dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' into portal-multi-U2F-registration

Browse Source
This commit is contained in:
Christophe Maudoux 2018-04-10 11:07:07 +02:00
commit dae160c5e1
39 changed files with 1349 additions and 1405 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lemonldap-ng-portal/MANIFEST
View File

@ -427,6 +427,7 @@ t/65-AutoSignin.t
t/70-2F-TOTP.t
t/71-2F-UTOTP-TOTP-only.t
t/72-2F-REST.t
t/73-2F-U2F.t
t/90-Translations.t
t/99-pod.t
t/lmConf-1.json

44
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/Register/U2F.pm
View File

@ -273,15 +273,51 @@ sub loadUser {
$self->logger->debug("Loading user U2F Devices ...");
my $uid = $req->userData->{ $self->conf->{whatToTrace} };
my $session = $self->p->getPersistentSession($uid);
my $kh = $session->data->{_u2fKeyHandle};
my $uk = $session->data->{_u2fUserKey};
my $secret = '';
my $_2fDevices = eval {
$self->logger->debug("Loading 2F Devices ...");
# Read existing 2FDevices
from_json( $session->data->{_2fDevices}, { allow_nonref => 1 } );
};
unless ( $_2fDevices ) {
$self->logger->debug("No 2F Device found");
# Set default value
@$_2fDevices = [];
}
#foreach (@$_2fDevices) {
#$self->logger->debug("Reading U2F keys if exists ...");
#if ( $_->{type} eq 'TOTP' ) {
#$secret = $_->{_secret};
#last;
#}
#}
my @U2Fs = grep { $_->{type} =~ /U2F/s } @$_2fDevices;
my $kh = $U2Fs[0]{_keyHandle};
my $uk = $self->decode_base64url( $U2Fs[0]{_userKey} );
unless ( $kh and $uk ) {
$self->logger->debug("UTOP -> No U2F key found !!!");
return 0;
}
$self->logger->debug("_userKey = ".$uk);
$req->datas->{crypter} = $self->crypter(
keyHandle => $self->decode_base64url($kh),
publicKey => $self->decode_base64url($uk)
#keyHandle => $self->decode_base64url($kh),
#publicKey => $self->decode_base64url($uk)
keyHandle => $kh,
publicKey => $uk
);
unless ( $req->datas->{crypter} ) {
my $error = Crypt::U2F::Server::Simple::lastError();

4
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/2F/U2F.pm
View File

@ -158,7 +158,8 @@ sub loadUser {
$self->logger->debug("Reading U2F keys if exists ...");
if ( $_->{type} eq 'U2F' ) {
$self->logger->debug("_userKey = ".$_->{_userKey});
$_->{_userKey} = $self->decode_base64url($_->{_userKey});
$self->logger->debug("_keyHandle = ".$_->{_keyHandle});
$_->{_userKey} = $self->decode_base64url( $_->{_userKey} );
push @u2fs, $_;
}
}
@ -176,6 +177,7 @@ sub loadUser {
if ( ( $kh = $u2fs[0]{_keyHandle} )
and ( $uk = $u2fs[0]{_userKey} ) )
{
$self->logger->debug("kh & uk -> OK");
$req->datas->{crypter} = $self->crypter(
#keyHandle => $self->decode_base64url($kh),
#publicKey => $self->decode_base64url($uk)

1
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/U2F.pm
View File

@ -26,6 +26,7 @@ sub init {
Crypt::U2F::Server::Simple->new(
appId => $self->origin,
origin => $self->origin,
( $self->conf->{logLevel} eq 'debug' ? ( debug => 1 ) : () ),
)
)
{

27
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
View File

@ -149,19 +149,20 @@ sub authLogout {
sub deleteSession {
my ( $self, $req ) = @_;
$req->userData( {} );
my $apacheSession = $self->getApacheSession( $req->id );
my $id = $req->id;
unless ($apacheSession) {
$self->logger->debug("Session $id already deleted");
return PE_OK;
}
unless ( $self->_deleteSession( $req, $apacheSession ) ) {
$self->logger->error("Unable to delete session $id");
$self->logger->error( $apacheSession->error );
return PE_ERROR;
}
else {
$self->logger->debug("Session $id deleted from global storage");
if ( my $id = $req->id ) {
my $apacheSession = $self->getApacheSession( $req->id );
unless ($apacheSession) {
$self->logger->debug("Session $id already deleted");
return PE_OK;
}
unless ( $self->_deleteSession( $req, $apacheSession ) ) {
$self->logger->error("Unable to delete session $id");
$self->logger->error( $apacheSession->error );
return PE_ERROR;
}
else {
$self->logger->debug("Session $id deleted from global storage");
}
}
# TODO

