From b88a72c267650b8ea3d3679dac98ca23996fe6aa Mon Sep 17 00:00:00 2001 From: Yadd Date: Wed, 16 Feb 2022 17:43:29 +0100 Subject: [PATCH] tidy --- Makefile | 15 +- .../lib/Lemonldap/NG/Common/Cli.pm | 5 +- .../lib/Lemonldap/NG/Common/Conf.pm | 2 +- .../lib/Lemonldap/NG/Common/Conf/AccessLib.pm | 6 +- .../Lemonldap/NG/Common/Conf/Backends/LDAP.pm | 4 +- .../NG/Common/Conf/Backends/Local.pm | 2 +- .../Lemonldap/NG/Common/Conf/Backends/RDBI.pm | 2 +- .../Lemonldap/NG/Common/Conf/Backends/_DBI.pm | 7 +- .../Lemonldap/NG/Common/Conf/DefaultValues.pm | 52 ++-- .../Lemonldap/NG/Common/Conf/RESTServer.pm | 18 +- .../Lemonldap/NG/Common/Conf/SAML/Metadata.pm | 2 +- .../lib/Lemonldap/NG/Common/EmailTransport.pm | 4 +- .../lib/Lemonldap/NG/Common/IPv6.pm | 2 +- .../Lemonldap/NG/Common/Logger/Log4perl.pm | 4 +- .../lib/Lemonldap/NG/Common/Logger/Sentry.pm | 4 +- .../lib/Lemonldap/NG/Common/PSGI.pm | 7 +- .../lib/Lemonldap/NG/Common/PSGI/Cli/Lib.pm | 10 +- .../lib/Lemonldap/NG/Common/PSGI/Request.pm | 3 +- .../lib/Lemonldap/NG/Common/PSGI/Router.pm | 4 +- .../lib/Lemonldap/NG/Common/Safelib.pm | 23 +- .../lib/Lemonldap/NG/Common/Session.pm | 4 +- .../lib/Lemonldap/NG/Common/Session/REST.pm | 6 +- lemonldap-ng-common/t/50-Combination-Parser.t | 7 +- lemonldap-ng-common/t/60-Session-Cli.t | 6 +- lemonldap-ng-common/t/60-U2F-Migrate.t | 18 +- .../lib/Lemonldap/NG/Handler/ApacheMP2.pm | 8 +- .../lib/Lemonldap/NG/Handler/Lib/DevOps.pm | 5 +- .../lib/Lemonldap/NG/Handler/Lib/PSGI.pm | 7 +- .../Lemonldap/NG/Handler/Lib/ServiceToken.pm | 3 +- .../Lemonldap/NG/Handler/Lib/ZimbraPreAuth.pm | 6 +- .../lib/Lemonldap/NG/Handler/Main/Jail.pm | 4 +- .../lib/Lemonldap/NG/Handler/Main/Reload.pm | 3 +- .../lib/Lemonldap/NG/Handler/Main/Run.pm | 11 +- .../t/12-Lemonldap-NG-Handler-Jail.t | 6 +- .../t/60-Lemonldap-NG-Handler-PSGI.t | 11 +- .../t/61-Lemonldap-NG-Handler-PSGI-Server.t | 2 +- .../t/62-Lemonldap-NG-Handler-Nginx.t | 2 +- .../t/63-Lemonldap-NG-Handler-PSGI-Try.t | 4 +- ...ldap-NG-Handler-PSGI-DevOps-vhostOptions.t | 6 +- ...onldap-NG-Handler-PSGI-DevOps-with-param.t | 4 +- .../t/64-Lemonldap-NG-Handler-PSGI-DevOps.t | 3 +- .../t/66-Lemonldap-NG-Handler-PSGI-wildcard.t | 2 +- ...NG-Handler-PSGI-vhostOptions-with-reload.t | 4 +- ...7-Lemonldap-NG-Handler-PSGI-vhostOptions.t | 2 +- .../t/71-Lemonldap-NG-Handler-PSGI-OAuth2.t | 8 +- lemonldap-ng-handler/t/test-psgi-lib.pm | 4 +- .../lib/Lemonldap/NG/Manager.pm | 2 +- .../lib/Lemonldap/NG/Manager/2ndFA.pm | 13 +- .../lib/Lemonldap/NG/Manager/Api/2F.pm | 2 +- .../NG/Manager/Api/Providers/CasApp.pm | 4 +- .../NG/Manager/Api/Providers/OidcRp.pm | 6 +- .../lib/Lemonldap/NG/Manager/Attributes.pm | 28 +-- .../lib/Lemonldap/NG/Manager/Build.pm | 14 +- .../Lemonldap/NG/Manager/Build/Attributes.pm | 226 ++++++++--------- .../lib/Lemonldap/NG/Manager/Build/Tree.pm | 10 +- .../lib/Lemonldap/NG/Manager/Cli.pm | 12 +- .../lib/Lemonldap/NG/Manager/Conf/Diff.pm | 7 +- .../lib/Lemonldap/NG/Manager/Conf/Parser.pm | 4 +- .../lib/Lemonldap/NG/Manager/Conf/Zero.pm | 18 +- .../lib/Lemonldap/NG/Manager/Sessions.pm | 10 +- lemonldap-ng-manager/t/04-2F-api.t | 6 +- lemonldap-ng-manager/t/04-menu-api.t | 6 +- lemonldap-ng-manager/t/04-misc-api.t | 8 +- lemonldap-ng-manager/t/04-providers-api.t | 24 +- lemonldap-ng-manager/t/05-rest-api.t | 2 +- lemonldap-ng-manager/t/06-rest-api-RSA.t | 4 +- .../11-save-changed-conf-with-confirmation.t | 4 +- lemonldap-ng-manager/t/12-save-changed-conf.t | 2 +- .../t/14-bad-changes-in-conf.t | 2 +- lemonldap-ng-manager/t/15-combination.t | 2 +- lemonldap-ng-manager/t/17-extra2f.t | 2 +- lemonldap-ng-manager/t/30-DBI-Cli.t | 2 +- lemonldap-ng-manager/t/40-sessions.t | 6 +- lemonldap-ng-manager/t/50-notifications-DBI.t | 2 +- lemonldap-ng-manager/t/50-notifications.t | 4 +- lemonldap-ng-manager/t/60-2ndfa.t | 6 +- lemonldap-ng-manager/t/70-viewer.t | 3 +- lemonldap-ng-manager/t/80-attributes.t | 6 +- .../Lemonldap/NG/Portal/2F/Engines/Default.pm | 5 +- .../NG/Portal/2F/Register/WebAuthn.pm | 2 +- .../lib/Lemonldap/NG/Portal/Auth/CAS.pm | 3 +- .../lib/Lemonldap/NG/Portal/Auth/GitHub.pm | 3 +- .../lib/Lemonldap/NG/Portal/Auth/WebID.pm | 2 +- .../lib/Lemonldap/NG/Portal/Auth/_WebForm.pm | 6 +- .../NG/Portal/Issuer/OpenIDConnect.pm | 24 +- .../lib/Lemonldap/NG/Portal/Issuer/SAML.pm | 6 +- .../lib/Lemonldap/NG/Portal/Lib/Choice.pm | 8 +- .../lib/Lemonldap/NG/Portal/Lib/LDAP.pm | 4 +- .../lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm | 2 +- .../NG/Portal/Lib/Notifications/XML.pm | 2 +- .../Lemonldap/NG/Portal/Lib/OpenIDConnect.pm | 4 +- .../lib/Lemonldap/NG/Portal/Lib/Remote.pm | 2 +- .../lib/Lemonldap/NG/Portal/Lib/SAML.pm | 5 +- .../lib/Lemonldap/NG/Portal/Lib/SMTP.pm | 2 +- .../lib/Lemonldap/NG/Portal/Lib/WebAuthn.pm | 4 +- .../lib/Lemonldap/NG/Portal/Lib/Wrapper.pm | 2 +- .../lib/Lemonldap/NG/Portal/Main/Auth.pm | 2 +- .../lib/Lemonldap/NG/Portal/Main/Constants.pm | 2 +- .../lib/Lemonldap/NG/Portal/Main/Display.pm | 7 +- .../lib/Lemonldap/NG/Portal/Main/Init.pm | 12 +- .../lib/Lemonldap/NG/Portal/Main/Plugins.pm | 2 +- .../lib/Lemonldap/NG/Portal/Main/Process.pm | 4 +- .../Lemonldap/NG/Portal/Main/SecondFactor.pm | 8 +- .../NG/Portal/Password/Combination.pm | 4 +- .../lib/Lemonldap/NG/Portal/Password/LDAP.pm | 10 +- .../Lemonldap/NG/Portal/Plugins/AutoSignin.pm | 2 +- .../lib/Lemonldap/NG/Portal/Plugins/CDA.pm | 2 +- .../NG/Portal/Plugins/CheckDevOps.pm | 4 +- .../NG/Portal/Plugins/ContextSwitching.pm | 8 +- .../Lemonldap/NG/Portal/Plugins/FindUser.pm | 4 +- .../NG/Portal/Plugins/GlobalLogout.pm | 3 +- .../NG/Portal/Plugins/Impersonation.pm | 8 +- .../NG/Portal/Plugins/NewLocationWarning.pm | 2 +- .../NG/Portal/Plugins/PublicPages.pm | 2 +- .../Lemonldap/NG/Portal/Plugins/RESTServer.pm | 16 +- .../Lemonldap/NG/Portal/Plugins/SOAPServer.pm | 10 +- .../lib/Lemonldap/NG/Portal/UserDB/Demo.pm | 10 +- .../lib/Lemonldap/NG/Portal/UserDB/LDAP.pm | 8 +- .../lib/Lemonldap/NG/Portal/UserDB/Remote.pm | 2 +- lemonldap-ng-portal/t/01-BuildUrl.t | 16 +- ...dler-redirection-and-URL-check-by-portal.t | 4 +- lemonldap-ng-portal/t/01-Unauth-Logout.t | 3 +- .../t/01-WebAuthn-Registration.t | 6 +- lemonldap-ng-portal/t/01-WebAuthn.t | 2 +- .../t/02-Password-Demo-Local-Ppolicy.t | 20 +- lemonldap-ng-portal/t/19-Auth-Null.t | 3 +- lemonldap-ng-portal/t/20-Auth-DBI-utf8.t | 3 +- .../t/21-Auth-LDAP-Policy-Combination.t | 16 +- .../t/21-Auth-LDAP-attributes.t | 1 + .../t/22-Auth-and-password-AD.t | 2 +- lemonldap-ng-portal/t/26-AuthRadius.t | 6 +- lemonldap-ng-portal/t/29-AuthGPG.t | 2 +- .../t/30-Auth-SAML-with-choice.t | 2 +- .../t/30-Auth-and-issuer-SAML-Metadata.t | 6 +- ...-Auth-and-issuer-SAML-POST-IdP-initiated.t | 28 ++- ...h-and-issuer-SAML-Redirect-IdP-initiated.t | 2 +- lemonldap-ng-portal/t/30-CDC.t | 4 +- ...nd-issuer-CAS-declared-app-multiple-urls.t | 6 +- ...uth-and-issuer-CAS-declared-app-userattr.t | 2 +- .../t/31-Auth-and-issuer-CAS-declared-app.t | 2 +- .../t/31-Auth-and-issuer-CAS-default.t | 4 +- .../t/31-Auth-and-issuer-CAS-proxied.t | 2 +- .../t/31-Auth-and-issuer-CAS-with-choice.t | 2 +- ...issuer-OIDC-authorization_code-OP-logout.t | 2 +- ...uer-OIDC-authorization_code-jwt-userinfo.t | 4 +- ...er-OIDC-authorization_code-public_client.t | 16 +- ...-OIDC-authorization_code-with-authchoice.t | 2 +- ...issuer-OIDC-authorization_code-with-info.t | 2 +- ...er-OIDC-authorization_code-with-none-alg.t | 2 +- ...-Auth-and-issuer-OIDC-authorization_code.t | 2 +- .../t/32-Auth-and-issuer-OIDC-implicit.t | 6 +- .../t/32-Auth-and-issuer-OIDC-sorted.t | 2 +- lemonldap-ng-portal/t/32-CAS-Prefix.t | 3 +- .../t/32-OIDC-ClientCredentials-Grant.t | 12 +- .../t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t | 4 +- .../t/32-OIDC-Code-Flow-with-2F.t | 2 +- .../32-OIDC-Grant-Type-OAuth2-Handler-Rules.t | 2 +- .../t/32-OIDC-Grant-Type-Rules.t | 6 +- .../t/32-OIDC-Offline-Session.t | 35 +-- lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t | 26 +- .../t/34-Auth-Proxy-and-REST-Server.t | 6 +- .../t/34-Auth-Proxy-and-REST-sessions.t | 1 + .../t/35-SOAP-config-backend.t | 2 +- lemonldap-ng-portal/t/36-Combination-Custom.t | 2 +- .../t/36-Combination-Password.t | 2 +- lemonldap-ng-portal/t/36-Combination.t | 2 +- lemonldap-ng-portal/t/37-Issuer-Timeout.t | 8 +- ...Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t | 201 ++++++++------- .../37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t | 230 ++++++++++-------- .../t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t | 6 +- .../t/37-OIDC-RP-to-SAML-IdP-GET.t | 6 +- .../t/37-OIDC-RP-to-SAML-IdP-POST.t | 6 +- .../t/37-SAML-SP-GET-to-OIDC-OP.t | 6 +- .../t/37-SAML-SP-POST-to-OIDC-OP.t | 6 +- .../t/40-Notifications-JSON-LDAP.t | 2 +- .../t/40-Notifications-JSON-Server.t | 12 +- lemonldap-ng-portal/t/41-Captcha.t | 7 +- lemonldap-ng-portal/t/41-Token.t | 7 +- lemonldap-ng-portal/t/42-Register-Custom.t | 2 +- .../t/42-Register-Demo-with-CustomBody.t | 4 +- .../t/42-Register-Demo-with-token.t | 2 +- lemonldap-ng-portal/t/42-Register-Demo.t | 11 +- lemonldap-ng-portal/t/42-Register-LDAP.t | 2 +- .../t/44-CertificateResetByMail-Demo.t | 16 +- .../t/44-CertificateResetByMail-LDAP.t | 16 +- lemonldap-ng-portal/t/56-CheckDevOps.t | 5 +- lemonldap-ng-portal/t/57-LogoutForward2153.t | 41 ++-- .../t/58-DecryptValue-with-custom-function.t | 14 +- .../t/59-Double-cookies-Refresh-and-Logout.t | 7 +- .../t/59-Secured-cookie-Refresh-and-Logout.t | 7 +- .../t/61-AdaptativeAuthenticationLevel.t | 2 +- .../t/61-BruteForceProtection.t | 6 +- .../t/61-Session-ActivityTimeout.t | 7 +- lemonldap-ng-portal/t/61-Session-Timeout.t | 7 +- lemonldap-ng-portal/t/62-Refresh-plugin.t | 2 +- .../t/62-UpgradeSession-disabled.t | 12 +- lemonldap-ng-portal/t/63-History.t | 20 +- .../t/64-StayConnected-with-2F-and-History.t | 3 +- .../t/64-StayConnected-with-History.t | 2 +- ...ayConnected-without-fingerprint-checking.t | 10 +- lemonldap-ng-portal/t/66-CDA-PSGI-Try.t | 4 +- lemonldap-ng-portal/t/66-CDA-already-auth.t | 4 +- lemonldap-ng-portal/t/66-CDA-wildcard.t | 4 +- lemonldap-ng-portal/t/66-CDA-with-REST.t | 4 +- lemonldap-ng-portal/t/66-CDA-with-SOAP.t | 4 +- .../t/66-CDA-with-doubleCookies.t | 4 +- lemonldap-ng-portal/t/66-CDA.t | 4 +- .../t/67-CheckUser-with-Global-token.t | 4 +- ...-CheckUser-with-Impersonation-and-Macros.t | 3 +- .../t/67-CheckUser-with-UnrestrictedUser.t | 2 +- .../t/67-CheckUser-with-token.t | 1 - .../t/68-ContextSwitching-with-2F-allowed.t | 26 +- .../68-ContextSwitching-with-Impersonation.t | 7 +- .../t/68-ContextSwitching-with-Logout.t | 7 +- lemonldap-ng-portal/t/68-ContextSwitching.t | 7 +- .../t/68-FindUser-with-BadChoice-and-token.t | 10 +- .../t/68-FindUser-with-Choice-and-token.t | 10 +- .../t/68-FindUser-with-Combination.t | 6 +- ...8-FindUser-with-Demo-and-required-params.t | 2 +- .../t/68-FindUser-with-Demo-and-token.t | 14 +- lemonldap-ng-portal/t/68-FindUser-with-Demo.t | 2 +- lemonldap-ng-portal/t/68-FindUser-with-REST.t | 6 +- .../t/68-FindUser-without-Impersonation.t | 14 +- .../t/68-FindUser-without-attribute.t | 14 +- .../t/68-Impersonation-with-Custom-Plugin.t | 3 +- .../68-Impersonation-with-UnrestrictedUser.t | 7 +- .../t/68-Impersonation-with-doubleCookies.t | 18 +- .../t/68-Impersonation-with-filtered-merge.t | 15 +- .../t/68-Impersonation-with-merge.t | 15 +- lemonldap-ng-portal/t/68-Impersonation.t | 16 +- .../t/70-2F-TOTP-8-with-global-storage.t | 2 +- lemonldap-ng-portal/t/70-2F-TOTP-encryption.t | 4 +- .../t/70-2F-TOTP-with-TTL-and-JSON.t | 8 +- .../t/71-2F-U2F-with-TTL-and-msg.t | 2 +- .../t/73-2F-UTOTP-TOTP-and-U2F-with-History.t | 2 +- lemonldap-ng-portal/t/75-2F-Registers.t | 3 +- lemonldap-ng-portal/t/77-2F-Mail-SessionKey.t | 2 +- lemonldap-ng-portal/t/99-Bad-logLevel.t | 3 +- lemonldap-ng-portal/t/99-Dont-load-Dumper.t | 4 +- .../t/AfterDataCustomPlugin.pm | 6 +- .../t/lib/Lemonldap/NG/Handler/Test.pm | 4 +- lemonldap-ng-portal/t/saml-lib.pm | 2 +- lemonldap-ng-portal/t/test-ldap.pm | 8 +- lemonldap-ng-portal/t/test-lib.pm | 16 +- lemonldap-ng-portal/t/test-psgi.pm | 2 +- 245 files changed, 1173 insertions(+), 1101 deletions(-) diff --git a/Makefile b/Makefile index 5a4dbe6c2..7edfba0c7 100644 --- a/Makefile +++ b/Makefile @@ -1176,15 +1176,14 @@ test-diff: done tidy: clean - @if perltidy -v|grep v20181120 >/dev/null; then \ - find lemon*/ -type f \( -name '*.pm' -or -name '*.pl' -or -name '*.fcgi' -or -name '*.t' \) -print -exec perltidy -se -b {} \; ; \ - else echo "Wrong perltidy version, please install Perl::Tidy@20181120" ; exit 1 ;\ + @if perltidy -v|grep v20210717 >/dev/null; then \ + for f in `find lemon*/ -type f \( -name '*.pm' -or -name '*.pl' -or -name '*.fcgi' -or -name '*.t' \)`; do \ + echo -n $$f; \ + perltidy -se -b $$f; \ + echo; \ + done; \ + else echo "Wrong perltidy version, please install Perl::Tidy@20210717" ; exit 1 ;\ fi - for f in `find lemon*/ -type f \( -name '*.pm' -or -name '*.pl' -or -name '*.fcgi' -or -name '*.t' \)`; do \ - echo -n $$f; \ - perltidy -se -b $$f; \ - echo; \ - done find lemon*/ -name '*.bak' -delete $(MAKE) json diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Cli.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Cli.pm index f13aa3c38..f62e6bbb5 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Cli.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Cli.pm @@ -63,10 +63,11 @@ sub testEmail { eval { Lemonldap::NG::Common::EmailTransport::sendTestMail( $conf, $dest ); }; - my $error = $@; + my $error = $@; if ($error) { die $error; - } else { + } + else { print STDERR "Test email successfully sent to $dest\n"; } } diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm index bf7346525..9cdbe8fd9 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf.pm @@ -190,7 +190,7 @@ sub getConf { eval { $r = $self->{refLocalStorage}->get('conf') } if ( $> and not $args->{noCache} ); $msg .= "Warn: $@" if ($@); - + if ( ref($r) and $r->{cfgNum} and $args->{cfgNum} diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/AccessLib.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/AccessLib.pm index 33354fb71..de90fa20e 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/AccessLib.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/AccessLib.pm @@ -7,9 +7,9 @@ use Mouse; use Lemonldap::NG::Common::Conf; has '_confAcc' => ( is => 'rw', isa => 'Lemonldap::NG::Common::Conf' ); -has 'configStorage' => ( is => 'rw', isa => 'HashRef', default => sub { {} } ); -has 'currentConf' => ( is => 'rw', required => 1, default => sub { {} } ); -has 'protection' => ( is => 'rw', isa => 'Str', default => 'manager' ); +has 'configStorage' => ( is => 'rw', isa => 'HashRef', default => sub { {} } ); +has 'currentConf' => ( is => 'rw', required => 1, default => sub { {} } ); +has 'protection' => ( is => 'rw', isa => 'Str', default => 'manager' ); our $VERSION = '2.0.11'; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/LDAP.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/LDAP.pm index 40420b576..6c1afbe40 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/LDAP.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/LDAP.pm @@ -194,8 +194,8 @@ sub store { $operation = $self->ldap->add( $confDN, attrs => [ - objectClass => [ 'top', $self->{ldapObjectClass} ], - $self->{ldapAttributeId} => $confName, + objectClass => [ 'top', $self->{ldapObjectClass} ], + $self->{ldapAttributeId} => $confName, $self->{ldapAttributeContent} => \@confValues, ] ); diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/Local.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/Local.pm index 288906df4..8b647e0f7 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/Local.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/Local.pm @@ -35,7 +35,7 @@ sub load { cfgNum => 1, cfgDate => time, cfgAuthor => 'LLNG Team', - cfgLog => + cfgLog => q"Do not edit this configuration, Null backend uses lemonldap-ng.ini values only", }; } diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/RDBI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/RDBI.pm index 08010c553..22a7faf6d 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/RDBI.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/RDBI.pm @@ -19,7 +19,7 @@ sub store { $req = $self->_dbh->prepare( "INSERT INTO $self->{dbiTable} (cfgNum,field,value) VALUES (?,?,?)"); - _delete($self,$cfgNum) if $lastCfg == $cfgNum; + _delete( $self, $cfgNum ) if $lastCfg == $cfgNum; unless ($req) { $self->logError; return UNKNOWN_ERROR; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/_DBI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/_DBI.pm index 180dd1729..935cc5208 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/_DBI.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/Backends/_DBI.pm @@ -36,7 +36,8 @@ sub available { my $sth = $self->_dbh->prepare( "SELECT DISTINCT cfgNum from " . $self->{dbiTable} - . " order by cfgNum" ) or $self->logError; + . " order by cfgNum" ) + or $self->logError; $sth->execute() or $self->logError; my @conf; while ( my @row = $sth->fetchrow_array ) { @@ -105,8 +106,8 @@ sub unlock { sub delete { my ( $self, $cfgNum ) = @_; my $req = - $self->_dbh->prepare("DELETE FROM $self->{dbiTable} WHERE cfgNum=?") - or $self->logError; + $self->_dbh->prepare("DELETE FROM $self->{dbiTable} WHERE cfgNum=?") + or $self->logError; my $res = $req->execute($cfgNum) or $self->logError; $Lemonldap::NG::Common::Conf::msg .= "Unable to find conf $cfgNum (" . $self->_dbh->errstr . ")" diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm index 709bd4824..edead3399 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/DefaultValues.pm @@ -17,7 +17,7 @@ sub defaultValues { }, 'authChoiceParam' => 'lmAuth', 'authentication' => 'Demo', - 'available2F' => + 'available2F' => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', 'available2FSelfRegistration' => 'TOTP,U2F,WebAuthn,Yubikey', 'bruteForceProtectionLockTimes' => '15, 30, 60, 300, 600', @@ -102,7 +102,7 @@ sub defaultValues { 'globalLogoutTimer' => 1, 'globalStorage' => 'Apache::Session::File', 'globalStorageOptions' => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'Directory' => '/var/lib/lemonldap-ng/sessions/', 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' @@ -175,20 +175,20 @@ sub defaultValues { 'locationRules' => { 'default' => 'deny' }, - 'logoutServices' => {}, - 'macros' => {}, - 'mail2fActivation' => 0, - 'mail2fCodeRegex' => '\\d{6}', - 'mailCharset' => 'utf-8', - 'mailFrom' => 'noreply@example.com', - 'mailSessionKey' => 'mail', - 'mailTimeout' => 0, - 'mailUrl' => 'http://auth.example.com/resetpwd', - 'managerDn' => '', - 'managerPassword' => '', - 'max2FDevices' => 10, - 'max2FDevicesNameLength' => 20, - 'multiValuesSeparator' => '; ', + 'logoutServices' => {}, + 'macros' => {}, + 'mail2fActivation' => 0, + 'mail2fCodeRegex' => '\\d{6}', + 'mailCharset' => 'utf-8', + 'mailFrom' => 'noreply@example.com', + 'mailSessionKey' => 'mail', + 'mailTimeout' => 0, + 'mailUrl' => 'http://auth.example.com/resetpwd', + 'managerDn' => '', + 'managerPassword' => '', + 'max2FDevices' => 10, + 'max2FDevicesNameLength' => 20, + 'multiValuesSeparator' => '; ', 'mySessionAuthorizedRWKeys' => [ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ], 'newLocationWarningLocationAttribute' => 'ipAddr', @@ -196,7 +196,7 @@ sub defaultValues { 'newLocationWarningMaxValues' => '0', 'notificationDefaultCond' => '', 'notificationServerPOST' => 1, - 'notificationServerSentAttributes' => + 'notificationServerSentAttributes' => 'uid reference date title subtitle text check', 'notificationsMaxRetrieve' => 3, 'notificationStorage' => 'File', @@ -250,7 +250,7 @@ sub defaultValues { 'passwordPolicyMinUpper' => 0, 'passwordPolicySpecialChar' => '__ALL__', 'passwordResetAllowedRetries' => 3, - 'persistentSessionAttributes' => + 'persistentSessionAttributes' => '_loginHistory _2fDevices notification_', 'port' => -1, 'portal' => 'http://auth.example.com/', @@ -261,7 +261,7 @@ sub defaultValues { 'portalDisplayGeneratePassword' => 1, 'portalDisplayLoginHistory' => 1, 'portalDisplayLogout' => 1, - 'portalDisplayOidcConsents' => + 'portalDisplayOidcConsents' => '$_oidcConsents && $_oidcConsents =~ /\\w+/', 'portalDisplayRefreshMyRights' => 1, 'portalDisplayRegister' => 1, @@ -289,11 +289,11 @@ sub defaultValues { 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', 'proxy' => 'http://auth.example.com/sessions' }, - 'requireToken' => 1, - 'rest2fActivation' => 0, - 'restAuthnLevel' => 2, - 'restClockTolerance' => 15, - 'sameSite' => '', + 'requireToken' => 1, + 'rest2fActivation' => 0, + 'restAuthnLevel' => 2, + 'restClockTolerance' => 15, + 'sameSite' => '', 'samlAttributeAuthorityDescriptorAttributeServiceSOAP' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP;#PORTAL#/saml/AA/SOAP;', 'samlAuthnContextMapKerberos' => 4, @@ -333,7 +333,7 @@ sub defaultValues { '0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;#PORTAL#/saml/proxySingleSignOnArtifact', 'samlSPSSODescriptorAssertionConsumerServiceHTTPPost' => '1;0;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleSignOnPost', - 'samlSPSSODescriptorAuthnRequestsSigned' => 1, + 'samlSPSSODescriptorAuthnRequestsSigned' => 1, 'samlSPSSODescriptorSingleLogoutServiceHTTPPost' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST;#PORTAL#/saml/proxySingleLogout;#PORTAL#/saml/proxySingleLogoutReturn', 'samlSPSSODescriptorSingleLogoutServiceHTTPRedirect' => @@ -345,7 +345,7 @@ sub defaultValues { 'sfEngine' => '::2F::Engines::Default', 'sfManagerRule' => 1, 'sfRemovedMsgRule' => 0, - 'sfRemovedNotifMsg' => + 'sfRemovedNotifMsg' => '_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', 'sfRemovedNotifRef' => 'RemoveSF', 'sfRemovedNotifTitle' => 'Second factor notification', diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm index 413be34a9..943cb4373 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/RESTServer.pm @@ -394,16 +394,17 @@ sub _oidcMetaDataNodes { my ( $id, $resp ) = ( 1, [] ); # Handle RP Attributes - if ($query eq "oidcRPMetaDataExportedVars") { + if ( $query eq "oidcRPMetaDataExportedVars" ) { my $pk = eval { $self->getConfKey( $req, $query )->{$partner} } // {}; return $self->sendError( $req, undef, 400 ) if ( $req->error ); foreach my $h ( sort keys %$pk ) { + # Set default values for type and array my $data = [ split /;/, $pk->{$h} ]; - unless ( $data->[1]) { + unless ( $data->[1] ) { $data->[1] = "string"; } - unless ( $data->[2]) { + unless ( $data->[2] ) { $data->[2] = "auto"; } push @$resp, @@ -416,6 +417,7 @@ sub _oidcMetaDataNodes { } return $self->sendJSONresponse( $req, $resp ); } + # Return all exported attributes if asked elsif ( $query =~ /^(?:oidc${type}MetaDataExportedVars|oidcRPMetaDataOptionsExtraClaims|oidcRPMetaDataMacros|oidcRPMetaDataScopeRules)$/ @@ -733,9 +735,9 @@ sub combModules { my $res = []; foreach my $mod ( keys %$val ) { my $tmp; - $tmp->{title} = $mod; - $tmp->{id} = "combModules/$mod"; - $tmp->{type} = 'cmbModule'; + $tmp->{title} = $mod; + $tmp->{id} = "combModules/$mod"; + $tmp->{type} = 'cmbModule'; $tmp->{data}->{$_} = $val->{$mod}->{$_} foreach (qw(type for)); my $over = $val->{$mod}->{over} // {}; $tmp->{data}->{over} = [ map { [ $_, $over->{$_} ] } keys %$over ]; @@ -809,8 +811,8 @@ sub metadata { } # Find next and previous conf - my @a = $self->confAcc->available; - my $id = -1; + my @a = $self->confAcc->available; + my $id = -1; my ($ind) = map { $id++; $_ == $res->{cfgNum} ? ($id) : () } @a; if ($ind) { $res->{prev} = $a[ $ind - 1 ]; } if ( defined $ind and $ind < $#a ) { diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm index a82d82ff3..148811b27 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SAML/Metadata.pm @@ -26,7 +26,7 @@ sub serviceToXML { my ( $self, $conf, $type ) = @_; seek DATA, $dataStart, 0; - my $s = join '', ; + my $s = join '', ; my $template = HTML::Template->new( scalarref => \$s, die_on_bad_params => 0, diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/EmailTransport.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/EmailTransport.pm index 1050a38c4..dd8f77331 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/EmailTransport.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/EmailTransport.pm @@ -95,7 +95,7 @@ sub configTest { } sub sendTestMail { - my ($conf, $dest) = @_; + my ( $conf, $dest ) = @_; my $transport = Lemonldap::NG::Common::EmailTransport->new($conf); my $message = MIME::Entity->build( From => $conf->{mailFrom}, @@ -110,7 +110,7 @@ sub sendTestMail { # Send the mail eval { sendmail( $message->stringify, { transport => $transport } ); }; if ($@) { - my $error = ( $@->isa('Throwable::Error') ? $@->message : $@ ); + my $error = ( $@->isa('Throwable::Error') ? $@->message : $@ ); die $error; } } diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/IPv6.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/IPv6.pm index ca47f4023..1c493c0e4 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/IPv6.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/IPv6.pm @@ -4,7 +4,7 @@ use strict; use base 'Exporter'; our $VERSION = '2.0.10'; -our @EXPORT = qw(&isIPv6 &net6 &expand6); +our @EXPORT = qw(&isIPv6 &net6 &expand6); sub isIPv6 { my ($ip) = @_; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Log4perl.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Log4perl.pm index edd1b9f4a..7ace11c86 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Log4perl.