Unit test for #2484

2021-03-10 15:47:46 +01:00 · 2021-03-10 15:47:46 +01:00 · fc693184dc
commit fc693184dc
parent 44abc1e889
2 changed files with 21 additions and 10 deletions
--- a/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t
+++ b/lemonldap-ng-portal/t/32-OIDC-ClientCredentials-Grant.t
@ -22,10 +22,12 @@ my $op = LLNG::Manager::Test->new( {
            portal                          => 'http://auth.op.com',
            authentication                  => 'Demo',
            userDB                          => 'Same',
+            customPlugins                   => 't::OidcHookPlugin',
            issuerDBOpenIDConnectActivation => 1,
            oidcRPMetaDataExportedVars      => {
                rp => {
-                    "name" => "mymacro",
+                    "name"               => "mymacro",
+                    "preferred_username" => "hooked_username",
                }
            },
            oidcRPMetaDataMacros => {
@ -140,7 +142,7 @@ my $access_token = $payload->{access_token};
 ok( $access_token, "Access Token found" );
 count(1);
 my $token_res_scope = $payload->{scope};
-ok ($token_res_scope, "Token response returned scope");
+ok( $token_res_scope, "Token response returned scope" );

 # Get userinfo
 $res = $op->_post(
@ -155,8 +157,9 @@ $res = $op->_post(

 $payload = expectJSON($res);

-is( $payload->{sub},  'rpid' );
-is( $payload->{name}, 'foo' );
+is( $payload->{sub},                'rpid' );
+is( $payload->{name},               'foo' );
+is( $payload->{preferred_username}, 'hook' );

 my $query = "token=$access_token";
 ok(
@ -174,7 +177,8 @@ ok(
 $payload = expectJSON($res);
 like( $payload->{scope}, qr/\bread\b/,   "Scope read found" );
 like( $payload->{scope}, qr/\balways\b/, "Rule-enforced scope found" );
-is ($token_res_scope, $payload->{scope}, "Token response scope match token scope");
+is( $token_res_scope, $payload->{scope},
+    "Token response scope match token scope" );

 clean_sessions();
 done_testing();
--- a/lemonldap-ng-portal/t/OidcHookPlugin.pm
+++ b/lemonldap-ng-portal/t/OidcHookPlugin.pm
@ -8,11 +8,12 @@ use Data::Dumper;
 use Test::More;

 use constant hook => {
-    oidcGenerateIDToken          => 'addClaimToIDToken',
-    oidcGenerateUserInfoResponse => 'addClaimToUserInfo',
-    oidcGotRequest               => 'addScopeToRequest',
-    oidcResolveScope             => 'addHardcodedScope',
-    oidcGenerateAccessToken      => 'addClaimToAccessToken',
+    oidcGenerateIDToken           => 'addClaimToIDToken',
+    oidcGenerateUserInfoResponse  => 'addClaimToUserInfo',
+    oidcGotRequest                => 'addScopeToRequest',
+    oidcResolveScope              => 'addHardcodedScope',
+    oidcGenerateAccessToken       => 'addClaimToAccessToken',
+    oidcGotClientCredentialsGrant => 'oidcGotClientCredentialsGrant',
 };

 sub init {
@ -52,5 +53,11 @@ sub addClaimToAccessToken {
    return PE_OK;
 }

+sub oidcGotClientCredentialsGrant {
+    my ( $self, $req, $payload, $rp ) = @_;
+    $payload->{"hooked_username"} = "hook";
+    return PE_OK;
+}
+
 1;