93
lemonldap-ng-portal/t/23-Auth-and-password-REST.t
View File

@ -2,12 +2,66 @@ use strict;
use IO::String;
use Test::More;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use JSON qw(to_json from_json);
BEGIN {
require 't/test-lib.pm';
}
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#^http://ws/(auth|user|confirm|modify)#,
' ' . ucfirst($1) . ' REST request' )
or explain( $req->uri, 'http://ws/(auth|user)' );
my $type = $1;
count(1);
my $res = from_json( $req->content );
ok( $res->{user} eq 'dwho', ' User is dwho' );
count(1);
if ( $type eq 'auth' ) {
ok( $res->{password} eq 'dwho', ' Password is dwho' )
or explain( $res, 'password: dwho' );
count(1);
return [
200,
[ 'Content-Type' => 'application/json' ],
['{"result":true,"info":{"uid":"dwho"}}']
];
}
elsif ( $type eq 'modify' ) {
ok( $res->{password} eq 'test', ' Password is test' );
count(1);
return [
200, [ 'Content-Type' => 'application/json' ],
['{"result":true}']
];
}
elsif ( $type eq 'confirm' ) {
ok( $res->{password} eq 'dwho', ' Password is dwho' );
count(1);
return [
200, [ 'Content-Type' => 'application/json' ],
['{"result":true}']
];
}
elsif ( $type eq 'user' ) {
return [
200,
[ 'Content-Type' => 'application/json' ],
['{"result":true,"info":{"cn":"dwho"}}']
];
}
else {
fail('Unknwon URL');
count(1);
}
return [ 500, [], [] ];
}
);
my $res;
my $client = LLNG::Manager::Test->new(
@ -56,42 +110,3 @@ clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#^http://ws/(auth|user|confirm|modify)#,
' ' . ucfirst($1) . ' REST request' )
or explain( $req->uri, 'http://ws/(auth|user)' );
my $type = $1;
count(1);
my $res = from_json( $req->content );
ok( $res->{user} eq 'dwho', ' User is dwho' );
count(1);
my $resp = HTTP::Response->new( 200, 'OK' );
if ( $type eq 'auth' ) {
ok( $res->{password} eq 'dwho', ' Password is dwho' )
or explain( $res, 'password: dwho' );
count(1);
$resp->content('{"result":true,"info":{"uid":"dwho"}}');
}
elsif ( $type eq 'modify' ) {
ok( $res->{password} eq 'test', ' Password is test' );
count(1);
$resp->content('{"result":true}');
}
elsif ( $type eq 'confirm' ) {
ok( $res->{password} eq 'dwho', ' Password is dwho' );
count(1);
$resp->content('{"result":true}');
}
elsif ( $type eq 'user' ) {
$resp->content('{"result":true,"info":{"cn":"dwho"}}');
}
else {
fail('Unknwon URL');
count(1);
}
return $resp;
}

64
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -12,6 +14,34 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, 'SOAP request' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => 'application/xml',
),
'Execute request'
);
ok( ( $res->[0] == 200 or $res->[0] == 400 ), 'Response is 200 or 400' )
or explain( $res->[0], "200 or 400" );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/xml#,
'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
count(4);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -139,40 +169,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, 'SOAP request' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => 'application/xml',
),
'Execute request'
);
ok( ( $res->[0] == 200 or $res->[0] == 400 ), 'Response is 200 or 400' )
or explain( $res->[0], "200 or 400" );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/xml#,
'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

64
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -12,6 +14,33 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, 'SOAP request' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => 'application/xml',
),
'Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/xml#,
'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
count(3);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -190,41 +219,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, 'SOAP request' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => 'application/xml',
),
'Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/xml#,
'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(3);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -189,17 +201,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('POST should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -208,17 +220,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('POST should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -169,17 +181,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('Redirect should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -216,17 +228,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('Redirect should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-SAML-ReAuth-with-choice.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -14,6 +16,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -184,17 +196,6 @@ count($maintests);
eval { unlink 't/userdb.db' };
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('POST should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-SAML-ReAuth.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -172,17 +184,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('POST should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