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Log4perl.pm @@ -58,12 +58,12 @@ sub new { } sub setRequestObj { - my ($self, $req) = @_; + my ( $self, $req ) = @_; Log::Log4perl::MDC->put( "req", $req ); } sub clearRequestObj { - my ($self, $req) = @_; + my ( $self, $req ) = @_; my $text = Log::Log4perl::MDC->remove(); } diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Sentry.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Sentry.pm index 74eef52b3..8cdb9c712 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Sentry.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Logger/Sentry.pm @@ -13,9 +13,9 @@ use Sentry::Raven; our $VERSION = '2.0.14'; sub new { - my $self = bless {}, shift; + my $self = bless {}, shift; my ($conf) = @_; - my $show = 1; + my $show = 1; $self->{raven} = Sentry::Raven->new( sentry_dsn => $conf->{sentryDsn} ); foreach (qw(error warn notice info debug)) { my $rl = $_; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm index 747ed27cc..bd5e2226e 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI.pm @@ -356,7 +356,8 @@ sub _logAndHandle { if ( ref( $self->logger ) and $self->logger->can('setRequestObj') ) { $self->logger->setRequestObj($req); } - if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) { + if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) + { $self->userLogger->setRequestObj($req); } @@ -367,7 +368,9 @@ sub _logAndHandle { if ( ref( $self->logger ) and $self->logger->can('clearRequestObj') ) { $self->logger->clearRequestObj($req); } - if ( ref( $self->userLogger ) and $self->userLogger->can('clearRequestObj') ) { + if ( ref( $self->userLogger ) + and $self->userLogger->can('clearRequestObj') ) + { $self->userLogger->clearRequestObj($req); } diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Cli/Lib.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Cli/Lib.pm index e4682d49e..7c768db41 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Cli/Lib.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Cli/Lib.pm @@ -27,7 +27,7 @@ sub _get { 'REQUEST_URI' => $path . ( $query ? "?$query" : '' ), 'SERVER_PORT' => '8002', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => '127.0.0.1:8002' @@ -52,7 +52,7 @@ sub _post { 'REQUEST_URI' => $path . ( $query ? "?$query" : '' ), 'SERVER_PORT' => '8002', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => '127.0.0.1:8002', @@ -81,7 +81,7 @@ sub _put { 'REQUEST_URI' => $path . ( $query ? "?$query" : '' ), 'SERVER_PORT' => '8002', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => '127.0.0.1:8002', @@ -110,7 +110,7 @@ sub _patch { 'REQUEST_URI' => $path . ( $query ? "?$query" : '' ), 'SERVER_PORT' => '8002', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => '127.0.0.1:8002', @@ -137,7 +137,7 @@ sub _del { 'REQUEST_URI' => $path . ( $query ? "?$query" : '' ), 'SERVER_PORT' => '8002', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => '127.0.0.1:8002', diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm index 3dcf9b222..d8a4fb62a 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Request.pm @@ -48,8 +48,7 @@ sub userData { return $self->{userData} || { ( $Lemonldap::NG::Handler::Main::tsv->{whatToTrace} - || '_whatToTrace' ) => $self->{user}, - }; + || '_whatToTrace' ) => $self->{user}, }; } sub respHeaders { diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Router.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Router.pm index 5d5add3d0..1c622fb9d 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Router.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/PSGI/Router.pm @@ -11,8 +11,8 @@ extends 'Lemonldap::NG::Common::PSGI'; # Properties has 'routes' => ( - is => 'rw', - isa => 'HashRef', + is => 'rw', + isa => 'HashRef', default => sub { { GET => {}, POST => {}, PUT => {}, PATCH => {}, DELETE => {} } } ); diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm index a04c5eb12..0cb31c841 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm @@ -121,20 +121,29 @@ sub date { return $year . $mon . $mday . $hour . $min . $sec; } - ## @function integer dateToTime(string date) # Converts a LDAP date into epoch time or returns undef upon failure. # @param $date string Date in YYYYMMDDHHMMSS[+/-0000] format. It may contain a differential timezone, otherwise default TZ is GMT # @return Date converted to time sub dateToTime { my $date = shift; - return undef unless ( $date ); + return undef unless ($date); # Parse date - my ( $year, $month, $day, $hour, $min, $sec, $zone ) = ( $date =~ /(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})([-+\w]*)/ ); + my ( $year, $month, $day, $hour, $min, $sec, $zone ) = + ( $date =~ /(\d{4})(\d{2})(\d{2})(\d{2})(\d{2})(\d{2})([-+\w]*)/ ); - # Convert date to epoch time with GMT as default timezone if date contains none - return str2time( $year . "-" . $month . "-" . $day . "T" . $hour . ":" . $min . ":" . $sec . $zone, "GMT" ); + # Convert date to epoch time with GMT as default timezone if date contains none + return str2time( + $year . "-" + . $month . "-" + . $day . "T" + . $hour . ":" + . $min . ":" + . $sec + . $zone, + "GMT" + ); } ## @function boolean checkDate(string start, string end, boolean default_access) @@ -158,10 +167,10 @@ sub checkDate { # Convert dates to epoch time my $starttime = &dateToTime($start); - my $endtime = &dateToTime($end); + my $endtime = &dateToTime($end); # Convert current GMT date to epoch time - my $datetime = &dateToTime(&date(1)); + my $datetime = &dateToTime( &date(1) ); return 1 if ( ( $datetime >= $starttime ) and ( $datetime <= $endtime ) ); return 0; diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session.pm index 83896b6ea..d494086d7 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session.pm @@ -126,8 +126,8 @@ sub BUILD { if ( $self->{info} ) { foreach ( keys %{ $self->{info} } ) { - next if ( $_ eq "_session_id" and $data->{_session_id} ); - next if ( $_ eq "_session_kind" and $data->{_session_kind}); + next if ( $_ eq "_session_id" and $data->{_session_id} ); + next if ( $_ eq "_session_kind" and $data->{_session_kind} ); if ( defined $self->{info}->{$_} ) { $data->{$_} = $self->{info}->{$_}; } diff --git a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm index deb6940a0..a3fba4b0f 100644 --- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm +++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Session/REST.pm @@ -258,13 +258,13 @@ sub getApacheSession { my $apacheSession = Lemonldap::NG::Common::Session->new( { storageModule => $mod->{module}, storageModuleOptions => $mod->{options}, - cacheModule => + cacheModule => Lemonldap::NG::Handler::PSGI::Main->tsv->{sessionCacheModule}, cacheModuleOptions => Lemonldap::NG::Handler::PSGI::Main->tsv->{sessionCacheOptions}, id => $id, force => $force, - ( $id ? () : ( kind => $mod->{kind} ) ), + ( $id ? () : ( kind => $mod->{kind} ) ), ( $info ? ( info => $info ) : () ), } ); @@ -294,7 +294,7 @@ sub getMod { } sub getGlobal { - my ( $self ) = @_; + my ($self) = @_; return $self->sessionTypes->{global}; } diff --git a/lemonldap-ng-common/t/50-Combination-Parser.t b/lemonldap-ng-common/t/50-Combination-Parser.t index da72227a5..dc4f1587c 100644 --- a/lemonldap-ng-common/t/50-Combination-Parser.t +++ b/lemonldap-ng-common/t/50-Combination-Parser.t @@ -55,8 +55,11 @@ ok( # Test "and" -@tests = ( '[A and B, A]', '[A,B] and [B,C]', - 'if(0) then [A,B] else [A,B] and [B,C]' ); +@tests = ( + '[A and B, A]', + '[A,B] and [B,C]', + 'if(0) then [A,B] else [A,B] and [B,C]' +); while ( my $expr = shift @tests ) { ok( [ getok($expr) ]->[0] == 0, qq{"$expr" returns PE_OK as auth result} ) diff --git a/lemonldap-ng-common/t/60-Session-Cli.t b/lemonldap-ng-common/t/60-Session-Cli.t index ff40065eb..5f6d63e67 100644 --- a/lemonldap-ng-common/t/60-Session-Cli.t +++ b/lemonldap-ng-common/t/60-Session-Cli.t @@ -240,7 +240,7 @@ is( @{$res}, 2, "Found 2 psessions" ); # Test search with where $res = getJson( "search", { where => "uid=dwho" } ); -is( @{$res}, 2, "Found 2 sessions" ); +is( @{$res}, 2, "Found 2 sessions" ); is( ( grep { $_->{uid} eq "dwho" } @{$res} ), 2, "Both sessions are dwho" ); # Test search with where and field selection @@ -259,7 +259,7 @@ is( ); # Delete session -$cli->run( 'delete', {}, "9684dd2a6489bf2be2fbdd799a8028e3" ); +$cli->run( 'delete', {}, "9684dd2a6489bf2be2fbdd799a8028e3" ); $cli->run( 'delete', { persistent => 1 }, "rtyler" ); $res = getJson( "get", {}, "9684dd2a6489bf2be2fbdd799a8028e3" ); @@ -348,7 +348,7 @@ is( ( keys %{$res} ), 2, "Found two consents" ); $cli->run( "consents", {}, "delete", "dwho", "rp-example" ); $res = getJson( "consents", {}, "get", "dwho" ); -is( ( keys %{$res} ), 1, "Found one consent" ); +is( ( keys %{$res} ), 1, "Found one consent" ); is( $res->{'rp-example'}, undef, "Consent for test-rp removed" ); ok( $res->{'rp-example2'}, "Consent for test-rp2 still present" ); diff --git a/lemonldap-ng-common/t/60-U2F-Migrate.t b/lemonldap-ng-common/t/60-U2F-Migrate.t index 1ab522745..20735d16d 100644 --- a/lemonldap-ng-common/t/60-U2F-Migrate.t +++ b/lemonldap-ng-common/t/60-U2F-Migrate.t @@ -72,18 +72,18 @@ SKIP: { 'name' => 'Imported automatically' }, { - 'name' => 'U2F-1', - 'type' => 'U2F', - 'epoch' => 1588691728, + 'name' => 'U2F-1', + 'type' => 'U2F', + 'epoch' => 1588691728, '_keyHandle' => '4aS6vXlFQpG5XZSoad6auM9fFu7Q1wazQYwfPtPKN_Hll6Up_ceeWkOgqxm49swWq4Vvcg5UlX0sQQhuRe8heA', '_userKey' => 'BMgMqKPL2PhsjCNW78UEQyNF8zlJtrAAPtWMUDBp9VfDRF5oL2xkwFuyXRMPtRZ7lNfGijDrMc06bDNfp478sQQ', }, { - 'name' => 'U2F-2', - 'type' => 'U2F', - 'epoch' => 1588691730, + 'name' => 'U2F-2', + 'type' => 'U2F', + 'epoch' => 1588691730, '_keyHandle' => 'F1Kk9V_O7KDPIx-mqp6CIjbz7ljA-ihWVWyoP1xYBe_HPLHR74aTLanmn0b4vI8DumiBWO1DAle3k6N55cXreg', '_userKey' => @@ -128,9 +128,9 @@ SKIP: { 'name' => 'Imported automatically' }, { - 'name' => 'U2F-3', - 'type' => 'U2F', - 'epoch' => 1588691734, + 'name' => 'U2F-3', + 'type' => 'U2F', + 'epoch' => 1588691734, '_keyHandle' => '4suXv5Cf10vbJEP72mVkLpBjhSqy5niOgfc0X_MjdxZ_g2e-V8biC6WyCTpF_kGV1FCa06YlcryPCtWUuUST_g', '_userKey' => diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm index ecf4d219d..af1fb70c9 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/ApacheMP2.pm @@ -48,7 +48,9 @@ sub launch { if ( ref( $class->logger ) and $class->logger->can('setRequestObj') ) { $class->logger->setRequestObj($req); } - if ( ref( $class->userLogger ) and $class->userLogger->can('setRequestObj') ) { + if ( ref( $class->userLogger ) + and $class->userLogger->can('setRequestObj') ) + { $class->userLogger->setRequestObj($req); } @@ -58,7 +60,9 @@ sub launch { if ( ref( $class->logger ) and $class->logger->can('clearRequestObj') ) { $class->logger->clearRequestObj($req); } - if ( ref( $class->userLogger ) and $class->userLogger->can('clearRequestObj') ) { + if ( ref( $class->userLogger ) + and $class->userLogger->can('clearRequestObj') ) + { $class->userLogger->clearRequestObj($req); } return $res; diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/DevOps.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/DevOps.pm index 25d6ae506..f99804f14 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/DevOps.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/DevOps.pm @@ -53,8 +53,7 @@ sub _loadVhostConfig { my $resp = $class->ua->request($get); if ( $resp->is_success ) { $class->logger->debug('Response is success'); - eval { - $json = from_json( $resp->content, { allow_nonref => 1 } ); }; + eval { $json = from_json( $resp->content, { allow_nonref => 1 } ); }; if ($@) { $class->logger->debug('Bad json file received'); $class->logger->error( @@ -92,7 +91,7 @@ q"I refuse to compile 'rules.json' when useSafeJail isn't activated! Yes I know, $class->logger->debug("DevOps handler called by $vhost"); $class->locationRulesInit( undef, { $vhost => $json->{rules} } ); - $class->headersInit( undef, { $vhost => $json->{headers} } ); + $class->headersInit( undef, { $vhost => $json->{headers} } ); $class->tsv->{lastVhostUpdate}->{$vhost} = time; $class->tsv->{https}->{$vhost} = uc $req->env->{HTTPS_REDIRECT} eq 'ON' if exists $req->env->{HTTPS_REDIRECT}; diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm index 0d3048f94..8fb0cb098 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/PSGI.pm @@ -118,7 +118,8 @@ sub _logAuthTrace { if ( ref( $self->logger ) and $self->logger->can('setRequestObj') ) { $self->logger->setRequestObj($req); } - if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) { + if ( ref( $self->userLogger ) and $self->userLogger->can('setRequestObj') ) + { $self->userLogger->setRequestObj($req); } @@ -129,7 +130,9 @@ sub _logAuthTrace { if ( ref( $self->logger ) and $self->logger->can('clearRequestObj') ) { $self->logger->clearRequestObj($req); } - if ( ref( $self->userLogger ) and $self->userLogger->can('clearRequestObj') ) { + if ( ref( $self->userLogger ) + and $self->userLogger->can('clearRequestObj') ) + { $self->userLogger->clearRequestObj($req); } diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm index 9ef350db4..c5c6b6222 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm @@ -7,7 +7,8 @@ our $VERSION = '2.0.9'; sub fetchId { my ( $class, $req ) = @_; my $token = $req->{env}->{HTTP_X_LLNG_TOKEN}; - return $class->Lemonldap::NG::Handler::Main::fetchId($req) unless ($token =~ /\w+/); + return $class->Lemonldap::NG::Handler::Main::fetchId($req) + unless ( $token =~ /\w+/ ); $class->logger->debug("Found token: $token"); # Decrypt token diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ZimbraPreAuth.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ZimbraPreAuth.pm index 55f48ea62..fc1acd461 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ZimbraPreAuth.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ZimbraPreAuth.pm @@ -29,10 +29,10 @@ sub run { my $localConfig = $class->localConfig; my $zimbraPreAuthKey = $localConfig->{zimbraPreAuthKey}; my $zimbraAccountKey = $localConfig->{zimbraAccountKey} || 'uid'; - my $zimbraBy = $localConfig->{zimbraBy} || 'id'; - my $zimbraUrl = $localConfig->{zimbraUrl} || '/service/preauth'; + my $zimbraBy = $localConfig->{zimbraBy} || 'id'; + my $zimbraUrl = $localConfig->{zimbraUrl} || '/service/preauth'; my $zimbraSsoUrl = $localConfig->{zimbraSsoUrl} || '^/zimbrasso$'; - my $timeout = $localConfig->{'timeout'} || '0'; + my $timeout = $localConfig->{'timeout'} || '0'; # Remove trailing white-spaces $zimbraAccountKey =~ s/\s+$//; diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Jail.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Jail.pm index eea5f375c..145a4b82c 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Jail.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Jail.pm @@ -63,7 +63,9 @@ sub build_jail { if ($build) { @builtCustomFunctions = - $self->customFunctions ? split( /[,\s]+/, $self->customFunctions ) : (); + $self->customFunctions + ? split( /[,\s]+/, $self->customFunctions ) + : (); foreach (@builtCustomFunctions) { no warnings 'redefine'; $api->logger->debug("Custom function: $_"); diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm index 0adee8198..94d4da9c4 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Reload.pm @@ -65,7 +65,8 @@ sub checkConf { or $class->cfgNum != $conf->{cfgNum} or $class->cfgDate != $conf->{cfgDate} ) { - $class->logger->debug("Get configuration $conf->{cfgNum} aged $conf->{cfgDate}"); + $class->logger->debug( + "Get configuration $conf->{cfgNum} aged $conf->{cfgDate}"); unless ( $class->cfgNum( $conf->{cfgNum} ) && $class->cfgDate( $conf->{cfgDate} ) ) { diff --git a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm index 79eb84fc0..b542ceb41 100644 --- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm +++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm @@ -504,7 +504,7 @@ sub fetchId { if $class->_isHttps( $req, $vhost ); my $lookForHttpCookie = ( $class->tsv->{securedCookie} =~ /^(2|3)$/ and not $class->_isHttps( $req, $vhost ) ); - my $cn = $class->tsv->{cookieName}; + my $cn = $class->tsv->{cookieName}; my $value = $lookForHttpCookie # Avoid prefix and bad cookie name (#2417) ? ( $t =~ /(?data->{_session_id} and $id eq $class->data->{_session_id} - and - ( $now - $class->dataUpdate < $class->tsv->{handlerInternalCache} ) ) + and ( $now - $class->dataUpdate < $class->tsv->{handlerInternalCache} ) + ) { $class->logger->debug("Get session $id from Handler internal cache"); return $class->data; @@ -898,8 +898,9 @@ sub postJavascript { my $filler; foreach my $name ( keys %$data ) { use bytes; - my @characterSet = ( '0' ..'9', 'A' .. 'Z', 'a' .. 'z' ); - my $value = join '' => map $characterSet[ rand @characterSet ], 1 .. bytes::length( $data->{$name} ); + my @characterSet = ( '0' .. '9', 'A' .. 'Z', 'a' .. 'z' ); + my $value = join '' => map $characterSet[ rand @characterSet ], + 1 .. bytes::length( $data->{$name} ); $filler .= "form.find('input[name=\"$name\"], select[name=\"$name\"], textarea[name=\"$name\"]').val('$value')\n"; } diff --git a/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t b/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t index 2c8cd74e2..fcfef8f7c 100644 --- a/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t +++ b/lemonldap-ng-handler/t/12-Lemonldap-NG-Handler-Jail.t @@ -36,7 +36,7 @@ ok( ( defined($code) and ref($code) eq 'CODE' ), 'encode_base64 function is defined' ); -ok( $res = &$code, "Function works" ); +ok( $res = &$code, "Function works" ); ok( $res eq 'dGVzdA==', 'Get good result' ); $sub = "sub { return ( listMatch('ABC; DEF; GHI','abc',1) ) }"; @@ -58,7 +58,7 @@ ok( 'checkDate extended function is defined' ); ok( $res = &$code, "Function works" ); -ok( $res == 1, 'Get good result' ); +ok( $res == 1, 'Get good result' ); $sub = "sub { return(checkDate('20000101000000+0100','21000101000000+0100')) }"; $code = $jail->jail_reval($sub); @@ -67,7 +67,7 @@ ok( 'checkDate extended function is defined' ); ok( $res = &$code, "Function works" ); -ok( $res == 1, 'Get good result' ); +ok( $res == 1, 'Get good result' ); $sub = "sub { return(has2f_internal(\$_[0],\$_[1])) }"; $code = $jail->jail_reval($sub); diff --git a/lemonldap-ng-handler/t/60-Lemonldap-NG-Handler-PSGI.t b/lemonldap-ng-handler/t/60-Lemonldap-NG-Handler-PSGI.t index cea6fe850..5533f7c0f 100644 --- a/lemonldap-ng-handler/t/60-Lemonldap-NG-Handler-PSGI.t +++ b/lemonldap-ng-handler/t/60-Lemonldap-NG-Handler-PSGI.t @@ -15,7 +15,7 @@ my $SKIPUSER = 0; # -------------------- ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 302, ' Code is 302' ) or explain( $res->[0], 302 ); +ok( $res->[0] == 302, ' Code is 302' ) or explain( $res->[0], 302 ); my %h = @{ $res->[1] }; ok( $h{Location} eq 'http://auth.example.com/?url=' @@ -224,8 +224,13 @@ ok( $res->[0] == 200, ' Code is 200' ) or explain( $res, 200 ); count(2); # Forged headers -ok( $res = $client->_get( '/skipif/zz', undef, 'test1.example.com', undef, HTTP_AUTH_USER => 'rtyler' ), - 'Test skip() with forged header' ); +ok( + $res = $client->_get( + '/skipif/zz', undef, 'test1.example.com', undef, + HTTP_AUTH_USER => 'rtyler' + ), + 'Test skip() with forged header' +); ok( $res->[0] == 200, ' Code is 200' ) or explain( $res, 200 ); count(2); diff --git a/lemonldap-ng-handler/t/61-Lemonldap-NG-Handler-PSGI-Server.t b/lemonldap-ng-handler/t/61-Lemonldap-NG-Handler-PSGI-Server.t index c3c6a19ea..be5865bbb 100644 --- a/lemonldap-ng-handler/t/61-Lemonldap-NG-Handler-PSGI-Server.t +++ b/lemonldap-ng-handler/t/61-Lemonldap-NG-Handler-PSGI-Server.t @@ -13,7 +13,7 @@ my $res; # -------------------- ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); +ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); my %h = @{ $res->[1] }; ok( $h{Location} eq 'http://auth.example.com/?url=' diff --git a/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t b/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t index 60e0a2553..8d96ea321 100644 --- a/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t +++ b/lemonldap-ng-handler/t/62-Lemonldap-NG-Handler-Nginx.t @@ -16,7 +16,7 @@ my $res; # Unauthentified query ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 ); +ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 ); my %h = @{ $res->[1] }; ok( $h{Location} eq 'http://auth.example.com/?url=' diff --git a/lemonldap-ng-handler/t/63-Lemonldap-NG-Handler-PSGI-Try.t b/lemonldap-ng-handler/t/63-Lemonldap-NG-Handler-PSGI-Try.t index 9d7408fcf..cade9e12f 100644 --- a/lemonldap-ng-handler/t/63-Lemonldap-NG-Handler-PSGI-Try.t +++ b/lemonldap-ng-handler/t/63-Lemonldap-NG-Handler-PSGI-Try.t @@ -39,7 +39,7 @@ my $res; # Unauth tests ok( $res = $client->_get('/test'), 'Get response' ); -ok( $res->[0] == 200, 'Response code is 200' ) +ok( $res->[0] == 200, 'Response code is 200' ) or print "Expect 200, got $res->[0]\n"; ok( $res->[2]->[0] eq 'Unauth', 'Get unauth result' ) or print "Expect Unauth, got $res->[2]->[0]\n"; @@ -64,7 +64,7 @@ count(3); # Bad path test ok( $res = $client->_get('/[]/test'), 'Try a bad path' ); -ok( $res->[0] == 400, 'Response is 400' ); +ok( $res->[0] == 400, 'Response is 400' ); count(2); clean(); diff --git a/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-vhostOptions.t b/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-vhostOptions.t index ec8b52565..ebc8f86ad 100644 --- a/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-vhostOptions.t +++ b/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-vhostOptions.t @@ -82,12 +82,12 @@ no warnings 'redefine'; sub LWP::UserAgent::request { my ( $self, $req ) = @_; - ok( $req->header('host') eq 'devops.example.com', - 'Host header found' ) + ok( $req->header('host') eq 'devops.example.com', 'Host header found' ) or explain( $req->headers(), 'devops.example.com' ); ok( $req->as_string() =~ m#http://devops.example.com/myfile.json#, 'Rules file URL found' ) - or explain( $req->as_string(), 'GET http://devops.example.com/myfile.json' ); + or + explain( $req->as_string(), 'GET http://devops.example.com/myfile.json' ); count(2); my $httpResp; my $s = '{ diff --git a/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-with-param.t b/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-with-param.t index cb1684b3a..520ead734 100644 --- a/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-with-param.t +++ b/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps-with-param.t @@ -14,8 +14,8 @@ init( #logLevel => 'debug', vhostOptions => { 'test3.example.com' => { - vhostHttps => 0, - vhostPort => 80, + vhostHttps => 0, + vhostPort => 80, vhostDevOpsRulesUrl => 'http://donotuse.example.com/myfile.json', }, diff --git a/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps.t b/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps.t index 20e01f857..7b0bc78f0 100644 --- a/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps.t +++ b/lemonldap-ng-handler/t/64-Lemonldap-NG-Handler-PSGI-DevOps.t @@ -73,8 +73,7 @@ no warnings 'redefine'; sub LWP::UserAgent::request { my ( $self, $req ) = @_; - ok( $req->header('host') eq 'test3.example.com', - 'Host header found' ) + ok( $req->header('host') eq 'test3.example.com', 'Host header found' ) or explain( $req->headers(), 'test3.example.com' ); ok( $req->as_string() =~ m#http://127.0.0.1:80/rules.json#, 'Rules file URL found' ) diff --git a/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t b/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t index 642eb7339..12aba7771 100644 --- a/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t +++ b/lemonldap-ng-handler/t/66-Lemonldap-NG-Handler-PSGI-wildcard.t @@ -15,7 +15,7 @@ my $res; ok( $res = $client->_get( '/', undef, 'test.example.org' ), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); +ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); my %h = @{ $res->[1] }; ok( $h{Location} eq 'http://auth.example.com/?url=' diff --git a/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions-with-reload.t b/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions-with-reload.t index c1321c3e6..933a4ea85 100644 --- a/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions-with-reload.t +++ b/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions-with-reload.t @@ -21,7 +21,7 @@ my $res; ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); +ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); my $conf; eval { @@ -41,7 +41,7 @@ Lemonldap::NG::Handler::Main->configReload($conf); fail $@ if $@; ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); +ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); my %h = @{ $res->[1] }; ok( $h{Location} eq 'http://auth.example.com/?url=' diff --git a/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions.t b/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions.t index 97dc8817f..22f136d5d 100644 --- a/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions.t +++ b/lemonldap-ng-handler/t/67-Lemonldap-NG-Handler-PSGI-vhostOptions.t @@ -27,7 +27,7 @@ my $res; ok( $res = $client->_get('/'), 'Unauthentified query' ); ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' ); -ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); +ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 ); my %h = @{ $res->[1] }; ok( $h{Location} eq 'http://auth.example.com/?url=' diff --git a/lemonldap-ng-handler/t/71-Lemonldap-NG-Handler-PSGI-OAuth2.t b/lemonldap-ng-handler/t/71-Lemonldap-NG-Handler-PSGI-OAuth2.t index e91a9cee3..deb722225 100644 --- a/lemonldap-ng-handler/t/71-Lemonldap-NG-Handler-PSGI-OAuth2.t +++ b/lemonldap-ng-handler/t/71-Lemonldap-NG-Handler-PSGI-OAuth2.t @@ -50,7 +50,7 @@ init( Lemonldap::NG::Common::Session->new( { storageModule => 'Apache::Session::File', storageModuleOptions => { Directory => 't/sessions' }, - id => + id => 'f0fd4e85000ce35d062f97f5b466fc00abc2fad0406e03e086605f929ec4a249', force => 1, kind => 'OIDCI', @@ -144,7 +144,7 @@ ok( $res = $client->_get( '/read', undef, 'test1.example.com', '', - VHOSTTYPE => 'OAuth2', + VHOSTTYPE => 'OAuth2', HTTP_AUTHORIZATION => 'Bearer f0fd4e85000ce35d062f97f5b466fc00abc2fad0406e03e086605f929ec4a249', ), @@ -165,7 +165,7 @@ ok( $res = $client->_get( '/write', undef, 'test1.example.com', '', - VHOSTTYPE => 'OAuth2', + VHOSTTYPE => 'OAuth2', HTTP_AUTHORIZATION => 'Bearer f0fd4e85000ce35d062f97f5b466fc00abc2fad0406e03e086605f929ec4a249', ), @@ -178,7 +178,7 @@ ok( $res = $client->_get( '/test', undef, 'test1.example.com', '', - VHOSTTYPE => 'OAuth2', + VHOSTTYPE => 'OAuth2', HTTP_AUTHORIZATION => 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwianRpIjoiZjBmZDRlODUwMDBjZTM1ZDA2MmY5N2Y1YjQ2NmZjMDBhYmMyZmFkMDQwNmUwM2UwODY2MDVmOTI5ZWM0YTI0OSJ9.h0RDBLo5Vy8lqbltEP2L496KOzJLhLCIRZZmEqcPuN8', ), diff --git a/lemonldap-ng-handler/t/test-psgi-lib.pm b/lemonldap-ng-handler/t/test-psgi-lib.pm index a82996b45..3890f94ea 100644 --- a/lemonldap-ng-handler/t/test-psgi-lib.pm +++ b/lemonldap-ng-handler/t/test-psgi-lib.pm @@ -75,7 +75,7 @@ sub init { '_utime' => $now, '_passwordDB' => 'Demo', '_auth' => 'Demo', - 'UA' => + 'UA' => 'Mozilla/5.0 (X11; VAX4000; rv:43.0) Gecko/20100101 Firefox/143.0 Iceweasel/143.0.1' }; @@ -152,7 +152,7 @@ sub _get { 'X_ORIGINAL_URI' => $path . ( $query ? "?