dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tidy + typo

This commit is contained in:
Xavier 2019-09-18 21:49:51 +02:00
parent fedea4abbd
commit cccd025dfc
5 changed files with 143 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/StatusConstants.pm
View File

@ -98,7 +98,7 @@ sub portalConsts {
'92' => 'PE_GET_SERVICE_NOT_ALLOWED',
'93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
'94' => 'PE_ISSUERMISSINGREQATTR',
'95' => 'PE_RESETCERTIFICATE_INVALIDE',
'95' => 'PE_RESETCERTIFICATE_INVALID',
'96' => 'PE_RESETCERTIFICATE_FOREMPTY',
'97' => 'PE_RESETCERTIFICATE_FIRSTACCESS'
};

2
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Build/PortalConstants.pm
View File

@ -102,7 +102,7 @@ sub portalConstants {
PE_GET_SERVICE_NOT_ALLOWED => 92,
PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
PE_ISSUERMISSINGREQATTR => 94,
PE_RESETCERTIFICATE_INVALIDE => 95,
PE_RESETCERTIFICATE_INVALID => 95,
PE_RESETCERTIFICATE_FOREMPTY => 96,
PE_RESETCERTIFICATE_FIRSTACCESS => 97,
};

6
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Constants.pm
View File

@ -98,7 +98,7 @@ use constant {
PE_GET_SERVICE_NOT_ALLOWED => 92,
PE_IMPERSONATION_SERVICE_NOT_ALLOWED => 93,
PE_ISSUERMISSINGREQATTR => 94,
PE_RESETCERTIFICATE_INVALIDE => 95,
PE_RESETCERTIFICATE_INVALID => 95,
PE_RESETCERTIFICATE_FOREMPTY => 96,
PE_RESETCERTIFICATE_FIRSTACCESS => 97,
};
@ -195,7 +195,7 @@ sub portalConsts {
'92' => 'PE_GET_SERVICE_NOT_ALLOWED',
'93' => 'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
'94' => 'PE_ISSUERMISSINGREQATTR',
'95' => 'PE_RESETCERTIFICATE_INVALIDE',
'95' => 'PE_RESETCERTIFICATE_INVALID',
'96' => 'PE_RESETCERTIFICATE_FOREMPTY',
'97' => 'PE_RESETCERTIFICATE_FIRSTACCESS'
};
@ -296,7 +296,7 @@ our @EXPORT_OK = (
'PE_GET_SERVICE_NOT_ALLOWED',
'PE_IMPERSONATION_SERVICE_NOT_ALLOWED',
'PE_ISSUERMISSINGREQATTR',
'PE_RESETCERTIFICATE_INVALIDE',
'PE_RESETCERTIFICATE_INVALID',
'PE_RESETCERTIFICATE_FOREMPTY',
'PE_RESETCERTIFICATE_FIRSTACCESS'
);

10
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
View File

@ -29,7 +29,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_PASSWORD_OK
PE_TOKENEXPIRED
PE_USERNOTFOUND
PE_RESETCERTIFICATE_INVALIDE
PE_RESETCERTIFICATE_INVALID
PE_RESETCERTIFICATE_FOREMPTY
PE_RESETCERTIFICATE_FIRSTACCESS
);
@ -481,8 +481,8 @@ sub modifyCertificate {
$self->userLogger->debug( "Unable to decode certificate for user "
. Net::SSLeay::ERR_error_string( Net::SSLeay::ERR_get_error() ) );
#return PE_CERTIFICATE_INVALIDE;
return PE_RESETCERTIFICATE_INVALIDE;
#return PE_CERTIFICATE_INVALID;
return PE_RESETCERTIFICATE_INVALID;
}
$self->userLogger->debug("Certificate decoded successfully");
$notAfter = Net::SSLeay::P_ASN1_TIME_get_isotime(
@ -507,7 +507,7 @@ sub modifyCertificate {
$self->userLogger->debug(
"Your cettificate is no longer valid in $self->conf->{certificateValidityDelay}"
);
return PE_RESETCERTIFICATE_INVALIDE;
return PE_RESETCERTIFICATE_INVALID;
#return PE_PASSWORD_MISMATCH;
}
@ -691,7 +691,7 @@ sub display {
# Display Certificate Reset form again if certificate invalid
elsif ($req->error == PE_RESETCERTIFICATE_FOREMPTY
|| $req->error == PE_RESETCERTIFICATE_INVALIDE )
|| $req->error == PE_RESETCERTIFICATE_INVALID )
{
$self->logger->debug('Display Certificate Reset form');
$tplPrm{DISPLAY_CERTIF_FORM} = 1;

