Merge branch 'v2.0'
This commit is contained in:
commit
a2454ff4cc
3
Makefile
3
Makefile
|
@ -446,7 +446,8 @@ start_web_server: all prepare_test_server
|
|||
@if test "$(TESTBACKEND)" = "DBI"; then \
|
||||
echo 'create table lmConfig (cfgNum int, data text);'|sqlite3 e2e-tests/conf/config.db; \
|
||||
echo 'create table sessions (id text, a_session text, LastUpdated int);'|sqlite3 e2e-tests/conf/sessions.db; \
|
||||
perl --current=e2e-tests/conf/lemonldap-ng.ini \
|
||||
perl lemonldap-ng-common/scripts/convertConfig \
|
||||
--current=e2e-tests/conf/lemonldap-ng.ini \
|
||||
--new=e2e-tests/conf/lemonldap-ng-sql.ini; \
|
||||
mv e2e-tests/conf/lemonldap-ng-sql.ini e2e-tests/conf/lemonldap-ng.ini; \
|
||||
LLNG_DEFAULTCONFFILE=e2e-tests/conf/lemonldap-ng.ini \
|
||||
|
|
|
@ -42,6 +42,7 @@ Build-Depends-Indep: libapache-session-perl,
|
|||
libstring-random-perl,
|
||||
libtest-mockobject-perl,
|
||||
libtest-pod-perl,
|
||||
libtext-unidecode-perl,
|
||||
libunicode-string-perl,
|
||||
liburi-perl,
|
||||
libwww-perl,
|
||||
|
@ -266,6 +267,7 @@ Depends: ${misc:Depends},
|
|||
lemonldap-ng-fastcgi-server (= ${binary:Version}) | lemonldap-ng-uwsgi-app (= ${binary:Version}) | apache2 | httpd-cgi,
|
||||
libclone-perl,
|
||||
liblemonldap-ng-handler-perl (= ${binary:Version}),
|
||||
libtext-unidecode-perl,
|
||||
libregexp-assemble-perl
|
||||
Recommends: libcrypt-openssl-bignum-perl,
|
||||
libconvert-base32-perl,
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
#
|
||||
# Regular cron jobs for the Lemonldap::NG handler
|
||||
# Launched only if systemd isn't running
|
||||
# Regular cron jobs for LemonLDAP::NG Handler
|
||||
#
|
||||
17-59/30 * * * * www-data [ -d /run/systemd/system ] || [ ! -x /usr/share/lemonldap-ng/bin/purgeLocalCache ] || /usr/share/lemonldap-ng/bin/purgeLocalCache
|
||||
17-59/30 * * * * www-data [ -x /usr/share/lemonldap-ng/bin/purgeLocalCache ] && /usr/share/lemonldap-ng/bin/purgeLocalCache
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
[Unit]
|
||||
Description=Cron job for Lemonldap::NG handler
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=www-data
|
||||
ExecStart=/usr/share/lemonldap-ng/bin/purgeLocalCache
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Purge Lemonldap::NG handler cache every 30 minutes
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* *:17,47:00
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -1,5 +1,4 @@
|
|||
#
|
||||
# Regular cron jobs to clean Lemonldap::NG sessions DB
|
||||
# Launched only if systemd isn't running
|
||||
# Regular cron jobs for LemonLDAP::NG Portal
|
||||
#
|
||||
7 * * * * www-data [ -d /run/systemd/system ] || [ ! -x /usr/share/lemonldap-ng/bin/purgeCentralCache ] || /usr/share/lemonldap-ng/bin/purgeCentralCache
|
||||
7 * * * * www-data [ -x /usr/share/lemonldap-ng/bin/purgeCentralCache ] && /usr/share/lemonldap-ng/bin/purgeCentralCache
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
[Unit]
|
||||
Description=Cron job for Lemonldap::NG portal
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=www-data
|
||||
ExecStart=/usr/share/lemonldap-ng/bin/purgeCentralCache
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Clean Lemonldap::NG sessions DB every 1h
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* *:07:07
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -146,7 +146,9 @@ sub purge {
|
|||
$self->logger->warn("Bad reference $myref");
|
||||
return 0;
|
||||
}
|
||||
unless ( $d =~ s/^(\d{4})(\d{2})(\d{2}).*$/$1-$2-$3/ ) {
|
||||
unless ( $d =~ s/^(\d{4})(\d{2})(\d{2}).*$/$1-$2-$3/
|
||||
or $d =~ s/^(\d{4}-\d{2}-\d{2}).*$/$1/ )
|
||||
{
|
||||
$self->logger->warn("Bad date $d");
|
||||
return 0;
|
||||
}
|
||||
|
|
|
@ -1,8 +1,6 @@
|
|||
Changes
|
||||
eg/handler.psgi
|
||||
eg/llng-server.psgi
|
||||
eg/scripts/liblemonldap-ng-handler-perl.service
|
||||
eg/scripts/llng-handler.systemd.timer
|
||||
eg/scripts/purgeLocalCache
|
||||
eg/scripts/purgeLocalCache.cron.d
|
||||
lib/Lemonldap/NG/Handler.pm
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
[Unit]
|
||||
Description=Cron job for Lemonldap::NG handler
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=www-data
|
||||
ExecStart=/usr/share/lemonldap-ng/bin/purgeLocalCache
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Purge Lemonldap::NG handler cache every 30 minutes
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* *:17,47:00
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -18,6 +18,18 @@ sub fetchId {