$query" : '' ), 'SERVER_PORT' => '80', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => $host, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm index 1fc5e397a..f10d95ca5 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager.pm @@ -24,7 +24,7 @@ extends qw( Lemonldap::NG::Common::Conf::AccessLib ); -has csp => ( is => 'rw' ); +has csp => ( is => 'rw' ); has loadedPlugins => ( is => 'rw', default => sub { [] } ); has hLoadedPlugins => ( is => 'rw', default => sub { {} } ); diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm index 214350864..c95fdd703 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/2ndFA.pm @@ -47,7 +47,8 @@ sub init { $self->{hiddenAttributes} //= "_password"; $self->{hiddenAttributes} .= ' _session_id' unless $conf->{displaySessionId}; - $self->{TOTPCheck} = $self->{U2FCheck} = $self->{UBKCheck} = $self->{WebAuthnCheck} = '1'; + $self->{TOTPCheck} = $self->{U2FCheck} = $self->{UBKCheck} = + $self->{WebAuthnCheck} = '1'; return 1; } @@ -68,7 +69,7 @@ sub del2F { my $epoch = $params->{epoch} or return $self->sendError( $req, 'Missing "epoch" parameter', 400 ); - if ( grep { $_ eq $type } @{_2FTYPES()} ) { + if ( grep { $_ eq $type } @{ _2FTYPES() } ) { $self->logger->debug( "Call procedure delete2F with type=$type and epoch=$epoch"); return $self->delete2F( $req, $session, $skey ); @@ -118,7 +119,7 @@ sub sfa { $moduleOptions->{backend} = $mod->{module}; # Select 2FA sessions to display - foreach (@{_2FTYPES()}) { + foreach ( @{ _2FTYPES() } ) { $self->{ $_ . 'Check' } = delete $params->{ $_ . 'Check' } if ( defined $params->{ $_ . 'Check' } ); } @@ -189,7 +190,7 @@ sub sfa { # Remove sessions without at least one 2F device(s) $self->logger->debug( "Removing sessions without at least one 2F device(s)..."); - my $_2f_types_re = join ('|', @{_2FTYPES()}); + my $_2f_types_re = join( '|', @{ _2FTYPES() } ); foreach my $session ( keys %$res ) { delete $res->{$session} unless ( defined $res->{$session}->{_2fDevices} @@ -200,7 +201,7 @@ sub sfa { # Filter 2FA sessions if needed $self->logger->debug("Filtering 2F sessions..."); my $all = ( keys %$res ); - foreach (@{_2FTYPES()}) { + foreach ( @{ _2FTYPES() } ) { if ( $self->{ $_ . 'Check' } eq '2' ) { foreach my $session ( keys %$res ) { delete $res->{$session} @@ -268,7 +269,7 @@ qq{Use of an uninitialized attribute "$group" to group sessions}, # { session => , userId => <_session_uid> } else { $res = [ - sort { $a->{date} <=> $b->{date} } + sort { $a->{date} <=> $b->{date} } map { { session => $_, userId => $res->{$_}->{_session_uid} } } keys %$res ]; diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm index 562642f1c..fa3fb25b9 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/2F.pm @@ -337,7 +337,7 @@ sub _checkType { return { res => "ko", code => 400, - msg => + msg => "Invalid input: Type \"$type\" does not exist. Allowed values for type are: \"U2F\", \"TOTP\", \"WebAuthn\" or \"UBK\"" } unless ( $type =~ /\b(?:U2F|TOTP|UBK|WebAuthn)\b/i ); diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm index e1f6a35eb..a891b8abf 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/CasApp.pm @@ -312,8 +312,8 @@ sub _isNewCasAppServiceUrlUnique { # Check service paramater unless ( ref $casApp->{options}->{service} eq "ARRAY" ) { return { - res => 'ko', - msg => "The parameter 'service' must be an array", + res => 'ko', + msg => "The parameter 'service' must be an array", }; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm index 35aa8b6ca..05f3ede05 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm @@ -140,7 +140,7 @@ sub addOidcRp { 409 ) if ( defined $self->_getOidcRpByClientId( $conf, $add->{clientId} ) ); - $add->{options} = {} unless ( defined $add->{options} ); + $add->{options} = {} unless ( defined $add->{options} ); $add->{options}->{clientId} = $add->{clientId}; $add->{options}->{redirectUris} = $add->{redirectUris}; @@ -246,8 +246,8 @@ sub replaceOidcRp { return $self->sendError( $req, $res->{msg}, 409 ) unless ( $res->{res} eq 'ok' ); - $replace->{options} = {} unless ( defined $replace->{options} ); - $replace->{options}->{clientId} = $replace->{clientId}; + $replace->{options} = {} unless ( defined $replace->{options} ); + $replace->{options}->{clientId} = $replace->{clientId}; $replace->{options}->{redirectUris} = $replace->{redirectUris}; $res = $self->_pushOidcRp( $conf, $confKey, $replace, 1 ); diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm index 0786cd0f0..b78c01ebd 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Attributes.pm @@ -67,7 +67,7 @@ sub types { 'hostname' => { 'form' => 'text', 'msgFail' => '__badHostname__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))?$/ }, 'int' => { @@ -257,7 +257,7 @@ m[^(?:(?:\-+\s*BEGIN\s+(?:PUBLIC\s+KEY|CERTIFICATE)\s*\-+\r?\n)?[a-zA-Z0-9/\+\r\ 'url' => { 'form' => 'text', 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:^$|(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?))/ } }; @@ -802,7 +802,7 @@ sub attributes { }, 'casSrvMetaDataOptionsUrl' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, @@ -1341,7 +1341,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'domain' => { 'default' => 'example.com', 'msgFail' => '__badDomainName__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, 'type' => 'text' }, @@ -1484,7 +1484,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA- }, 'globalStorageOptions' => { 'default' => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'Directory' => '/var/lib/lemonldap-ng/sessions/', 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/' @@ -1609,7 +1609,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA- 'issuerDBGetParameters' => { 'default' => {}, 'keyMsgFail' => '__badHostname__', - 'keyTest' => + 'keyTest' => qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, 'test' => { 'keyMsgFail' => '__badKeyName__', @@ -2808,7 +2808,7 @@ m[^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: 'pdataDomain' => { 'default' => '', 'msgFail' => '__badDomainName__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?))?$/, 'type' => 'text' }, @@ -2829,7 +2829,7 @@ qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA- 'portal' => { 'default' => 'http://auth.example.com/', 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'url' }, @@ -3136,7 +3136,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] 'keyTest' => qr/^(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?$/, 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'keyTextContainer' }, @@ -3288,19 +3288,19 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'samlCommonDomainCookieDomain' => { 'msgFail' => '__badDomainName__', - 'test' => + 'test' => qr/^(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)$/, 'type' => 'text' }, 'samlCommonDomainCookieReader' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, 'samlCommonDomainCookieWriter' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, @@ -3317,7 +3317,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'samlDiscoveryProtocolURL' => { 'msgFail' => '__badUrl__', - 'test' => + 'test' => qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::(?:(?:[0-9]*)))?(?:\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:\/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?](?:(?:(?:[;\/?:@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)/, 'type' => 'text' }, @@ -4110,7 +4110,7 @@ qr/(?:(?:https?):\/\/(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.] }, 'SMTPServer' => { 'default' => '', - 'test' => + 'test' => qr/^(?:(?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+))(?::\d+)?)?$/, 'type' => 'text' }, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm index a5a32bc19..78b9dff74 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build.pm @@ -207,7 +207,8 @@ EOF foreach (@simpleHashKeys) { $ra->add($_); } - print F "our \$simpleHashKeys = '" . $ra->as_string . "';\n" + print F "our \$simpleHashKeys = '" + . $ra->as_string . "';\n" . "our \$specialNodeKeys = '${ignoreKeys}s';\n"; foreach ( sort keys %cnodesRe ) { print F "our \$${_}Keys = '$cnodesRe{$_}';\n"; @@ -467,7 +468,7 @@ sub buildPortalConstants() { printf STDERR $format, $self->portalConstantsFile; open( F, '>', $self->portalConstantsFile ) or die($!); - my $urire = $RE{URI}{HTTP}{ -scheme=>qr/https?/ }{-keep}; + my $urire = $RE{URI}{HTTP}{ -scheme => qr/https?/ }{-keep}; $urire =~ s/([\$\@])/\\$1/g; my $content = <{title} = $jleaf->{id} = $leaf->{title}; - $jleaf->{type} = $leaf->{form} if ( $leaf->{form} ); + $jleaf->{type} = $leaf->{form} if ( $leaf->{form} ); if ( $leaf->{title} =~ /^((?:oidc|saml|cas)Service)MetaData$/ ) { no strict 'refs'; my @tmp = $self->scanLeaf( $leaf->{nodes} ); @@ -677,6 +678,7 @@ sub scanTree { my $type = $attr->{type}; $type =~ s/Container//; foreach my $k ( sort keys( %{ $attr->{default} } ) ) { + # Special handling for oidcAttribute my $default = $attr->{default}->{$k}; if ( $attr->{type} eq 'oidcAttributeContainer' ) { @@ -703,9 +705,9 @@ sub scanTree { push @cnodesKeys, $leaf; } - # issue 2439 - # FIXME: in future versions, oidcOPMetaDataJSON and samlIDPMetaDataXML shoud - # behave the same + # issue 2439 + # FIXME: in future versions, oidcOPMetaDataJSON and samlIDPMetaDataXML shoud + # behave the same if ( $leaf =~ /^oidcOPMetaData(?:JSON|JWKS)$/ ) { push @simpleHashKeys, $leaf; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm index f5c6d4cc3..76c4a82cb 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Attributes.pm @@ -239,7 +239,7 @@ sub attributes { # Other checkTime => { - type => 'int', + type => 'int', documentation => 'Timeout to check new configuration in local cache', default => 600, @@ -248,7 +248,7 @@ sub attributes { mySessionAuthorizedRWKeys => { type => 'array', documentation => 'Alterable session keys by user itself', - default => + default => [ '_appsListOrder', '_oidcConnectedRP', '_oidcConsents' ], }, configStorage => { @@ -297,7 +297,7 @@ sub attributes { flags => 'h', }, confirmFormMethod => { - type => "select", + type => "select", select => [ { k => 'get', v => 'GET' }, { k => 'post', v => 'POST' }, ], default => 'post', @@ -318,7 +318,7 @@ sub attributes { flags => 'h', }, infoFormMethod => { - type => "select", + type => "select", select => [ { k => 'get', v => 'GET' }, { k => 'post', v => 'POST' }, ], default => 'get', @@ -379,13 +379,13 @@ sub attributes { documentation => 'Enable portal status', }, portalUserAttr => { - type => 'text', - default => '_user', + type => 'text', + default => '_user', documentation => 'Session parameter to display connected user in portal', }, redirectFormMethod => { - type => "select", + type => "select", select => [ { k => 'get', v => 'GET' }, { k => 'post', v => 'POST' }, ], default => 'get', @@ -446,8 +446,8 @@ sub attributes { documentation => 'Disable fingerprint checkng', }, stayConnectedTimeout => { - type => 'int', - default => 2592000, + type => 'int', + default => 2592000, documentation => 'StayConnected persistent connexion session timeout', flags => 'm', @@ -518,7 +518,7 @@ sub attributes { flags => 'p', }, checkUserSearchAttributes => { - type => 'text', + type => 'text', documentation => 'Attributes used for retrieving sessions in user DataBase', flags => 'p', @@ -745,14 +745,14 @@ sub attributes { flags => 'p', }, skipRenewConfirmation => { - type => 'bool', - default => 0, + type => 'bool', + default => 0, documentation => 'Avoid asking confirmation when an Issuer asks to renew auth', }, skipUpgradeConfirmation => { - type => 'bool', - default => 0, + type => 'bool', + default => 0, documentation => 'Avoid asking confirmation during a session upgrade', }, @@ -761,7 +761,7 @@ sub attributes { documentation => 'Refresh sessions plugin', }, forceGlobalStorageIssuerOTT => { - type => 'bool', + type => 'bool', documentation => 'Force Issuer tokens to be stored into Global Storage', }, @@ -845,8 +845,8 @@ sub attributes { documentation => 'Show error if session is expired', }, portalErrorOnMailNotFound => { - type => 'bool', - default => 0, + type => 'bool', + default => 0, documentation => 'Show error if mail is not found in password reset process', }, @@ -938,15 +938,15 @@ sub attributes { documentation => 'Check XSS', }, portalForceAuthn => { - default => 0, - help => 'forcereauthn.html', - type => 'bool', + default => 0, + help => 'forcereauthn.html', + type => 'bool', documentation => 'Enable force to authenticate when displaying portal', }, portalForceAuthnInterval => { - default => 5, - type => 'int', + default => 5, + type => 'int', documentation => 'Maximum interval in seconds since last authentication to force reauthentication', }, @@ -977,15 +977,15 @@ sub attributes { documentation => 'Max lock time', }, bruteForceProtectionIncrementalTempo => { - default => 0, - help => 'bruteforceprotection.html', - type => 'bool', + default => 0, + help => 'bruteforceprotection.html', + type => 'bool', documentation => 'Enable incremental lock time for brute force attack protection', }, bruteForceProtectionLockTimes => { - type => 'text', - default => '15, 30, 60, 300, 600', + type => 'text', + default => '15, 30, 60, 300, 600', documentation => 'Incremental lock time values for brute force attack protection', }, @@ -1021,38 +1021,38 @@ sub attributes { documentation => 'Enable Cross-Origin Resource Sharing', }, corsAllow_Credentials => { - type => 'text', - default => 'true', + type => 'text', + default => 'true', documentation => 'Allow credentials for Cross-Origin Resource Sharing', }, corsAllow_Headers => { - type => 'text', - default => '*', + type => 'text', + default => '*', documentation => 'Allowed headers for Cross-Origin Resource Sharing', }, corsAllow_Methods => { - type => 'text', - default => 'POST,GET', + type => 'text', + default => 'POST,GET', documentation => 'Allowed methods for Cross-Origin Resource Sharing', }, corsAllow_Origin => { - type => 'text', - default => '*', + type => 'text', + default => '*', documentation => 'Allowed origine for Cross-Origin Resource Sharing', }, corsExpose_Headers => { - type => 'text', - default => '*', + type => 'text', + default => '*', documentation => 'Exposed headers for Cross-Origin Resource Sharing', }, corsMax_Age => { - type => 'text', - default => '86400', # 24 hours + type => 'text', + default => '86400', # 24 hours documentation => 'MAx-age for Cross-Origin Resource Sharing', }, cspDefault => { @@ -1061,8 +1061,8 @@ sub attributes { documentation => 'Default value for Content-Security-Policy', }, cspFormAction => { - type => 'text', - default => "*", + type => 'text', + default => "*", documentation => 'Form action destination for Content-Security-Policy', }, @@ -1082,8 +1082,8 @@ sub attributes { documentation => 'Style source for Content-Security-Policy', }, cspConnect => { - type => 'text', - default => "'self'", + type => 'text', + default => "'self'", documentation => 'Authorized Ajax destination for Content-Security-Policy', }, @@ -1254,8 +1254,8 @@ sub attributes { documentation => 'Display logout tab in portal', }, portalDisplayCertificateResetByMail => { - type => 'bool', - default => 0, + type => 'bool', + default => 0, documentation => 'Display certificate reset by mail button in portal', }, @@ -1280,8 +1280,8 @@ sub attributes { documentation => 'Display OIDC consent tab in portal', }, portalDisplayGeneratePassword => { - default => 1, - type => 'bool', + default => 1, + type => 'bool', documentation => 'Display password generate box in reset password form', }, @@ -1431,8 +1431,8 @@ sub attributes { documentation => 'Notification server activation', }, notificationServerSentAttributes => { - type => 'text', - default => 'uid reference date title subtitle text check', + type => 'text', + default => 'uid reference date title subtitle text check', documentation => 'Prameters to send with notification server GET method', flags => 'p', @@ -1510,8 +1510,8 @@ sub attributes { globalStorageOptions => { type => 'keyTextContainer', default => { - 'Directory' => '/var/lib/lemonldap-ng/sessions/', - 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/', + 'Directory' => '/var/lib/lemonldap-ng/sessions/', + 'LockDirectory' => '/var/lib/lemonldap-ng/sessions/lock/', 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', }, @@ -1637,8 +1637,8 @@ sub attributes { documentation => 'Send a mail when password is changed', }, portalRequireOldPassword => { - default => 1, - type => 'boolOrExpr', + default => 1, + type => 'boolOrExpr', documentation => 'Rule to require old password to change the password', }, @@ -1853,7 +1853,7 @@ sub attributes { documentation => 'Upgrade session activation', }, forceGlobalStorageUpgradeOTT => { - type => 'bool', + type => 'bool', documentation => 'Force Upgrade tokens be stored into Global Storage', }, @@ -1882,7 +1882,7 @@ sub attributes { documentation => 'U2F self registration activation', }, u2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authentified by password+U2F' }, @@ -1916,7 +1916,7 @@ sub attributes { documentation => 'TOTP self registration activation', }, totp2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authentified by password+TOTP' }, @@ -1969,7 +1969,7 @@ sub attributes { documentation => 'UTOTP activation (mixed U2F/TOTP module)', }, utotp2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authentified by password+(U2F or TOTP)' }, @@ -2006,7 +2006,7 @@ sub attributes { documentation => 'Second factor code timeout', }, mail2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authenticated by Mail second factor' }, @@ -2043,7 +2043,7 @@ sub attributes { documentation => 'Validation command of External second factor', }, ext2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authentified by External second factor' }, @@ -2074,7 +2074,7 @@ sub attributes { documentation => 'Radius 2f verification timeout', }, radius2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authenticated by Radius second factor' }, @@ -2118,7 +2118,7 @@ sub attributes { documentation => 'Args for REST 2F init', }, rest2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authentified by REST second factor' }, @@ -2143,7 +2143,7 @@ sub attributes { documentation => 'Yubikey self registration activation', }, yubikey2fAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level for users authentified by Yubikey second factor' }, @@ -2182,7 +2182,7 @@ sub attributes { documentation => 'Authorize users to remove existing Yubikey', }, yubikey2fFromSessionAttribute => { - type => 'text', + type => 'text', documentation => 'Provision yubikey from the given session variable', }, @@ -2203,9 +2203,9 @@ sub attributes { documentation => 'WebAuthn self registration activation', }, webauthn2fAuthnLevel => { - type => 'int', + type => 'int', documentation => - 'Authentication level for users authentified by WebAuthn second factor' +'Authentication level for users authentified by WebAuthn second factor' }, webauthn2fLabel => { type => 'text', @@ -2218,11 +2218,11 @@ sub attributes { webauthn2fUserVerification => { type => 'select', select => [ - { k => 'discouraged', v => 'Discouraged' }, + { k => 'discouraged', v => 'Discouraged' }, { k => 'preferred', v => 'Preferred' }, - { k => 'required', v => 'Required' }, + { k => 'required', v => 'Required' }, ], - default => 'preferred', + default => 'preferred', documentation => 'Verify user during registration and login', }, webauthn2fUserCanRemoveKey => { @@ -2239,7 +2239,6 @@ sub attributes { documentation => 'WebAuthn Relying Party display name', }, - # Single session notifyDeleted => { default => 1, @@ -2284,14 +2283,14 @@ sub attributes { documentation => 'Enable REST password reset server', }, restExportSecretKeys => { - default => 0, - type => 'bool', + default => 0, + type => 'bool', documentation => 'Allow to export secret keys in REST session server', }, restClockTolerance => { - default => 15, - type => 'int', + default => 15, + type => 'int', documentation => 'How tolerant the REST session server will be to clock dift', }, @@ -2320,7 +2319,7 @@ sub attributes { documentation => 'Enable SOAP config server', }, exportedAttr => { - type => 'text', + type => 'text', documentation => 'List of attributes to export by SOAP or REST servers', }, @@ -2583,7 +2582,7 @@ sub attributes { documentation => 'CAS User attribute', }, casAppMetaDataOptionsAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level requires to access to this CAS application', }, @@ -2745,8 +2744,8 @@ sub attributes { default => 'RSA_SHA256', }, samlServiceUseCertificateInResponse => { - type => 'bool', - default => 0, + type => 'bool', + default => 0, documentation => 'Use certificate instead of public key in SAML responses', }, @@ -2769,8 +2768,8 @@ sub attributes { documentation => 'SAML authn context password level', }, samlAuthnContextMapPasswordProtectedTransport => { - type => 'int', - default => 3, + type => 'int', + default => 3, documentation => 'SAML authn context password protected transport level', }, @@ -3131,7 +3130,7 @@ sub attributes { documentation => 'SAML SP SLO SOAP', }, samlSPSSODescriptorAssertionConsumerServiceHTTPArtifact => { - type => 'samlAssertion', + type => 'samlAssertion', default => '0;1;urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact;' . '#PORTAL#/saml/proxySingleSignOnArtifact', @@ -3223,7 +3222,7 @@ sub attributes { default => 1, }, samlSPMetaDataOptionsAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level requires to access to this SP', }, @@ -3335,9 +3334,9 @@ sub attributes { documentation => 'Rule to display second factor Manager link', }, sfRemovedMsgRule => { - type => 'boolOrExpr', - default => 0, - help => 'secondfactor.html', + type => 'boolOrExpr', + default => 0, + help => 'secondfactor.html', documentation => 'Display a message if at leat one expired SF has been removed', }, @@ -3359,7 +3358,7 @@ sub attributes { documentation => 'Notification title', }, sfRemovedNotifMsg => { - type => 'text', + type => 'text', default => '_removedSF_ expired second factor(s) has/have been removed (_nameSF_)!', help => 'secondfactor.html', @@ -3370,13 +3369,14 @@ sub attributes { documentation => 'Timeout for 2F registration process', }, available2F => { - type => 'text', - default => 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', + type => 'text', + default => + 'UTOTP,TOTP,U2F,REST,Mail2F,Ext2F,WebAuthn,Yubikey,Radius', documentation => 'Available second factor modules', }, available2FSelfRegistration => { - type => 'text', - default => 'TOTP,U2F,WebAuthn,Yubikey', + type => 'text', + default => 'TOTP,U2F,WebAuthn,Yubikey', documentation => 'Available self-registration modules for second factor', }, @@ -3540,8 +3540,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: documentation => 'LDAP attribute name for member in groups', }, ldapGroupAttributeNameUser => { - type => 'text', - default => 'dn', + type => 'text', + default => 'dn', documentation => 'LDAP attribute name in user entry referenced as member in groups', }, @@ -3551,8 +3551,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: documentation => 'LDAP attributes to search in groups', }, ldapGroupAttributeNameGroup => { - type => 'text', - default => 'dn', + type => 'text', + default => 'dn', documentation => 'LDAP attribute name in group entry referenced as member in groups', }, @@ -3594,12 +3594,12 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: default => 'require', }, ldapCAFile => { - type => 'text', + type => 'text', documentation => 'Location of the certificate file for LDAP connections', }, ldapCAPath => { - type => 'text', + type => 'text', documentation => 'Location of the CA directory for LDAP connections', }, @@ -3736,7 +3736,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: type => 'keyTextContainer', default => { proxy => 'http://auth.example.com/sessions', - ns => + ns => 'http://auth.example.com/Lemonldap/NG/Common/PSGI/SOAPService', }, documentation => 'Apache::Session module parameters', @@ -3834,7 +3834,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: default => 'id,first-name,last-name,email-address' }, linkedInUserField => { type => 'text', default => 'emailAddress' }, - linkedInScope => + linkedInScope => { type => 'text', default => 'r_liteprofile r_emailaddress' }, # GitHub @@ -3881,10 +3881,10 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: dbiUserTable => { type => 'text', }, # TODO: add dbiMailCol - dbiAuthLoginCol => { type => 'text', }, - dbiAuthPasswordCol => { type => 'text', }, - dbiPasswordMailCol => { type => 'text', }, - userPivot => { type => 'text', }, + dbiAuthLoginCol => { type => 'text', }, + dbiAuthPasswordCol => { type => 'text', }, + dbiPasswordMailCol => { type => 'text', }, + userPivot => { type => 'text', }, dbiAuthPasswordHash => { type => 'text', help => 'authdbi.html#password', }, dbiDynamicHashEnabled => @@ -4269,13 +4269,13 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: documentation => 'OpenID Connect global access token TTL', }, oidcServiceDynamicRegistrationExportedVars => { - type => 'keyTextContainer', + type => 'keyTextContainer', documentation => 'OpenID Connect exported variables for dynamic registration', }, oidcServiceDynamicRegistrationExtraClaims => { - type => 'keyTextContainer', - keyTest => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, + type => 'keyTextContainer', + keyTest => qr/^[\x21\x23-\x5B\x5D-\x7E]+$/, documentation => 'OpenID Connect extra claims for dynamic registration', }, @@ -4334,7 +4334,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: oidcOPMetaDataOptionsJWKSTimeout => { type => 'int', default => 0 }, oidcOPMetaDataOptionsClientID => { type => 'text', }, oidcOPMetaDataOptionsClientSecret => { type => 'password', }, - oidcOPMetaDataOptionsScope => + oidcOPMetaDataOptionsScope => { type => 'text', default => 'openid profile' }, oidcOPMetaDataOptionsDisplay => { type => 'select', @@ -4363,10 +4363,10 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: { type => 'bool', default => 1 }, oidcOPMetaDataOptionsIDTokenMaxAge => { type => 'int', default => 30 }, oidcOPMetaDataOptionsUseNonce => { type => 'bool', default => 1 }, - oidcOPMetaDataOptionsDisplayName => { type => 'text', }, - oidcOPMetaDataOptionsIcon => { type => 'text', }, - oidcOPMetaDataOptionsStoreIDToken => { type => 'bool', default => 0 }, - oidcOPMetaDataOptionsSortNumber => { type => 'int', }, + oidcOPMetaDataOptionsDisplayName => { type => 'text', }, + oidcOPMetaDataOptionsIcon => { type => 'text', }, + oidcOPMetaDataOptionsStoreIDToken => { type => 'bool', default => 0 }, + oidcOPMetaDataOptionsSortNumber => { type => 'int', }, # OpenID Connect relying parties oidcRPMetaDataExportedVars => { @@ -4398,7 +4398,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: ], default => 'HS512', }, - oidcRPMetaDataOptionsIDTokenExpiration => { type => 'int' }, + oidcRPMetaDataOptionsIDTokenExpiration => { type => 'int' }, oidcRPMetaDataOptionsIDTokenForceClaims => { type => 'bool', default => 0 }, oidcRPMetaDataOptionsAccessTokenSignAlg => { @@ -4480,8 +4480,8 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: documentation => 'Allow offline access', }, oidcRPMetaDataOptionsAllowPasswordGrant => { - type => 'bool', - default => 0, + type => 'bool', + default => 0, documentation => 'Allow OAuth2 Resource Owner Password Credentials Grant', }, @@ -4496,7 +4496,7 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?: documentation => 'Issue refresh tokens', }, oidcRPMetaDataOptionsAuthnLevel => { - type => 'int', + type => 'int', documentation => 'Authentication level requires to access to this RP', }, diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm index be14f163a..e16878432 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/Tree.pm @@ -72,7 +72,7 @@ sub tree { }, { title => 'passwordManagement', - help => + help => 'portalcustom.html#password-management', form => 'simpleInputContainer', nodes => [ @@ -99,7 +99,7 @@ sub tree { }, { title => 'portalOther', - help => + help => 'portalcustom.html#other-parameters', form => 'simpleInputContainer', nodes => [ @@ -129,7 +129,7 @@ sub tree { }, { title => 'authParams', - help => + help => 'start.html#authentication-users-and-password-databases', form => 'authParams', nodes => [ @@ -650,7 +650,7 @@ sub tree { }, { title => 'soapServices', - help => + help => 'portalservers.html#SOAP_(deprecated)', form => 'simpleInputContainer', nodes => [ @@ -684,7 +684,7 @@ sub tree { 'notificationStorageOptions', { title => 'serverNotification', - help => + help => 'notifications.html#notification-server', nodes => [ 'notificationServer', diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm index 8d22b7424..0bac4df00 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Cli.pm @@ -24,8 +24,8 @@ has cfgNum => ( has log => ( is => 'rw' ); has req => ( is => 'ro' ); -has sep => ( is => 'rw', isa => 'Str', default => '/' ); -has format => ( is => 'rw', isa => 'Str', default => "%-25s | %-25s | %-25s" ); +has sep => ( is => 'rw', isa => 'Str', default => '/' ); +has format => ( is => 'rw', isa => 'Str', default => "%-25s | %-25s | %-25s" ); has yes => ( is => 'rw', isa => 'Bool', default => 0 ); has safe => ( is => 'rw', isa => 'Bool', default => 0 ); has force => ( is => 'rw', isa => 'Bool', default => 0 ); @@ -317,8 +317,8 @@ sub lastCfg { sub save { my ($self) = @_; - my $conf = $self->jsonResponse( '/confs/' . $self->cfgNum, 'full=1' ); - my $json = JSON->new->indent->canonical; + my $conf = $self->jsonResponse( '/confs/' . $self->cfgNum, 'full=1' ); + my $json = JSON->new->indent->canonical; print $json->encode($conf); } @@ -404,9 +404,9 @@ sub _getKey { sub _setKey { my ( $self, $conf, $key, $value ) = @_; - my $sep = $self->sep; + my $sep = $self->sep; my (@path) = split $sep, $key; - my $last = pop @path; + my $last = pop @path; while ( my $next = shift @path ) { $conf = $conf->{$next}; } diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Diff.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Diff.pm index 7d5bb9f80..819ac461f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Diff.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Diff.pm @@ -20,9 +20,10 @@ sub diff { $res[$i]->{$key} = $tmp[$i] if ( $tmp[$i] ); } } - elsif ( $key =~ $hashParameters - or - ( ref( $conf[0]->{$key} ) and ref( $conf[0]->{$key} ) eq 'HASH' ) ) + elsif ( + $key =~ $hashParameters + or ( ref( $conf[0]->{$key} ) and ref( $conf[0]->{$key} ) eq 'HASH' ) + ) { if ( ref $conf[1]->{$key} ) { my @tmp = diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm index a79d04d55..7954ea83f 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Parser.pm @@ -438,8 +438,8 @@ sub _scanNodes { $self->_scanNodes($subNodes); } } - elsif ( - $target =~ /^oidc(?:O|R)PMetaData(?:ExportedVars|Macros|ScopeRules)$/ ) + elsif ( $target =~ + /^oidc(?:O|R)PMetaData(?:ExportedVars|Macros|ScopeRules)$/ ) { hdebug(" $target"); if ( $leaf->{cnodes} ) { diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm index ddfc85f6e..9a589e4d2 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Conf/Zero.pm @@ -106,7 +106,7 @@ sub zeroConf { }, 'cfgNum' => 0, 'globalStorageOptions' => { - 'Directory' => $sessionDir, + 'Directory' => $sessionDir, 'generateModule' => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', 'LockDirectory' => "$sessionDir/lock" @@ -177,14 +177,14 @@ sub zeroConf { 'inGroup("timelords") or $uid eq "rtyler"', } }, - 'whatToTrace' => '_whatToTrace', - 'securedCookie' => 0, - 'cookieName' => 'lemonldap', - 'cfgAuthor' => 'The LemonLDAP::NG team', - 'cfgDate' => '1627287638', - 'cfgVersion' => $VERSION, - 'exportedVars' => {}, - 'portalSkin' => 'bootstrap', + 'whatToTrace' => '_whatToTrace', + 'securedCookie' => 0, + 'cookieName' => 'lemonldap', + 'cfgAuthor' => 'The LemonLDAP::NG team', + 'cfgDate' => '1627287638', + 'cfgVersion' => $VERSION, + 'exportedVars' => {}, + 'portalSkin' => 'bootstrap', 'portalSkinBackground' => '1280px-Cedar_Breaks_National_Monument_partially.jpg', 'mailUrl' => "http://auth.$domain/resetpwd", diff --git a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm index 2641fe1de..5056d51b9 100644 --- a/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm +++ b/lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Sessions.pm @@ -248,7 +248,8 @@ sub sessions { value => $uid, count => scalar( @{ $r->{$uid} } ), sessions => [ - map { { + map { + { session => $self->_maybeEncryptSessionId( $_->{_sessionId} ), date => $_->{_utime} @@ -399,7 +400,8 @@ qq{Use of an uninitialized attribute "$group" to group sessions}, else { $res = [ sort { $a->{date} <=> $b->{date} } - map { { + map { + { session => $self->_maybeEncryptSessionId($_), date => $res->{$_}->{_utime} } @@ -459,8 +461,8 @@ sub delSession { } sub cmpIPv4 { - my @a = split /\./, $_[0]; - my @b = split /\./, $_[1]; + my @a = split /\./, $_[0]; + my @b = split /\./, $_[1]; my $cmp = 0; F: for ( my $i = 0 ; $i < 4 ; $i++ ) { if ( $a[$i] != $b[$i] ) { diff --git a/lemonldap-ng-manager/t/04-2F-api.t b/lemonldap-ng-manager/t/04-2F-api.t index 059721a6e..364647435 100644 --- a/lemonldap-ng-manager/t/04-2F-api.t +++ b/lemonldap-ng-manager/t/04-2F-api.t @@ -20,9 +20,9 @@ sub newSession { $tmp = Lemonldap::NG::Common::Session->new( { storageModule => 'Apache::Session::File', storageModuleOptions => { - Directory => 't/sessions', - LockDirectory => 't/sessions', - backend => 'Apache::Session::File', + Directory => 't/sessions', + LockDirectory => 't/sessions', + backend => 'Apache::Session::File', generateModule => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', }, diff --git a/lemonldap-ng-manager/t/04-menu-api.t b/lemonldap-ng-manager/t/04-menu-api.t index 6b45423a0..dbf41ff80 100644 --- a/lemonldap-ng-manager/t/04-menu-api.t +++ b/lemonldap-ng-manager/t/04-menu-api.t @@ -129,7 +129,7 @@ sub checkGet { my $res = get( $test, $type, $confKey ); check200( $test, $res ); my @path = split '/', $attrPath; - my $key = from_json( $res->[2]->[0] ); + my $key = from_json( $res->[2]->[0] ); for (@path) { if ( ref($key) eq 'ARRAY' ) { $key = $key->[$_]; @@ -326,7 +326,7 @@ checkAddFailsOnInvalidConfkey( $test, 'cat', $cat3 ); checkAddFailsOnInvalidConfkey -$test = "Cat - Update should succeed and keep existing values"; + $test = "Cat - Update should succeed and keep existing values"; $cat1->{order} = 3; delete $cat1->{catname}; checkUpdate( $test, 'cat', 'mycat1', $cat1 ); @@ -419,7 +419,7 @@ $test = "App - Get app myapp1 from mycat3 should err on not found"; checkGetNotFound( $test, 'app/mycat3', 'myapp1' ); $test = "App - Add app myapp1 to mycat3 should err on not found"; -checkAddNotFound( $test, 'app/mycat3', $app1); +checkAddNotFound( $test, 'app/mycat3', $app1 ); $test = "App - Add app1 to cat1 should succeed"; checkAdd( $test, 'app/mycat1', $app1 ); diff --git a/lemonldap-ng-manager/t/04-misc-api.t b/lemonldap-ng-manager/t/04-misc-api.t index ff4ab76d3..6ec32d9ec 100644 --- a/lemonldap-ng-manager/t/04-misc-api.t +++ b/lemonldap-ng-manager/t/04-misc-api.t @@ -23,10 +23,10 @@ is( $brokenconfig->{status}, 'ko', 'Got expected global status' ); is( $brokenconfig->{status_config}, 'ko', 'Got expected config status' ); rename 't/conf/lmConf-1.json.broken', 't/conf/lmConf-1.json'; -my $allfine = getStatus( "Back to normal" ); -is( $allfine->{status}, 'ok', 'Got expected global status' ); -is( $allfine->{status_config}, 'ok', 'Got expected config status' ); -is( $allfine->{status_sessions}, 'unknown', 'Not implemented yet' ); +my $allfine = getStatus("Back to normal"); +is( $allfine->{status}, 'ok', 'Got expected global status' ); +is( $allfine->{status_config}, 'ok', 'Got expected config status' ); +is( $allfine->{status_sessions}, 'unknown', 'Not implemented yet' ); is( $allfine->{status_psessions}, 'unknown', 'Not implemented yet' ); # Clean up generated files, except for "lmConf-1.json" diff --git a/lemonldap-ng-manager/t/04-providers-api.t b/lemonldap-ng-manager/t/04-providers-api.t index 8ca3d04e8..782a89ae5 100644 --- a/lemonldap-ng-manager/t/04-providers-api.t +++ b/lemonldap-ng-manager/t/04-providers-api.t @@ -276,7 +276,7 @@ sub checkFindByProviderId { ($gotProviderId) = $result->{metadata} =~ m/entityID=['"](.+?)['"]/i; } elsif ( $providerIdName eq 'serviceUrl' ) { - $gotProviderId = shift @{$result->{options}->{service}}; + $gotProviderId = shift @{ $result->{options}->{service} }; } else { $gotProviderId = $result->{$providerIdName}; @@ -337,8 +337,8 @@ my $oidcRp = { email => 'mail', }, options => { - clientSecret => 'secret', - icon => 'web.png', + clientSecret => 'secret', + icon => 'web.png', postLogoutRedirectUris => [ "http://url/logout1", "http://url/logout2" ], } @@ -534,7 +534,7 @@ $samlSp->{options}->{checkSLOMessageSignature} = 1; $samlSp->{options}->{encryptionMode} = 'nameid'; delete $samlSp->{options}->{sessionNotOnOrAfterTimeout}; delete $samlSp->{exportedAttributes}; -$samlSp->{macros}->{family_name} = '$sn', +$samlSp->{macros}->{family_name} = '$sn', $samlSp->{exportedAttributes}->{cn}->{name} = "cn", $samlSp->{exportedAttributes}->{cn}->{friendlyName} = "common_name", $samlSp->{exportedAttributes}->{cn}->{mandatory} = "false", @@ -646,7 +646,9 @@ my $casApp = { given_name => '$firstName', }, options => { - service => [ 'http://mycasapp.example.com', 'http://mycasapp2.example.com/test' ], + service => [ + 'http://mycasapp.example.com', 'http://mycasapp2.example.com/test' + ], rule => '$uid eq \'dwho\'', userAttribute => 'uid' } @@ -663,7 +665,7 @@ $test = "CasApp - Add should fail on duplicate confKey"; checkAddFailsIfExists( $test, 'cas/app', $casApp ); $test = "CasApp - Update should succeed and keep existing values"; -$casApp->{options}->{service} = [ 'http://mycasapp.acme.com' ]; +$casApp->{options}->{service} = ['http://mycasapp.acme.com']; $casApp->{options}->{userAttribute} = 'cn'; delete $casApp->{options}->{rule}; delete $casApp->{macros}; @@ -672,7 +674,7 @@ $casApp->{macros}->{given_name} = '$givenName'; $casApp->{exportedVars}->{cn} = 'uid'; checkUpdate( $test, 'cas/app', 'myCasApp1', $casApp ); checkGet( $test, 'cas/app', 'myCasApp1', 'options/service/0', - 'http://mycasapp.acme.com'); + 'http://mycasapp.acme.com' ); checkGet( $test, 'cas/app', 'myCasApp1', 'options/userAttribute', 'cn' ); checkGet( $test, 'cas/app', 'myCasApp1', 'options/rule', '$uid eq \'dwho\'' ); checkGet( $test, 'cas/app', 'myCasApp1', 'exportedVars/cn', 'uid' ); @@ -686,17 +688,17 @@ delete $casApp->{options}->{playingPossum}; $test = "CasApp - Add should fail on non existing options"; $casApp->{confKey} = 'myCasApp2'; -$casApp->{options}->{service} = [ 'http://mycasapp.skynet.com' ]; +$casApp->{options}->{service} = ['http://mycasapp.skynet.com']; $casApp->{options}->{playingPossum} = 'ElephantInTheRoom'; checkAddWithUnknownAttributes( $test, 'cas/app', $casApp ); delete $casApp->{options}->{playingPossum}; $test = "CasApp - Add should fail because service host already exists"; -$casApp->{options}->{service} = [ 'http://mycasapp.acme.com/ignoredbyissuer' ]; +$casApp->{options}->{service} = ['http://mycasapp.acme.com/ignoredbyissuer']; checkAddFailsIfExists( $test, 'cas/app', $casApp ); $test = "CasApp - 2nd add should succeed"; -$casApp->{options}->{service} = [ 'http://mycasapp.skynet.com' ]; +$casApp->{options}->{service} = ['http://mycasapp.skynet.com']; checkAdd( $test, 'cas/app', $casApp ); $test = "CasApp - Update should fail if confKey not found"; @@ -714,7 +716,7 @@ $test = "CasApp - Replace should fail on non existing or invalid options"; $casApp->{options}->{playingPossum} = 'elephant'; checkReplaceWithInvalidAttribute( $test, 'cas/app', 'myCasApp2', $casApp ); delete $casApp->{options}->{playingPossum}; -$casApp->{options}->{service} = [ "XXX" ]; +$casApp->{options}->{service} = ["XXX"]; checkReplaceWithInvalidAttribute( $test, 'cas/app', 'myCasApp2', $casApp ); $test = "CasApp - Replace should fail if service is not an array"; diff --git a/lemonldap-ng-manager/t/05-rest-api.t b/lemonldap-ng-manager/t/05-rest-api.t index fa96be26c..2f0acb54e 100644 --- a/lemonldap-ng-manager/t/05-rest-api.t +++ b/lemonldap-ng-manager/t/05-rest-api.t @@ -58,7 +58,7 @@ while () { close F; ok( $hstruct = from_json($hstruct), 'struct.json is JSON' ); -ok( ref $hstruct eq 'ARRAY', 'struct.json is an array' ) +ok( ref $hstruct eq 'ARRAY', 'struct.json is an array' ) or print STDERR "Expected: ARRAY, got: " . ( ref $hstruct ) . "\n"; count(2); diff --git a/lemonldap-ng-manager/t/06-rest-api-RSA.t b/lemonldap-ng-manager/t/06-rest-api-RSA.t index 5ff72aa82..5472a28ec 100644 --- a/lemonldap-ng-manager/t/06-rest-api-RSA.t +++ b/lemonldap-ng-manager/t/06-rest-api-RSA.t @@ -15,7 +15,7 @@ sub checkResult { like( $key->{private}, qr/BEGIN/, "is PEM formatted" ); like( $key->{public}, qr/BEGIN/, "is PEM formatted" ); ok( $key->{hash}, "hash is non empty" ) if $expecthash; - count(1) if $expecthash; + count(1) if $expecthash; count(4); } @@ -53,7 +53,7 @@ checkResult($res); ok( $res = &client->_post( '/confs/newCertificate', '', IO::String->new('{"password":"hello"}'), - 'application/json', 20, + 'application/json', 20, ), "Request succeed" ); diff --git a/lemonldap-ng-manager/t/11-save-changed-conf-with-confirmation.t b/lemonldap-ng-manager/t/11-save-changed-conf-with-confirmation.t index e0d933d56..52adb6530 100644 --- a/lemonldap-ng-manager/t/11-save-changed-conf-with-confirmation.t +++ b/lemonldap-ng-manager/t/11-save-changed-conf-with-confirmation.t @@ -20,7 +20,7 @@ mkdir 't/sessions'; my ( $res, $resBody ); ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ), "Request succeed" ); -ok( $res->[0] == 200, "Result code is 200" ); +ok( $res->[0] == 200, "Result code is 200" ); ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" ); ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" ) @@ -36,7 +36,7 @@ count(6); foreach my $i ( 0 .. 3 ) { ok( $resBody->{details}->{__warnings__}->[$i]->{message} =~ - /\b(unprotected|cross-domain-authentication|retries|__badExpressionAssignment__)\b/, +/\b(unprotected|cross-domain-authentication|retries|__badExpressionAssignment__)\b/, "Warning with 'unprotect', 'CDA', 'assignment' or 'retries' found" ) or print STDERR Dumper($resBody); count(1); diff --git a/lemonldap-ng-manager/t/12-save-changed-conf.t b/lemonldap-ng-manager/t/12-save-changed-conf.t index 3b8f156d4..6994bb5d5 100644 --- a/lemonldap-ng-manager/t/12-save-changed-conf.t +++ b/lemonldap-ng-manager/t/12-save-changed-conf.t @@ -20,7 +20,7 @@ mkdir 't/sessions'; my ( $res, $resBody ); ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ), "Request succeed" ); -ok( $res->[0] == 200, "Result code is 200" ); +ok( $res->[0] == 200, "Result code is 200" ); ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" ); ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" ) or print STDERR Dumper($resBody); diff --git a/lemonldap-ng-manager/t/14-bad-changes-in-conf.t b/lemonldap-ng-manager/t/14-bad-changes-in-conf.t index 1faa2469f..53a0b51fd 100644 --- a/lemonldap-ng-manager/t/14-bad-changes-in-conf.t +++ b/lemonldap-ng-manager/t/14-bad-changes-in-conf.t @@ -16,7 +16,7 @@ unlink 't/conf/lmConf-2.json'; my ( $res, $resBody ); ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ), "Request succeed" ); -ok( $res->[0] == 200, "Result code is 200" ); +ok( $res->[0] == 200, "Result code is 200" ); ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" ); ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" ) or print STDERR Dumper($res); diff --git a/lemonldap-ng-manager/t/15-combination.t b/lemonldap-ng-manager/t/15-combination.t index 1a5ba154a..43657a8f5 100644 --- a/lemonldap-ng-manager/t/15-combination.t +++ b/lemonldap-ng-manager/t/15-combination.t @@ -17,7 +17,7 @@ mkdir 't/sessions'; my ( $res, $resBody ); ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ), "Request succeed" ); -ok( $res->[0] == 200, "Result code is 200" ); +ok( $res->[0] == 200, "Result code is 200" ); ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" ); ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" ) or print STDERR Dumper($res); diff --git a/lemonldap-ng-manager/t/17-extra2f.t b/lemonldap-ng-manager/t/17-extra2f.t index 506772fc4..0df5deb1b 100644 --- a/lemonldap-ng-manager/t/17-extra2f.t +++ b/lemonldap-ng-manager/t/17-extra2f.t @@ -17,7 +17,7 @@ mkdir 't/sessions'; my ( $res, $resBody ); ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ), "Request succeed" ); -ok( $res->[0] == 200, "Result code is 200" ); +ok( $res->[0] == 200, "Result code is 200" ); ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" ); ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" ) or print STDERR Dumper($res); diff --git a/lemonldap-ng-manager/t/30-DBI-Cli.t b/lemonldap-ng-manager/t/30-DBI-Cli.t index ea5e8d374..9e817ecef 100644 --- a/lemonldap-ng-manager/t/30-DBI-Cli.t +++ b/lemonldap-ng-manager/t/30-DBI-Cli.t @@ -63,7 +63,7 @@ SKIP: { Lemonldap::NG::Manager::Cli->run(@args); my $res = $dbh->selectrow_hashref( "SELECT * FROM lmConfig WHERE field='ldapSetPassword'"); - ok( $res, 'Key inserted' ); + ok( $res, 'Key inserted' ); ok( $res and $res->{value} == '0', 'Value is 0' ); } diff --git a/lemonldap-ng-manager/t/40-sessions.t b/lemonldap-ng-manager/t/40-sessions.t index 01e9ef35c..abd59844f 100644 --- a/lemonldap-ng-manager/t/40-sessions.t +++ b/lemonldap-ng-manager/t/40-sessions.t @@ -16,8 +16,8 @@ sub newSession { $tmp = Lemonldap::NG::Common::Session->new( { storageModule => 'Apache::Session::File', storageModuleOptions => { - Directory => 't/sessions', - LockDirectory => 't/sessions', + Directory => 't/sessions', + LockDirectory => 't/sessions', generateModule => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', }, @@ -148,7 +148,7 @@ count(5); foreach (@ids) { my $res; ok( $res = &client->_del("/sessions/global/$_"), "Delete $_" ); - ok( $res->[0] == 200, 'Result code is 200' ); + ok( $res->[0] == 200, 'Result code is 200' ); ok( from_json( $res->[2]->[0] )->{result} == 1, 'Body is JSON and result==1' ); count(3); diff --git a/lemonldap-ng-manager/t/50-notifications-DBI.t b/lemonldap-ng-manager/t/50-notifications-DBI.t index 0d0ec83a4..c508257f0 100644 --- a/lemonldap-ng-manager/t/50-notifications-DBI.t +++ b/lemonldap-ng-manager/t/50-notifications-DBI.t @@ -86,7 +86,7 @@ SKIP: { $notif = '{"done":1}'; $res = $client->jsonPutResponse( 'notifications/actives/dwho_Test', - '', IO::String->new($notif), + '', IO::String->new($notif), 'application/json', length($notif) ); ok( $res->{result} == 1, 'Result = 1' ); diff --git a/lemonldap-ng-manager/t/50-notifications.t b/lemonldap-ng-manager/t/50-notifications.t index b8e057e21..1f0faa928 100644 --- a/lemonldap-ng-manager/t/50-notifications.t +++ b/lemonldap-ng-manager/t/50-notifications.t @@ -56,7 +56,7 @@ displayTests('actives'); $notif = '{"done":1}'; $res = &client->jsonPutResponse( 'notifications/actives/dwho_Test', - '', IO::String->new($notif), + '', IO::String->new($notif), 'application/json', length($notif) ); ok( $res->{result} == 1, 'Result = 1' ); @@ -137,7 +137,7 @@ sub displayTests { ) or diag Dumper($res); my $internal_ref = $res->{values}->[0]->{notification}; my $ref = $res->{values}->[0]->{reference}; - $res = &client->jsonResponse( "notifications/$type/$internal_ref" ); + $res = &client->jsonResponse("notifications/$type/$internal_ref"); ok( $res->{done} eq $internal_ref, 'Internal reference found' ) or diag Dumper($res); ok( $res = eval { from_json( $res->{notifications}->[0] ) }, diff --git a/lemonldap-ng-manager/t/60-2ndfa.t b/lemonldap-ng-manager/t/60-2ndfa.t index 75c112e43..fff93623c 100644 --- a/lemonldap-ng-manager/t/60-2ndfa.t +++ b/lemonldap-ng-manager/t/60-2ndfa.t @@ -16,8 +16,8 @@ sub newSession { $tmp = Lemonldap::NG::Common::Session->new( { storageModule => 'Apache::Session::File', storageModuleOptions => { - Directory => 't/sessions', - LockDirectory => 't/sessions', + Directory => 't/sessions', + LockDirectory => 't/sessions', generateModule => 'Lemonldap::NG::Common::Apache::Session::Generate::SHA256', }, @@ -277,7 +277,7 @@ $res = &client->jsonResponse( '/sfa/persistent', 'uid=*&groupBy=substr(uid,0)&U2FCheck=2&TOTPCheck=2&UBKCheck=2' ); ok( $res->{result} == 1, 'Search "uid"=* & UBK & TOTP & UBK - Result code = 1' ); -ok( $res->{count} == 1, 'Found 1 result' ) or print STDERR Dumper($res); +ok( $res->{count} == 1, 'Found 1 result' ) or print STDERR Dumper($res); ok( @{ $res->{values} } == 1, 'List 1 result' ); ok( $res->{values}->[0]->{value} && $res->{values}->[0]->{value} eq 'd', 'Result match "uid=d"' ) diff --git a/lemonldap-ng-manager/t/70-viewer.t b/lemonldap-ng-manager/t/70-viewer.t index ffa70f655..f1ab880ee 100644 --- a/lemonldap-ng-manager/t/70-viewer.t +++ b/lemonldap-ng-manager/t/70-viewer.t @@ -18,7 +18,8 @@ sub body { # Test that key value is sent my $res = &client->jsonResponse('/view/1/portalDisplayOidcConsents'); -ok( $res->{value} eq '$_oidcConsents && $_oidcConsents =~ /\\w+/', 'Key found' ); +ok( $res->{value} eq '$_oidcConsents && $_oidcConsents =~ /\\w+/', + 'Key found' ); count(1); # Test that hidden key values are NOT sent diff --git a/lemonldap-ng-manager/t/80-attributes.t b/lemonldap-ng-manager/t/80-attributes.t index 065615806..af0f0ee35 100644 --- a/lemonldap-ng-manager/t/80-attributes.t +++ b/lemonldap-ng-manager/t/80-attributes.t @@ -38,14 +38,14 @@ my @notManagedAttributes = ( 'syslogFacility', 'userLogger', 'logLevel', # Plugins parameters - 'notificationsMaxRetrieve', 'persistentSessionAttributes', + 'notificationsMaxRetrieve', 'persistentSessionAttributes', # PSGI/CGI protection (must be set in lemonldap-ng.ini) 'protection', # SecureToken handler 'secureTokenAllowOnError', 'secureTokenAttribute', 'secureTokenExpiration', - 'secureTokenHeader', 'secureTokenMemcachedServers', 'secureTokenUrls', + 'secureTokenHeader', 'secureTokenMemcachedServers', 'secureTokenUrls', # Sessions and OTT storage 'configStorage', 'localStorageOptions', 'localStorage', @@ -157,7 +157,7 @@ sub scanTree { # Nodes must have a title ok( $name = $leaf->{title}, "Node has a name" ); - ok( $name =~ /^\w+$/, "Name is a string" ); + ok( $name =~ /^\w+$/, "Name is a string" ); # Nodes must have leafs or subnodes ok( ( diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm index 6a518e8f1..55a2ece39 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Engines/Default.pm @@ -385,7 +385,8 @@ sub run { MSG => $self->canUpdateSfa($req) || 'choose2f', ALERT => ( $self->canUpdateSfa($req) ? 