From 98650cd9f0bc4f854afd529eb9d8bc50df6e94b3 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 26 Jun 2019 22:13:12 +0200 Subject: [PATCH] Add unit test for #1821 --- lemonldap-ng-portal/t/62-UpgradeSession.t | 126 ++++++++++++++++++++++ 1 file changed, 126 insertions(+) create mode 100644 lemonldap-ng-portal/t/62-UpgradeSession.t diff --git a/lemonldap-ng-portal/t/62-UpgradeSession.t b/lemonldap-ng-portal/t/62-UpgradeSession.t new file mode 100644 index 000000000..456c62721 --- /dev/null +++ b/lemonldap-ng-portal/t/62-UpgradeSession.t @@ -0,0 +1,126 @@ +use Test::More; +use strict; +use IO::String; +use Data::Dumper; + +require 't/test-lib.pm'; +require 't/smtp.pm'; + +use_ok('Lemonldap::NG::Common::FormEncode'); +count(1); + +my $client = LLNG::Manager::Test->new( { + ini => { + logLevel => 'error', + upgradeSession => 1, + authentication => 'Choice', + apacheAuthnLevel => 5, + userDB => 'Same', + 'authChoiceModules' => { + 'strong' => 'Apache;Demo;Null;;;{}', + 'weak' => 'Demo;Demo;Null;;;{}' + }, + 'vhostOptions' => { + 'test1.example.com' => { + 'vhostAuthnLevel' => 3 + }, + }, + } + } +); + +# Try to authenticate +# ------------------- +ok( + my $res = $client->_post( + '/', + IO::String->new('user=dwho&password=dwho&lmAuth=weak'), + length => 35, + accept => 'text/html', + ), + 'Auth query' +); +count(1); + +my $id = expectCookie($res); + +# After attempting to access test1, +# the handler sends up back to /upgradesession +# -------------------------------------------- + +ok( + my $res = $client->_get( + '/upgradesession', + query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t', + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Upgrade session query' +); +count(1); + +my ( $host, $url, $query ) = + expectForm( $res, undef, '/upgradesession', 'confirm', 'url' ); + +# Accept session upgrade +# ---------------------- + +ok( + my $res = $client->_post( + '/upgradesession', + IO::String->new($query), + length => length($query), + accept => 'text/html', + cookie => "lemonldap=$id", + ), + 'Accept session upgrade query' +); +count(1); + +my $pdata = expectCookie( $res, 'lemonldappdata' ); + +my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'upgrading', 'url' ); + +$query = $query . "&lmAuth=strong"; + +# Attempt login with the "strong" auth choice +# this should trigger 2FA +# ------------------------------------------- + +ok( + my $res = $client->_post( + '/upgradesession', + IO::String->new($query), + length => length($query), + accept => 'text/html', + cookie => "lemonldap=$id;lemonldappdata=$pdata", + custom => { + REMOTE_USER => 'dwho', + }, + ), + 'Post login' +); +count(1); + +$pdata = expectCookie( $res, 'lemonldappdata' ); +$id = expectCookie($res); + +expectRedirection( $res, 'http://test1.example.com' ); + +# Make pdata was cleared and we aren't being redirected +ok( + my $res = $client->_get( + '/', + accept => 'text/html', + cookie => "lemonldap=$id;lemonldappdata=$pdata", + ), + 'Post login' +); +count(1); + +expectOK($res); + +clean_sessions(); + +done_testing( count() ); +