23
lemonldap-ng-portal/t/30-SAML-SP-rule.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,16 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
fail('POST should not launch SOAP requests');
count(1);
return [ 500, [], [] ];
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -115,17 +127,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
fail('Redirect should not launch SOAP requests');
my $httpResp = HTTP::Response->new(500);
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

94
lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t
View File

@ -1,6 +1,8 @@
use Test::More; # skip_all => 'CAS is in rebuild';
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,7 +13,46 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
no warnings 'redefine';
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
'SOAP request' );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
"Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
"Execute request to $url"
);
}
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
count(3);
return $res;
}
);
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
@ -130,8 +171,8 @@ ok(
);
count(1);
expectRedirection( $res, 'http://auth.sp.com/?logout' );
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
' Frame can be embedded' )
my $h = getHeader( $res, 'Content-Security-Policy' );
ok( ( not $h or $h !~ /frame-ancestors/ ), ' Frame can be embedded' )
or explain( $res->[1],
'Content-Security-Policy does not contain a frame-ancestors' );
count(1);
@ -154,53 +195,6 @@ expectRedirection( $res,
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
'SOAP request' );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
"Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
"Execute request to $url"
);
}
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(3);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

94
lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t
View File

@ -1,6 +1,8 @@
use Test::More; # skip_all => 'CAS is in rebuild';
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,7 +13,46 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
no warnings 'redefine';
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
'SOAP request' );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
"Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
"Execute request to $url"
);
}
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
count(3);
return $res;
}
);
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
@ -140,8 +181,8 @@ ok(
);
count(1);
expectRedirection( $res, 'http://auth.sp.com/?logout' );
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
' Frame can be embedded' )
my $h = getHeader( $res, 'Content-Security-Policy' );
ok( ( not $h or $h !~ /frame-ancestors/ ), ' Frame can be embedded' )
or explain( $res->[1],
'Content-Security-Policy does not contain a frame-ancestors' );
count(1);
@ -167,53 +208,6 @@ expectRedirection( $res,
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
' Request to ' . $req->uri );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
" Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
" Execute request to $url"
);
}
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(3);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

90
lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t
View File

@ -1,6 +1,8 @@
use Test::More; # skip_all => 'CAS is in rebuild';
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,7 +13,44 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
no warnings 'redefine';
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
' Request to ' . $req->uri );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
" Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
" Execute request to $url"
);
}
expectOK($res);
count(2);
return $res;
}
);
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
@ -140,8 +179,8 @@ ok(
);
count(1);
expectRedirection( $res, 'http://auth.sp.com/?logout' );
ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/,
' Frame can be embedded' )
my $h = getHeader( $res, 'Content-Security-Policy' );
ok( ( not $h or $h !~ /frame-ancestors/ ), ' Frame can be embedded' )
or explain( $res->[1],
'Content-Security-Policy does not contain a frame-ancestors' );
count(1);
@ -167,51 +206,6 @@ expectRedirection( $res,
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
' Request to ' . $req->uri );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
" Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
" Execute request to $url"
);
}
expectOK($res);
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(2);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

90
lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t
View File

@ -1,6 +1,8 @@
use Test::More; # skip_all => 'CAS is in rebuild';
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,7 +15,46 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
no warnings 'redefine';
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
'SOAP request' );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
"Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
"Execute request to $url"
);
}
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
count(3);
return $res;
}
);
SKIP: {
eval { require DBI; require DBD::SQLite; };
@ -167,53 +208,6 @@ count($maintests);
eval { unlink 't/userdb.db' };
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com([^\?]*)(?:\?(.*))?$#,
' Request to ' . $req->uri );
my $host = $1;
my $url = $2;
my $query = $3;
my $res;
my $client = ( $host eq 'idp' ? $issuer : $sp );
if ( $req->method eq 'POST' ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
query => $query,
type => 'application/xml',
),
" Execute POST request to $url"
);
}
else {
ok(
$res = $client->_get(
$url,
type => 'application/xml',
query => $query,
),
" Execute request to $url"
);
}
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#xml#, 'Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(3);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

