Retrieve session from DB if exists & Improve unit test (#1774)
This commit is contained in:
parent
8fd3f6be90
commit
a89f83294b
|
@ -11,8 +11,8 @@ use Lemonldap::NG::Portal::Main::Constants qw(
|
|||
|
||||
our $VERSION = '2.0.5';
|
||||
|
||||
extends qw(Lemonldap::NG::Portal::Main::Plugin
|
||||
Lemonldap::NG::Portal::Lib::_tokenRule);
|
||||
extends
|
||||
qw(Lemonldap::NG::Portal::Main::Plugin Lemonldap::NG::Portal::Lib::_tokenRule Lemonldap::NG::Portal::Lib::OtherSessions);
|
||||
|
||||
# INITIALIZATION
|
||||
|
||||
|
@ -121,17 +121,39 @@ sub check {
|
|||
}
|
||||
|
||||
if ( $user eq $req->{user} or !$user ) {
|
||||
$self->userLogger->notice("Retrieve session from Sessions database");
|
||||
$self->logger->debug("checkUser requested for myself");
|
||||
$self->userLogger->notice("Return userData...");
|
||||
$self->userLogger->warn("Using spoofed SSO groups if exist!!!")
|
||||
if ( $self->conf->{impersonationRule} );
|
||||
$attrs = $req->userData;
|
||||
$user = $req->{user};
|
||||
}
|
||||
else {
|
||||
$self->logger->debug("checkUser requested for $req->{user}");
|
||||
$req->{user} = $user;
|
||||
$self->userLogger->notice(
|
||||
"Retrieve session from userDB and compute Groups & Macros");
|
||||
$attrs = $self->_userDatas($req);
|
||||
$self->logger->debug("checkUser requested for $user");
|
||||
|
||||
# Try to retrieve session from sessions DB
|
||||
$self->userLogger->notice('Try to retrieve session from DB...');
|
||||
my $moduleOptions = $self->conf->{globalStorageOptions} || {};
|
||||
$moduleOptions->{backend} = $self->conf->{globalStorage};
|
||||
my $sessions =
|
||||
$self->module->searchOn( $moduleOptions, $self->conf->{whatToTrace},
|
||||
$user );
|
||||
my $age = '1';
|
||||
foreach my $id ( keys %$sessions ) {
|
||||
my $session = $self->p->getApacheSession($id) or next;
|
||||
|
||||
if ( $session->{data}->{_utime} gt $age ) {
|
||||
|
||||
$attrs = $session->{data};
|
||||
$age = $session->{data}->{_utime};
|
||||
}
|
||||
}
|
||||
unless ( defined $attrs->{_session_id} ) {
|
||||
$req->{user} = $user;
|
||||
$self->userLogger->notice(
|
||||
"NO session found in DB. Compute userData...");
|
||||
$attrs = $self->_userData($req);
|
||||
}
|
||||
}
|
||||
|
||||
if ( $req->error ) {
|
||||
|
@ -206,11 +228,8 @@ sub check {
|
|||
LANGS => $self->conf->{showLanguages},
|
||||
MSG => $msg,
|
||||
ALERTE => ( $msg eq 'checkUser' ? 'alert-info' : 'alert-warning' ),
|
||||
LOGIN => (
|
||||
$self->p->checkXSSAttack( 'LOGIN', $req->{userData}->{uid} ) ? ""
|
||||
: $req->{userData}->{uid}
|
||||
),
|
||||
URL => (
|
||||
LOGIN => $user,
|
||||
URL => (
|
||||
$self->p->checkXSSAttack( 'URL', $url ) ? ""
|
||||
: $url
|
||||
),
|
||||
|
@ -302,10 +321,10 @@ sub _urlFormat {
|
|||
return lc("$proto$vhost$port") . "$appuri";
|
||||
}
|
||||
|
||||
sub _userDatas {
|
||||
sub _userData {
|
||||
my ( $self, $req ) = @_;
|
||||
|
||||
# Search user in database
|
||||
# Compute session
|
||||
my $steps = [ 'getUser', 'setSessionInfo', 'setMacros', 'setGroups' ];
|
||||
$self->conf->{checkUserDisplayPersistentInfo}
|
||||
? push @$steps, 'setPersistentSessionInfo', 'setLocalGroups'
|
||||
|
|
|
@ -57,6 +57,21 @@ ok( $res->[2]->[0] =~ m%An error occurs, you're going to be redirected to%,
|
|||
count(1);
|
||||
$client->logout($id);
|
||||
|
||||
## Try to authenticate
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=rtyler&password=rtyler'),
|
||||
length => 27,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
$id = expectCookie($res);
|
||||
expectRedirection( $res, 'http://auth.example.com/' );
|
||||
|
||||
## Try to authenticate
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
|
@ -85,7 +100,6 @@ ok(
|
|||
);
|
||||
count(1);
|
||||
|
||||
# Request with bad VH
|
||||
my ( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
|
||||
|
@ -99,8 +113,7 @@ ok( $res->[2]->[0] =~ m%<td class="text-left">dwho</td>%, 'Found value dwho' )
|
|||
or explain( $res->[2]->[0], 'Value dwho' );
|
||||
count(2);
|
||||
|
||||
$query =~ s/user=dwho/user=rtyler/;
|
||||
$query =~ s/url=/url=http%3A%2F%2Ftry.example.com/;
|
||||
$query =~ s/url=/url=http%3A%2F%2Ftest1.example.com/;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/checkuser',
|
||||
|
@ -113,6 +126,39 @@ ok(
|
|||
);
|
||||
count(1);
|
||||
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="checkUser">%, 'Found trspan="checkUser"' )
|
||||
or explain( $res->[2]->[0], 'trspan="checkUser"' );
|
||||
|
||||
count(2);
|
||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">Auth-User</td>%,
|
||||
'Found Auth-User' )
|
||||
or explain( $res->[2]->[0], 'Header Key: Auth-User' );
|
||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%, 'Found dwho' )
|
||||
or explain( $res->[2]->[0], 'Header Value: dwho' );
|
||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">_whatToTrace</td>%,
|
||||
'Found _whatToTrace' )
|
||||
or explain( $res->[2]->[0], 'Macro Key _whatToTrace' );
|
||||
ok( $res->[2]->[0] =~ m%<td class="align-middle">dwho</td>%, 'Found dwho' )
|
||||
or explain( $res->[2]->[0], 'Macro Value dwho' );
|
||||
count(3);
|
||||
|
||||
$query =~ s/user=dwho/user=rtyler/;
|
||||
$query =~ s/url=http%3A%2F%2Ftest1.example.com/url=http%3A%2F%2Ftry.example.com/;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/checkuser',
|
||||
IO::String->new($query),
|
||||
cookie => "lemonldap=$id",
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'POST checkuser'
|
||||
);
|
||||
count(1);
|
||||
|
||||
# Request with bad VH
|
||||
( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/checkuser', 'user', 'url' );
|
||||
ok( $res->[2]->[0] =~ m%<span trspan="VHnotFound">%,
|
||||
|
|
Loading…
Reference in New Issue
Block a user