'warning' : 'positive' ), MODULES => [ - map { { + map { + { CODE => $_->prefix, LOGO => $_->logo, LABEL => $_->label @@ -440,7 +441,7 @@ sub _choice { return $self->p->do( $req, [ - sub { $res }, 'controlUrl', + sub { $res }, 'controlUrl', 'buildCookie', @{ $self->p->endAuth }, ] ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/WebAuthn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/WebAuthn.pm index cbee7e7fe..3ad69a0ed 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/WebAuthn.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/WebAuthn.pm @@ -180,7 +180,7 @@ sub _registration { if ( $self->find2fByKey( - $req, $req->userData, $self->type, + $req, $req->userData, $self->type, "_credentialId", $credential_id ) ) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm index 7a631630e..35bf39478 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/CAS.pm @@ -255,8 +255,7 @@ sub authenticate { sub setAuthSessionInfo { my ( $self, $req ) = @_; $req->{sessionInfo}->{authenticationLevel} = $self->conf->{casAuthnLevel}; - $req->{sessionInfo}->{_casSrv} - = $req->data->{_casSrvCurrent}; + $req->{sessionInfo}->{_casSrv} = $req->data->{_casSrvCurrent}; return PE_OK; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/GitHub.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/GitHub.pm index c219c1e05..7b7ac149d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/GitHub.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/GitHub.pm @@ -155,8 +155,7 @@ sub extractFormInfo { $self->logger->debug("Response from GitHub User API: $user_content"); - eval { - $json_hash = from_json( $user_content, { allow_nonref => 1 } ); }; + eval { $json_hash = from_json( $user_content, { allow_nonref => 1 } ); }; if ($@) { $self->logger->error("Unable to decode JSON $user_content"); return PE_ERROR; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebID.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebID.pm index e76224eb9..1c0a2ca89 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebID.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/WebID.pm @@ -33,7 +33,7 @@ has reWebIDWhitelist => ( is => 'rw' ); sub init { my ($self) = @_; - my @hosts = split /\s+/, $self->{conf}->{webIDWhitelist}; + my @hosts = split /\s+/, $self->{conf}->{webIDWhitelist}; unless (@hosts) { $self->error( 'WebID white list is empty. Set it in manager, use * to accept all FOAF providers' diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm index e9e74b1b1..431a3f9bc 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Auth/_WebForm.pm @@ -90,11 +90,13 @@ sub extractFormInfo { # 3. If user and oldpassword defined -> password form elsif ( $defUser and $defOldPassword ) { $res = PE_PASSWORDFORMEMPTY - unless ( ( $req->{user} = $req->param('user') ) + unless ( + ( $req->{user} = $req->param('user') ) && ( $req->data->{oldpassword} = $req->param('oldpassword') ) && ( $req->data->{newpassword} = $req->param('newpassword') ) && ( $req->data->{confirmpassword} = - $req->param('confirmpassword') ) ); + $req->param('confirmpassword') ) + ); } # If form seems empty diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm index 4bf880919..f0c24567a 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm @@ -703,7 +703,7 @@ sub run { # Store data in session my $code_payload = { - code_challenge => $oidc_request->{'code_challenge'}, + code_challenge => $oidc_request->{'code_challenge'}, code_challenge_method => $oidc_request->{'code_challenge_method'}, nonce => $oidc_request->{'nonce'}, @@ -765,7 +765,7 @@ sub run { $self->logger->error("Unable to create Access Token"); $self->returnRedirectError( $req, $oidc_request->{'redirect_uri'}, - "server_error", undef, undef, + "server_error", undef, undef, $oidc_request->{'state'}, 1 ); } @@ -873,7 +873,7 @@ sub run { $self->logger->error("Unable to create Access Token"); return $self->returnRedirectError( $req, $oidc_request->{'redirect_uri'}, - "server_error", undef, undef, + "server_error", undef, undef, $oidc_request->{'state'}, 1 ); } @@ -1328,7 +1328,7 @@ sub _handlePasswordGrant { access_token => "$access_token", token_type => 'Bearer', expires_in => $expires_in + 0, - ( ( $scope ne $req_scope ) ? ( scope => "$scope" ) : () ), + ( ( $scope ne $req_scope ) ? ( scope => "$scope" ) : () ), ( $refresh_token ? ( refresh_token => "$refresh_token" ) : () ), ( $id_token ? ( id_token => "$id_token" ) : () ), }; @@ -1526,7 +1526,7 @@ sub _handleAuthorizationCodeGrant { expires_in => $expires_in + 0, id_token => "$id_token", ( $refresh_token ? ( refresh_token => "$refresh_token" ) : () ), - ( ( $req_scope ne $scope ) ? ( scope => "$scope" ) : () ), + ( ( $req_scope ne $scope ) ? ( scope => "$scope" ) : () ), }; my $cRP = $apacheSession->data->{_oidcConnectedRP} || ''; @@ -2195,10 +2195,10 @@ sub metadata { # Scopes scopes_supported => [qw/openid profile email address phone/], - response_types_supported => $response_types, - grant_types_supported => $grant_types, - acr_values_supported => \@acr, - subject_types_supported => ["public"], + response_types_supported => $response_types, + grant_types_supported => $grant_types, + acr_values_supported => \@acr, + subject_types_supported => ["public"], token_endpoint_auth_methods_supported => [qw/client_secret_post client_secret_basic/], introspection_endpoint_auth_methods_supported => @@ -2380,9 +2380,9 @@ sub _generateIDToken { exp => $id_token_exp, # expiration iat => time, # Issued time auth_time => $sessionInfo->{_lastAuthnUTime}, # Authentication time - acr => $id_token_acr, # Authentication Context Class Reference - azp => $client_id, # Authorized party - # TODO amr + acr => $id_token_acr, # Authentication Context Class Reference + azp => $client_id, # Authorized party + # TODO amr }; for ( keys %{$extra_claims} ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm index 515dc23d7..5c753f555 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/SAML.pm @@ -281,7 +281,7 @@ sub run { $req->data->{_proxiedRequest} = $request; $req->data->{_proxiedMethod} = $method; $req->data->{_proxiedRelayState} = $relaystate, - $req->data->{_proxiedArtifact} = $artifact; + $req->data->{_proxiedArtifact} = $artifact; } # Process the request or use IDP initiated mode @@ -597,8 +597,8 @@ sub run { # Get session key associated with NameIDFormat # Not for unspecified, transient, persistent, entity, encrypted my $nameIDFormatConfiguration = { - $self->getNameIDFormat("email") => 'samlNameIDFormatMapEmail', - $self->getNameIDFormat("x509") => 'samlNameIDFormatMapX509', + $self->getNameIDFormat("email") => 'samlNameIDFormatMapEmail', + $self->getNameIDFormat("x509") => 'samlNameIDFormatMapX509', $self->getNameIDFormat("windows") => 'samlNameIDFormatMapWindows', $self->getNameIDFormat("kerberos") => diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm index a282877ad..6525a81cc 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Choice.pm @@ -9,10 +9,10 @@ with 'Lemonldap::NG::Portal::Lib::OverConf'; our $VERSION = '2.0.14'; -has modules => ( is => 'rw', default => sub { {} } ); -has rules => ( is => 'rw', default => sub { {} } ); -has type => ( is => 'rw' ); -has catch => ( is => 'rw', default => sub { {} } ); +has modules => ( is => 'rw', default => sub { {} } ); +has rules => ( is => 'rw', default => sub { {} } ); +has type => ( is => 'rw' ); +has catch => ( is => 'rw', default => sub { {} } ); has sessionKey => ( is => 'ro', default => '_choice' ); my $_choiceRules; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm index 7a1178924..9ef8141ad 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/LDAP.pm @@ -72,8 +72,8 @@ has findUserFilter => ( is => 'ro', lazy => 1, builder => sub { - $_[0]->conf->{AuthLDAPFilter} || - $_[0]->conf->{LDAPFilter} + $_[0]->conf->{AuthLDAPFilter} + || $_[0]->conf->{LDAPFilter} || '(&(uid=$user)(objectClass=inetOrgPerson))'; } ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm index 151471d99..0233cf78e 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Net/LDAP.pm @@ -52,7 +52,7 @@ sub new { ( $conf->{ldapVerify} ? ( verify => $conf->{ldapVerify} ) : () ), ); unless ($self) { - $portal->logger->error("LDAP initialization error: ". $@); + $portal->logger->error( "LDAP initialization error: " . $@ ); return 0; } elsif ( $Net::LDAP::VERSION < '0.64' ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm index 9958cdd80..c80562209 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Notifications/XML.pm @@ -69,7 +69,7 @@ sub checkForNotifications { } # Transform notifications - my $i = 0; # Files count + my $i = 0; # Files count my $now = strftime "%Y-%m-%d", localtime; foreach my $file ( values %$notifs ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm index 54baa4787..68c9012ef 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm @@ -29,7 +29,7 @@ use constant PROFILE => [ qw/name family_name given_name middle_name nickname preferred_username profile picture website gender birthdate zoneinfo locale updated_at/ ]; -use constant EMAIL => [qw/email email_verified/]; +use constant EMAIL => [qw/email email_verified/]; use constant ADDRESS => [qw/formatted street_address locality region postal_code country/]; use constant PHONE => [qw/phone_number phone_number_verified/]; @@ -1031,7 +1031,7 @@ sub storeState { # check if there are data to store my $infos; foreach (@data) { - $infos->{$_} = $req->{$_} if $req->{$_}; + $infos->{$_} = $req->{$_} if $req->{$_}; $infos->{"data_$_"} = $req->data->{$_} if $req->data->{$_}; } return unless ($infos); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Remote.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Remote.pm index 12126e471..e469e3e08 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Remote.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Remote.pm @@ -59,7 +59,7 @@ sub checkRemoteId { # Trying to recover session from global session storage my $remoteSession = Lemonldap::NG::Common::Session->new( { - storageModule => $self->conf->{remoteGlobalStorage}, + storageModule => $self->conf->{remoteGlobalStorage}, storageModuleOptions => $self->conf->{remoteGlobalStorageOptions}, cacheModule => $self->conf->{localSessionStorage}, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm index 2c4321e27..5773b192b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SAML.pm @@ -1888,7 +1888,8 @@ sub resolveArtifact { $self->logger->debug("Get message $message"); } else { - $self->logger->error("Error while sending message: ".$soap_answer->status_line); + $self->logger->error( + "Error while sending message: " . $soap_answer->status_line ); } } @@ -3039,7 +3040,7 @@ sub createAttributeValue { # Decode UTF-8 $self->logger->debug("Decode UTF8 value $value") if $force_utf8; - $value = decode( "utf8", $value ) if $force_utf8; + $value = decode( "utf8", $value ) if $force_utf8; $self->logger->debug("Create attribute value $value"); # SAML2 attribute value diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm index 765619bfe..a4463586b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/SMTP.pm @@ -47,7 +47,7 @@ sub loadMailTemplate { my ( $self, $req, $name, %prm ) = @_; # HTML::Template cache interferes with email translation (#1897) - $prm{cache} = 0 unless defined $prm{cache}; + $prm{cache} = 0 unless defined $prm{cache}; $prm{params}->{STATIC_PREFIX} = $self->p->staticPrefix; $prm{params}->{MAIN_LOGO} = $self->conf->{portalMainLogo}; my %extra = diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/WebAuthn.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/WebAuthn.pm index f6586e322..f1741ef45 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/WebAuthn.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/WebAuthn.pm @@ -10,8 +10,8 @@ use Carp; our $VERSION = '2.0.12'; -has rp_id => ( is => 'rw', lazy => 1, builder => "_build_rp_id" ); -has origin => ( is => 'rw', lazy => 1, builder => "_build_origin" ); +has rp_id => ( is => 'rw', lazy => 1, builder => "_build_rp_id" ); +has origin => ( is => 'rw', lazy => 1, builder => "_build_origin" ); has type => ( is => 'ro', default => 'WebAuthn' ); has verifier => ( is => 'rw', lazy => 1, builder => "_build_verifier" ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Wrapper.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Wrapper.pm index 0bf29751b..fe058252d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Wrapper.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/Wrapper.pm @@ -32,7 +32,7 @@ sub authCancel { '_authCancel' } sub _betweenAuthAndData { _wrapEntryPoint( @_, 'betweenAuthAndData' ); } sub _afterData { _wrapEntryPoint( @_, 'afterData' ); } sub _endAuth { _wrapEntryPoint( @_, 'endAuth' ); } -sub _forAuthUser { _wrapEntryPoint( @_, 'forAuthUser', 1 ); } +sub _forAuthUser { _wrapEntryPoint( @_, 'forAuthUser', 1 ); } sub _beforeLogout { _wrapEntryPoint( @_, 'beforeLogout', 1 ); } sub _authCancel { _wrapEntryPoint( @_, 'authCancel' ); } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm index 5b270d928..8c3c89eac 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Auth.pm @@ -11,6 +11,6 @@ extends 'Lemonldap::NG::Portal::Main::Plugin'; has authnLevel => ( is => 'rw' ); -sub stop {0} +sub stop { 0 } 1; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm index ec58c6a4e..28cc6be35 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm @@ -7,7 +7,7 @@ use Exporter 'import'; our $VERSION = '2.0.14'; use constant HANDLER => 'Lemonldap::NG::Handler::PSGI::Main'; -use constant URIRE => +use constant URIRE => qr{(((?^:https?))://((?:(?:(?:(?:(?:[a-zA-Z0-9][-a-zA-Z0-9]*)?[a-zA-Z0-9])[.])*(?:[a-zA-Z][-a-zA-Z0-9]*[a-zA-Z0-9]|[a-zA-Z])[.]?)|(?:[0-9]+[.][0-9]+[.][0-9]+[.][0-9]+)))(?::((?:[0-9]*)))?(/(((?:(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*)(?:/(?:(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)(?:;(?:(?:[a-zA-Z0-9\-_.!~*'():\@&=+\$,]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*))*))*))(?:[?]((?:(?:[;/?:\@&=+\$,a-zA-Z0-9\-_.!~*'()]+|(?:%[a-fA-F0-9][a-fA-F0-9]))*)))?))?)}; use constant { PE_IDPCHOICE => -5, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm index 6ba594e81..91807576c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Display.pm @@ -29,7 +29,8 @@ sub displayInit { else { $self->logger->error( qq(Skin rule "$skinRule" returns an error: ) - . HANDLER->tsv->{jail}->error || 'Unable to compile rule' ); + . HANDLER->tsv->{jail}->error + || 'Unable to compile rule' ); } } } @@ -37,14 +38,14 @@ sub displayInit { HANDLER->substitute( $self->conf->{portalRequireOldPassword} ) ); unless ($rule) { my $error = HANDLER->tsv->{jail}->error || 'Unable to compile rule'; - $self->logger->error( "Bad requireOldPwd rule: $error" ); + $self->logger->error("Bad requireOldPwd rule: $error"); } $self->requireOldPwd($rule); $rule = HANDLER->buildSub( HANDLER->substitute( $self->conf->{stayConnected} ) ); unless ($rule) { my $error = HANDLER->tsv->{jail}->error || 'Unable to compile rule'; - $self->logger->error( "Bad stayConnected rule: $error" ); + $self->logger->error("Bad stayConnected rule: $error"); } $self->stayConnected($rule); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm index 05bcb6f44..8bdb5f088 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Init.pm @@ -128,9 +128,9 @@ sub init { # Purge loaded module list $self->loadedModules( {} ); - $self->afterSub( {} ); - $self->aroundSub( {} ); - $self->hook( {} ); + $self->afterSub( {} ); + $self->aroundSub( {} ); + $self->hook( {} ); # Insert `reloadConf` in handler reload stack Lemonldap::NG::Handler::Main->onReload( $self, 'reloadConf' ); @@ -228,10 +228,10 @@ sub reloadConf { foreach ( qw(_macros _groups), @entryPoints ) { $self->{$_} = []; } - $self->afterSub( {} ); + $self->afterSub( {} ); $self->aroundSub( {} ); - $self->spRules( {} ); - $self->hook( {} ); + $self->spRules( {} ); + $self->hook( {} ); # Plugin history fields $self->pluginSessionDataToRemember( {} ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm index cbebe74cd..18d957e3c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Plugins.pm @@ -33,7 +33,7 @@ our @pList = ( decryptValueRule => '::Plugins::DecryptValue', findUser => '::Plugins::FindUser', newLocationWarning => '::Plugins::NewLocationWarning', - adaptativeAuthenticationLevelRules => + adaptativeAuthenticationLevelRules => '::Plugins::AdaptativeAuthenticationLevel', refreshSessions => '::Plugins::Refresh', crowdsec => '::Plugins::CrowdSec', diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm index 3a01d6bd9..3a1615d84 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm @@ -400,7 +400,7 @@ sub authenticate { $req->steps( [ 'setSessionInfo', 'setMacros', 'setPersistentSessionInfo', 'storeHistory', - @{ $self->afterData }, sub { PE_BADCREDENTIALS } + @{ $self->afterData }, sub { PE_BADCREDENTIALS } ] ); @@ -505,7 +505,7 @@ sub setPersistentSessionInfo { sub setLocalGroups { my ( $self, $req ) = @_; - $req->{sessionInfo}->{groups} //= ''; + $req->{sessionInfo}->{groups} //= ''; $req->{sessionInfo}->{hGroups} //= {}; foreach ( sort keys %{ $self->_groups } ) { if ( $self->_groups->{$_}->( $req, $req->sessionInfo ) ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/SecondFactor.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/SecondFactor.pm index ae0cf66f5..35bf28eeb 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/SecondFactor.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/SecondFactor.pm @@ -30,10 +30,10 @@ has ott => ( } ); -has prefix => ( is => 'rw' ); -has logo => ( is => 'rw', default => '2f.png' ); -has label => ( is => 'rw' ); -has noRoute => ( is => 'ro' ); +has prefix => ( is => 'rw' ); +has logo => ( is => 'rw', default => '2f.png' ); +has label => ( is => 'rw' ); +has noRoute => ( is => 'ro' ); has authnLevel => ( is => 'rw', lazy => 1, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Combination.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Combination.pm index 28300ba17..410ff2e21 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Combination.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/Combination.pm @@ -50,9 +50,11 @@ sub init { sub delegate { my ( $self, $req, $name, @args ) = @_; + # The user might want to override which password DB is used with a macro # This is useful when using SASL delegation in OpenLDAP - my $userDB = $req->sessionInfo->{_cmbPasswordDB} || $req->sessionInfo->{_userDB}; + my $userDB = + $req->sessionInfo->{_cmbPasswordDB} || $req->sessionInfo->{_userDB}; unless ( $self->mods->{$userDB} ) { $self->logger->error("No Password module available for $userDB"); return PE_ERROR; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm index c54aee646..6c1c4974b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Password/LDAP.pm @@ -38,13 +38,15 @@ sub modifyPassword { if $self->conf->{ldapGetUserBeforePasswordChange}; if ( $req->data->{dn} ) { - $dn = $req->data->{dn}; - $requireOldPassword = $self->requireOldPwdRule->( $req, $req->userData ); + $dn = $req->data->{dn}; + $requireOldPassword = + $self->requireOldPwdRule->( $req, $req->userData ); $self->logger->debug("Get DN from request data: $dn"); } else { - $dn = $req->sessionInfo->{_dn}; - $requireOldPassword = $self->requireOldPwdRule->( $req, $req->sessionInfo ); + $dn = $req->sessionInfo->{_dn}; + $requireOldPassword = + $self->requireOldPwdRule->( $req, $req->sessionInfo ); $self->logger->debug("Get DN from session data: $dn"); } unless ($dn) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm index 9f6ce745b..f2a5cd8ca 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/AutoSignin.pm @@ -42,7 +42,7 @@ sub init { push @{ $self->rules }, [ $sub, $id ]; } } - + return 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm index 4449842a1..078199fd2 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CDA.pm @@ -25,7 +25,7 @@ sub changeUrldc { my $urldc = $req->{urldc} || ''; if ( $req->id and $urldc =~ URIRE - and $3 !~ m@\Q$self->{conf}->{domain}\E$@oi + and $3 !~ m@\Q$self->{conf}->{domain}\E$@oi and $self->p->isTrustedUrl($urldc) ) { my $ssl = $urldc =~ /^https/; diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckDevOps.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckDevOps.pm index a1d566764..2691851e5 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckDevOps.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CheckDevOps.pm @@ -85,9 +85,9 @@ sub display { } sub parse { - my ( $self, $req ) = @_; + my ( $self, $req ) = @_; my ( $headers, $rules, $unknown ) = ( [], [], [] ); - my ( $msg, $json, $url, $bad_json ); + my ( $msg, $json, $url, $bad_json ); my $alert = 'alert-danger'; # Check token diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm index 6b5bb4787..99392d1e6 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/ContextSwitching.pm @@ -40,7 +40,7 @@ has unrestrictedUsersRule => ( is => 'rw', default => sub { 0 } ); sub init { my ($self) = @_; - $self->addAuthRoute( switchcontext => 'run', ['POST'] ) + $self->addAuthRoute( switchcontext => 'run', ['POST'] ) ->addAuthRoute( switchcontext => 'display', ['GET'] ); # Parse ContextSwitching rules @@ -138,10 +138,10 @@ sub display { sub run { my ( $self, $req ) = @_; - my $statut = PE_OK; - my $realId = $req->userData->{ $self->conf->{whatToTrace} }; + my $statut = PE_OK; + my $realId = $req->userData->{ $self->conf->{whatToTrace} }; my $spoofId = $req->param('spoofId') || ''; # ContextSwitching required ? - my $unUser = $self->unrestrictedUsersRule->( $req, $req->userData ) || 0; + my $unUser = $self->unrestrictedUsersRule->( $req, $req->userData ) || 0; # Check token if ( $self->ottRule->( $req, {} ) ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm index c97413d4c..37107486d 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/FindUser.pm @@ -17,7 +17,7 @@ extends qw( ); # INITIALIZATION -has ott => ( +has ott => ( is => 'rw', lazy => 1, default => sub { @@ -147,7 +147,7 @@ sub retreiveFindUserParams { } sub buildForm { - my $self = shift; + my $self = shift; my ( $fields, @required ) = ( [], () ); $self->logger->debug('Building array ref with searching fields...'); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm index 793e58433..9be95f255 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/GlobalLogout.pm @@ -207,7 +207,8 @@ sub activeSessions { } $_; } - sort { $b->{startTime} cmp $a->{startTime} } map { { + sort { $b->{startTime} cmp $a->{startTime} } map { + { id => $_, customParam => $sessions->{$_}->{$customParam}, ipAddr => $sessions->{$_}->{ipAddr}, diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm index 7f66245ab..1ed02e83b 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/Impersonation.pm @@ -88,10 +88,10 @@ sub run { my $unUser = 0; my $loginHistory = $req->{sessionInfo}->{_loginHistory}; # Store login history - $req->{user} ||= $req->{sessionInfo}->{_impUser}; # If 2FA is enabled - my $spoofId = $req->param('spoofId') # Impersonation required - || $req->{sessionInfo}->{_impSpoofId} # If 2FA is enabled - || $req->{user}; # Impersonation not required + $req->{user} ||= $req->{sessionInfo}->{_impUser}; # If 2FA is enabled + my $spoofId = $req->param('spoofId') # Impersonation required + || $req->{sessionInfo}->{_impSpoofId} # If 2FA is enabled + || $req->{user}; # Impersonation not required $self->logger->debug("No impersonation required") if ( $spoofId eq $req->{user} ); diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/NewLocationWarning.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/NewLocationWarning.pm index 356fd70fa..c79bb1fa8 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/NewLocationWarning.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/NewLocationWarning.pm @@ -104,7 +104,7 @@ sub sendWarningEmail { my ( $self, $req ) = @_; return $self->_sendMail($req) if $req->sessionInfo->{_riskDetails}->{newLocation}; - + return PE_OK; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/PublicPages.