112
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,6 +13,57 @@ my $debug = 'error';
my ( $op, $rp, $res );
my %handlerOR = ( op => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return [ 500, [], [] ];
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
# Initialization
ok( $op = op(), 'OP portal' );
@ -149,65 +202,6 @@ expectReject($res);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -12,6 +14,57 @@ my $maintests = 18;
my ( $op, $rp, $res );
my %handlerOR = ( op => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
SKIP: {
eval { require DBI; require DBD::SQLite; };
if ($@) {
@ -186,65 +239,6 @@ count($maintests);
eval { unlink 't/userdb.db' };
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,6 +13,57 @@ my $debug = 'error';
my ( $op, $rp, $res );
my %handlerOR = ( op => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return [ 500, [], [] ];
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
# Initialization
ok( $op = op(), 'OP portal' );
@ -218,65 +271,6 @@ expectRedirection( $res, qr#^http://auth.rp.com/# );
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

110
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,6 +13,57 @@ my $debug = 'error';
my ( $op, $rp, $res );
my %handlerOR = ( op => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return [ 500, [], [] ];
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
# Initialization
ok( $op = op(), 'OP portal' );
@ -99,63 +152,6 @@ count(5);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

110
lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,6 +13,57 @@ my $debug = 'error';
my ( $op, $rp, $res );
my %handlerOR = ( op => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return [ 500, [], [] ];
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
# Initialization
ok( $op = op(), 'OP portal' );
@ -90,63 +143,6 @@ count(5);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/32-OIDC-RP-rule.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -11,6 +13,57 @@ my $debug = 'error';
my ( $op, $rp, $res );
my %handlerOR = ( op => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return [ 500, [], [] ];
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
# Initialization
ok( $op = op(), 'OP portal' );
@ -64,65 +117,6 @@ count(1);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

68
lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -12,6 +14,36 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.idp.com(.*)#,
' Request from SP to IdP' );
my $url = $1;
my ($res);
count(1);
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $issuer->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
accept => 'text/plain',
),
' Execute request'
);
}
else {
ok( $res = $issuer->_get( $url, accept => 'text/plain', ),
' Execute post request' );
}
expectOK($res);
count(1);
return $res;
}
);
SKIP: {
eval { require Net::OpenID::Consumer; require Net::OpenID::Server; };
if ($@) {
@ -105,42 +137,6 @@ sub switch {
};
}
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.idp.com(.*)#, ' Request from SP to IdP' );
my $url = $1;
my ($res);
count(1);
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $issuer->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
accept => 'text/plain',
),
' Execute request'
);
}
else {
ok( $res = $issuer->_get( $url, accept => 'text/plain', ),
' Execute post request' );
}
expectOK($res);
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->request($req);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(1);
return $httpResp;
}
sub issuer {
return LLNG::Manager::Test->new(
{

108
lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -10,6 +12,55 @@ my $debug = 'error';
my ( $issuer, $sp, $res, $spId, $idpId );
my %handlerOR = ( issuer => [], sp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok(
$req->uri =~ m#http://auth.idp.com(.*)#,
' @ REST request (' . $req->method . " $1)"
);
count(1);
my $url = $1;
my $res;
my $s = $req->content;
if ( $req->method =~ /^(post|put)$/i ) {
my $mth = '_' . lc($1);
my $s = $req->content;
ok(
$res = $issuer->$mth(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
$idpId = expectCookie($res);
}
elsif ( $req->method =~ /^(get|delete)$/i ) {
my $mth = '_' . lc($1);
ok(
$res = $issuer->$mth(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie')
),
' Execute request'
);
count(1);
expectOK($res);
}
ok(
getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/json#,
'Content is JSON'
) or explain( $res->[1], 'Content-Type => application/json' );
count(1);
return $res;
}
);
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
switch ('sp');
@ -175,63 +226,6 @@ clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok(
$req->uri =~ m#http://auth.idp.com(.*)#,
' @ REST request (' . $req->method . " $1)"
);
count(1);
my $url = $1;
my $res;
my $s = $req->content;
if ( $req->method =~ /^(post|put)$/i ) {
my $mth = '_' . lc($1);
my $s = $req->content;
ok(
$res = $issuer->$mth(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
$idpId = expectCookie($res);
}
elsif ( $req->method =~ /^(get|delete)$/i ) {
my $mth = '_' . lc($1);
ok(
$res = $issuer->$mth(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie')
),
' Execute request'
);
count(1);
expectOK($res);
}
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/json#,
'Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(1);
my $httpResp;
$httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF REST REQUEST');
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

