dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Append unit test (#1506)

Browse Source
This commit is contained in:
Christophe Maudoux 2018-09-28 23:04:03 +02:00
parent effc397686
commit 9387ed9778
6 changed files with 161 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm
View File

@ -140,22 +140,6 @@ sub display {
);
}
# # 1.4 Brute-Force attack detected
# elsif ( $req->{error} == PE_WAIT ) {
# $self->logger->debug('Display: waiting before retrying authentication');
# $self->logger->debug('Hidden values -> '. Dumper( $req->{portalHiddenFormValues}));
# $skinfile = 'info';
# %templateParams = (
# AUTH_ERROR => $self->error,
# AUTH_ERROR_TYPE => $req->error_type,
# MSG => '<span trspan="' . "PE$req->{error}" . '">">' . "PE$req->{error}" . '</span>',
# URL => $req->{urldc},
# HIDDEN_INPUTS => $self->buildHiddenForm($req),
# ACTIVE_TIMER => $req->data->{activeTimer},
# FORM_METHOD => $self->conf->{infoFormMethod},
# );
# }
# 1.4 OpenID menu page
elsif ($req->{error} == PE_OPENID_EMPTY
or $req->{error} == PE_OPENID_BADID )

3
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
View File

@ -1,5 +1,6 @@
package Lemonldap::NG::Portal::Plugins::BruteForceProtection;
use Data::Dumper;
use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_WAIT);
@ -56,7 +57,7 @@ sub run {
unless ( $delta <= $self->conf->{bruteForceProtectionTempo} );
# Account locked
shift @{ $req->sessionInfo->{_loginHistory}->{failedLogin} };
#shift @{ $req->sessionInfo->{_loginHistory}->{failedLogin} };
return PE_WAIT;
}

5
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/History.pm
View File

@ -1,6 +1,5 @@
package Lemonldap::NG::Portal::Plugins::History;
use Data::Dumper;
use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(PE_INFO PE_OK);
@ -22,8 +21,8 @@ sub run {
my ( $self, $req ) = @_;
if ( $req->param('checkLogins') ) {
$self->logger->debug('History asked');
$self->logger->debug(' successLogins -> ' . Dumper($req->sessionInfo->{_loginHistory}->{successLogin} ));
$self->logger->debug(' failedLogins -> ' . Dumper($req->sessionInfo->{_loginHistory}->{failedLogin} ));
#$self->logger->debug(' successLogins -> ' . Dumper($req->sessionInfo->{_loginHistory}->{successLogin} ));
#$self->logger->debug(' failedLogins -> ' . Dumper($req->sessionInfo->{_loginHistory}->{failedLogin} ));
$req->info(
(
$req->sessionInfo->{_loginHistory}->{successLogin}

100
lemonldap-ng-portal/t/61-BruteForceAttackProtection.t.old
View File

@ -1,100 +0,0 @@
use Test::More;
use strict;
use IO::String;
BEGIN {
require 't/test-lib.pm';
}
my $res;
my $client = LLNG::Manager::Test->new(
{
ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
loginHistoryEnabled => 1,
brutForceProtection => 1,
}
}
);
## First successful connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
my $id1 = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
$client->logout($id1);
## Second successful connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
$id1 = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
$client->logout($id1);
## First failed connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
),
'Auth query'
);
count(1);
expectReject($res);
## Second failed connection
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
),
'Auth query'
);
count(1);
expectReject($res);
## Third failed connection
my $start = time;
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
my $stop = time;
count(1);
my $wait = $stop - $start;
ok($wait > 29 && $wait < 32, "Waiting time = $wait");
count(1);
clean_sessions();
done_testing( count() );