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/PublicPages.pm index 35bdddb29..ce891bff0 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/PublicPages.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/PublicPages.pm @@ -10,7 +10,7 @@ our $VERSION = '2.0.10'; sub init { my ($self) = @_; $self->addAuthRoute( public => { ':tpl' => 'run' }, ['GET'] ) - ->addUnauthRoute( public => { ':tpl' => 'run' }, ['GET'] ); + ->addUnauthRoute( public => { ':tpl' => 'run' }, ['GET'] ); return 1; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm index 76dfe4a0a..e675feee9 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm @@ -107,9 +107,11 @@ has exportedAttr => ( # Convert @attributes into hash to remove duplicates my %attributes = map( { $_ => 1 } @attributes ); - %attributes = - ( %attributes, %{ $conf->{exportedVars} }, %{ $conf->{macros} }, - ); + %attributes = ( + %attributes, + %{ $conf->{exportedVars} }, + %{ $conf->{macros} }, + ); return '[' . join( ',', keys %attributes ) . ']'; } } @@ -260,7 +262,7 @@ sub init { ->addAuthRoute( myapplications => 'myApplications', ['GET'] ); - extends @parents if ($add); + extends @parents if ($add); $self->setTypes( $self->conf ) if ( $self->conf->{restSessionServer} ); return 1; @@ -600,9 +602,9 @@ sub getError { return $self->p->sendJSONresponse( $req, { - result => 1, - lang => $lang, - errorNum => $errNum ? $errNum : 'all', + result => 1, + lang => $lang, + errorNum => $errNum ? $errNum : 'all', errorsFileURL => "$self->{conf}->{staticPrefix}/languages/$lang.json", ( $errNum ? ( errorMsgRef => "PE$errNum" ) : () ) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm index be43cd346..782839621 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/SOAPServer.pm @@ -26,7 +26,7 @@ extends qw( Lemonldap::NG::Common::Conf::AccessLib ); -has server => ( is => 'rw' ); +has server => ( is => 'rw' ); has configStorage => ( is => 'ro', lazy => 1, @@ -60,9 +60,11 @@ has exportedAttr => ( # Convert @attributes into hash to remove duplicates my %attributes = map( { $_ => 1 } @attributes ); - %attributes = - ( %attributes, %{ $conf->{exportedVars} }, %{ $conf->{macros} }, - ); + %attributes = ( + %attributes, + %{ $conf->{exportedVars} }, + %{ $conf->{macros} }, + ); return [ sort keys %attributes ]; } diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm index 885395ddc..13eb81678 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Demo.pm @@ -109,7 +109,7 @@ sub findUser { my $uid = $demoAccounts{$_}->{uid}; my $cn = $demoAccounts{$_}->{cn}; my $mail = $demoAccounts{$_}->{mail}; - my $guy = $demoAccounts{$_}->{guy} // 'good'; + my $guy = $demoAccounts{$_}->{guy} // 'good'; my $type = $demoAccounts{$_}->{type} // 'character'; eval "($cond)" ? $_ @@ -136,8 +136,10 @@ sub findUser { sub setSessionInfo { my ( $self, $req ) = @_; - my %vars = ( %{ $self->conf->{exportedVars} }, - %{ $self->conf->{demoExportedVars} } ); + my %vars = ( + %{ $self->conf->{exportedVars} }, + %{ $self->conf->{demoExportedVars} } + ); while ( my ( $k, $v ) = each %vars ) { $req->{sessionInfo}->{$k} = $demoAccounts{ $req->{user} }->{$v}; } @@ -151,7 +153,7 @@ sub setSessionInfo { sub setGroups { my ( $self, $req ) = @_; my $user = $req->user; - my $groups = $req->sessionInfo->{groups} || ''; + my $groups = $req->sessionInfo->{groups} || ''; my $hGroups = $req->sessionInfo->{hGroups} || {}; for my $grp ( keys %demoGroups ) { if ( grep { $_ eq $user } @{ $demoGroups{$grp} } ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm index b01edb904..fffc642da 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/LDAP.pm @@ -36,8 +36,10 @@ sub setSessionInfo { my ( $self, $req ) = @_; $req->{sessionInfo}->{_dn} = $req->data->{dn}; - my %vars = ( %{ $self->conf->{exportedVars} }, - %{ $self->conf->{ldapExportedVars} } ); + my %vars = ( + %{ $self->conf->{exportedVars} }, + %{ $self->conf->{ldapExportedVars} } + ); while ( my ( $k, $v ) = each %vars ) { my $value = $self->ldap->getLdapValue( $req->data->{ldapentry}, $v ); @@ -58,7 +60,7 @@ sub setSessionInfo { # @return Lemonldap::NG::Portal constant sub setGroups { my ( $self, $req ) = @_; - my $groups = $req->{sessionInfo}->{groups} || ''; + my $groups = $req->{sessionInfo}->{groups} || ''; my $hGroups = $req->{sessionInfo}->{hGroups} || {}; if ( $self->conf->{ldapGroupBase} ) { diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm index 0d46a325f..fbe008d6c 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/UserDB/Remote.pm @@ -25,7 +25,7 @@ sub setSessionInfo { my ( $self, $req ) = @_; delete $req->data->{rSessionInfo}->{_session_id}; $req->{sessionInfo} = $req->data->{rSessionInfo}; - + return PE_OK; } diff --git a/lemonldap-ng-portal/t/01-BuildUrl.t b/lemonldap-ng-portal/t/01-BuildUrl.t index 2e86e19df..797c7f85d 100644 --- a/lemonldap-ng-portal/t/01-BuildUrl.t +++ b/lemonldap-ng-portal/t/01-BuildUrl.t @@ -11,14 +11,14 @@ my $app = LLNG::Manager::Test->new( { )->p; my @tests = ( - [] => 'http://auth.example.com/', - ['foo'] => 'http://auth.example.com/foo', - [ 'foo', 'bar' ] => 'http://auth.example.com/foo/bar', - [ { p => 1 } ] => 'http://auth.example.com/?p=1', - ['https://foo'] => 'https://foo', - [ 'https://foo', 'bar' ] => 'https://foo/bar', - [ 'https://foo', 'bar', 'baz' ] => 'https://foo/bar/baz', - [ 'https://foo', { p => 1 } ] => 'https://foo?p=1', + [] => 'http://auth.example.com/', + ['foo'] => 'http://auth.example.com/foo', + [ 'foo', 'bar' ] => 'http://auth.example.com/foo/bar', + [ { p => 1 } ] => 'http://auth.example.com/?p=1', + ['https://foo'] => 'https://foo', + [ 'https://foo', 'bar' ] => 'https://foo/bar', + [ 'https://foo', 'bar', 'baz' ] => 'https://foo/bar/baz', + [ 'https://foo', { p => 1 } ] => 'https://foo?p=1', [ 'https://foo', 'bar', { p => 1 } ] => 'https://foo/bar?p=1', ); diff --git a/lemonldap-ng-portal/t/01-Handler-redirection-and-URL-check-by-portal.t b/lemonldap-ng-portal/t/01-Handler-redirection-and-URL-check-by-portal.t index 427456a75..e5ad67580 100644 --- a/lemonldap-ng-portal/t/01-Handler-redirection-and-URL-check-by-portal.t +++ b/lemonldap-ng-portal/t/01-Handler-redirection-and-URL-check-by-portal.t @@ -42,7 +42,7 @@ ok( 'X_ORIGINAL_URI' => "/", 'SERVER_PORT' => '80', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => 'test1.example.com', @@ -79,7 +79,7 @@ ok( 'X_ORIGINAL_URI' => "/service/home/~/", 'SERVER_PORT' => '80', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => 'courriel.example.com', diff --git a/lemonldap-ng-portal/t/01-Unauth-Logout.t b/lemonldap-ng-portal/t/01-Unauth-Logout.t index d1e56bf20..881648dd1 100644 --- a/lemonldap-ng-portal/t/01-Unauth-Logout.t +++ b/lemonldap-ng-portal/t/01-Unauth-Logout.t @@ -26,8 +26,7 @@ count(3); # Test unauthenticated logout request access with route ok( $res = $client->_get( - '/logout', - accept => 'text/html' + '/logout', accept => 'text/html' ), 'Get logout page' ); diff --git a/lemonldap-ng-portal/t/01-WebAuthn-Registration.t b/lemonldap-ng-portal/t/01-WebAuthn-Registration.t index 52e1a9647..b4319fcab 100644 --- a/lemonldap-ng-portal/t/01-WebAuthn-Registration.t +++ b/lemonldap-ng-portal/t/01-WebAuthn-Registration.t @@ -215,7 +215,7 @@ ENDKEY my $credential_response = $webauthn_tester->get_assertion_response($verif_challenge); my $verification_response = buildForm( { - state_id => $state_id, + state_id => $state_id, credential => $webauthn_tester->encode_credential($credential_response), } @@ -257,7 +257,7 @@ ENDKEY is_deeply( $device1, { - '_credentialId' => encode_base64url($credential_id_1), + '_credentialId' => encode_base64url($credential_id_1), '_credentialPublicKey' => 'pQECAyYgASFYIM_oQXEUzjPwEhM4gWmIbCuOXc4Ja8jPDKxbQaZckal7Ilgg_9a693_nkf7flk1S9AV2tjrtJPF6kg8TCGbFKoeD9Wc', '_signCount' => 5, @@ -269,7 +269,7 @@ ENDKEY is_deeply( $device2, { - '_credentialId' => encode_base64url($credential_id_2), + '_credentialId' => encode_base64url($credential_id_2), '_credentialPublicKey' => 'pQECAyYgASFYIM_oQXEUzjPwEhM4gWmIbCuOXc4Ja8jPDKxbQaZckal7Ilgg_9a693_nkf7flk1S9AV2tjrtJPF6kg8TCGbFKoeD9Wc', '_signCount' => 18, diff --git a/lemonldap-ng-portal/t/01-WebAuthn.t b/lemonldap-ng-portal/t/01-WebAuthn.t index 1c3b970bc..a713289f2 100644 --- a/lemonldap-ng-portal/t/01-WebAuthn.t +++ b/lemonldap-ng-portal/t/01-WebAuthn.t @@ -52,7 +52,7 @@ ENDKEY "dwho", { _2fDevices => to_json [ { - "_credentialId" => "bFpZbHRQOU10b1JOdVhLOGY4dFdm", + "_credentialId" => "bFpZbHRQOU10b1JOdVhLOGY4dFdm", "_credentialPublicKey" => encode_base64url( $webauthn_tester->encode_cosekey ), "_signCount" => "1", diff --git a/lemonldap-ng-portal/t/02-Password-Demo-Local-Ppolicy.t b/lemonldap-ng-portal/t/02-Password-Demo-Local-Ppolicy.t index d0e4961ab..fd11acd0e 100644 --- a/lemonldap-ng-portal/t/02-Password-Demo-Local-Ppolicy.t +++ b/lemonldap-ng-portal/t/02-Password-Demo-Local-Ppolicy.t @@ -9,19 +9,19 @@ use Lemonldap::NG::Portal::Main::Constants qw( require 't/test-lib.pm'; -my ($res, $json); +my ( $res, $json ); my $client = LLNG::Manager::Test->new( { ini => { - logLevel => 'error', - passwordDB => 'Demo', - passwordPolicy => 1, - portalRequireOldPassword => 1, - passwordPolicyMinSize => 6, - passwordPolicyMinLower => 3, - passwordPolicyMinUpper => 3, - passwordPolicyMinDigit => 1, - passwordPolicyMinSpeChar => 2, + logLevel => 'error', + passwordDB => 'Demo', + passwordPolicy => 1, + portalRequireOldPassword => 1, + passwordPolicyMinSize => 6, + passwordPolicyMinLower => 3, + passwordPolicyMinUpper => 3, + passwordPolicyMinDigit => 1, + passwordPolicyMinSpeChar => 2, passwordPolicySpecialChar => ' [ } \ ', portalDisplayPasswordPolicy => 1 } diff --git a/lemonldap-ng-portal/t/19-Auth-Null.t b/lemonldap-ng-portal/t/19-Auth-Null.t index 8d5165139..da2924a43 100644 --- a/lemonldap-ng-portal/t/19-Auth-Null.t +++ b/lemonldap-ng-portal/t/19-Auth-Null.t @@ -32,8 +32,7 @@ ok( $res->[2]->[0] =~ m%%, 'Language icons found' ) count(3); ok( $res = $client->_get( - '/logout', - accept => 'text/html' + '/logout', accept => 'text/html' ), 'Get logout page' ); diff --git a/lemonldap-ng-portal/t/20-Auth-DBI-utf8.t b/lemonldap-ng-portal/t/20-Auth-DBI-utf8.t index d4506f081..0dea9360e 100644 --- a/lemonldap-ng-portal/t/20-Auth-DBI-utf8.t +++ b/lemonldap-ng-portal/t/20-Auth-DBI-utf8.t @@ -16,8 +16,7 @@ SKIP: { } my $dbh = DBI->connect("dbi:SQLite:dbname=$userdb"); $dbh->do('CREATE TABLE users (user text,password text,cn text)'); - $dbh->do( - "INSERT INTO users VALUES ('french','french','Frédéric Accents')"); + $dbh->do("INSERT INTO users VALUES ('french','french','Frédéric Accents')"); $dbh->do("INSERT INTO users VALUES ('russian','russian','Русский')"); my $client = LLNG::Manager::Test->new( { ini => { diff --git a/lemonldap-ng-portal/t/21-Auth-LDAP-Policy-Combination.t b/lemonldap-ng-portal/t/21-Auth-LDAP-Policy-Combination.t index 6ba029f8c..c12727b74 100644 --- a/lemonldap-ng-portal/t/21-Auth-LDAP-Policy-Combination.t +++ b/lemonldap-ng-portal/t/21-Auth-LDAP-Policy-Combination.t @@ -15,17 +15,17 @@ SKIP: { my $client = LLNG::Manager::Test->new( { ini => { - logLevel => 'error', - useSafeJail => 1, - portal => 'http://auth.example.com/', - authentication => 'Combination', - userDB => 'Same', - passwordDB => 'LDAP', - combModules => { + logLevel => 'error', + useSafeJail => 1, + portal => 'http://auth.example.com/', + authentication => 'Combination', + userDB => 'Same', + passwordDB => 'LDAP', + combModules => { 'LDAP' => { 'for' => 0, 'type' => 'LDAP' }, 'Demo' => { 'for' => 0, 'type' => 'Demo' } }, - combination => '[LDAP, LDAP] or [Demo, Demo]', + combination => '[LDAP, LDAP] or [Demo, Demo]', portalRequireOldPassword => 1, ldapServer => 'ldap://127.0.0.1:19389/', ldapBase => 'ou=users,dc=example,dc=com', diff --git a/lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t b/lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t index f4af04014..872787863 100644 --- a/lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t +++ b/lemonldap-ng-portal/t/21-Auth-LDAP-attributes.t @@ -33,6 +33,7 @@ SKIP: { } } ); + # my $postString = 'user=' # . ( $ENV{LDAPACCOUNT} || 'dwho' ) # . '&password=' diff --git a/lemonldap-ng-portal/t/22-Auth-and-password-AD.t b/lemonldap-ng-portal/t/22-Auth-and-password-AD.t index f8179c286..ae9031636 100644 --- a/lemonldap-ng-portal/t/22-Auth-and-password-AD.t +++ b/lemonldap-ng-portal/t/22-Auth-and-password-AD.t @@ -20,7 +20,7 @@ SKIP: { LDAPFilter => $ENV{ADFILTER} || '(cn=$user)', ldapServer => $ENV{ADSERVER}, ldapBase => $ENV{ADBASE}, - managerDn => $ENV{MANAGERDN} || '', + managerDn => $ENV{MANAGERDN} || '', managerPassword => $ENV{MANAGERPASSWORD} || '', } } diff --git a/lemonldap-ng-portal/t/26-AuthRadius.t b/lemonldap-ng-portal/t/26-AuthRadius.t index cda81d023..6e22e683f 100644 --- a/lemonldap-ng-portal/t/26-AuthRadius.t +++ b/lemonldap-ng-portal/t/26-AuthRadius.t @@ -6,7 +6,7 @@ use Test::MockObject; require 't/test-lib.pm'; my $res; -my $mock = Test::MockObject->new(); +my $mock = Test::MockObject->new(); my $client = LLNG::Manager::Test->new( { ini => { logLevel => 'error', @@ -52,9 +52,7 @@ $query =~ s/user=[^&]*/user=dwho/; $query =~ s/password=/password=dwho/; ok( $res = $client->_post( - '/', - IO::String->new($query), - length => length($query) + '/', IO::String->new($query), length => length($query) ), 'Auth query' ); diff --git a/lemonldap-ng-portal/t/29-AuthGPG.t b/lemonldap-ng-portal/t/29-AuthGPG.t index 3f82e414a..5360f63f8 100644 --- a/lemonldap-ng-portal/t/29-AuthGPG.t +++ b/lemonldap-ng-portal/t/29-AuthGPG.t @@ -61,5 +61,5 @@ SKIP: { expectCookie($res); } -clean_sessions(count($mainTests)); +clean_sessions( count($mainTests) ); done_testing(); diff --git a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t index b3cf2ccdb..2e6289bff 100644 --- a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t +++ b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t @@ -261,7 +261,7 @@ sub sp { samlIDPMetaDataOptionsCheckSLOMessageSignature => 1, samlIDPMetaDataOptionsForceUTF8 => 1, samlIDPMetaDataOptionsSortNumber => 2, - samlIDPMetaDataOptionsDisplayName => + samlIDPMetaDataOptionsDisplayName => 'idp_Test_DisplayName', }, diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Metadata.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Metadata.t index 1c8f093a8..3dc369fb6 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Metadata.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Metadata.t @@ -21,10 +21,10 @@ SKIP: { # Initialization $issuer = register( 'issuer', \&issuer ); - ok( $res = $issuer->_get('/saml/metadata'), 'Get metadata' ); + ok( $res = $issuer->_get('/saml/metadata'), 'Get metadata' ); ok( $res->[2]->[0] =~ m#^<\?xml version="1.0"\?>#s, 'Metadata is XML' ); - ok( $res = $issuer->_get('/saml/metadata/idp'), 'Get IDP metadata' ); + ok( $res = $issuer->_get('/saml/metadata/idp'), 'Get IDP metadata' ); ok( $res->[2]->[0] =~ m#^<\?xml version="1.0"\?>#s, 'Metadata is XML' ); ok( $res->[2]->[0] !~ m#[2]->[0] =~ m#entityID="urn:example\.com"#s, 'IDP EntityID is overridden' ); - ok( $res = $issuer->_get('/saml/metadata/sp'), 'Get SP metadata' ); + ok( $res = $issuer->_get('/saml/metadata/sp'), 'Get SP metadata' ); ok( $res->[2]->[0] =~ m#^<\?xml version="1.0"\?>#s, 'Metadata is XML' ); ok( $res->[2]->[0] !~ m#_get( '/saml/singleSignOn', - query => buildForm({ - IDPInitiated => 1, - spConfKey => 'sp.com', - spDest => 'http://auth.alternate.com/saml/proxySingleSignOnPost', - }), + query => buildForm( { + IDPInitiated => 1, + spConfKey => 'sp.com', + spDest => + 'http://auth.alternate.com/saml/proxySingleSignOnPost', + } + ), cookie => "lemonldap=$idpId", accept => 'test/html' ), @@ -69,11 +71,13 @@ SKIP: { ok( $res = $issuer->_get( '/saml/singleSignOn', - query => buildForm({ - IDPInitiated => 1, - spConfKey => 'sp.com', - spDest => 'http://auth.perdu.com/saml/proxySingleSignOnPost', - }), + query => buildForm( { + IDPInitiated => 1, + spConfKey => 'sp.com', + spDest => + 'http://auth.perdu.com/saml/proxySingleSignOnPost', + } + ), cookie => "lemonldap=$idpId", accept => 'test/html' ), @@ -144,8 +148,8 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, 'Get iframe request' ) or explain( $res, '' ); ( $url, $query ) = ( $1, $2 ); - expectCspChildOK($res, "auth.idp.com"); - expectCspChildOK($res, "http://auth.sp.com"); + expectCspChildOK( $res, "auth.idp.com" ); + expectCspChildOK( $res, "http://auth.sp.com" ); ok( $res = $issuer->_get( diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t index d62936352..04f9046e8 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t @@ -117,7 +117,7 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#, ); $url = $1; my $query = $2; - expectCspChildOK($res, "auth.sp.com"); + expectCspChildOK( $res, "auth.sp.com" ); my $removedCookie = expectCookie($res); is( $removedCookie, 0, "SSO cookie removed" ); diff --git a/lemonldap-ng-portal/t/30-CDC.t b/lemonldap-ng-portal/t/30-CDC.t index f096d3726..cd993726b 100644 --- a/lemonldap-ng-portal/t/30-CDC.t +++ b/lemonldap-ng-portal/t/30-CDC.t @@ -213,7 +213,7 @@ sub issuer { authentication => 'Demo', userDB => 'Same', samlCommonDomainCookieActivation => 1, - samlCommonDomainCookieReader => + samlCommonDomainCookieReader => 'http://auth.cdc.com/?action=read', samlCommonDomainCookieWriter => 'http://auth.cdc.com/?action=write', @@ -262,7 +262,7 @@ sub sp { authentication => 'SAML', userDB => 'Same', samlCommonDomainCookieActivation => 1, - samlCommonDomainCookieReader => + samlCommonDomainCookieReader => 'http://auth.cdc.com/?action=read', samlCommonDomainCookieWriter => 'http://auth.cdc.com/?action=write', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t index cfb0808a5..ea63ada20 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t @@ -239,8 +239,7 @@ clean_sessions(); done_testing( count() ); sub issuer { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', @@ -271,8 +270,7 @@ sub issuer { } sub sp { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'sp.com', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t index c41f19a6d..949e4a0d0 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t @@ -200,7 +200,7 @@ count(1); # Query IdP with iframe src my $url = $1; $query = $2; -expectCspChildOK($res, "auth.idp.com"); +expectCspChildOK( $res, "auth.idp.com" ); switch ('issuer'); ok( diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t index bf2e9ebde..183a08473 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t @@ -200,7 +200,7 @@ count(1); # Query IdP with iframe src my $url = $1; $query = $2; -expectCspChildOK($res, "auth.idp.com"); +expectCspChildOK( $res, "auth.idp.com" ); switch ('issuer'); ok( diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t index f44b2c660..83d21a70a 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t @@ -170,7 +170,7 @@ count(1); # Query IdP with iframe src my $url = $1; $query = $2; -expectCspChildOK($res, "auth.idp.com"); +expectCspChildOK( $res, "auth.idp.com" ); switch ('issuer'); ok( @@ -224,7 +224,7 @@ sub issuer { casAttributes => { cn => 'cn', uid => 'uid', multi => 'multi' }, casAccessControlPolicy => 'none', multiValuesSeparator => ';', - macros => + macros => { multi => '"value1;value2"', _whatToTrace => '$uid' }, } } diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t index 054da9117..57bf41db9 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t @@ -160,7 +160,7 @@ count(1); # Query IdP with iframe src my $url = $1; $query = $2; -expectCspChildOK($res, "auth.idp.com"); +expectCspChildOK( $res, "auth.idp.com" ); switch ('issuer'); ok( diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t index 6b09a4b30..27abeca9b 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t @@ -254,7 +254,7 @@ SKIP: { # Query IdP with iframe src $url = $1; $query = $2; - expectCspChildOK($res, "auth.idp.com"); + expectCspChildOK( $res, "auth.idp.com" ); # Get iframe from CAS server switch ('issuer'); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t index 37c582c98..b97bd1c7d 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t @@ -216,7 +216,7 @@ sub op { oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", oidcRPMetaDataOptionsAccessTokenExpiration => 3600, - oidcRPMetaDataOptionsLogoutUrl => + oidcRPMetaDataOptionsLogoutUrl => 'http://auth.rp.com/oidc/logout', oidcRPMetaDataOptionsLogoutType => 'front', oidcRPMetaDataOptionsLogoutSessionRequired => 0, diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t index fa825faf6..0bfcd2241 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t @@ -328,8 +328,8 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, - oidcRPMetaDataOptionsUserInfoSignAlg => "HS512", + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsUserInfoSignAlg => "HS512", oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t index 8807162fc..8d54eb7d5 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t @@ -321,14 +321,14 @@ sub op { oidcServiceAllowAuthorizationCodeFlow => 1, oidcRPMetaDataOptions => { rp => { - oidcRPMetaDataOptionsDisplayName => "RP", - oidcRPMetaDataOptionsIDTokenExpiration => 3600, - oidcRPMetaDataOptionsClientID => "rpid", - oidcRPMetaDataOptionsIDTokenSignAlg => "RS512", - oidcRPMetaDataOptionsBypassConsent => 0, - oidcRPMetaDataOptionsPublic => 1, - oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsDisplayName => "RP", + oidcRPMetaDataOptionsIDTokenExpiration => 3600, + oidcRPMetaDataOptionsClientID => "rpid", + oidcRPMetaDataOptionsIDTokenSignAlg => "RS512", + oidcRPMetaDataOptionsBypassConsent => 0, + oidcRPMetaDataOptionsPublic => 1, + oidcRPMetaDataOptionsUserIDAttr => "", + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t index e22bdd4bb..c78d0f9fc 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t @@ -282,7 +282,7 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t index 96903d3af..6679c06b6 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t @@ -332,7 +332,7 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 1, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t index b9c25d3e4..56a268e7f 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t @@ -324,7 +324,7 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t index da04ea5d1..99a199ec9 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t @@ -349,7 +349,7 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1", oidcRPMetaDataOptionsRule => '$uid eq "french"', diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t index 798009206..dc7df286f 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t @@ -160,8 +160,8 @@ count(4); # Check attributes in ID Token my $id_token_decoded = id_token_payload( $prms{id_token} ); is( $id_token_decoded->{sub}, "dwho", 'Check sub value' ); -ok( !$id_token_decoded->{name}, 'Claim name must not be in ID token' ); -is( $id_token_decoded->{azp}, 'rpid', ' azp found' ); +ok( !