244
lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t
View File

@ -12,15 +12,14 @@ BEGIN {
};
}
my ($res, $user);
my ( $res, $user );
my $maintests = 6;
SKIP: {
eval
'require Email::Sender::Simple; use GD::SecurityImage;use Image::Magick;';
if ($@) {
skip 'Missing dependencies '.$@ , $maintests;
skip 'Missing dependencies ' . $@, $maintests;
}
@ -29,33 +28,35 @@ SKIP: {
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'debug',
useSafeJail => 1,
portalDisplayRegister => 1,
authentication => 'SSL',
userDB => 'LDAP',
passwordDB => 'LDAP',
registerDB => 'LDAP',
ldapServer => 'ldap://127.0.0.1:19389/',
ldapBase => 'ou=users,dc=example,dc=com',
managerDn => 'cn=admin,dc=example,dc=com',
managerPassword => 'admin',
captcha_mail_enabled => 0,
portalDisplayCertificateResetByMail => 1,
certificateResetByMailCeaAttribute => 'description',
certificateResetByMailCertificateAttribute => 'userCertificate;binary',
certificateResetByMailStep1Body => 'Clique here <a href="$url"> to confirm your mail. It will expire $expMailDate',
certificateResetByMailStep2Body => 'Certificate Reset sucessfully!',
certificateValidityDelay => 30
logLevel => 'debug',
useSafeJail => 1,
portalDisplayRegister => 1,
authentication => 'SSL',
userDB => 'LDAP',
passwordDB => 'LDAP',
registerDB => 'LDAP',
ldapServer => 'ldap://127.0.0.1:19389/',
ldapBase => 'ou=users,dc=example,dc=com',
managerDn => 'cn=admin,dc=example,dc=com',
managerPassword => 'admin',
captcha_mail_enabled => 0,
portalDisplayCertificateResetByMail => 1,
certificateResetByMailCeaAttribute => 'description',
certificateResetByMailCertificateAttribute =>
'userCertificate;binary',
certificateResetByMailStep1Body =>
'Click here <a href="$url"> to confirm your mail. It will expire $expMailDate',
certificateResetByMailStep2Body =>
'Certificate Reset sucessfully!',
certificateValidityDelay => 30
}
}
}
);
# Test form
# ------------------------
ok( $res = $client->_get('/certificateReset', accept => 'text/html' ),
ok( $res = $client->_get( '/certificateReset', accept => 'text/html' ),
'Reset form', );
my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'mail' );
@ -69,28 +70,32 @@ SKIP: {
accept => 'text/html'
),
'Post mail'
) ;
);
ok( mail() =~ m#a href="http://auth.example.com/certificateReset\?(.*?)"#,
'Found link in mail' );
$query = $1;
my $querymail = $query;
ok(
$res =
$client->_get( '/certificateReset', query => $query, accept => 'text/html' ),
$res = $client->_get(
'/certificateReset',
query => $query,
accept => 'text/html'
),
'Post mail token received by mail'
);
# print STDERR Dumper($res);
( $host, $url, $query ) = expectForm( $res, '#', undef, 'token' );
ok( $res->[2]->[0] =~ /certif/s, ' Ask for a new certificate file' );
# print STDERR Dumper($res);
#print STDERR Dumper($query);
my %inputs = split( /[=&]/,$query );