|
|||
# time:_session_id:vhost1:vhost2,...
|
||||
my ( $t, $_session_id, @vhosts ) = split /:/, $s;
|
||||
|
||||
# Search if XFromVH is defined
|
||||
my $vh = $class->resolveAlias($req);
|
||||
my $XFromVH;
|
||||
my @XFromVH = grep { $_ =~ s/^XFromVH=([\w-.]+)/$1/ } @vhosts;
|
||||
if (@XFromVH) {
|
||||
$XFromVH = $XFromVH[0];
|
||||
$class->logger->debug("Found XFromVH -> $XFromVH");
|
||||
$class->headersInit( undef,
|
||||
{ $vh => { 'XFromVH' => "qw($XFromVH)" } } );
|
||||
@vhosts = map { $_ =~ /^XFromVH=[\w-.]+/ ? () : $_ } @vhosts;
|
||||
}
|
||||
|
||||
# $_session_id and at least one vhost
|
||||
unless ( @vhosts and $_session_id ) {
|
||||
$class->userLogger->error('Bad service token');
|
||||
|
@ -25,7 +37,6 @@ sub fetchId {
|
|||
}
|
||||
|
||||
# Is vhost listed in token ?
|
||||
my $vh = $class->resolveAlias($req);
|
||||
unless ( grep { $_ eq $vh } @vhosts ) {
|
||||
$class->userLogger->error(
|
||||
"$vh not authorized in token (" . join( ', ', @vhosts ) . ')' );
|
||||
|
|
|
@ -7,19 +7,19 @@ BEGIN {
|
|||
init(
|
||||
'Lemonldap::NG::Handler::Server',
|
||||
{
|
||||
logLevel => 'error',
|
||||
logLevel => 'debug',
|
||||
handlerServiceTokenTTL => 2,
|
||||
vhostOptions => {
|
||||
'test1.example.com' => {
|
||||
vhostHttps => 0,
|
||||
vhostPort => 80,
|
||||
vhostMaintenance => 0,
|
||||
vhostHttps => 0,
|
||||
vhostPort => 80,
|
||||
vhostMaintenance => 0,
|
||||
vhostServiceTokenTTL => 3,
|
||||
},
|
||||
'test2.example.com' => {
|
||||
vhostHttps => 0,
|
||||
vhostPort => 80,
|
||||
vhostMaintenance => 0,
|
||||
vhostHttps => 0,
|
||||
vhostPort => 80,
|
||||
vhostMaintenance => 0,
|
||||
vhostServiceTokenTTL => 5,
|
||||
}
|
||||
},
|
||||
|
@ -28,7 +28,10 @@ init(
|
|||
|
||||
my $res;
|
||||
my $crypt = Lemonldap::NG::Common::Crypto->new('qwertyui');
|
||||
my $token = $crypt->encrypt( join ':', time, $sessionId, 'test1.example.com', 'test2.example.com', '*.example.com' );
|
||||
my $token =
|
||||
$crypt->encrypt( join ':', time, $sessionId, 'test1.example.com',
|
||||
'XFromVH=app1-auth.example.com',
|
||||
'test2.example.com', '*.example.com' );
|
||||
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
|
|
|
@ -118,6 +118,7 @@ lib/Lemonldap/NG/Portal/Plugins/Status.pm
|
|||
lib/Lemonldap/NG/Portal/Plugins/StayConnected.pm
|
||||
lib/Lemonldap/NG/Portal/Plugins/Upgrade.pm
|
||||
lib/Lemonldap/NG/Portal/Register/AD.pm
|
||||
lib/Lemonldap/NG/Portal/Register/Base.pm
|
||||
lib/Lemonldap/NG/Portal/Register/Custom.pm
|
||||
lib/Lemonldap/NG/Portal/Register/Demo.pm
|
||||
lib/Lemonldap/NG/Portal/Register/LDAP.pm
|
||||
|
@ -163,8 +164,6 @@ site/coffee/sslChoice.coffee
|
|||
site/coffee/totpregistration.coffee
|
||||
site/coffee/u2fcheck.coffee
|
||||
site/coffee/u2fregistration.coffee
|
||||
site/cron/liblemonldap-ng-portal-perl.service
|
||||
site/cron/llng-portal.systemd.timer
|
||||
site/cron/purgeCentralCache
|
||||
site/cron/purgeCentralCache.cron.d
|
||||
site/htdocs/index.fcgi
|
||||
|
@ -459,9 +458,12 @@ t/31-Auth-and-issuer-CAS-declared-app.t
|
|||
t/31-Auth-and-issuer-CAS-declared-apps.t
|
||||
t/31-Auth-and-issuer-CAS-default.t
|
||||
t/31-Auth-and-issuer-CAS-gateway.t
|
||||
t/31-Auth-and-issuer-CAS-Logout-20.t
|
||||
t/31-Auth-and-issuer-CAS-Logout-30.t
|
||||
t/31-Auth-and-issuer-CAS-proxied.t
|
||||
t/31-Auth-and-issuer-CAS-with-choice-and-cancel.t
|
||||
t/31-Auth-and-issuer-CAS-with-choice.t
|
||||
t/31-Auth-and-issuer-CAS-XSS-on-logout.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t
|
||||
|
@ -539,14 +541,15 @@ t/67-CheckUser-with-issuer-SAML-POST.t
|
|||
t/67-CheckUser-with-token.t
|
||||
t/67-CheckUser.t
|
||||
t/68-Impersonation-with-doubleCookies.t
|
||||
t/68-Impersonation-with-filtered-merge.t
|
||||
t/68-Impersonation-with-History.t
|
||||
t/68-Impersonation-with-merge.t
|
||||
t/68-Impersonation-with-TOTP.t
|
||||
t/68-Impersonation.t
|
||||
t/69-FavApps.t
|
||||
t/70-2F-TOTP-8.t
|
||||
t/70-2F-TOTP-with-History.t
|
||||
t/70-2F-TOTP.t
|
||||
t/70-2F-TOTP_8.t
|
||||
t/70-2F-TOTP-with-TTL.t
|
||||
t/71-2F-U2F-with-History.t
|
||||
t/71-2F-U2F.t
|
||||
t/72-2F-REST-with-History.t
|
||||
|
|
|
@ -6,7 +6,7 @@ use URI;
|
|||
use Lemonldap::NG::Common::FormEncode;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(
|
||||
PE_CAS_SERVICE_NOT_ALLOWED
|
||||
PE_CONFIRM
|
||||
PE_INFO
|
||||
PE_ERROR
|
||||
