sub confirm {
|
|||
my $res = $self->p->process($req);
|
||||
return $self->p->do( $req, [ sub { $res } ] ) if $res;
|
||||
|
||||
if ( $upg or $req->param('confirm') == 1 ) {
|
||||
if ( $upg or $req->param('confirm') and $req->param('confirm') == 1 ) {
|
||||
$req->data->{noerror} = 1;
|
||||
|
||||
if ($sfOnly) {
|
||||
|
@ -152,7 +152,11 @@ sub confirm {
|
|||
}
|
||||
}
|
||||
else {
|
||||
|
||||
# Go to portal
|
||||
$self->logger->debug("Upgrade session failed -> Go to portal");
|
||||
$req->mustRedirect(1);
|
||||
return $self->p->do( $req, [ sub { PE_OK } ] );
|
||||
}
|
||||
}
|
||||
|
||||
|
|
100
lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t
Normal file
100
lemonldap-ng-portal/t/78-2F-UpgradeOnly-without-2F.t
Normal file
|
@ -0,0 +1,100 @@
|
|||
use Test::More;
|
||||
use strict;
|
||||
use IO::String;
|
||||
use Data::Dumper;
|
||||
|
||||
require 't/test-lib.pm';
|
||||
require 't/smtp.pm';
|
||||
|
||||
use_ok('Lemonldap::NG::Common::FormEncode');
|
||||
count(1);
|
||||
my $res;
|
||||
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'debug',
|
||||
sfOnlyUpgrade => 1,
|
||||
u2fActivation => 1,
|
||||
u2fAuthnLevel => 5,
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
'vhostOptions' => {
|
||||
'test1.example.com' => {
|
||||
'vhostAuthnLevel' => 3
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
# CASE 1: no 2F available
|
||||
# -----------------------
|
||||
my $query = 'user=rtyler&password=rtyler';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
my $id = expectCookie($res);
|
||||
|
||||
# After attempting to access test1,
|
||||
# the handler sends up back to /upgradesession
|
||||
# --------------------------------------------
|
||||
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/upgradesession',
|
||||
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id",
|
||||
),
|
||||
'Upgrade session query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
( my $host, my $url, $query ) =
|
||||
expectForm( $res, undef, '/upgradesession', 'confirm', 'url' );
|
||||
|
||||
# Accept session upgrade
|
||||
# ----------------------
|
||||
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/upgradesession',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id",
|
||||
),
|
||||
'Accept session upgrade query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
my $pdata = expectCookie( $res, 'lemonldappdata' );
|
||||
|
||||
# A message warns the user that they do not have any 2FA available
|
||||
expectPortalError( $res, 83 );
|
||||
|
||||
$query = 'user=rtyler&password=rtyler';
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/upgradesession',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$id",
|
||||
),
|
||||
'Accept session upgrade query'
|
||||
);
|
||||
count(1);
|
||||
expectRedirection( $res, 'http://auth.example.com/' );
|
||||
clean_sessions();
|
||||
|
||||
done_testing( count() );
|
||||
|
Loading…
Reference in New Issue
Block a user