77
lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -11,6 +13,41 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#,
' @ SOAP REQUEST @' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
switch ( $host eq 'idp' ? 'issuer' : 'sp' );
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
pass(' @ END OF SOAP REQUEST @');
count(4);
switch ( $host eq 'idp' ? 'sp' : 'issuer' );
return $res;
}
);
SKIP: {
eval 'use SOAP::Lite';
if ($@) {
@ -96,46 +133,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, ' @ SOAP REQUEST @' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
switch ( $host eq 'idp' ? 'issuer' : 'sp' );
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF SOAP REQUEST @');
count(4);
switch ( $host eq 'idp' ? 'sp' : 'issuer' );
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

109
lemonldap-ng-portal/t/35-REST-config-backend.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -10,6 +12,56 @@ my $debug = 'error';
my ( $issuer, $sp, $res, $spId );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok(
$req->uri =~ m#http://auth.idp.com(.*?)(?:\?(.*))?$#,
' @ REST request (' . $req->method . " $1)"
);
count(1);
my $url = $1;
my $query = $2;
my $res;
my $s = $req->content;
if ( $req->method =~ /^(post|put)$/i ) {
my $mth = '_' . lc($1);
my $s = $req->content;
ok(
$res = $issuer->$mth(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
}
elsif ( $req->method =~ /^(get|delete)$/i ) {
my $mth = '_' . lc($1);
ok(
$res = $issuer->$mth(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie'),
query => $query,
),
' Execute request'
);
ok( ( $res->[0] == 200 or $res->[0] == 400 ),
' Response is 200 or 400' )
or explain( $res->[0], '200 or 400' );
count(2);
}
pass(' @ END OF REST REQUEST');
count(1);
return $res;
}
);
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
@ -103,63 +155,6 @@ expectReject($res);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok(
$req->uri =~ m#http://auth.idp.com(.*?)(?:\?(.*))?$#,
' @ REST request (' . $req->method . " $1)"
);
count(1);
my $url = $1;
my $query = $2;
my $res;
my $s = $req->content;
if ( $req->method =~ /^(post|put)$/i ) {
my $mth = '_' . lc($1);
my $s = $req->content;
ok(
$res = $issuer->$mth(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
}
elsif ( $req->method =~ /^(get|delete)$/i ) {
my $mth = '_' . lc($1);
ok(
$res = $issuer->$mth(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie'),
query => $query,
),
' Execute request'
);
ok( ( $res->[0] == 200 or $res->[0] == 400 ),
' Response is 200 or 400' )
or explain( $res->[0], '200 or 400' );
count(2);
}
my $httpResp;
$httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF REST REQUEST');
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

107
lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -10,6 +12,56 @@ my $debug = 'error';
my ( $issuer, $sp, $res, $spId );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok(
$req->uri =~ m#http://auth.idp.com(.*?)(?:\?(.*))?$#,
' @ REST request (' . $req->method . " $1)"
);
count(1);
my $url = $1;
my $query = $2;
my $res;
my $s = $req->content;
if ( $req->method =~ /^(post|put)$/i ) {
my $mth = '_' . lc($1);
my $s = $req->content;
ok(
$res = $issuer->$mth(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
}
elsif ( $req->method =~ /^(get|delete)$/i ) {
my $mth = '_' . lc($1);
ok(
$res = $issuer->$mth(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie'),
query => $query,
),
' Execute request'
);
ok( ( $res->[0] == 200 or $res->[0] == 400 ),
' Response is 200 or 400' )
or explain( $res->[0], '200 or 400' );
count(2);
}
pass(' @ END OF REST REQUEST');
count(1);
return $res;
}
);
ok( $issuer = issuer(), 'Issuer portal' );
$handlerOR{issuer} = \@Lemonldap::NG::Handler::Main::_onReload;
switch ('sp');
@ -99,61 +151,6 @@ expectReject($res);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok(
$req->uri =~ m#http://auth.idp.com(.*)#,
' @ REST request (' . $req->method . " $1)"
);
count(1);
my $url = $1;
my $res;
my $s = $req->content;
if ( $req->method =~ /^(post|put)$/i ) {
my $mth = '_' . lc($1);
my $s = $req->content;
ok(
$res = $issuer->$mth(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Post request'
);
count(1);
expectOK($res);
}
elsif ( $req->method =~ /^(get|delete)$/i ) {
my $mth = '_' . lc($1);
ok(
$res = $issuer->$mth(
$url,
accept => $req->header('Accept'),
cookie => $req->header('Cookie')
),
' Execute request'
);
ok( ( $res->[0] == 200 or $res->[0] == 400 ),
' Response is 200 or 400' )
or explain( $res->[0], '200 or 400' );
count(2);
}
my $httpResp;
$httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF REST REQUEST');
count(1);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