PE_LOGOUT_OK
|
||||
PE_OK
|
||||
|
@ -64,6 +64,7 @@ sub storeEnvAndCheckGateway {
|
|||
my ( $self, $req ) = @_;
|
||||
my $service = $self->p->getHiddenFormValue( $req, 'service' )
|
||||
|| $req->param('service');
|
||||
$service = '' if ( $self->p->checkXSSAttack( 'service', $service ) );
|
||||
my $gateway = $self->p->getHiddenFormValue( $req, 'gateway' )
|
||||
|| $req->param('gateway');
|
||||
|
||||
|
@ -124,6 +125,7 @@ sub run {
|
|||
# GET parameters
|
||||
my $service = $self->p->getHiddenFormValue( $req, 'service' )
|
||||
|| $req->param('service');
|
||||
$service = '' if ( $self->p->checkXSSAttack( 'service', $service ) );
|
||||
my $renew = $self->p->getHiddenFormValue( $req, 'renew' )
|
||||
|| $req->param('renew');
|
||||
my $gateway = $self->p->getHiddenFormValue( $req, 'gateway' )
|
||||
|
@ -260,6 +262,8 @@ sub run {
|
|||
# GET parameters
|
||||
my $logout_url = $req->param('url'); # CAS 2.0
|
||||
my $logout_service = $req->param('service'); # CAS 3.0
|
||||
$logout_service = ''
|
||||
if ( $self->p->checkXSSAttack( 'service', $logout_service ) );
|
||||
|
||||
# Delete linked CAS sessions
|
||||
$self->deleteCasSecondarySessions($session_id);
|
||||
|
@ -283,7 +287,8 @@ sub run {
|
|||
);
|
||||
$req->data->{activeTimer} = 0;
|
||||
|
||||
return PE_CONFIRM;
|
||||
delete $req->pdata->{_url};
|
||||
return PE_INFO;
|
||||
}
|
||||
|
||||
if ($logout_service) {
|
||||
|
|
|
@ -435,7 +435,7 @@ sub store {
|
|||
if ( $self->conf->{securedCookie} == 2 and !$req->refresh() ) {
|
||||
my %infos = %{ $req->{sessionInfo} };
|
||||
$infos{_updateTime} = strftime( "%Y%m%d%H%M%S", localtime() );
|
||||
$self->logger->debug( "Set _updateTime with $infos{_updateTime}" );
|
||||
$self->logger->debug("Set _updateTime with $infos{_updateTime}");
|
||||
$infos{_httpSessionType} = 1;
|
||||
|
||||
my $session2 = $self->getApacheSession( undef, info => \%infos );
|
||||
|
|
|
@ -0,0 +1,35 @@
|
|||
# Base package for Register modules
|
||||
package Lemonldap::NG::Portal::Register::Base;
|
||||
|
||||
use strict;
|
||||
use Mouse;
|
||||
use Text::Unidecode;
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||
|
||||
our $VERSION = '2.0.0';
|
||||
|
||||
sub _stripaccents {
|
||||
my ( $self, $str ) = @_;
|
||||
|
||||
# UTF8 really shouldn't be decoded here, but in PSGI layer instead
|
||||
utf8::decode($str);
|
||||
|
||||
# This method replaces all non-ascii characters by the
|
||||
# closest ascii lookalike
|
||||
my $res = unidecode($str);
|
||||
return $res;
|
||||
}
|
||||
|
||||
sub applyLoginRule {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
my $firstname =
|
||||
lc $self->_stripaccents( $req->data->{registerInfo}->{firstname} );
|
||||
my $lastname =
|
||||
lc $self->_stripaccents( $req->data->{registerInfo}->{lastname} );
|
||||
|
||||
# For now, get first letter of firstname and lastname
|
||||
return substr( $firstname, 0, 1 ) . $lastname;
|
||||
}
|
||||
1;
|
|
@ -2,6 +2,8 @@ package Lemonldap::NG::Portal::Register::Custom;
|
|||
|
||||
use strict;
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Register::Base';
|
||||
|
||||
sub new {
|
||||
my ( $class, $self ) = @_;
|
||||
unless ( $self->{conf}->{customRegister} ) {
|
||||
|
|
|
@ -2,9 +2,9 @@ package Lemonldap::NG::Portal::Register::Demo;
|
|||
|
||||
use strict;
|
||||
use Mouse;
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK);
|
||||
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_MALFORMEDUSER);
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Main::Plugin';
|
||||
extends 'Lemonldap::NG::Portal::Register::Base';
|
||||
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
|
@ -18,13 +18,15 @@ sub computeLogin {
|
|||
my ( $self, $req ) = @_;
|
||||
|
||||
# Get first letter of firstname and lastname
|
||||
my $login =
|
||||
substr( lc $req->data->{registerInfo}->{firstname}, 0, 1 )
|
||||
. lc $req->data->{registerInfo}->{lastname};
|
||||
my $login = $self->applyLoginRule($req);
|
||||
|
||||
$req->data->{registerInfo}->{login} = $login;
|
||||
|
||||
return PE_OK;
|
||||
if ($login) {
|
||||
$req->data->{registerInfo}->{login} = $login;
|
||||
return PE_OK;
|
||||
}
|
||||
else {
|
||||
return PE_MALFORMEDUSER;
|
||||
}
|
||||
}
|
||||
|
||||
## @method int createUser
|
||||
|
|
|
@ -6,9 +6,11 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
PE_LDAPCONNECTFAILED