$id_token_decoded->{name}, 'Claim name must not be in ID token' ); +is( $id_token_decoded->{azp}, 'rpid', ' azp found' ); count(3); $op->logout($idpId); @@ -237,7 +237,7 @@ sub op { oidcServiceAllowAuthorizationCodeFlow => 1, oidcRPMetaDataOptions => { rp => { - oidcRPMetaDataOptionsDisplayName => "RP", + oidcRPMetaDataOptionsDisplayName => "RP", oidcRPMetaDataOptionsAdditionalAudiences => "http://my.extra.audience/test urn:extra2", oidcRPMetaDataOptionsIDTokenExpiration => 3600, diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t index 7cb81d740..38bf92fba 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t @@ -207,7 +207,7 @@ sub rp { oidcOPMetaDataOptionsStoreIDToken => 0, oidcOPMetaDataOptionsDisplay => "", oidcOPMetaDataOptionsIcon => 'icons/sfa_manager.png', - oidcOPMetaDataOptionsClientID => "rpid", + oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.op.com/.well-known/openid-configuration" }, diff --git a/lemonldap-ng-portal/t/32-CAS-Prefix.t b/lemonldap-ng-portal/t/32-CAS-Prefix.t index 0403185e3..eadc7c13f 100644 --- a/lemonldap-ng-portal/t/32-CAS-Prefix.t +++ b/lemonldap-ng-portal/t/32-CAS-Prefix.t @@ -120,8 +120,7 @@ done_testing( count() ); sub issuer { my ($strict) = @_; - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', diff --git a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t index e920bcdfa..05a87ddaa 100644 --- a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t +++ b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t @@ -52,10 +52,10 @@ my $op = LLNG::Manager::Test->new( { oidcRPMetaDataOptionsRule => '$_scope =~ /\bread\b/', }, scopelessrp => { - oidcRPMetaDataOptionsDisplayName => "RP", - oidcRPMetaDataOptionsIDTokenExpiration => 3600, - oidcRPMetaDataOptionsClientID => "scopelessrp", - oidcRPMetaDataOptionsAllowOffline => 1, + oidcRPMetaDataOptionsDisplayName => "RP", + oidcRPMetaDataOptionsIDTokenExpiration => 3600, + oidcRPMetaDataOptionsClientID => "scopelessrp", + oidcRPMetaDataOptionsAllowOffline => 1, oidcRPMetaDataOptionsAllowClientCredentialsGrant => 1, oidcRPMetaDataOptionsIDTokenSignAlg => "HS512", oidcRPMetaDataOptionsClientSecret => "rpsecret", @@ -64,7 +64,7 @@ my $op = LLNG::Manager::Test->new( { oidcRPMetaDataOptionsBypassConsent => 1, oidcRPMetaDataOptionsRefreshToken => 1, oidcRPMetaDataOptionsIDTokenForceClaims => 1, - oidcRPMetaDataOptionsRule => '', + oidcRPMetaDataOptionsRule => '', }, pubrp => { oidcRPMetaDataOptionsAccessTokenExpiration => 3600, @@ -158,7 +158,7 @@ $res = $op->_post( accept => 'application/json', length => length($badquery3), ); -expectReject($res, 400, "invalid_scope"); +expectReject( $res, 400, "invalid_scope" ); ## Test a confidential RP $res = $op->_post( diff --git a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t index 47fc9f1dd..b74e49a59 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t +++ b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t @@ -351,8 +351,8 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, - oidcRPMetaDataOptionsAuthnLevel => 5, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsAuthnLevel => 5, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t index 17ed58690..978ba6208 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t +++ b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t @@ -352,7 +352,7 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/32-OIDC-Grant-Type-OAuth2-Handler-Rules.t b/lemonldap-ng-portal/t/32-OIDC-Grant-Type-OAuth2-Handler-Rules.t index 5509899be..0d8a903bc 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Grant-Type-OAuth2-Handler-Rules.t +++ b/lemonldap-ng-portal/t/32-OIDC-Grant-Type-OAuth2-Handler-Rules.t @@ -61,7 +61,7 @@ sub handler_req { 'X_ORIGINAL_URI' => $url, 'SERVER_PORT' => '80', 'SERVER_PROTOCOL' => 'HTTP/1.1', - 'HTTP_USER_AGENT' => + 'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox', 'REMOTE_ADDR' => '127.0.0.1', 'HTTP_HOST' => 'oauth.example.com', diff --git a/lemonldap-ng-portal/t/32-OIDC-Grant-Type-Rules.t b/lemonldap-ng-portal/t/32-OIDC-Grant-Type-Rules.t index 33bdc80f5..4645b888f 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Grant-Type-Rules.t +++ b/lemonldap-ng-portal/t/32-OIDC-Grant-Type-Rules.t @@ -127,7 +127,7 @@ sub portal { oidcRPMetaDataOptionsAllowClientCredentialsGrant => 1, oidcRPMetaDataOptionsAllowPasswordGrant => 1, oidcRPMetaDataOptionsRedirectUris => "http://test", - oidcRPMetaDataOptionsRule => + oidcRPMetaDataOptionsRule => '$_oidc_grant_type eq "authorizationcode"', }, rppassword => { @@ -142,7 +142,7 @@ sub portal { oidcRPMetaDataOptionsAllowClientCredentialsGrant => 1, oidcRPMetaDataOptionsAllowPasswordGrant => 1, oidcRPMetaDataOptionsRedirectUris => "http://test", - oidcRPMetaDataOptionsRule => + oidcRPMetaDataOptionsRule => '$_oidc_grant_type eq "password"', }, rpclient => { @@ -157,7 +157,7 @@ sub portal { oidcRPMetaDataOptionsAllowClientCredentialsGrant => 1, oidcRPMetaDataOptionsAllowPasswordGrant => 1, oidcRPMetaDataOptionsRedirectUris => "http://test", - oidcRPMetaDataOptionsRule => + oidcRPMetaDataOptionsRule => '$_oidc_grant_type eq "clientcredentials"', }, }, diff --git a/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t b/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t index eea9ad828..63527d20c 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t +++ b/lemonldap-ng-portal/t/32-OIDC-Offline-Session.t @@ -51,8 +51,8 @@ sub runTest { ok( $id_token, "Got ID token" ); my $id_token_payload = id_token_payload($id_token); - my $auth_time = $id_token_payload->{auth_time}; - ok( $auth_time, "Authentication date found in token"); + my $auth_time = $id_token_payload->{auth_time}; + ok( $auth_time, "Authentication date found in token" ); is( $id_token_payload->{name}, 'Frédéric Accents', @@ -63,7 +63,7 @@ sub runTest { $json = expectJSON( getUserinfo( $op, $access_token ) ); ok( $json->{'name'} eq "Frédéric Accents", 'Got User Info' ); - ok( $json->{'sub'} eq "customfrench", 'Got User Info' ); + ok( $json->{'sub'} eq "customfrench", 'Got User Info' ); $op->logout($idpId); @@ -96,7 +96,7 @@ sub runTest { $json = expectJSON( getUserinfo( $op, $access_token ) ); ok( $json->{name} eq "Frédéric Accents", "Correct user info" ); - ok( $json->{'sub'} eq "customfrench", 'Got User Info' ); + ok( $json->{'sub'} eq "customfrench", 'Got User Info' ); # Make sure offline session is still valid long after natural session expiration time @@ -119,7 +119,8 @@ sub runTest { ok( !defined $refresh_token2, "Refresh token not present" ); $id_token_payload = id_token_payload($id_token); - is( $id_token_payload->{auth_time}, $auth_time, 'Original auth_time retained' ); + is( $id_token_payload->{auth_time}, + $auth_time, 'Original auth_time retained' ); is( $id_token_payload->{name}, 'Frédéric Accents', @@ -139,14 +140,14 @@ sub runTest { $json = expectJSON( getUserinfo( $op, $access_token ) ); ok( $json->{name} eq "Frédéric Accents", "Correct user info" ); - ok( $json->{'sub'} eq "customfrench", 'Got User Info' ); + ok( $json->{'sub'} eq "customfrench", 'Got User Info' ); ## Test introspection of refreshed token #2171 $json = expectJSON( introspect( $op, 'rpid', $access_token ) ); is( $json->{active}, 1, 'Token is active' ); is( $json->{client_id}, 'rpid', 'Introspection contains client_id' ); - is( $json->{sub}, 'customfrench', 'Introspection contains sub' ); + is( $json->{sub}, 'customfrench', 'Introspection contains sub' ); # #2168 ok( @@ -177,16 +178,16 @@ my $baseConfig = { }, oidcRPMetaDataOptions => { rp => { - oidcRPMetaDataOptionsDisplayName => "RP", - oidcRPMetaDataOptionsClientID => "rpid", - oidcRPMetaDataOptionsAllowOffline => 1, - oidcRPMetaDataOptionsIDTokenSignAlg => "HS512", - oidcRPMetaDataOptionsAccessTokenSignAlg => "RS512", - oidcRPMetaDataOptionsAccessTokenClaims => 1, - oidcRPMetaDataOptionsClientSecret => "rpid", - oidcRPMetaDataOptionsUserIDAttr => "custom_sub", - oidcRPMetaDataOptionsBypassConsent => 1, - oidcRPMetaDataOptionsIDTokenForceClaims => 1, + oidcRPMetaDataOptionsDisplayName => "RP", + oidcRPMetaDataOptionsClientID => "rpid", + oidcRPMetaDataOptionsAllowOffline => 1, + oidcRPMetaDataOptionsIDTokenSignAlg => "HS512", + oidcRPMetaDataOptionsAccessTokenSignAlg => "RS512", + oidcRPMetaDataOptionsAccessTokenClaims => 1, + oidcRPMetaDataOptionsClientSecret => "rpid", + oidcRPMetaDataOptionsUserIDAttr => "custom_sub", + oidcRPMetaDataOptionsBypassConsent => 1, + oidcRPMetaDataOptionsIDTokenForceClaims => 1, oidcRPMetaDataOptionsAdditionalAudiences => "http://my.extra.audience/test urn:extra2", diff --git a/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t b/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t index e5d71b70c..52973a026 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t +++ b/lemonldap-ng-portal/t/32-OIDC-Refresh-Token.t @@ -80,7 +80,7 @@ sub runTest { $json = expectJSON( getUserinfo( $op, $access_token ) ); - ok( $json->{'sub'} eq "french", 'Got User Info' ); + ok( $json->{'sub'} eq "french", 'Got User Info' ); ok( $json->{'name'} eq "Frédéric Accents", 'Got User Info' ); # Skip ahead in time @@ -110,7 +110,7 @@ sub runTest { # Try refreshed access token $json = expectJSON( getUserinfo( $op, $access_token ) ); - ok( $json->{'sub'} eq "french", 'Got User Info' ); + ok( $json->{'sub'} eq "french", 'Got User Info' ); ok( $json->{'name'} eq "Frédéric Accents", 'Got User Info' ); # Check failure conditions @@ -143,17 +143,17 @@ my $baseConfig = { }, oidcRPMetaDataOptions => { rp => { - oidcRPMetaDataOptionsDisplayName => "RP", - oidcRPMetaDataOptionsClientID => "rpid", - oidcRPMetaDataOptionsAllowOffline => 1, - oidcRPMetaDataOptionsIDTokenSignAlg => "HS512", - oidcRPMetaDataOptionsAccessTokenSignAlg => "RS512", - oidcRPMetaDataOptionsAccessTokenClaims => 1, - oidcRPMetaDataOptionsClientSecret => "rpid", - oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsBypassConsent => 1, - oidcRPMetaDataOptionsRefreshToken => 1, - oidcRPMetaDataOptionsIDTokenForceClaims => 1, + oidcRPMetaDataOptionsDisplayName => "RP", + oidcRPMetaDataOptionsClientID => "rpid", + oidcRPMetaDataOptionsAllowOffline => 1, + oidcRPMetaDataOptionsIDTokenSignAlg => "HS512", + oidcRPMetaDataOptionsAccessTokenSignAlg => "RS512", + oidcRPMetaDataOptionsAccessTokenClaims => 1, + oidcRPMetaDataOptionsClientSecret => "rpid", + oidcRPMetaDataOptionsUserIDAttr => "", + oidcRPMetaDataOptionsBypassConsent => 1, + oidcRPMetaDataOptionsRefreshToken => 1, + oidcRPMetaDataOptionsIDTokenForceClaims => 1, oidcRPMetaDataOptionsAdditionalAudiences => "http://my.extra.audience/test urn:extra2", } diff --git a/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t b/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t index 8a4572725..d46fe2779 100644 --- a/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t +++ b/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t @@ -126,7 +126,7 @@ my $newId = $res->{session}->{_session_id}; # Verify a key ok( $res = $issuer->_get("/sessions/global/$newId/uid"), 'Verify uid' ); -ok( $res->[2]->[0] eq 'zz', ' Uid is good' ); +ok( $res->[2]->[0] eq 'zz', ' Uid is good' ); count(4); # Update a key @@ -159,7 +159,7 @@ count(3); # Verify new key ok( $res = $issuer->_get("/sessions/global/$newId/cn"), 'Verify cn' ); -ok( $res->[2]->[0] eq 'CN', ' CN is good' ); +ok( $res->[2]->[0] eq 'CN', ' CN is good' ); count(2); use_ok('Lemonldap::NG::Common::Apache::Session::REST'); @@ -208,7 +208,7 @@ if ( ok( ref($res) eq 'HASH', ' Result is an hash' ) ) { } } ok( $c == $c1, " Found the same count" ) or explain( $c, $c1 ); - ok( $tmp, ' All sessions are valid' ); + ok( $tmp, ' All sessions are valid' ); count(2); } count(2); diff --git a/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-sessions.t b/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-sessions.t index a32bdd5d1..6eb7ee267 100644 --- a/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-sessions.t +++ b/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-sessions.t @@ -114,6 +114,7 @@ done_testing( count() ); # Redefine LWP methods for tests no warnings 'redefine'; + sub switch { my $type = shift; @Lemonldap::NG::Handler::Main::_onReload = @{ diff --git a/lemonldap-ng-portal/t/35-SOAP-config-backend.t b/lemonldap-ng-portal/t/35-SOAP-config-backend.t index 3065226cf..094e51a84 100644 --- a/lemonldap-ng-portal/t/35-SOAP-config-backend.t +++ b/lemonldap-ng-portal/t/35-SOAP-config-backend.t @@ -63,7 +63,7 @@ SKIP: { my $res; ok( $res = $soap->call('getConfig')->result(), 'Get configuration' ); - ok( $res->{cfgNum} == 1, 'cfgNum is 1' ); + ok( $res->{cfgNum} == 1, 'cfgNum is 1' ); $sp = register( 'sp', \&sp ); diff --git a/lemonldap-ng-portal/t/36-Combination-Custom.t b/lemonldap-ng-portal/t/36-Combination-Custom.t index 73579471c..bbdd018c0 100644 --- a/lemonldap-ng-portal/t/36-Combination-Custom.t +++ b/lemonldap-ng-portal/t/36-Combination-Custom.t @@ -115,7 +115,7 @@ sub iniCmb { dbiAuthLoginCol => 'user', dbiAuthPasswordCol => 'password', dbiAuthPasswordHash => '', - dbiExportedVars => { dbi => 'user' }, + dbiExportedVars => { dbi => 'user' }, demoExportedVars => { demo => 'uid' }, } } diff --git a/lemonldap-ng-portal/t/36-Combination-Password.t b/lemonldap-ng-portal/t/36-Combination-Password.t index b209ae3e1..31fd2cd60 100644 --- a/lemonldap-ng-portal/t/36-Combination-Password.t +++ b/lemonldap-ng-portal/t/36-Combination-Password.t @@ -118,7 +118,7 @@ sub iniCmb { dbiAuthLoginCol => 'user', dbiAuthPasswordCol => 'password', dbiAuthPasswordHash => '', - dbiExportedVars => { dbi => 'user' }, + dbiExportedVars => { dbi => 'user' }, demoExportedVars => { demo => 'uid' }, } } diff --git a/lemonldap-ng-portal/t/36-Combination.t b/lemonldap-ng-portal/t/36-Combination.t index 88b6c9a13..c2cb89fa1 100644 --- a/lemonldap-ng-portal/t/36-Combination.t +++ b/lemonldap-ng-portal/t/36-Combination.t @@ -107,7 +107,7 @@ sub iniCmb { dbiAuthLoginCol => 'user', dbiAuthPasswordCol => 'password', dbiAuthPasswordHash => '', - dbiExportedVars => { dbi => 'user' }, + dbiExportedVars => { dbi => 'user' }, demoExportedVars => { demo => 'uid' }, } } diff --git a/lemonldap-ng-portal/t/37-Issuer-Timeout.t b/lemonldap-ng-portal/t/37-Issuer-Timeout.t index 8ac7e382e..bc3d8c918 100644 --- a/lemonldap-ng-portal/t/37-Issuer-Timeout.t +++ b/lemonldap-ng-portal/t/37-Issuer-Timeout.t @@ -171,8 +171,8 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, - oidcRPMetaDataOptionsBypassConsent => 1, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsBypassConsent => 1, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp.com/?logout=1" }, @@ -184,8 +184,8 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 0, oidcRPMetaDataOptionsClientSecret => "rp2secret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, - oidcRPMetaDataOptionsBypassConsent => 1, + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsBypassConsent => 1, oidcRPMetaDataOptionsPostLogoutRedirectUris => "http://auth.rp2.com/?logout=1" } diff --git a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t index 9db1125c0..f75e82c0e 100644 --- a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t +++ b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t @@ -6,11 +6,10 @@ use LWP::UserAgent; use LWP::Protocol::PSGI; use MIME::Base64; - # ------------ --------------------------- ---------------- # | OIDC RP | <-> | OIDC provider + SAML SP | <-> | SAML IdP | # ------------ --------------------------- ---------------- -# +# # Use case: # - login from RP up to SAML IdP # - logout asked from RP, and propagated up to SAML IdP @@ -24,6 +23,7 @@ BEGIN { my $maintests = 17; my $debug = 'error'; + #my $debug = 'error'; my ( $op, $rp, $idp, $res ); @@ -31,7 +31,8 @@ my ( $op, $rp, $idp, $res ); LWP::Protocol::PSGI->register( sub { my $req = Plack::Request->new(@_); - ok( $req->uri =~ m#http://auth.((?:op|rp|idp)).com(.*)#, ' REST request' ); + ok( $req->uri =~ m#http://auth.((?:op|rp|idp)).com(.*)#, + ' REST request' ); my $host = $1; my $url = $2; my ( $res, $client ); @@ -83,8 +84,6 @@ LWP::Protocol::PSGI->register( } ); - - SKIP: { eval "use Lasso"; if ($@) { @@ -112,7 +111,6 @@ SKIP: { $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); - # LOGIN PROCESS ############################################################ # Query RP for auth @@ -137,14 +135,16 @@ SKIP: { # Try to authenticate to IdP ok( - $res = $idp->_get( $urlidp, query => $queryidp, accept => 'text/html'), - "SAML Authentication on idp, endpoint $urlidp" ); + $res = $idp->_get( $urlidp, query => $queryidp, accept => 'text/html' ), + "SAML Authentication on idp, endpoint $urlidp" + ); my $pdataidp = expectCookie( $res, 'lemonldappdata' ); my ( $host, $tmp ); + # expectForm (result, host, uri, @requiredfield) ( $host, $tmp, $query ) = expectForm( $res, '#', undef, - ( 'url', 'timezone', 'skin', 'user', 'password' ) ); + ( 'url', 'timezone', 'skin', 'user', 'password' ) ); $query =~ s/user=/user=dwho/; $query =~ s/password=/password=dwho/; @@ -162,7 +162,6 @@ SKIP: { $pdataidp = expectCookie( $res, 'lemonldappdata' ); my $cookieidp = expectCookie( $res, 'lemonldap' ); - ( $host, $url, $query ) = expectForm( $res, 'auth.op.com', '/saml/proxySingleSignOnPost', 'SAMLResponse', 'RelayState' ); @@ -184,59 +183,70 @@ SKIP: { $pdataop = expectCookie( $res, 'lemonldappdata' ); my $cookieop = expectCookie( $res, 'lemonldap' ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.op.com(/oauth2)\?*(.*)$# ); - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/oauth2)\?*(.*)$# ); - - ok( $res = $op->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", - ), - 'Call OP from SAML SP' ); + ok( + $res = $op->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", + ), + 'Call OP from SAML SP' + ); $pdataop = expectCookie( $res, 'lemonldappdata' ); - # No consent here because we have disabled it (oidcRPMetaDataOptionsBypassConsent) +# No consent here because we have disabled it (oidcRPMetaDataOptionsBypassConsent) ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); - # Push OP response to RP switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); - my $cookierp = expectCookie($res, 'lemonldap'); + my $cookierp = expectCookie( $res, 'lemonldap' ); # Authentication done on RP + OP + IDP - # LOGOUT PROCESS ########################################################### - $url = '/'; + $url = '/'; $query = 'logout=1'; - ok( $res = $rp->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldap=$cookierp", - ), - 'Call logout from RP' ); + ok( + $res = $rp->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldap=$cookierp", + ), + 'Call logout from RP' + ); # lemonldap cookie set to "0" $cookierp = expectCookie( $res, 'lemonldap' ); ok( $cookierp eq "0", 'Test empty cookie on RP' ); # forward logout to OP - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); switch ('op'); - ok( $res = $op->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", - ), - 'Forward logout to OP' ); + ok( + $res = $op->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", + ), + 'Forward logout to OP' + ); # expectForm (result, host, uri, @requiredfield) ( $host, $tmp, $query ) = expectForm( $res, '#', undef, - ( 'post_logout_redirect_uri', 'confirm', 'skin' ) ); + ( 'post_logout_redirect_uri', 'confirm', 'skin' ) ); ok( $res = $op->_post( @@ -253,29 +263,39 @@ SKIP: { $cookieop = expectCookie( $res, 'lemonldap' ); ok( $cookieop eq "0", 'Test empty cookie on OP' ); - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.idp.com(/.*)\?(.*)$# ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.idp.com(/.*)\?(.*)$# ); switch ('idp'); - ok( $res = $idp->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldappdata=$pdataidp; lemonldap=$cookieidp", - ), - 'redirect to IdP' ); + ok( + $res = $idp->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldappdata=$pdataidp; lemonldap=$cookieidp", + ), + 'redirect to IdP' + ); # lemonldap cookie set to "0" $cookieidp = expectCookie( $res, 'lemonldap' ); ok( $cookieidp eq "0", 'Test empty cookie on IDP' ); - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); switch ('op'); - ok( $res = $op->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", - ), - 'redirect to OP' ); + ok( + $res = $op->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", + ), + 'redirect to OP' + ); expectOK($res); @@ -337,8 +357,8 @@ sub op { samlServicePublicKeyEnc => saml_key_sp_public_enc, samlServicePublicKeySig => saml_key_sp_public_sig, samlIDPSSODescriptorWantAuthnRequestsSigned => 1, - samlSPSSODescriptorWantAssertionsSigned => 1, - samlIDPMetaDataXML => { + samlSPSSODescriptorWantAssertionsSigned => 1, + samlIDPMetaDataXML => { 'idp' => { samlIDPMetaDataXML => samlIDPMetaDataXML( 'idp', 'HTTP-Redirect' ) @@ -346,36 +366,36 @@ sub op { }, samlIDPMetaDataOptions => { 'idp' => { - 'samlIDPMetaDataOptionsAdaptSessionUtime' => 0, - 'samlIDPMetaDataOptionsAllowLoginFromIDP' => 0, - 'samlIDPMetaDataOptionsAllowProxiedAuthn' => 0, - 'samlIDPMetaDataOptionsCheckAudience' => 1, + 'samlIDPMetaDataOptionsAdaptSessionUtime' => 0, + 'samlIDPMetaDataOptionsAllowLoginFromIDP' => 0, + 'samlIDPMetaDataOptionsAllowProxiedAuthn' => 0, + 'samlIDPMetaDataOptionsCheckAudience' => 1, 'samlIDPMetaDataOptionsCheckSLOMessageSignature' => 1, 'samlIDPMetaDataOptionsCheckSSOMessageSignature' => 1, - 'samlIDPMetaDataOptionsCheckTime' => 1, - 'samlIDPMetaDataOptionsDisplayName' => 'idp', - 'samlIDPMetaDataOptionsEncryptionMode' => 'none', - 'samlIDPMetaDataOptionsForceAuthn' => 0, - 'samlIDPMetaDataOptionsForceUTF8' => 0, - 'samlIDPMetaDataOptionsIcon' => '', - 'samlIDPMetaDataOptionsIsPassive' => 0, - 'samlIDPMetaDataOptionsNameIDFormat' => '', - 'samlIDPMetaDataOptionsRelayStateURL' => 0, + 'samlIDPMetaDataOptionsCheckTime' => 1, + 'samlIDPMetaDataOptionsDisplayName' => 'idp', + 'samlIDPMetaDataOptionsEncryptionMode' => 'none', + 'samlIDPMetaDataOptionsForceAuthn' => 0, + 'samlIDPMetaDataOptionsForceUTF8' => 0, + 'samlIDPMetaDataOptionsIcon' => '', + 'samlIDPMetaDataOptionsIsPassive' => 0, + 'samlIDPMetaDataOptionsNameIDFormat' => '', + 'samlIDPMetaDataOptionsRelayStateURL' => 0, 'samlIDPMetaDataOptionsRequestedAuthnContext' => '', - 'samlIDPMetaDataOptionsResolutionRule' => '', + 'samlIDPMetaDataOptionsResolutionRule' => '', 'samlIDPMetaDataOptionsSLOBinding' => 'http-redirect', 'samlIDPMetaDataOptionsSSOBinding' => 'http-redirect', - 'samlIDPMetaDataOptionsSignSLOMessage' => 1, - 'samlIDPMetaDataOptionsSignSSOMessage' => 1, + 'samlIDPMetaDataOptionsSignSLOMessage' => 1, + 'samlIDPMetaDataOptionsSignSSOMessage' => 1, 'samlIDPMetaDataOptionsSignatureMethod' => '', - 'samlIDPMetaDataOptionsStoreSAMLToken' => 0 + 'samlIDPMetaDataOptionsStoreSAMLToken' => 0 } }, samlIDPMetaDataExportedAttributes => { - 'idp' => { - 'cn' => '1;cn', - 'uid' => '1;uid' - } + 'idp' => { + 'cn' => '1;cn', + 'uid' => '1;uid' + } }, } } @@ -426,26 +446,27 @@ sub rp { sub idp { return LLNG::Manager::Test->new( { ini => { - logLevel => $debug, - domain => 'idp.com', - portal => 'http://auth.idp.com', - authentication => 'Demo', - userDB => 'Same', - issuerDBSAMLActivation => 1, - restSessionServer => 1, - samlSPMetaDataOptions => { + logLevel => $debug, + domain => 'idp.com', + portal => 'http://auth.idp.com', + authentication => 'Demo', + userDB => 'Same', + issuerDBSAMLActivation => 1, + restSessionServer => 1, + samlSPMetaDataOptions => { sp => { 'samlSPMetaDataOptionsCheckSLOMessageSignature' => 1, 'samlSPMetaDataOptionsCheckSSOMessageSignature' => 1, - 'samlSPMetaDataOptionsEnableIDPInitiatedURL' => 0, - 'samlSPMetaDataOptionsEncryptionMode' => 'none', - 'samlSPMetaDataOptionsForceUTF8' => 1, - 'samlSPMetaDataOptionsNameIDFormat' => '', + 'samlSPMetaDataOptionsEnableIDPInitiatedURL' => 0, + 'samlSPMetaDataOptionsEncryptionMode' => 'none', + 'samlSPMetaDataOptionsForceUTF8' => 1, + 'samlSPMetaDataOptionsNameIDFormat' => '', 'samlSPMetaDataOptionsNotOnOrAfterTimeout' => 72000, - 'samlSPMetaDataOptionsOneTimeUse' => 0, - 'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => 72000, - 'samlSPMetaDataOptionsSignSLOMessage' => -1, - 'samlSPMetaDataOptionsSignSSOMessage' => 1, + 'samlSPMetaDataOptionsOneTimeUse' => 0, + 'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => + 72000, + 'samlSPMetaDataOptionsSignSLOMessage' => -1, + 'samlSPMetaDataOptionsSignSSOMessage' => 1, 'samlSPMetaDataOptionsSignatureMethod' => '' } }, @@ -453,15 +474,15 @@ sub idp { sp => { samlSPMetaDataXML => samlSPMetaDataXML( 'op', 'HTTP-Redirect' ), - 'samlSPSSODescriptorAuthnRequestsSigned' => 1, + 'samlSPSSODescriptorAuthnRequestsSigned' => 1, 'samlSPSSODescriptorWantAssertionsSigned' => 1, } }, samlSPMetaDataExportedAttributes => { - 'sp' => { - 'cn' => '1;cn', - 'uid' => '1;uid' - } + 'sp' => { + 'cn' => '1;cn', + 'uid' => '1;uid' + } }, samlOrganizationDisplayName => "IDP", samlOrganizationName => "IDP", diff --git a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t index 1f2327f2c..6ca0ebf51 100644 --- a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t +++ b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t @@ -6,11 +6,10 @@ use LWP::UserAgent; use LWP::Protocol::PSGI; use MIME::Base64; - # ------------ --------------------------- ---------------- # | OIDC RP | <-> | OIDC provider + SAML SP | <-> | SAML IdP | # ------------ --------------------------- ---------------- -# +# # Use case: # - login from RP up to SAML IdP # - logout asked from RP, and propagated up to SAML IdP @@ -24,6 +23,7 @@ BEGIN { my $maintests = 17; my $debug = 'error'; + #my $debug = 'error'; my ( $op, $rp, $idp, $res ); @@ -31,7 +31,8 @@ my ( $op, $rp, $idp, $res ); LWP::Protocol::PSGI->register( sub { my $req = Plack::Request->new(@_); - ok( $req->uri =~ m#http://auth.((?:op|rp|idp)).com(.*)#, ' REST request' ); + ok( $req->uri =~ m#http://auth.((?:op|rp|idp)).com(.*)#, + ' REST request' ); my $host = $1; my $url = $2; my ( $res, $client ); @@ -75,16 +76,18 @@ LWP::Protocol::PSGI->register( ); } ok( $res->[0] == 200, ' Response is 200' ); - ok( getHeader( $res, 'Content-Type' ) =~ m#^(application/json|text/xml)#, - ' Content is JSON|XML' ) - or explain( $res->[1], 'Content-Type => (application/json|text/xml)' ); + ok( + getHeader( $res, 'Content-Type' ) =~ + m#^(application/json|text/xml)#, + ' Content is JSON|XML' + ) + or + explain( $res->[1], 'Content-Type => (application/json|text/xml)' ); count(4); return $res; } ); - - SKIP: { eval "use Lasso"; if ($@) { @@ -112,7 +115,6 @@ SKIP: { $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); - # LOGIN PROCESS ############################################################ # Query RP for auth @@ -137,14 +139,16 @@ SKIP: { # Try to authenticate to IdP ok( - $res = $idp->_get( $urlidp, query => $queryidp, accept => 'text/html'), - "SAML Authentication on idp, endpoint $urlidp" ); + $res = $idp->_get( $urlidp, query => $queryidp, accept => 'text/html' ), + "SAML Authentication on idp, endpoint $urlidp" + ); my $pdataidp = expectCookie( $res, 'lemonldappdata' ); my ( $host, $tmp ); + # expectForm (result, host, uri, @requiredfield) ( $host, $tmp, $query ) = expectForm( $res, '#', undef, - ( 'url', 'timezone', 'skin', 'user', 'password' ) ); + ( 'url', 'timezone', 'skin', 'user', 'password' ) ); $query =~ s/user=/user=dwho/; $query =~ s/password=/password=dwho/; @@ -162,7 +166,6 @@ SKIP: { $pdataidp = expectCookie( $res, 'lemonldappdata' ); my $cookieidp = expectCookie( $res, 'lemonldap' ); - ( $host, $url, $query ) = expectForm( $res, 'auth.op.com', '/saml/proxySingleSignOnPost', 'SAMLResponse', 'RelayState' ); @@ -184,59 +187,70 @@ SKIP: { $pdataop = expectCookie( $res, 'lemonldappdata' ); my $cookieop = expectCookie( $res, 'lemonldap' ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.op.com(/oauth2)\?*(.*)$# ); - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/oauth2)\?*(.