Fix handler cache corruption (#2539)
This commit is contained in:
parent
2de2cbf454
commit
b6a1f946b2
|
@ -139,7 +139,9 @@ sub run {
|
|||
}
|
||||
|
||||
# Try to recover cookie and user session
|
||||
if ( $id = $class->fetchId($req)
|
||||
$id = $class->fetchId($req);
|
||||
$class->data( {} ) unless($id);
|
||||
if ( $id
|
||||
and $session = $class->retrieveSession( $req, $id ) )
|
||||
{
|
||||
|
||||
|
|
|
@ -484,6 +484,7 @@ t/01-Handler-redirection-and-URL-check-by-portal.t
|
|||
t/01-pdata.t
|
||||
t/01-Reject-Hashes-in-URL.t
|
||||
t/01-Unauth-Logout.t
|
||||
t/02-Password-Demo-Hook.t
|
||||
t/02-Password-Demo-Local-noPpolicy.t
|
||||
t/02-Password-Demo-Local-Ppolicy.t
|
||||
t/02-Password-Demo-Local-SpeChars-Ppolicy.t
|
||||
|
@ -551,6 +552,7 @@ t/31-Auth-and-issuer-CAS-proxied.t
|
|||
t/31-Auth-and-issuer-CAS-with-choice-and-cancel.t
|
||||
t/31-Auth-and-issuer-CAS-with-choice.t
|
||||
t/31-Auth-and-issuer-CAS-XSS-on-logout.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t
|
||||
t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t
|
||||
|
@ -562,6 +564,7 @@ t/32-Auth-and-issuer-OIDC-implicit-no-token.t
|
|||
t/32-Auth-and-issuer-OIDC-implicit.t
|
||||
t/32-Auth-and-issuer-OIDC-sorted.t
|
||||
t/32-CAS-10.t
|
||||
t/32-CAS-Hooks.t
|
||||
t/32-CAS-Macros.t
|
||||
t/32-CAS-Prefix.t
|
||||
t/32-OIDC-ClaimTypes.t
|
||||
|
@ -630,6 +633,7 @@ t/43-MailPasswordReset-Choice.t
|
|||
t/43-MailPasswordReset-Combination-LDAP.t
|
||||
t/43-MailPasswordReset-Combination.t
|
||||
t/43-MailPasswordReset-DBI.t
|
||||
t/43-MailPasswordReset-Hook.t
|
||||
t/43-MailPasswordReset-LDAP.t
|
||||
t/43-MailPasswordReset-with-captcha.t
|
||||
t/43-MailPasswordReset-with-token.t
|
||||
|
@ -746,9 +750,11 @@ t/78-2F-UpgradeOnly.t
|
|||
t/79-2F-Yubikey-from-Session.t
|
||||
t/79-2F-Yubikey.t
|
||||
t/90-Translations.t
|
||||
t/91-handler-cache-cleaned.t
|
||||
t/91-Memory-Leak.t
|
||||
t/99-Dont-load-Dumper.t
|
||||
t/99-pod.t
|
||||
t/CasHookPlugin.pm
|
||||
t/gpghome/key.asc
|
||||
t/gpghome/openpgp-revocs.d/9482CEFB055809CBAFE6D71AAB2D5542891D1677.rev
|
||||
t/gpghome/private-keys-v1.d/A076B0E7DB141A919271EE8B581CDFA8DA42F333.key
|
||||
|
@ -765,6 +771,7 @@ t/lib/Lemonldap/NG/Portal/Custom.pm
|
|||
t/lmConf-1.json
|
||||
t/oidc-lib.pm
|
||||
t/OidcHookPlugin.pm
|
||||
t/PasswordHookPlugin.pm
|
||||
t/pdata.pm
|
||||
t/README.md
|
||||
t/saml-lib.pm
|
||||
|
|
120
lemonldap-ng-portal/t/91-handler-cache-cleaned.t
Normal file
120
lemonldap-ng-portal/t/91-handler-cache-cleaned.t
Normal file
|
@ -0,0 +1,120 @@
|
|||
use Test::More;
|
||||
use strict;
|
||||
use IO::String;
|
||||
use Data::Dumper;
|
||||
|
||||
require 't/test-lib.pm';
|
||||
require 't/smtp.pm';
|
||||
|