|
||||
PE_LDAPERROR
|
||||
PE_OK
|
||||
PE_MALFORMEDUSER
|
||||
);
|
||||
|
||||
extends 'Lemonldap::NG::Portal::Lib::LDAP';
|
||||
extends 'Lemonldap::NG::Portal::Lib::LDAP',
|
||||
'Lemonldap::NG::Portal::Register::Base';
|
||||
|
||||
our $VERSION = '2.1.0';
|
||||
|
||||
|
@ -21,9 +23,11 @@ sub computeLogin {
|
|||
return PE_LDAPCONNECTFAILED unless $self->ldap and $self->bind();
|
||||
|
||||
# Get first letter of firstname and lastname
|
||||
my $login =
|
||||
substr( lc $req->data->{registerInfo}->{firstname}, 0, 1 )
|
||||
. lc $req->data->{registerInfo}->{lastname};
|
||||
my $login = $self->applyLoginRule($req);
|
||||
|
||||
unless ($login) {
|
||||
return PE_MALFORMEDUSER;
|
||||
}
|
||||
|
||||
my $finalLogin = $login;
|
||||
|
||||
|
|
|
@ -1,10 +0,0 @@
|
|||
[Unit]
|
||||
Description=Cron job for Lemonldap::NG portal
|
||||
After=network.target
|
||||
|
||||
[Service]
|
||||
User=www-data
|
||||
ExecStart=/usr/share/lemonldap-ng/bin/purgeCentralCache
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -1,9 +0,0 @@
|
|||
[Unit]
|
||||
Description=Clean Lemonldap::NG sessions DB every 1h
|
||||
|
||||
[Timer]
|
||||
OnCalendar=*-*-* *:07:07
|
||||
Persistent=true
|
||||
|
||||
[Install]
|
||||
WantedBy=timers.target
|
|
@ -1,2 +1,2 @@
|
|||
<h3 trmsg="back2CasUrl">The application you just logged out of has provided a link it would like you to follow</h3>
|
||||
<h3 trspan="back2CasUrl">The application you just logged out of has provided a link it would like you to follow</h3>
|
||||
<p><a href="<TMPL_VAR NAME="url">"><TMPL_VAR NAME="url"></a></p>
|
||||
|
|
|
@ -15,19 +15,23 @@
|
|||
<div class="card-body">
|
||||
<TMPL_VAR NAME="MSG">
|
||||
</div>
|
||||
<TMPL_IF NAME="ACTIVE_TIMER">
|
||||
<div id="divToHide" class="card-footer text-white bg-info">
|
||||
<p id="timer" trspan="redirectedIn">You'll be redirected in 30 seconds</p>
|
||||
</div>
|
||||
</TMPL_IF>
|
||||
</div>
|
||||
<div class="buttons">
|
||||
<button type="submit" class="positive btn btn-success">
|
||||
<span class="fa fa-check-circle"></span>
|
||||
<span trspan="continue">Continue</span>
|
||||
</button>
|
||||
<TMPL_IF NAME="ACTIVE_TIMER">
|
||||
<button id="wait" type="reset" class="negative btn btn-danger">
|
||||
<span class="fa fa-stop"></span>
|
||||
<span trspan="wait">Wait</span>
|
||||
</button>
|
||||
</TMPL_IF>
|
||||
</div>
|
||||
</form>
|
||||
<!-- //if:jsminified
|
||||
|
|
|
@ -0,0 +1,240 @@
|
|||
use lib 'inc';
|
||||
use Test::More; # skip_all => 'CAS is in rebuild';
|
||||
use strict;
|
||||
use IO::String;
|
||||
use LWP::UserAgent;
|
||||
use LWP::Protocol::PSGI;
|
||||
use MIME::Base64;
|
||||
|
||||
BEGIN {
|
||||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
# Redefine LWP methods for tests
|
||||
LWP::Protocol::PSGI->register(
|
||||
sub {
|
||||
my $req = Plack::Request->new(@_);
|
||||
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
|
||||
'SOAP request' );
|
||||
my $host = $1;
|
||||
my $url = $2;
|
||||
my $query = $3;
|
||||
my $res;
|
||||
my $client = ( $host eq 'idp' ? $issuer : $sp );
|
||||
if ( $req->method eq 'POST' ) {
|
||||
my $s = $req->content;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
$url, IO::String->new($s),
|
||||
length => length($s),
|
||||
query => $query,
|
||||
type => 'application/xml',
|
||||
),
|
||||
"Execute POST request to $url"
|
||||
);
|
||||
}
|
||||
else {
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
$url,
|
||||
type => 'application/xml',
|
||||
query => $query,
|
||||
),
|
||||
"Execute request to $url"
|
||||
);
|
||||
}
|
||||
expectOK($res);
|
||||
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
|
||||
or explain( $res->[1], 'Content-Type => application/xml' );
|
||||
count(3);
|
||||
return $res;
|
||||
}
|
||||
);
|
||||
|
||||
ok( $issuer = issuer(), 'Issuer portal' );
|
||||
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
count(1);
|
||||
switch ('sp');
|
||||
&Lemonldap::NG::Handler::Main::cfgNum( 0, 0 );
|
||||
|
||||
ok( $sp = sp(), 'SP portal' );
|
||||
count(1);
|
||||
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', accept => 'text/html',
|
||||
),
|
||||
'Unauth SP request'
|
||||
);
|
||||
count(1);
|
||||
ok( expectCookie( $res, 'llngcasserver' ) eq 'idp', 'Get CAS server cookie' );
|
||||
count(1);
|
||||
expectRedirection( $res,
|
||||
