Verify REST backend config (#970)
This commit is contained in:
parent
e83fd57f8a
commit
906f081b31
|
@ -8,6 +8,12 @@ our $VERSION = '2.0.0';
|
|||
|
||||
#parameter baseUrl, user, password, realm, lwpOpts
|
||||
|
||||
BEGIN {
|
||||
*Lemonldap::NG::Common::Conf::getJson = \&getJson;
|
||||
*Lemonldap::NG::Common::Conf::ua = \&ua;
|
||||
*Lemonldap::NG::Common::Conf::base = \&base;
|
||||
}
|
||||
|
||||
sub prereq {
|
||||
my $self = shift;
|
||||
unless ( $self->{baseUrl} ) {
|
||||
|
@ -116,8 +122,8 @@ sub store {
|
|||
}
|
||||
|
||||
sub load {
|
||||
my $self = shift;
|
||||
my $res = $self->getJson('latest?full') or return;
|
||||
my ( $self, $cfgNum ) = @_;
|
||||
my $res = $self->getJson("$cfgNum?full=1") or return;
|
||||
return $res;
|
||||
}
|
||||
|
||||
|
|
|
@ -41,8 +41,9 @@ sub getConfKey {
|
|||
if ( $req->params('cfgNum') eq 'latest' ) {
|
||||
my $tmp = $self->confAcc->lastCfg;
|
||||
$req->set_param( 'cfgNum', $tmp );
|
||||
if ($Lemonldap::NG::Common::Conf::msg) {
|
||||
$req->error($Lemonldap::NG::Common::Conf::msg);
|
||||
unless ($tmp) {
|
||||
$req->error($Lemonldap::NG::Common::Conf::msg)
|
||||
if ($Lemonldap::NG::Common::Conf::msg);
|
||||
return undef;
|
||||
}
|
||||
}
|
||||
|
@ -68,7 +69,8 @@ sub getConfKey {
|
|||
|
||||
sub getConfByNum {
|
||||
my ( $self, $cfgNum, @args ) = @_;
|
||||
unless ( %{ $self->currentConf }
|
||||
unless ($self->currentConf
|
||||
and %{ $self->currentConf }
|
||||
and $cfgNum == $self->currentConf->{cfgNum} )
|
||||
{
|
||||
my $tmp = $self->confAcc->getConf(
|
||||
|
@ -619,10 +621,16 @@ sub metadatas {
|
|||
if ( $req->params('full') and $req->params('full') !~ NO ) {
|
||||
my $c = $self->getConfKey( $req, 'cfgNum' );
|
||||
return $self->sendError( $req, undef, 400 ) if ( $req->error );
|
||||
$self->userLogger->notice( 'User '
|
||||
. $self->userId($req)
|
||||
. ' ask for full configuration '
|
||||
. $c );
|
||||
if ( $self->can('userId') ) {
|
||||
$self->userLogger->notice( 'User '
|
||||
. $self->userId($req)
|
||||
. ' ask for full configuration '
|
||||
. $c );
|
||||
}
|
||||
else {
|
||||
$self->logger->info(
|
||||
"REST request to get full configuration $c");
|
||||
}
|
||||
return $self->sendJSONresponse(
|
||||
$req,
|
||||
$self->currentConf,
|
||||
|
@ -648,11 +656,17 @@ sub metadatas {
|
|||
my ($ind) = map { $id++; $_ == $res->{cfgNum} ? ($id) : () } @a;
|
||||
if ($ind) { $res->{prev} = $a[ $ind - 1 ]; }
|
||||
if ( $ind and $ind < $#a ) { $res->{next} = $a[ $ind + 1 ]; }
|
||||
$self->userLogger->notice( 'User '
|
||||
. $self->userId($req)
|
||||
. ' ask for configuration metadatas ('
|
||||
. $res->{cfgNum}
|
||||
. ')' );
|
||||
if ( $self->can('userId') ) {
|
||||
$self->userLogger->info( 'User '
|
||||
. $self->userId($req)
|
||||
. ' ask for configuration metadatas ('
|
||||
. $res->{cfgNum}
|
||||
. ')' );
|
||||
}
|
||||
else {
|
||||
$self->logger->info(
|
||||
"REST request to get configuration metadatas ($res->{cfgNum})");
|
||||
}
|
||||
return $self->sendJSONresponse( $req, $res );
|
||||
}
|
||||
}
|
||||
|
|
|
@ -309,6 +309,7 @@ t/32-Auth-and-issuer-OIDC-implicit.t
|
|||
t/33-Auth-and-issuer-OpenID2.t
|
||||
t/34-Auth-Proxy-and-REST-Server.t
|
||||
t/34-Auth-Proxy-and-SOAP-Server.t
|
||||
t/35-REST-config-backend.t
|
||||
t/35-REST-sessions-with-REST-server.t
|
||||
t/35-SOAP-config-backend.t
|
||||
t/35-SOAP-sessions-with-SOAP-server.t
|
||||
|
|
|
@ -45,6 +45,13 @@ our $VERSION = '2.0.0';
|
|||
|
||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||
|
||||
has configStorage => (
|
||||
is => 'ro',
|
||||
default => sub {
|
||||
$_[0]->{p}->HANDLER->localConfig->{configStorage};
|
||||
}
|
||||
);
|
||||
|
||||
has exportedAttr => (
|
||||
is => 'rw',
|
||||
default => sub {
|
||||
|
|
203
lemonldap-ng-portal/t/35-REST-config-backend.t
Normal file
203
lemonldap-ng-portal/t/35-REST-config-backend.t
Normal file
|
@ -0,0 +1,203 @@
|
|||
use Test::More;
|
||||
use strict;
|
||||
use IO::String;
|
||||
|
||||
BEGIN {
|
||||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res, $spId );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
ok( $issuer = issuer(), 'Issuer portal' );
|
||||
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
|
||||
# Test REST config backend
|
||||
ok( $res = $issuer->_get('/confs/latest'), 'Get latest conf metadatas' );
|
||||
count(1);
|
||||
expectOK($res);
|
||||
|
||||
switch ('sp');
|
||||
|
||||
ok( $sp = sp(), 'SP portal' );
|
||||
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
count(2);
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', accept => 'text/html',