||||
use_ok('Lemonldap::NG::Common::FormEncode');
|
||||
count(1);
|
||||
|
||||
my $client = LLNG::Manager::Test->new( {
|
||||
ini => {
|
||||
logLevel => 'debug',
|
||||
mail2fActivation => '$uid eq "msmith"',
|
||||
mail2fAuthnLevel => 3,
|
||||
mail2fCodeRegex => '\d{4}',
|
||||
authentication => 'Demo',
|
||||
userDB => 'Same',
|
||||
}
|
||||
}
|
||||
);
|
||||
|
||||
# Login as dwho
|
||||
ok(
|
||||
my $res = $client->_post(
|
||||
'/',
|
||||
IO::String->new('user=dwho&password=dwho'),
|
||||
length => 23,
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
my $dwho_id = expectCookie($res);
|
||||
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/', cookie => "lemonldap=$dwho_id",
|
||||
),
|
||||
'Get portal'
|
||||
);
|
||||
expectAuthenticatedAs($res, 'dwho');
|
||||
count(1);
|
||||
|
||||
# Start logging in as msmith
|
||||
my $s = buildForm({
|
||||
user => 'msmith',
|
||||
password => 'msmith',
|
||||
});
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/',
|
||||
IO::String->new($s),
|
||||
length => length($s),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Auth query'
|
||||
);
|
||||
count(1);
|
||||
|
||||
my ( $host, $url, $query ) =
|
||||
expectForm( $res, undef, '/mail2fcheck?skin=bootstrap', 'token', 'code' );
|
||||
|
||||
ok(
|
||||
$res->[2]->[0] =~
|
||||
qr%<input name="code" value="" type="text" class="form-control" id="extcode" trplaceholder="code" autocomplete="off" />%,
|
||||
'Found EXTCODE input'
|
||||
) or print STDERR Dumper( $res->[2]->[0] );
|
||||
count(1);
|
||||
|
||||
ok( mail() =~ m%<b>(\d{4})</b>%, 'Found 2F code in mail' )
|
||||
or print STDERR Dumper( mail() );
|
||||
|
||||
my $code = $1;
|
||||
count(1);
|
||||
|
||||
# Fill the handler cache with dwho session info
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/', cookie => "lemonldap=$dwho_id",
|
||||
),
|
||||
'Get portal'
|
||||
);
|
||||
count(1);
|
||||
|
||||
# Finish logging in as msmith,
|
||||
# this corrupts the dwho cache with msmith macros
|
||||
$query =~ s/code=/code=${code}/;
|
||||
ok(
|
||||
$res = $client->_post(
|
||||
'/mail2fcheck',
|
||||
IO::String->new($query),
|
||||
length => length($query),
|
||||
accept => 'text/html',
|
||||
),
|
||||
'Post code'
|
||||
);
|
||||
count(1);
|
||||
diag Dumper($res);
|
||||
|
||||
# Reuse the corrupted cache
|
||||
ok(
|
||||
$res = $client->_get(
|
||||
'/', cookie => "lemonldap=$dwho_id",
|
||||
),
|
||||
'Get portal'
|
||||
);
|
||||
count(1);
|
||||
|
||||
|
||||
TODO: {
|
||||
local $TODO = "Fix 2539";
|
||||
expectAuthenticatedAs($res, 'dwho');
|
||||
}
|
||||
|
||||
clean_sessions();
|
||||
|
||||
done_testing( count() );
|
||||
|
Loading…
Reference in New Issue
Block a user