'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' );
|
||||
|
||||
# Query IdP
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/cas/login',
|
||||
query => 'service=http://auth.sp.com/',
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query CAS server'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
my $pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
|
||||
# Try to authenticate to IdP
|
||||
my $body = $res->[2]->[0];
|
||||
$body =~ s/^.*?<form.*?>//s;
|
||||
$body =~ s#</form>.*$##s;
|
||||
my %fields =
|
||||
( $body =~ /<input type="hidden".+?name="(.+?)".+?value="(.*?)"/sg );
|
||||
$fields{user} = $fields{password} = 'french';
|
||||
use URI::Escape;
|
||||
my $s = join( '&', map { "$_=" . uri_escape( $fields{$_} ) } keys %fields );
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
'/cas/login',
|
||||
IO::String->new($s),
|
||||
cookie => $pdata,
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
),
|
||||
'Post authentication'
|
||||
);
|
||||
count(1);
|
||||
my $idpId = expectCookie($res);
|
||||
|
||||
# Expect pdata to be cleared
|
||||
$pdata = expectCookie( $res, 'lemonldappdata' );
|
||||
ok( $pdata !~ 'issuerRequestsaml', 'SAML request cleared from pdata' );
|
||||
count(1);
|
||||
|
||||
my ($query) =
|
||||
expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# );
|
||||
|
||||
# Back to SP
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => $query,
|
||||
accept => 'text/html',
|
||||
cookie => 'llngcasserver=idp',
|
||||
),
|
||||
'Query SP with ticket'
|
||||
);
|
||||
count(1);
|
||||
my $spId = expectCookie($res);
|
||||
|
||||
# Test authentication
|
||||
ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId,llngcasserver=idp" ),
|
||||
'Get / on SP' );
|
||||
count(1);
|
||||
expectOK($res);
|
||||
expectAuthenticatedAs( $res, 'french' );
|
||||
|
||||
# Test attributes
|
||||
ok( $res = $sp->_get("/sessions/global/$spId"), 'Get UTF-8' );
|
||||
expectOK($res);
|
||||
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
|
||||
or print STDERR $@;
|
||||
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
|
||||
or explain( $res, 'cn => Frédéric Accents' );
|
||||
count(3);
|
||||
|
||||
# Logout initiated by CAS
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/cas/logout',
|
||||
query => 'url=http://test1.idp.com/',
|
||||
cookie => "lemonldap=$idpId,llngcasserver=idp",
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query SP for logout'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
|
||||
ok( $res->[2]->[0] =~ /trspan="back2CasUrl"/, 'CAS message found' );
|
||||
ok( $res->[2]->[0] =~ m#action="http://test1\.idp\.com/"#,
|
||||
'Redirect URL found' );
|
||||
count(2);
|
||||
|
||||
# Verify that user has been disconnected
|
||||
ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' );
|
||||
count(1);
|
||||
expectReject($res);
|
||||
|
||||
clean_sessions();
|
||||
done_testing( count() );
|
||||
|
||||
sub switch {
|
||||
my $type = shift;
|
||||
@Lemonldap::NG::Handler::Main::_onReload = @{
|
||||
$handlerOR{$type};
|
||||
};
|
||||
}
|
||||
|
||||
sub issuer {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
templatesDir => 'site/htdocs/static',
|
||||
domain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
issuerDBCASActivation => 1,
|
||||
casAttr => 'uid',
|
||||
casAttributes => { cn => 'cn', uid => 'uid', },
|
||||
casAccessControlPolicy => 'none',
|
||||
multiValuesSeparator => ';',
|
||||
"locationRules" => {
|
||||
"test1.idp.com" => {
|
||||
"default" => "accept"
|
||||
},
|
||||
},
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
sub sp {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'CAS',
|
||||
userDB => 'CAS',
|
||||
restSessionServer => 1,
|
||||
issuerDBCASActivation => 0,
|
||||
multiValuesSeparator => ';',
|
||||
casSrvMetaDataExportedVars => {
|
||||
idp => {
|
||||
cn => 'cn',
|
||||
mail => 'mail',
|
||||
uid => 'uid',
|
||||
}
|
||||
},
|
||||
casSrvMetaDataOptions => {
|
||||
idp => {
|
||||
casSrvMetaDataOptionsUrl => 'http://auth.idp.com/cas',
|
||||
casSrvMetaDataOptionsGateway => 0,
|
||||
}
|
||||
},
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
|
@ -0,0 +1,230 @@
|
|||
use lib 'inc';
|
||||
use Test::More; # skip_all => 'CAS is in rebuild';
|
||||
use strict;
|
||||
use IO::String;
|
||||
use LWP::UserAgent;
|
||||