my %querytab = split( /[=&]/,$querymail );
( $host, $url, $query ) = expectForm( $res, '#', undef, 'token' );
ok( $res->[2]->[0] =~ /certif/s, ' Ask for a new certificate file' );
# Create the certificate file
my $cert = "-----BEGIN CERTIFICATE-----
#print STDERR Dumper($query);
my %inputs = split( /[=&]/, $query );
my %querytab = split( /[=&]/, $querymail );
# Create the certificate file
my $cert = "-----BEGIN CERTIFICATE-----
MIIDdzCCAl+gAwIBAgIJAKGx8siw7lkRMA0GCSqGSIb3DQEBCwUAMFExCzAJBgNV
BAYTAkZSMQ8wDQYDVQQIDAZGcmFuY2UxDjAMBgNVBAcMBVBBcmlzMREwDwYDVQQK
DAhMaW5hZ29yYTEOMAwGA1UECwwFTElOSUQwIBcNMTkwNzA0MTcyNjI4WhgPMjEx
@ -110,85 +115,102 @@ zrLj6PHTvazy+6Au+R/9N5u3WQtq/Z2xoN/+bbQ1dyjXgQmBZFizHP32l5AdgBDT
jF7xMHxJ6Jxz9lkI+d9v0TzpxTStsaC+pbDfoouNc2deZkv84YTIrD0EPSHFDH5d
u5i9b+lrWZeCtpVEPzSYpnBwGfepbZAzfVRKJm7wZPCe7KxqMGXQLVBkD8oN7vA1
lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU
-----END CERTIFICATE-----";
-----END CERTIFICATE-----";
open my $FH2, '>', '/tmp/v296ZJQ_kG';
print {$FH2} "$cert";
close $FH2;
open my $FH2, '>', '/tmp/v296ZJQ_kG';
print {$FH2} "$cert";
close $FH2;
$res = $client->app->( {
'plack.request.query' => bless( {
'skin' => $querytab{'skin'},
'mail_token' => $querytab{'mail_token'}
},
'Hash::MultiValue'
),
'PATH_INFO' => '/certificateReset',
'HTTP_ACCEPT' =>
'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
'REQUEST_METHOD' => 'POST',
'HTTP_ORIGIN' => 'http://auth.example.com',
'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
'REQUEST_SCHEME' => 'http',
'HTTP_CACHE_CONTROL' => 'max-age=0',
$res = $client->app->( {
'plack.request.query' => bless( {
'skin' => $querytab{'skin'},
'mail_token' => $querytab{'mail_token'}
}, 'Hash::MultiValue' ),
'PATH_INFO' => '/certificateReset',
'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
'REQUEST_METHOD' => 'POST',
'HTTP_ORIGIN' => 'http://auth.example.com',
'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
'REQUEST_SCHEME' => 'http',
'HTTP_CACHE_CONTROL' => 'max-age=0',
'plack.request.merged' => bless( {
'skin' => $querytab{'skin'},
'mail_token' => $querytab{'mail_token'},
'url' => '',
'token' => $inputs{'token'}
}, 'Hash::MultiValue' ),
'REMOTE_PORT' => '36674',
'QUERY_STRING' => $querymail,
'SERVER_SIGNATURE' => '',
'psgix.input.buffered' => 1,
'HTTP_UPGRADE_INSECURE_REQUESTS' => '1',
'CONTENT_TYPE' => 'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr',
'plack.request.upload' => bless( {
'certif' => bless( {
'headers' => bless( {
'content-disposition' => 'form-data; name="certif"; filename="user.pem"',
'content-type' => 'application/x-x509-ca-cert',
'::std_case' => {
'content-disposition' => 'Content-Disposition'
}
}, 'HTTP::Headers' ),
'filename' => 'user.pem',
'tempname' => '/tmp/v296ZJQ_kG',
'size' => 1261
}, 'Plack::Request::Upload' )
}, 'Hash::MultiValue' ),
'psgi.streaming' => 1,