73
lemonldap-ng-portal/t/35-SOAP-config-backend.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -11,6 +13,39 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#,
' @ SOAP REQUEST @' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
pass(' @ END OF SOAP REQUEST @');
count(4);
return $res;
}
);
SKIP: {
eval 'use SOAP::Lite';
if ($@) {
@ -89,44 +124,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, ' @ SOAP REQUEST @' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF SOAP REQUEST @');
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

73
lemonldap-ng-portal/t/35-SOAP-sessions-with-SOAP-server.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -11,6 +13,39 @@ my $debug = 'error';
my ( $issuer, $sp, $res );
my %handlerOR = ( issuer => [], sp => [] );
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#,
' @ SOAP REQUEST @' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
pass(' @ END OF SOAP REQUEST @');
count(4);
return $res;
}
);
SKIP: {
eval 'use SOAP::Lite';
if ($@) {
@ -77,44 +112,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:id|s)p).com(.*)#, ' @ SOAP REQUEST @' );
my $host = $1;
my $url = $2;
my $res;
my $s = $req->content;
my $client = ( $host eq 'idp' ? $issuer : $sp );
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF SOAP REQUEST @');
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
@Lemonldap::NG::Handler::Main::_onReload = @{

112
lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-SP.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,57 @@ my $debug = 'error';
my ( $op, $rp, $sp, $res );
my %handlerOR = ( op => [], rp => [], sp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -285,65 +338,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.((?:o|r)p).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,57 @@ my $debug = 'error';
my ( $idp, $sp, $rp, $res );
my %handlerOR = ( idp => [], sp => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.(rp|sp).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'sp' ) {
pass(" Request from RP to OP(sp), endpoint $url");
$client = $sp;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP(proxy)');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -231,65 +284,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.(rp|sp).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'sp' ) {
pass(" Request from RP to OP(sp), endpoint $url");
$client = $sp;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP(proxy)');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,57 @@ my $debug = 'error';
my ( $idp, $sp, $rp, $res );
my %handlerOR = ( idp => [], sp => [], rp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.(rp|sp).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'sp' ) {
pass(" Request from RP to OP(sp), endpoint $url");
$client = $sp;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP(proxy)');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -233,65 +286,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.(rp|sp).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'sp' ) {
pass(" Request from RP to OP(sp), endpoint $url");
$client = $sp;
}
elsif ( $host eq 'rp' ) {
pass(' Request from OP to RP(proxy)');
$client = $rp;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,57 @@ my $debug = 'error';
my ( $op, $proxy, $sp, $res );
my %handlerOR = ( op => [], proxy => [], sp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.(op|proxy).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP(proxy) to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'proxy' ) {
pass(' Request from OP to RP(proxy)');
$client = $proxy;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -205,65 +258,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.(op|proxy).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP(proxy) to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'proxy' ) {
pass(' Request from OP to RP(proxy)');
$client = $proxy;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