use LWP::Protocol::PSGI;
|
||||
use MIME::Base64;
|
||||
|
||||
BEGIN {
|
||||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
# Redefine LWP methods for tests
|
||||
LWP::Protocol::PSGI->register(
|
||||
sub {
|
||||
my $req = Plack::Request->new(@_);
|
||||
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
|
||||
'SOAP request' );
|
||||
my $host = $1;
|
||||
my $url = $2;
|
||||
my $query = $3;
|
||||
my $res;
|
||||
my $client = ( $host eq 'idp' ? $issuer : $sp );
|
||||
if ( $req->method eq 'POST' ) {
|
||||
my $s = $req->content;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
$url, IO::String->new($s),
|
||||
length => length($s),
|
||||
query => $query,
|
||||
type => 'application/xml',
|
||||
),
|
||||
"Execute POST request to $url"
|
||||
);
|
||||
}
|
||||
else {
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
$url,
|
||||
type => 'application/xml',
|
||||
query => $query,
|
||||
),
|
||||
"Execute request to $url"
|
||||
);
|
||||
}
|
||||
expectOK($res);
|
||||
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
|
||||
or explain( $res->[1], 'Content-Type => application/xml' );
|
||||
count(3);
|
||||
return $res;
|
||||
}
|
||||
);
|
||||
|
||||
ok( $issuer = issuer(), 'Issuer portal' );
|
||||
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
count(1);
|
||||
switch ('sp');
|
||||
&Lemonldap::NG::Handler::Main::cfgNum( 0, 0 );
|
||||
|
||||
ok( $sp = sp(), 'SP portal' );
|
||||
count(1);
|
||||
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', accept => 'text/html',
|
||||
),
|
||||
'Unauth SP request'
|
||||
);
|
||||
count(1);
|
||||
ok( expectCookie( $res, 'llngcasserver' ) eq 'idp', 'Get CAS server cookie' );
|
||||
count(1);
|
||||
expectRedirection( $res,
|
||||
'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' );
|
||||
|
||||
# Query IdP
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/cas/login',
|
||||
query => 'service=http://auth.sp.com/',
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query CAS server'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
my $pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
|
||||
# Try to authenticate to IdP
|
||||
my $body = $res->[2]->[0];
|
||||
$body =~ s/^.*?<form.*?>//s;
|
||||
$body =~ s#</form>.*$##s;
|
||||
my %fields =
|
||||
( $body =~ /<input type="hidden".+?name="(.+?)".+?value="(.*?)"/sg );
|
||||
$fields{user} = $fields{password} = 'french';
|
||||
use URI::Escape;
|
||||
my $s = join( '&', map { "$_=" . uri_escape( $fields{$_} ) } keys %fields );
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
'/cas/login',
|
||||
IO::String->new($s),
|
||||
cookie => $pdata,
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
),
|
||||
'Post authentication'
|
||||
);
|
||||
count(1);
|
||||
my $idpId = expectCookie($res);
|
||||
|
||||
# Expect pdata to be cleared
|
||||
$pdata = expectCookie( $res, 'lemonldappdata' );
|
||||
ok( $pdata !~ 'issuerRequestsaml', 'SAML request cleared from pdata' );
|
||||
count(1);
|
||||
|
||||
my ($query) =
|
||||
expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# );
|
||||
|
||||
# Back to SP
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => $query,
|
||||
accept => 'text/html',
|
||||
cookie => 'llngcasserver=idp',
|
||||
),
|
||||
'Query SP with ticket'
|
||||
);
|
||||
count(1);
|
||||
my $spId = expectCookie($res);
|
||||
|
||||
# Test authentication
|
||||
ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId,llngcasserver=idp" ),
|
||||
'Get / on SP' );
|
||||
count(1);
|
||||
expectOK($res);
|
||||
expectAuthenticatedAs( $res, 'french' );
|
||||
|
||||
# Test attributes
|
||||
ok( $res = $sp->_get("/sessions/global/$spId"), 'Get UTF-8' );
|
||||
expectOK($res);
|
||||
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
|
||||
or print STDERR $@;
|
||||
ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' )
|
||||
or explain( $res, 'cn => Frédéric Accents' );
|
||||
count(3);
|
||||
|
||||
# Logout initiated by CAS
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/cas/logout',
|
||||
query => 'service=http://url.test/',
|
||||
cookie => "lemonldap=$idpId,llngcasserver=idp",
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query SP for logout'
|
||||
);
|
||||
count(1);
|
||||
expectRedirection( $res, 'http://url.test/' );
|
||||
|
||||
# Verify that user has been disconnected
|
||||
ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' );
|
||||
count(1);
|
||||
expectReject($res);
|
||||
|
||||
clean_sessions();
|
||||
done_testing( count() );
|
||||
|
||||
sub switch {
|
||||
my $type = shift;
|
||||
@Lemonldap::NG::Handler::Main::_onReload = @{
|
||||
$handlerOR{$type};
|
||||
};
|
||||
}
|
||||
|
||||
sub issuer {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
templatesDir => 'site/htdocs/static',
|
||||
domain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
issuerDBCASActivation => 1,
|
||||
casAttr => 'uid',
|
||||
casAttributes => { cn => 'cn', uid => 'uid', },
|
||||
casAccessControlPolicy => 'none',
|
||||
multiValuesSeparator => ';',
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
sub sp {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'CAS',
|
||||
userDB => 'CAS',
|
||||
restSessionServer => 1,
|
||||
issuerDBCASActivation => 0,
|
||||
multiValuesSeparator => ';',
|
||||
casSrvMetaDataExportedVars => {
|
||||
idp => {
|
||||
cn => 'cn',
|
||||
mail => 'mail',
|
||||
uid => 'uid',
|
||||
}
|
||||
},
|
||||
casSrvMetaDataOptions => {
|
||||
idp => {
|
||||
casSrvMetaDataOptionsUrl => 'http://auth.idp.com/cas',
|
||||
casSrvMetaDataOptionsGateway => 0,
|
||||
}
|
||||
},
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
|
@ -0,0 +1,249 @@
|
|||
use lib 'inc';
|
||||
use Test::More; # skip_all => 'CAS is in rebuild';
|
||||
use strict;
|
||||
use IO::String;
|
||||
use LWP::UserAgent;
|
||||
use LWP::Protocol::PSGI;
|
||||
use MIME::Base64;
|
||||
|
||||
BEGIN {
|
||||
require 't/test-lib.pm';
|
||||
}
|
||||
|
||||
my $debug = 'error';
|
||||
my ( $issuer, $sp, $res );
|
||||
my %handlerOR = ( issuer => [], sp => [] );
|
||||
|
||||
# Redefine LWP methods for tests
|
||||
LWP::Protocol::PSGI->register(
|
||||
sub {
|
||||
my $req = Plack::Request->new(@_);
|
||||
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
|
||||
'SOAP request' );
|
||||
my $host = $1;
|
||||
my $url = $2;
|
||||
my $query = $3;
|
||||
my $res;
|
||||
my $client = ( $host eq 'idp' ? $issuer : $sp );
|
||||
if ( $req->method eq 'POST' ) {
|
||||
my $s = $req->content;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
$url, IO::String->new($s),
|
||||
length => length($s),
|
||||
query => $query,
|
||||
type => 'application/xml',
|
||||
),
|
||||
"Execute POST request to $url"
|
||||
);
|
||||
}
|
||||
else {
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
$url,
|
||||
type => 'application/xml',
|
||||
query => $query,
|
||||
),
|
||||
"Execute request to $url"
|
||||
);
|
||||
}
|
||||
expectOK($res);
|
||||
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
|
||||
or explain( $res->[1], 'Content-Type => application/xml' );
|
||||
count(3);
|
||||
return $res;
|
||||
}
|
||||
);
|
||||
|
||||
ok( $issuer = issuer(), 'Issuer portal' );
|
||||
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
count(1);
|
||||
switch ('sp');
|
||||
&Lemonldap::NG::Handler::Main::cfgNum( 0, 0 );
|
||||
|
||||
ok( $sp = sp(), 'SP portal' );
|
||||
count(1);
|
||||
$handlerOR{sp} = \@Lemonldap::NG::Handler::Main::_onReload;
|
||||
|
||||
# Simple SP access
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/', accept => 'text/html',
|
||||
),
|
||||
'Unauth SP request'
|
||||
);
|
||||
count(1);
|
||||
ok( expectCookie( $res, 'llngcasserver' ) eq 'idp', 'Get CAS server cookie' );
|
||||
count(1);
|
||||
expectRedirection( $res,
|
||||
'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' );
|
||||
|
||||
# Query IdP
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
'/cas/login',
|
||||
query => 'service=http://auth.sp.com/',
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query CAS server'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
my $pdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' );
|
||||
|
||||
# Try to authenticate to IdP
|
||||
my $body = $res->[2]->[0];
|
||||
$body =~ s/^.*?<form.*?>//s;
|
||||
$body =~ s#</form>.*$##s;
|
||||
my %fields =
|
||||
( $body =~ /<input type="hidden".+?name="(.+?)".+?value="(.*?)"/sg );
|
||||
$fields{user} = $fields{password} = 'french';
|
||||
use URI::Escape;
|
||||
my $s = join( '&', map { "$_=" . uri_escape( $fields{$_} ) } keys %fields );
|
||||
ok(
|
||||
$res = $issuer->_post(
|
||||
'/cas/login',
|
||||
IO::String->new($s),
|
||||
cookie => $pdata,
|
||||
accept => 'text/html',