147
lemonldap-ng-portal/t/61-BruteForceProtection.t Normal file
View File

@ -0,0 +1,147 @@
use Test::More;
use strict;
use IO::String;
use Data::Dumper;
BEGIN {
require 't/test-lib.pm';
}
my $res;
my $client = LLNG::Manager::Test->new(
{ ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
loginHistoryEnabled => 1,
bruteForceProtection => 1,
bruteForceProtectionTempo => 5,
}
}
);
## First successful connection
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
my $id1 = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
$client->logout($id1);
## Second successful connection
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
$id1 = expectCookie($res);
expectRedirection( $res, 'http://auth.example.com/' );
$client->logout($id1);
## First failed connection
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
),
'Auth query'
);
count(1);
expectReject($res);
## Second failed connection
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
),
'Auth query'
);
count(1);
expectReject($res);
## Third failed connection -> rejected
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/, 'Protection enabled' );
count(1);
sleep 1;
## Fourth failed connection -> Rejected
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/, 'Protection enabled' );
count(1);
sleep 2;
## Third successful connection -> Rejected
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23,
accept => 'text/html',
),
'Auth query'
);
count(1);
ok( $res->[2]->[0] =~ /<span trmsg="86"><\/span>/, 'Protection enabled' );
count(1);
sleep 3;
## Fourth successful connection -> Accepted
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho&checkLogins=1'),
length => 37,
accept => 'text/html',
),
'Auth query'
);
count(1);
$id1 = expectCookie($res);
ok( $res->[2]->[0] =~ /trspan="lastLogins"/, 'History found' )
or print STDERR Dumper( $res->[2]->[0] );
my @c = ( $res->[2]->[0] =~ /<td>127.0.0.1/gs );
my @cf = ( $res->[2]->[0] =~ /PE5<\/td>/gs );
# History with 5 entries
ok( @c == 7, ' -> Seven entries found' );
ok( @cf == 4, " -> Four 'failedLogin' entries found" );
count(3);
$client->logout($id1);
clean_sessions();
done_testing( count() );

26
lemonldap-ng-portal/t/63-History.t
View File

@ -9,20 +9,18 @@ BEGIN {
my $res;
my $client = LLNG::Manager::Test->new(
{
ini => {
{ ini => {
logLevel => 'error',
authentication => 'Demo',
userDB => 'Same',
loginHistoryEnabled => 1,
brutForceProtection => 1,
brutForceProtection => 0,
}
}
);
## First successful connection
ok(
$res = $client->_post(
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho&checkLogins=1'),
length => 37,
@ -34,7 +32,7 @@ count(1);
expectOK($res);
my $id1 = expectCookie($res);
ok( $res->[2]->[0] =~ /trspan="lastLogins"/, 'History found' )
or explain( $res->[2]->[0], 'trspan="noHistory"' );
or explain( $res->[2]->[0], 'trspan="noHistory"' );
my @c = ( $res->[2]->[0] =~ /<td>127.0.0.1/gs );
# History with 1 successLogin
@ -49,8 +47,7 @@ expectOK($res);
$client->logout($id1);
## Second successful connection
ok(
$res = $client->_post(
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho&checkLogins=1'),
length => 37,
@ -72,8 +69,7 @@ count(2);
$client->logout($id1);
## First failed connection
ok(
$res = $client->_post(
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
@ -84,8 +80,7 @@ count(1);
expectReject($res);
## Second failed connection
ok(
$res = $client->_post(
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=ohwd'),
length => 23
@ -96,8 +91,7 @@ count(1);
expectReject($res);
## Third successful connection
ok(
$res = $client->_post(
ok( $res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho&checkLogins=1'),
length => 37,
@ -113,8 +107,8 @@ ok( $res->[2]->[0] =~ /trspan="lastLogins"/, 'History found' );
@c = ( $res->[2]->[0] =~ /<td>127.0.0.1/gs );
my @cf = ( $res->[2]->[0] =~ /PE5<\/td>/gs );
# History with 5 success
ok( @c == 5, ' -> Five entries found' );
# History with 5 entries
ok( @c == 5, ' -> Five entries found' );
ok( @cf == 2, " -> Two 'failedLogin' entries found" );
count(3);