112
lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
use MIME::Base64;
BEGIN {
@ -13,6 +15,57 @@ my $debug = 'error';
my ( $op, $proxy, $sp, $res );
my %handlerOR = ( op => [], proxy => [], sp => [] );
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.(op|proxy).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP(proxy) to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'proxy' ) {
pass(' Request from OP to RP(proxy)');
$client = $proxy;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
count(4);
return $res;
}
);
SKIP: {
eval "use Lasso";
if ($@) {
@ -205,65 +258,6 @@ count($maintests);
clean_sessions();
done_testing( count() );
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.(op|proxy).com(.*)#, ' REST request' );
my $host = $1;
my $url = $2;
my ( $res, $client );
count(1);
if ( $host eq 'op' ) {
pass(" Request from RP(proxy) to OP, endpoint $url");
$client = $op;
}
elsif ( $host eq 'proxy' ) {
pass(' Request from OP to RP(proxy)');
$client = $proxy;
}
else {
fail(' Aborting REST request (external)');
return HTTP::Response->new(500);
}
if ( $req->method =~ /^post$/i ) {
my $s = $req->content;
ok(
$res = $client->_post(
$url, IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
),
' Execute request'
);
}
else {
ok(
$res = $client->_get(
$url,
custom => {
HTTP_AUTHORIZATION => $req->header('Authorization'),
}
),
' Execute request'
);
}
ok( $res->[0] == 200, ' Response is 200' );
ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#,
' Content is JSON' )
or explain( $res->[1], 'Content-Type => application/json' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
#print STDERR Dumper($res->[2]);
$httpResp->content( join( '', @{ $res->[2] } ) );
count(4);
return $httpResp;
}
sub switch {
my $type = shift;
pass( '==> Switching to ' . uc($type) . ' <==' );

68
lemonldap-ng-portal/t/40-Notifications-XML-Server.t
View File

@ -1,6 +1,8 @@
use Test::More;
use strict;
use IO::String;
use LWP::UserAgent;
use inc::LWP::Protocol::PSGI;
BEGIN {
require 't/test-lib.pm';
@ -10,6 +12,36 @@ my $maintests = 3;
my $debug = 'error';
my $client;
# Redefine LWP methods for tests
LWP::Protocol::PSGI->register(
sub {
my $req = Plack::Request->new(@_);
ok( $req->uri =~ m#http://auth.example.com(.*)#, ' @ SOAP REQUEST @' );
my $url = $1;
my $res;
my $s = $req->content;
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
pass(' @ END OF SOAP REQUEST @');
count(4);
return $res;
}
);
eval { unlink 't/20160530_dwho_dGVzdHJlZg==.xml' };
my $xml = '<?xml version="1.0" encoding="UTF-8"?>
@ -76,39 +108,3 @@ eval { unlink 't/20160530_dwho_dGVzdHJlZg==.xml' };
count($maintests);
clean_sessions();
done_testing( count() );
# Redefine LWP methods for tests
no warnings 'redefine';
sub LWP::UserAgent::request {
my ( $self, $req ) = @_;
ok( $req->uri =~ m#http://auth.example.com(.*)#, ' @ SOAP REQUEST @' );
my $url = $1;
my $res;
my $s = $req->content;
ok(
$res = $client->_post(
$url,
IO::String->new($s),
length => length($s),
type => $req->header('Content-Type'),
custom => {
HTTP_SOAPACTION => $req->header('Soapaction'),
},
),
' Execute request'
);
expectOK($res);
ok( getHeader( $res, 'Content-Type' ) =~ m#^(?:text|application)/xml#,
' Content is XML' )
or explain( $res->[1], 'Content-Type => application/xml' );
my $httpResp = HTTP::Response->new( $res->[0], 'OK' );
while ( my $name = shift @{ $res->[1] } ) {
$httpResp->header( $name, shift( @{ $res->[1] } ) );
}
$httpResp->content( join( '', @{ $res->[2] } ) );
pass(' @ END OF SOAP REQUEST @');
count(4);
return $httpResp;
}

16
lemonldap-ng-portal/t/73-2F-U2F.t
View File

@ -3,7 +3,7 @@ use strict;
use IO::String;
require 't/test-lib.pm';
my $maintests = 18;
my $maintests = 17;
SKIP: {
eval { require Authen::U2F::Tester };
@ -179,9 +179,17 @@ JjTJecOOS+88fK8qL1TrYv5rapIdqUI7aQ==
),
'Push U2F signature'
);
pass(
'For an unknown reason, Authen::2F::Tester signatures are not recognized by Crypt::U2F::Server'
);
# See https://github.com/mschout/perl-authen-u2f-tester/issues/2
if ( $Authen::U2F::Tester::VERSION >= 0.03 ) {
expectCookie($res);
}
else {
count(1);
pass(
'Authen::2F::Tester-0.02 signatures are not recognized by Yubico library'
);
}
}
count($maintests);