|
||||
length => length($s),
|
||||
),
|
||||
'Post authentication'
|
||||
);
|
||||
count(1);
|
||||
my $idpId = expectCookie($res);
|
||||
|
||||
my ($query) =
|
||||
expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# );
|
||||
|
||||
# Back to SP
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => $query,
|
||||
accept => 'text/html',
|
||||
cookie => 'llngcasserver=idp',
|
||||
),
|
||||
'Query SP with ticket'
|
||||
);
|
||||
count(1);
|
||||
my $spId = expectCookie($res);
|
||||
|
||||
# Logout initiated by SP
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
query => 'logout',
|
||||
cookie => "lemonldap=$spId,llngcasserver=idp",
|
||||
accept => 'text/html'
|
||||
),
|
||||
'Query SP for logout'
|
||||
);
|
||||
count(1);
|
||||
expectOK($res);
|
||||
ok(
|
||||
$res->[2]->[0] =~ m#iframe src="http://auth.idp.com(/cas/logout)\?(.+?)"#s,
|
||||
'Found iframe'
|
||||
);
|
||||
count(1);
|
||||
|
||||
# Query IdP with bad character
|
||||
my $url = $1;
|
||||
$query = $2;
|
||||
$query .= '%3F%3Cscript%3E';
|
||||
|
||||
switch ('issuer');
|
||||
ok(
|
||||
$res = $issuer->_get(
|
||||
$url,
|
||||
query => $query,
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$idpId"
|
||||
),
|
||||
'Get iframe from IdP'
|
||||
);
|
||||
count(1);
|
||||
expectRedirection( $res, 'http://auth.idp.com' );
|
||||
my $h = getHeader( $res, 'Content-Security-Policy' );
|
||||
ok( ( not $h or $h !~ /frame-ancestors/ ), ' Frame can be embedded' )
|
||||
or explain( $res->[1],
|
||||
'Content-Security-Policy does not contain a frame-ancestors' );
|
||||
count(1);
|
||||
|
||||
# Verify that user has been disconnected
|
||||
ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' );
|
||||
count(1);
|
||||
expectReject($res);
|
||||
|
||||
switch ('sp');
|
||||
ok(
|
||||
$res = $sp->_get(
|
||||
'/',
|
||||
accept => 'text/html',
|
||||
cookie => "lemonldap=$idpId,llngcasserver=idp"
|
||||
),
|
||||
'Query IdP'
|
||||
);
|
||||
count(1);
|
||||
expectRedirection( $res,
|
||||
'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' );
|
||||
|
||||
clean_sessions();
|
||||
done_testing( count() );
|
||||
|
||||
sub switch {
|
||||
my $type = shift;
|
||||
@Lemonldap::NG::Handler::Main::_onReload = @{
|
||||
$handlerOR{$type};
|
||||
};
|
||||
}
|
||||
|
||||
sub issuer {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
templatesDir => 'site/htdocs/static',
|
||||
domain => 'idp.com',
|
||||
portal => 'http://auth.idp.com',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
issuerDBCASActivation => 1,
|
||||
casAttr => 'uid',
|
||||
casAttributes => { cn => 'cn', uid => 'uid', },
|
||||
casAccessControlPolicy => 'none',
|
||||
multiValuesSeparator => ';',
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
sub sp {
|
||||
return LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => $debug,
|
||||
domain => 'sp.com',
|
||||
portal => 'http://auth.sp.com',
|
||||
authentication => 'CAS',
|
||||
userDB => 'CAS',
|
||||
restSessionServer => 1,
|
||||
issuerDBCASActivation => 0,
|
||||
multiValuesSeparator => ';',
|
||||
casSrvMetaDataExportedVars => {
|
||||
idp => {
|
||||
cn => 'cn',
|
||||
mail => 'mail',
|
||||
uid => 'uid',
|
||||
}
|
||||
},
|
||||
casSrvMetaDataOptions => {
|
||||
idp => {
|
||||
casSrvMetaDataOptionsUrl => 'http://auth.idp.com/cas',
|
||||
casSrvMetaDataOptionsGateway => 0,
|
||||
}
|
||||
},
|
||||
},
|
||||
}
|
||||
);
|
||||
}
|
|
@ -44,7 +44,7 @@ SKIP: {
|
|||
$res = $client->_post(
|
||||
'/register',
|
||||
IO::String->new(
|
||||
'firstname=fôo&lastname=bar&mail=foobar%40badwolf.org'),
|
||||
'firstname=Fôo&lastname=Bàr&mail=foobar%40badwolf.org'),
|
||||
length => 53,
|
||||
accept => 'text/html'
|
||||
),
|
||||
|
@ -57,7 +57,7 @@ SKIP: {
|
|||
'Found register token' );
|
||||
$query = $1;
|
||||
ok( $query =~ /register_token=/, 'Found register_token' );
|
||||
ok( $mail =~ /fôo/, 'UTF-8 works' ) or explain( $mail, 'fôo' );
|
||||
ok( $mail =~ /Fôo/, 'UTF-8 works' ) or explain( $mail, 'Fôo' );
|
||||
|
||||
ok(
|
||||
$res =
|
||||
|
@ -77,7 +77,7 @@ SKIP: {
|
|||
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/', IO::String->new('user=fbar&password=fbar'),
|
||||
'/', IO::String->new("user=fbar&password=fbar"),
|
||||
length => 23,
|
||||
accept => 'text/html'
|
||||
),
|
||||
|
|
Loading…
Reference in New Issue