|
||||
),
|
||||
'Unauth SP request'
|
||||
);
|
||||
expectOK($res);
|
||||
|
||||
# Try to auth
|
||||
ok(
|
||||
$res = $sp->_post(
|
||||
'/', IO::String->new('user=french&password=french'),
|
||||
length => 27,
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Post user/password'
|
||||
);
|
||||
count(2);
|
||||
expectRedirection( $res, 'http://auth.sp.com' );
|
||||
$spId = expectCookie($res);
|
||||
|
||||
# Test auth
|
||||
ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId" ), 'Auth test' );
|
||||
count(1);
|
||||
expectOK($res);
|
||||
|
||||
# Test other REST queries
|
||||
switch ('issuer');
|
||||
|
||||
# Session content
|
||||
ok( $res = $issuer->_get("/sessions/global/$spId"), 'Session content' );
|
||||
expectOK($res);
|
||||
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
|
||||
or print STDERR $@;
|
||||
ok( $res->{_session_id} eq $spId, ' Good ID' )
|
||||
or explain( $res, "_session_id => $spId" );
|
||||
count(3);
|
||||
|
||||
# Session key
|
||||
ok( $res = $issuer->_get("/sessions/global/$spId/[_session_id,uid,cn]"),
|
||||
'Some session keys' );
|
||||
expectOK($res);
|
||||
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
|
||||
or print STDERR $@;
|
||||
ok( $res->{_session_id} eq $spId, ' Good ID' )
|
||||
or explain( $res, "_session_id => $spId" );
|
||||
ok( $res->{uid} eq 'french', ' Uid is french' )
|
||||
or explain( $res, 'uid => french' );
|
||||
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' );
|
||||
count(5);
|
||||
|
||||
# Logout
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => 'logout',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$spId"
|
||||
),
|
||||
'Ask for logout'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
|
||||
# Test if user is reject on IdP
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', cookie => "lemonldap=$spId",
|
||||
),
|
||||
'Test if user is reject on IdP'
|
||||
);
|
||||
count(1);
|
||||
expectReject($res);
|
||||
|
||||
clean_sessions();
|
||||
done_testing( count() );
|
||||
|
||||
# Redefine LWP methods for tests
|
||||
no warnings 'redefine';
|
||||
|
||||
sub LWP::UserAgent::request {
|
||||
my ( $self, $req ) = @_;
|
||||
ok(
|
||||
$req->uri =~ m#http://auth.idp.com(.*?)(?:\?(.*))?$#,
|
||||
' @ REST request (' . $req->method . " $1)"
|
||||
);
|
||||
count(1);
|
||||
my $url = $1;
|
||||
my $query = $2;
|
||||
my $res;
|
||||
my $s = $req->content;
|
||||
if ( $req->method =~ /^(post|put)$/i ) {
|
||||
my $mth = '_' . lc($1);
|
||||
my $s = $req->content;
|
||||
ok(
|
||||
$res = $issuer->$mth(
|
||||
$url,
|
||||
IO::String->new($s),
|
||||
length => length($s),
|
||||
type => $req->header('Content-Type'),
|
||||
),
|
||||
' Post request'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
}
|
||||
elsif ( $req->method =~ /^(get|delete)$/i ) {
|
||||
my $mth = '_' . lc($1);
|
||||
ok(
|
||||
$res = $issuer->$mth(
|
||||
$url,
|
||||
accept => $req->header('Accept'),
|
||||
cookie => $req->header('Cookie'),
|
||||
query => $query,
|
||||
),
|
||||
' Execute request'
|
||||
);
|
||||
ok( ( $res->[0] == 200 or $res->[0] == 400 ),
|
||||
' Response is 200 or 400' )
|
||||
or explain( $res->[0], '200 or 400' );
|
||||
count(2);
|
||||
}
|
||||
my $httpResp;
|
||||
$httpResp = HTTP::Response->new( $res->[0], 'OK' );
|
||||
|
||||
while ( my $name = shift @{ $res->[1] } ) {
|
||||
$httpResp->header( $name, shift( @{ $res->[1] } ) );
|
||||
}
|
||||
$httpResp->content( join( '', @{ $res->[2] } ) );
|
||||
pass(' @ END OF REST REQUEST');
|
||||
count(1);
|
||||
return $httpResp;
|
||||
}
|
||||
|
||||
sub switch {
|
||||
my $type = shift;
|
||||
@Lemonldap::NG::Handler::Main::_onReload = @{
|
||||
$handlerOR{$type};
|
||||
};
|
||||
}
|
||||
|
||||
sub issuer {
|
||||
return LLNG::Manager::Test->new(
|
||||
{
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
templatesDir => 'site/htdocs/static',
|
||||
domain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
restSessionServer => 1,
|
||||
restConfigServer => 1,
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
sub sp {
|
||||
return LLNG::Manager::Test->new(
|
||||
{
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
configStorage => {
|
||||
type => 'REST',
|
||||
baseUrl => 'http://auth.idp.com/confs',
|
||||
},
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
|
@ -170,7 +170,6 @@ sub issuer {
|
|||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
restSessionServer => 1,
|
||||
restConfigServer => 1,
|
||||
}
|
||||
}
|
||||
);
|
||||
|
|
Loading…
Reference in New Issue
Block a user