104 lines
2.6 KiB
Perl
104 lines
2.6 KiB
Perl
use Test::More;
|
|
use strict;
|
|
use IO::String;
|
|
use Data::Dumper;
|
|
|
|
require 't/test-lib.pm';
|
|
my $maintests = 5;
|
|
|
|
SKIP: {
|
|
eval { require Crypt::U2F::Server; require Authen::U2F::Tester };
|
|
if ( $@ or $Crypt::U2F::Server::VERSION < 0.42 ) {
|
|
skip 'Missing libraries', $maintests;
|
|
}
|
|
|
|
use_ok('Lemonldap::NG::Common::FormEncode');
|
|
my $res;
|
|
|
|
my $client = LLNG::Manager::Test->new( {
|
|
ini => {
|
|
logLevel => 'error',
|
|
sfOnlyUpgrade => 1,
|
|
u2fActivation => 1,
|
|
u2fAuthnLevel => 5,
|
|
authentication => 'Demo',
|
|
userDB => 'Same',
|
|
'vhostOptions' => {
|
|
'test1.example.com' => {
|
|
'vhostAuthnLevel' => 3
|
|
},
|
|
},
|
|
}
|
|
}
|
|
);
|
|
|
|
# CASE 1: no 2F available
|
|
# -----------------------
|
|
my $query = 'user=rtyler&password=rtyler';
|
|
ok(
|
|
$res = $client->_post(
|
|
'/',
|
|
IO::String->new($query),
|
|
length => length($query),
|
|
accept => 'text/html',
|
|
),
|
|
'Auth query'
|
|
);
|
|
my $id = expectCookie($res);
|
|
|
|
# After attempting to access test1,
|
|
# the handler sends up back to /upgradesession
|
|
# --------------------------------------------
|
|
ok(
|
|
$res = $client->_get(
|
|
'/upgradesession',
|
|
query => 'url=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t',
|
|
accept => 'text/html',
|
|
cookie => "lemonldap=$id",
|
|
),
|
|
'Upgrade session query'
|
|
);
|
|
|
|
( my $host, my $url, $query ) =
|
|
expectForm( $res, undef, '/upgradesession', 'confirm', 'url' );
|
|
|
|
# Accept session upgrade
|
|
# ----------------------
|
|
|
|
ok(
|
|
$res = $client->_post(
|
|
'/upgradesession',
|
|
IO::String->new($query),
|
|
length => length($query),
|
|
accept => 'text/html',
|
|
cookie => "lemonldap=$id",
|
|
),
|
|
'Accept session upgrade query'
|
|
);
|
|
|
|
expectCookie( $res, 'lemonldappdata' );
|
|
|
|
# A message warns the user that they do not have any 2FA available
|
|
expectPortalError( $res, 83 );
|
|
|
|
$query = 'user=rtyler&password=rtyler';
|
|
ok(
|
|
$res = $client->_post(
|
|
'/upgradesession',
|
|
IO::String->new($query),
|
|
length => length($query),
|
|
accept => 'text/html',
|
|
cookie => "lemonldap=$id",
|
|
),
|
|
'Accept session upgrade query'
|
|
);
|
|
expectRedirection( $res, 'http://auth.example.com/' );
|
|
$client->logout($id);
|
|
}
|
|
|
|
count($maintests);
|
|
clean_sessions();
|
|
|
|
done_testing( count() );
|
|
|