*)$# ); - - ok( $res = $op->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", - ), - 'Call OP from SAML SP' ); + ok( + $res = $op->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", + ), + 'Call OP from SAML SP' + ); $pdataop = expectCookie( $res, 'lemonldappdata' ); - # No consent here because we have disabled it (oidcRPMetaDataOptionsBypassConsent) +# No consent here because we have disabled it (oidcRPMetaDataOptionsBypassConsent) ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); - # Push OP response to RP switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); - my $cookierp = expectCookie($res, 'lemonldap'); + my $cookierp = expectCookie( $res, 'lemonldap' ); # Authentication done on RP + OP + IDP - # LOGOUT PROCESS ########################################################### - $url = '/'; + $url = '/'; $query = 'logout=1'; - ok( $res = $rp->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldap=$cookierp", - ), - 'Call logout from RP' ); + ok( + $res = $rp->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldap=$cookierp", + ), + 'Call logout from RP' + ); # lemonldap cookie set to "0" $cookierp = expectCookie( $res, 'lemonldap' ); ok( $cookierp eq "0", 'Test empty cookie on RP' ); # forward logout to OP - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); switch ('op'); - ok( $res = $op->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", - ), - 'Forward logout to OP' ); + ok( + $res = $op->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldappdata=$pdataop; lemonldap=$cookieop", + ), + 'Forward logout to OP' + ); # expectForm (result, host, uri, @requiredfield) ( $host, $tmp, $query ) = expectForm( $res, '#', undef, - ( 'post_logout_redirect_uri', 'confirm', 'skin' ) ); + ( 'post_logout_redirect_uri', 'confirm', 'skin' ) ); ok( $res = $op->_post( @@ -253,28 +267,38 @@ SKIP: { $cookieop = expectCookie( $res, 'lemonldap' ); ok( $cookieop eq "0", 'Test empty cookie on OP' ); - ( $url, $query ) = expectRedirection( $res, qr#^http://auth.rp.com(/?.*)\?(.*)$# ); + ( $url, $query ) = + expectRedirection( $res, qr#^http://auth.rp.com(/?.*)\?(.*)$# ); switch ('rp'); - ok( $res = $rp->_get( $url, query => $query, - accept => 'text/html', - cookie => "lemonldap=$cookierp", - ), - 'redirect to RP' ); + ok( + $res = $rp->_get( + $url, + query => $query, + accept => 'text/html', + cookie => "lemonldap=$cookierp", + ), + 'redirect to RP' + ); expectOK($res); # test connexion on IDP - switch('idp'); - ok( $res = $idp->_get( '/', query => '', - accept => 'text/html', - cookie => "lemonldap=$cookieidp", - ), - 'Test if still logged on IDP' ); + switch ('idp'); + ok( + $res = $idp->_get( + '/', + query => '', + accept => 'text/html', + cookie => "lemonldap=$cookieidp", + ), + 'Test if still logged on IDP' + ); - like( $res->[2]->[0], qr/userfield/, - 'test presence of user field in form (prove successful logout)' ); + like( $res->[2]->[0], + qr/userfield/, + 'test presence of user field in form (prove successful logout)' ); } @@ -310,8 +334,9 @@ sub op { oidcRPMetaDataOptionsBypassConsent => 1, oidcRPMetaDataOptionsClientSecret => "rpsecret", oidcRPMetaDataOptionsUserIDAttr => "", - oidcRPMetaDataOptionsAccessTokenExpiration => 3600, - oidcRPMetaDataOptionsPostLogoutRedirectUris => 'http://auth.rp.com?logout=1', + oidcRPMetaDataOptionsAccessTokenExpiration => 3600, + oidcRPMetaDataOptionsPostLogoutRedirectUris => + 'http://auth.rp.com?logout=1', } }, oidcOPMetaDataOptions => {}, @@ -335,45 +360,46 @@ sub op { samlServicePublicKeyEnc => saml_key_sp_public_enc, samlServicePublicKeySig => saml_key_sp_public_sig, samlIDPSSODescriptorWantAuthnRequestsSigned => 1, - samlSPSSODescriptorWantAssertionsSigned => 1, - samlIDPMetaDataXML => { + samlSPSSODescriptorWantAssertionsSigned => 1, + samlIDPMetaDataXML => { 'idp' => { - samlIDPMetaDataXML => - samlIDPComplexMetaDataXML( 'idp', 'HTTP-Redirect', 'SOAP' ) + samlIDPMetaDataXML => samlIDPComplexMetaDataXML( + 'idp', 'HTTP-Redirect', 'SOAP' + ) }, }, samlIDPMetaDataOptions => { 'idp' => { - 'samlIDPMetaDataOptionsAdaptSessionUtime' => 0, - 'samlIDPMetaDataOptionsAllowLoginFromIDP' => 0, - 'samlIDPMetaDataOptionsAllowProxiedAuthn' => 0, - 'samlIDPMetaDataOptionsCheckAudience' => 1, + 'samlIDPMetaDataOptionsAdaptSessionUtime' => 0, + 'samlIDPMetaDataOptionsAllowLoginFromIDP' => 0, + 'samlIDPMetaDataOptionsAllowProxiedAuthn' => 0, + 'samlIDPMetaDataOptionsCheckAudience' => 1, 'samlIDPMetaDataOptionsCheckSLOMessageSignature' => 1, 'samlIDPMetaDataOptionsCheckSSOMessageSignature' => 1, - 'samlIDPMetaDataOptionsCheckTime' => 1, - 'samlIDPMetaDataOptionsDisplayName' => 'idp', - 'samlIDPMetaDataOptionsEncryptionMode' => 'none', - 'samlIDPMetaDataOptionsForceAuthn' => 0, - 'samlIDPMetaDataOptionsForceUTF8' => 0, - 'samlIDPMetaDataOptionsIcon' => '', - 'samlIDPMetaDataOptionsIsPassive' => 0, - 'samlIDPMetaDataOptionsNameIDFormat' => '', - 'samlIDPMetaDataOptionsRelayStateURL' => 0, + 'samlIDPMetaDataOptionsCheckTime' => 1, + 'samlIDPMetaDataOptionsDisplayName' => 'idp', + 'samlIDPMetaDataOptionsEncryptionMode' => 'none', + 'samlIDPMetaDataOptionsForceAuthn' => 0, + 'samlIDPMetaDataOptionsForceUTF8' => 0, + 'samlIDPMetaDataOptionsIcon' => '', + 'samlIDPMetaDataOptionsIsPassive' => 0, + 'samlIDPMetaDataOptionsNameIDFormat' => '', + 'samlIDPMetaDataOptionsRelayStateURL' => 0, 'samlIDPMetaDataOptionsRequestedAuthnContext' => '', - 'samlIDPMetaDataOptionsResolutionRule' => '', + 'samlIDPMetaDataOptionsResolutionRule' => '', 'samlIDPMetaDataOptionsSLOBinding' => 'http-soap', 'samlIDPMetaDataOptionsSSOBinding' => 'http-redirect', - 'samlIDPMetaDataOptionsSignSLOMessage' => 1, - 'samlIDPMetaDataOptionsSignSSOMessage' => 1, + 'samlIDPMetaDataOptionsSignSLOMessage' => 1, + 'samlIDPMetaDataOptionsSignSSOMessage' => 1, 'samlIDPMetaDataOptionsSignatureMethod' => '', - 'samlIDPMetaDataOptionsStoreSAMLToken' => 0 + 'samlIDPMetaDataOptionsStoreSAMLToken' => 0 } }, samlIDPMetaDataExportedAttributes => { - 'idp' => { - 'cn' => '1;cn', - 'uid' => '1;uid' - } + 'idp' => { + 'cn' => '1;cn', + 'uid' => '1;uid' + } }, } } @@ -424,42 +450,44 @@ sub rp { sub idp { return LLNG::Manager::Test->new( { ini => { - logLevel => $debug, - domain => 'idp.com', - portal => 'http://auth.idp.com', - authentication => 'Demo', - userDB => 'Same', - issuerDBSAMLActivation => 1, - restSessionServer => 1, - samlSPMetaDataOptions => { + logLevel => $debug, + domain => 'idp.com', + portal => 'http://auth.idp.com', + authentication => 'Demo', + userDB => 'Same', + issuerDBSAMLActivation => 1, + restSessionServer => 1, + samlSPMetaDataOptions => { sp => { 'samlSPMetaDataOptionsCheckSLOMessageSignature' => 1, 'samlSPMetaDataOptionsCheckSSOMessageSignature' => 1, - 'samlSPMetaDataOptionsEnableIDPInitiatedURL' => 0, - 'samlSPMetaDataOptionsEncryptionMode' => 'none', - 'samlSPMetaDataOptionsForceUTF8' => 1, - 'samlSPMetaDataOptionsNameIDFormat' => '', + 'samlSPMetaDataOptionsEnableIDPInitiatedURL' => 0, + 'samlSPMetaDataOptionsEncryptionMode' => 'none', + 'samlSPMetaDataOptionsForceUTF8' => 1, + 'samlSPMetaDataOptionsNameIDFormat' => '', 'samlSPMetaDataOptionsNotOnOrAfterTimeout' => 72000, - 'samlSPMetaDataOptionsOneTimeUse' => 0, - 'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => 72000, - 'samlSPMetaDataOptionsSignSLOMessage' => -1, - 'samlSPMetaDataOptionsSignSSOMessage' => 1, + 'samlSPMetaDataOptionsOneTimeUse' => 0, + 'samlSPMetaDataOptionsSessionNotOnOrAfterTimeout' => + 72000, + 'samlSPMetaDataOptionsSignSLOMessage' => -1, + 'samlSPMetaDataOptionsSignSSOMessage' => 1, 'samlSPMetaDataOptionsSignatureMethod' => '' } }, samlSPMetaDataXML => { sp => { - samlSPMetaDataXML => - samlSPComplexMetaDataXML( 'op', 'HTTP-Redirect', 'SOAP' ), - 'samlSPSSODescriptorAuthnRequestsSigned' => 1, + samlSPMetaDataXML => samlSPComplexMetaDataXML( + 'op', 'HTTP-Redirect', 'SOAP' + ), + 'samlSPSSODescriptorAuthnRequestsSigned' => 1, 'samlSPSSODescriptorWantAssertionsSigned' => 1, } }, samlSPMetaDataExportedAttributes => { - 'sp' => { - 'cn' => '1;cn', - 'uid' => '1;uid' - } + 'sp' => { + 'cn' => '1;cn', + 'uid' => '1;uid' + } }, samlOrganizationDisplayName => "IDP", samlOrganizationName => "IDP", diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t index 4265838be..9e524d10a 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t @@ -474,9 +474,9 @@ sub rp { oidcOPMetaDataOptionsJWKSTimeout => 0, oidcOPMetaDataOptionsClientSecret => "rpsecret", oidcOPMetaDataOptionsScope => "openid profile email", - oidcOPMetaDataOptionsStoreIDToken => 0, - oidcOPMetaDataOptionsDisplay => "", - oidcOPMetaDataOptionsClientID => "rpid", + oidcOPMetaDataOptionsStoreIDToken => 0, + oidcOPMetaDataOptionsDisplay => "", + oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.sp.com/.well-known/openid-configuration" } diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t index 97f1cab16..3f464cd8f 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t @@ -431,9 +431,9 @@ sub rp { oidcOPMetaDataOptionsJWKSTimeout => 0, oidcOPMetaDataOptionsClientSecret => "rpsecret", oidcOPMetaDataOptionsScope => "openid profile email", - oidcOPMetaDataOptionsStoreIDToken => 0, - oidcOPMetaDataOptionsDisplay => "", - oidcOPMetaDataOptionsClientID => "rpid", + oidcOPMetaDataOptionsStoreIDToken => 0, + oidcOPMetaDataOptionsDisplay => "", + oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.sp.com/.well-known/openid-configuration" } diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t index d234170b9..4a671c9c8 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t @@ -433,9 +433,9 @@ sub rp { oidcOPMetaDataOptionsJWKSTimeout => 0, oidcOPMetaDataOptionsClientSecret => "rpsecret", oidcOPMetaDataOptionsScope => "openid profile email", - oidcOPMetaDataOptionsStoreIDToken => 0, - oidcOPMetaDataOptionsDisplay => "", - oidcOPMetaDataOptionsClientID => "rpid", + oidcOPMetaDataOptionsStoreIDToken => 0, + oidcOPMetaDataOptionsDisplay => "", + oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.sp.com/.well-known/openid-configuration" } diff --git a/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t b/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t index 0fe9a9530..69e9af72a 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t @@ -330,9 +330,9 @@ sub proxy { oidcOPMetaDataOptionsJWKSTimeout => 0, oidcOPMetaDataOptionsClientSecret => "rpsecret", oidcOPMetaDataOptionsScope => "openid profile email", - oidcOPMetaDataOptionsStoreIDToken => 0, - oidcOPMetaDataOptionsDisplay => "", - oidcOPMetaDataOptionsClientID => "rpid", + oidcOPMetaDataOptionsStoreIDToken => 0, + oidcOPMetaDataOptionsDisplay => "", + oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.proxy.com/.well-known/openid-configuration" } diff --git a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t index b2987d41e..bd169b0f6 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t @@ -329,9 +329,9 @@ sub proxy { oidcOPMetaDataOptionsJWKSTimeout => 0, oidcOPMetaDataOptionsClientSecret => "rpsecret", oidcOPMetaDataOptionsScope => "openid profile email", - oidcOPMetaDataOptionsStoreIDToken => 0, - oidcOPMetaDataOptionsDisplay => "", - oidcOPMetaDataOptionsClientID => "rpid", + oidcOPMetaDataOptionsStoreIDToken => 0, + oidcOPMetaDataOptionsDisplay => "", + oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.proxy.com/.well-known/openid-configuration" } diff --git a/lemonldap-ng-portal/t/40-Notifications-JSON-LDAP.t b/lemonldap-ng-portal/t/40-Notifications-JSON-LDAP.t index 5773d76b6..de1b98603 100644 --- a/lemonldap-ng-portal/t/40-Notifications-JSON-LDAP.t +++ b/lemonldap-ng-portal/t/40-Notifications-JSON-LDAP.t @@ -15,7 +15,7 @@ my $ldapBindDN = 'cn=admin,dc=example,dc=com'; my $ldapBindPassword = 'admin'; my $ldapConfBase = 'ou=notifications,dc=example,dc=com'; my $notificationStorageOptions = { - conf => {}, + conf => {}, logger => Lemonldap::NG::Common::Logger::Std->new( { logLevel => $logLevel } ), userLogger => diff --git a/lemonldap-ng-portal/t/40-Notifications-JSON-Server.t b/lemonldap-ng-portal/t/40-Notifications-JSON-Server.t index 01fac1b97..538b955f4 100644 --- a/lemonldap-ng-portal/t/40-Notifications-JSON-Server.t +++ b/lemonldap-ng-portal/t/40-Notifications-JSON-Server.t @@ -98,8 +98,7 @@ my $notifs = q%[{ my $content = '{"uid":"dwho"}'; -my $client = LLNG::Manager::Test->new( - { +my $client = LLNG::Manager::Test->new( { ini => { logLevel => 'error', useSafeJail => 1, @@ -374,10 +373,11 @@ ok( ) or print STDERR Dumper( $res->[2]->[0] ); ok( $res->[2]->[0] =~ - m%%, +m%%, 'Checkbox is displayed' ) or print STDERR Dumper( $res->[2]->[0] ); -my @c = ( $res->[2]->[0] =~ m%[2]->[0] =~ m% One checkbox found' ) @@ -418,13 +418,13 @@ expectForm( $res, undef, '/notifback', 'reference1x1' ); ok( $res->[2]->[0] =~ - m%% +m%% and m%%, 'Checkbox is displayed' ) or print STDERR Dumper( $res->[2]->[0] ); ok( $res->[2]->[0] =~ - m%% +m%% and m%%, 'Checkbox is displayed' ) or print STDERR Dumper( $res->[2]->[0] ); diff --git a/lemonldap-ng-portal/t/41-Captcha.t b/lemonldap-ng-portal/t/41-Captcha.t index e51b6e6c0..e16962490 100644 --- a/lemonldap-ng-portal/t/41-Captcha.t +++ b/lemonldap-ng-portal/t/41-Captcha.t @@ -52,11 +52,8 @@ SKIP: { ok( $res = $client->_get( '/', accept => 'text/html' ), 'Unauth request' ); my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'token' ); - ok( - $res->[2]->[0] =~ -m%]*name="password"%, - 'Password: Found text input' - ); + ok( $res->[2]->[0] =~ m%]*name="password"%, + 'Password: Found text input' ); $query =~ s/.*\btoken=([^&]+).*/token=$1/; my $token; diff --git a/lemonldap-ng-portal/t/41-Token.t b/lemonldap-ng-portal/t/41-Token.t index 8e693f3f9..d068029cd 100644 --- a/lemonldap-ng-portal/t/41-Token.t +++ b/lemonldap-ng-portal/t/41-Token.t @@ -23,11 +23,8 @@ ok( $res = $client->_get( '/', accept => 'text/html' ), 'Unauth request' ); count(1); my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'token' ); -ok( - $res->[2]->[0] =~ -m%]*name="password"%, - 'Password: Found password input' -); +ok( $res->[2]->[0] =~ m%]*name="password"%, + 'Password: Found password input' ); count(1); $query =~ s/.*\b(token=[^&]+).*/$1/; diff --git a/lemonldap-ng-portal/t/42-Register-Custom.t b/lemonldap-ng-portal/t/42-Register-Custom.t index 7871f4eca..0ceceb57a 100644 --- a/lemonldap-ng-portal/t/42-Register-Custom.t +++ b/lemonldap-ng-portal/t/42-Register-Custom.t @@ -63,7 +63,7 @@ SKIP: { or explain( $mail, 'Confirm body' ); $query = $1; ok( $query =~ /register_token=/, 'Found register_token' ); - ok( $mail =~ /Fôo/, 'UTF-8 works' ) or explain( $mail, 'Fôo' ); + ok( $mail =~ /Fôo/, 'UTF-8 works' ) or explain( $mail, 'Fôo' ); ok( $res = diff --git a/lemonldap-ng-portal/t/42-Register-Demo-with-CustomBody.t b/lemonldap-ng-portal/t/42-Register-Demo-with-CustomBody.t index 939c4cda8..4bbd907b7 100644 --- a/lemonldap-ng-portal/t/42-Register-Demo-with-CustomBody.t +++ b/lemonldap-ng-portal/t/42-Register-Demo-with-CustomBody.t @@ -28,11 +28,11 @@ SKIP: { registerDB => 'Demo', registerTimeout => '600', registerConfirmSubject => 'Registration demonstration', - registerConfirmBody => + registerConfirmBody => 'Hello $firstname $lastname, follows this link to register your account $url Expired time: $expMailDate $expMailTime', registerDoneSubject => 'Registration successful', - registerDoneBody => + registerDoneBody => 'Congratulations! Your account has been succesfully created with $mail from [$ipAddr]... Login=$login & Password=$password - Thanks to LemonLDAP::NG team. Go to Portal $url', diff --git a/lemonldap-ng-portal/t/42-Register-Demo-with-token.t b/lemonldap-ng-portal/t/42-Register-Demo-with-token.t index 18501e192..8c539ee25 100644 --- a/lemonldap-ng-portal/t/42-Register-Demo-with-token.t +++ b/lemonldap-ng-portal/t/42-Register-Demo-with-token.t @@ -25,7 +25,7 @@ SKIP: { portalDisplayRegister => 1, registerDB => 'Demo', captcha_register_enabled => 0, - requireToken => + requireToken => '!$env->{ipAddr} || $env->{ipAddr} ne "127.1.1.1"', } } diff --git a/lemonldap-ng-portal/t/42-Register-Demo.t b/lemonldap-ng-portal/t/42-Register-Demo.t index 3102b927b..58b6ea9e4 100644 --- a/lemonldap-ng-portal/t/42-Register-Demo.t +++ b/lemonldap-ng-portal/t/42-Register-Demo.t @@ -53,15 +53,16 @@ SKIP: { ); expectOK($res); - $mail = mail(); + $mail = mail(); $subject = subject(); ok( $subject eq 'Demonstration', 'Found subject' ) or explain( $subject, 'Custom subject' ); ok( $mail =~ m#a href="http://auth.example.com/register\?(.+?)"#, - 'Found register token' ) or explain( $mail, 'Confirm body' ); + 'Found register token' ) + or explain( $mail, 'Confirm body' ); $query = $1; ok( $query =~ /register_token=/, 'Found register_token' ); - ok( $mail =~ /Fôo/, 'UTF-8 works' ) or explain( $mail, 'Fôo' ); + ok( $mail =~ /Fôo/, 'UTF-8 works' ) or explain( $mail, 'Fôo' ); ok( $res = @@ -70,7 +71,7 @@ SKIP: { ); expectOK($res); - $mail = mail(); + $mail = mail(); $subject = subject(); ok( $subject eq '[LemonLDAP::NG] Your new account', 'Found subject' ) or explain( $subject, 'Default subject' ); @@ -97,4 +98,4 @@ count($maintests); clean_sessions(); -done_testing( count() ); \ No newline at end of file +done_testing( count() ); diff --git a/lemonldap-ng-portal/t/42-Register-LDAP.t b/lemonldap-ng-portal/t/42-Register-LDAP.t index 8d8d5f296..4e04bc4d3 100644 --- a/lemonldap-ng-portal/t/42-Register-LDAP.t +++ b/lemonldap-ng-portal/t/42-Register-LDAP.t @@ -64,7 +64,7 @@ SKIP: { 'Found register token' ); $query = $1; ok( $query =~ /register_token=/, 'Found register_token' ); - ok( $mail =~ /fôo/, 'UTF-8 works' ) or explain( $mail, 'fôo' ); + ok( $mail =~ /fôo/, 'UTF-8 works' ) or explain( $mail, 'fôo' ); ok( $res = diff --git a/lemonldap-ng-portal/t/44-CertificateResetByMail-Demo.t b/lemonldap-ng-portal/t/44-CertificateResetByMail-Demo.t index 468d21cb7..457b53ecc 100644 --- a/lemonldap-ng-portal/t/44-CertificateResetByMail-Demo.t +++ b/lemonldap-ng-portal/t/44-CertificateResetByMail-Demo.t @@ -41,8 +41,8 @@ use DateTime::Format::RFC3339;'; customRegister => '::Register::Demo', customResetCertByMail => '::CertificateResetByMail::Demo', captcha_mail_enabled => 0, - portalDisplayCertificateResetByMail => 1, - certificateResetByMailCeaAttribute => 'description', + portalDisplayCertificateResetByMail => 1, + certificateResetByMailCeaAttribute => 'description', certificateResetByMailCertificateAttribute => 'userCertificate;binary', certificateValidityDelay => 30 @@ -125,7 +125,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU }, 'Hash::MultiValue' ), - 'PATH_INFO' => '/certificateReset', + 'PATH_INFO' => '/certificateReset', 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3', 'REQUEST_METHOD' => 'POST', @@ -147,7 +147,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU 'SERVER_SIGNATURE' => '', 'psgix.input.buffered' => 1, 'HTTP_UPGRADE_INSECURE_REQUESTS' => '1', - 'CONTENT_TYPE' => + 'CONTENT_TYPE' => 'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr', 'plack.request.upload' => bless( { 'certif' => bless( { @@ -266,7 +266,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU }, 'Hash::MultiValue' ), - 'PATH_INFO' => '/certificateReset', + 'PATH_INFO' => '/certificateReset', 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3', 'REQUEST_METHOD' => 'POST', @@ -288,7 +288,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU 'SERVER_SIGNATURE' => '', 'psgix.input.buffered' => 1, 'HTTP_UPGRADE_INSECURE_REQUESTS' => '1', - 'CONTENT_TYPE' => + 'CONTENT_TYPE' => 'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr', 'plack.request.upload' => bless( { 'certif' => bless( { @@ -348,8 +348,8 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU } ); - my $trmsg = $res->[2]->[0]; # get html response - my @trmsg = split( /\n/, $trmsg ); # split into lines + my $trmsg = $res->[2]->[0]; # get html response + my @trmsg = split( /\n/, $trmsg ); # split into lines @trmsg = grep( /trmsg="/, @trmsg ); # only get line corresponding to message $trmsg = $trmsg[0]; # get the first one only $trmsg =~ s/.*trmsg="([0-9]+)".*/$1/g; # get error code number diff --git a/lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t b/lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t index f3e0fc533..44d186ea6 100644 --- a/lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t +++ b/lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t @@ -46,8 +46,8 @@ use DateTime::Format::RFC3339;'; managerDn => 'cn=admin,dc=example,dc=com', managerPassword => 'admin', captcha_mail_enabled => 0, - portalDisplayCertificateResetByMail => 1, - certificateResetByMailCeaAttribute => 'description', + portalDisplayCertificateResetByMail => 1, + certificateResetByMailCeaAttribute => 'description', certificateResetByMailCertificateAttribute => 'userCertificate;binary', certificateResetByMailStep1Body => @@ -134,7 +134,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU }, 'Hash::MultiValue' ), - 'PATH_INFO' => '/certificateReset', + 'PATH_INFO' => '/certificateReset', 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3', 'REQUEST_METHOD' => 'POST', @@ -156,7 +156,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU 'SERVER_SIGNATURE' => '', 'psgix.input.buffered' => 1, 'HTTP_UPGRADE_INSECURE_REQUESTS' => '1', - 'CONTENT_TYPE' => + 'CONTENT_TYPE' => 'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr', 'plack.request.upload' => bless( { 'certif' => bless( { @@ -275,7 +275,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU }, 'Hash::MultiValue' ), - 'PATH_INFO' => '/certificateReset', + 'PATH_INFO' => '/certificateReset', 'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3', 'REQUEST_METHOD' => 'POST', @@ -297,7 +297,7 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU 'SERVER_SIGNATURE' => '', 'psgix.input.buffered' => 1, 'HTTP_UPGRADE_INSECURE_REQUESTS' => '1', - 'CONTENT_TYPE' => + 'CONTENT_TYPE' => 'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr', 'plack.request.upload' => bless( { 'certif' => bless( { @@ -357,8 +357,8 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU } ); - my $trmsg = $res->[2]->[0]; # get html response - my @trmsg = split( /\n/, $trmsg ); # split into lines + my $trmsg = $res->[2]->[0]; # get html response + my @trmsg = split( /\n/, $trmsg ); # split into lines @trmsg = grep( /trmsg="/, @trmsg ); # only get line corresponding to message $trmsg = $trmsg[0]; # get the first one only $trmsg =~ s/.*trmsg="([0-9]+)".*/$1/g; # get error code number diff --git a/lemonldap-ng-portal/t/56-CheckDevOps.t b/lemonldap-ng-portal/t/56-CheckDevOps.t index 9d0524170..18a42209b 100644 --- a/lemonldap-ng-portal/t/56-CheckDevOps.t +++ b/lemonldap-ng-portal/t/56-CheckDevOps.t @@ -71,7 +71,7 @@ my $client = LLNG::Manager::Test->new( { checkDevOpsDownload => 0, checkDevOpsDisplayNormalizedHeaders => 0, hiddenAttributes => 'mail, UA', - ldapExportedVars => { ldapExpVar => ''} + ldapExportedVars => { ldapExpVar => '' } } } ); @@ -212,7 +212,8 @@ ok( $res->[2]->[0] =~ m%%, ok( $res->[2]->[0] =~ m%%, 'Found unknownAttributes' ) or explain( $res->[2]->[0], 'trspan="unknownAttributes"' ); -ok( $res->[2]->[0] =~ m%dalek; none; other; test%, 'Found 4 unknown attributes' ) +ok( $res->[2]->[0] =~ m%dalek; none; other; test%, + 'Found 4 unknown attributes' ) or explain( $res->[2]->[0], 'Unknown attributes' ); count(4); diff --git a/lemonldap-ng-portal/t/57-LogoutForward2153.t b/lemonldap-ng-portal/t/57-LogoutForward2153.t index 98d283bed..45a238c3b 100644 --- a/lemonldap-ng-portal/t/57-LogoutForward2153.t +++ b/lemonldap-ng-portal/t/57-LogoutForward2153.t @@ -18,19 +18,20 @@ my $client = LLNG::Manager::Test->new( { bruteForceProtection => 0, requireToken => 0, restSessionServer => 1, - logoutServices => { 'mytest' => 'http://test1.example.com/logout.html' }, # page that does not exist + logoutServices => + { 'mytest' => 'http://test1.example.com/logout.html' } + , # page that does not exist locationRules => { - 'test1.example.com' => { - '(?#logout)^/logout.html' => 'unprotect', - 'default' => 'accept' - }, - }, - logger => 'Lemonldap::NG::Common::Logger::Std', + 'test1.example.com' => { + '(?#logout)^/logout.html' => 'unprotect', + 'default' => 'accept' + }, + }, + logger => 'Lemonldap::NG::Common::Logger::Std', } } ); - # Handler part use_ok('Lemonldap::NG::Handler::Server'); use_ok('Lemonldap::NG::Common::PSGI::Cli::Lib'); @@ -40,7 +41,6 @@ my ( $cli, $app ); ok( $app = Lemonldap::NG::Handler::Server->run( $client->ini ), 'App' ); count(1); - ## First successful connection for 'dwho' ok( $res = $client->_post( @@ -52,7 +52,7 @@ ok( '1st "dwho" Auth query' ); count(1); -my $cookie = expectCookie($res, 'lemonldap'); +my $cookie = expectCookie( $res, 'lemonldap' ); expectRedirection( $res, 'http://auth.example.com/' ); @@ -68,7 +68,6 @@ ok( ); count(1); - ok( $res->[2]->[0] =~ m%

logoutFromOtherApp

%, @@ -76,7 +75,7 @@ ok( ) or explain( $res->[2]->[0], "PE_LOGOUT_OK" ); count(1); -$cookie = expectCookie($res, 'lemonldap'); +$cookie = expectCookie( $res, 'lemonldap' ); ok( $cookie eq "0", 'Test empty cookie sent at logout' ); count(1); @@ -84,12 +83,12 @@ count(1); my $cookies = getCookies($res); my $id; ok( - ! defined( $id = $cookies->{'lemonldappdata'} ), - " Verify absence of cookie lemonldappdata" -) or explain( 'Get lemonldappdata cookie' ); + !defined( $id = $cookies->{'lemonldappdata'} ), + " Verify absence of cookie lemonldappdata" +) or explain('Get lemonldappdata cookie'); count(1); -my ($logouturl) = grep(/iframe/, split("\n", $res->[2]->[0])); +my ($logouturl) = grep( /iframe/, split( "\n", $res->[2]->[0] ) ); $logouturl =~ s/.*