'plack.request.body' => bless( {
'skin' => 'bootstrap',
'url' => '',
'token' => $inputs{'token'}
}, 'Hash::MultiValue' ),
'SCRIPT_URL' => '/certificateReset',
'SERVER_NAME' => 'auth.example.com',
'HTTP_REFERER' => 'http://auth.example.com/certificateReset?'.$querymail,
'HTTP_CONNECTION' => 'close',
'CONTENT_LENGTH' => '1759',
'SCRIPT_URI' => 'http://auth.example.com/certificateReset',
'plack.cookie.parsed' => {
'llnglanguage' => 'fr'
},
'SERVER_PORT' => '80',
'SERVER_NAME' => 'auth.example.com',
'SERVER_PROTOCOL' => 'HTTP/1.1',
'SCRIPT_NAME' => '',
'HTTP_USER_AGENT' => 'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
'HTTP_COOKIE' => 'llnglanguage=fr',
'REMOTE_ADDR' => '127.0.0.1',
'REQUEST_URI' => '/certificateReset?'.$querymail,
'plack.cookie.string' => 'llnglanguage=fr',
'SERVER_ADDR' => '127.0.0.1',
'psgi.url_scheme' => 'http',
'psgix.harakiri' => '',
'HTTP_HOST' => 'auth.example.com'
});
ok( mail() =~ /Certificate Reset sucessfully/, 'Certificate was changed');
'plack.request.merged' => bless( {
'skin' => $querytab{'skin'},
'mail_token' => $querytab{'mail_token'},
'url' => '',
'token' => $inputs{'token'}
},
'Hash::MultiValue'
),
'REMOTE_PORT' => '36674',
'QUERY_STRING' => $querymail,
'SERVER_SIGNATURE' => '',
'psgix.input.buffered' => 1,
'HTTP_UPGRADE_INSECURE_REQUESTS' => '1',
'CONTENT_TYPE' =>
'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr',
'plack.request.upload' => bless( {
'certif' => bless( {
'headers' => bless( {
'content-disposition' =>
'form-data; name="certif"; filename="user.pem"',
'content-type' =>
'application/x-x509-ca-cert',
'::std_case' => {
'content-disposition' =>
'Content-Disposition'
}
},
'HTTP::Headers'
),
'filename' => 'user.pem',
'tempname' => '/tmp/v296ZJQ_kG',
'size' => 1261
},
'Plack::Request::Upload'
)
},
'Hash::MultiValue'
),
'psgi.streaming' => 1,
'plack.request.body' => bless( {
'skin' => 'bootstrap',
'url' => '',
'token' => $inputs{'token'}
},
'Hash::MultiValue'
),
'SCRIPT_URL' => '/certificateReset',
'SERVER_NAME' => 'auth.example.com',
'HTTP_REFERER' => 'http://auth.example.com/certificateReset?'
. $querymail,
'HTTP_CONNECTION' => 'close',
'CONTENT_LENGTH' => '1759',
'SCRIPT_URI' => 'http://auth.example.com/certificateReset',
'plack.cookie.parsed' => {
'llnglanguage' => 'fr'
},
'SERVER_PORT' => '80',
'SERVER_NAME' => 'auth.example.com',
'SERVER_PROTOCOL' => 'HTTP/1.1',
'SCRIPT_NAME' => '',
'HTTP_USER_AGENT' =>
'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
'HTTP_COOKIE' => 'llnglanguage=fr',
'REMOTE_ADDR' => '127.0.0.1',
'REQUEST_URI' => '/certificateReset?' . $querymail,
'plack.cookie.string' => 'llnglanguage=fr',
'SERVER_ADDR' => '127.0.0.1',
'psgi.url_scheme' => 'http',
'psgix.harakiri' => '',
'HTTP_HOST' => 'auth.example.com'
}
);
ok( mail() =~ /Certificate Reset sucessfully/, 'Certificate was changed' );
}
count($maintests);