.. | ||
sessions | ||
sessions2 | ||
testslapd | ||
01-AuthDemo.t | ||
01-pdata.t | ||
02-Password-Demo.t | ||
03-XSS-protection.t | ||
19-Auth-Null.t | ||
20-Auth-and-password-DBI-dynamic-hash.t | ||
20-Auth-and-password-DBI.t | ||
20-Auth-DBI-utf8.t | ||
21-Auth-and-password-LDAP.t | ||
21-Auth-LDAP-utf8.t | ||
22-Auth-and-password-AD.t | ||
23-Auth-and-password-REST.t | ||
24-AuthApache.t | ||
24-AuthKerberos.t | ||
25-AuthSlave.t | ||
26-AuthRemote.t | ||
27-AuthProxy.t | ||
28-AuthChoice-and-password.t | ||
28-AuthChoice-with-rules.t | ||
29-AuthSSL.t | ||
30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t | ||
30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t | ||
30-Auth-and-issuer-SAML-Metadata.t | ||
30-Auth-and-issuer-SAML-POST-IdP-initiated.t | ||
30-Auth-and-issuer-SAML-POST.t | ||
30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t | ||
30-Auth-and-issuer-SAML-Redirect.t | ||
30-Auth-SAML-with-choice.t | ||
30-CDC.t | ||
30-SAML-Head-to-Tail-POST.t | ||
30-SAML-ReAuth-with-choice.t | ||
30-SAML-ReAuth.t | ||
30-SAML-SP-rule.t | ||
31-Auth-and-issuer-CAS-declared-app.t | ||
31-Auth-and-issuer-CAS-default.t | ||
31-Auth-and-issuer-CAS-gateway.t | ||
31-Auth-and-issuer-CAS-proxied.t | ||
31-Auth-and-issuer-CAS-with-choice-and-cancel.t | ||
31-Auth-and-issuer-CAS-with-choice.t | ||
32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t | ||
32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t | ||
32-Auth-and-issuer-OIDC-authorization_code.t | ||
32-Auth-and-issuer-OIDC-hybrid.t | ||
32-Auth-and-issuer-OIDC-implicit.t | ||
32-OIDC-RP-rule.t | ||
33-Auth-and-issuer-OpenID2.t | ||
34-Auth-Proxy-and-REST-Server.t | ||
34-Auth-Proxy-and-SOAP-Server.t | ||
35-My-session.t | ||
35-REST-config-backend.t | ||
35-REST-sessions-with-REST-server.t | ||
35-SOAP-config-backend.t | ||
35-SOAP-sessions-with-SOAP-server.t | ||
36-Combination-Kerberos-or-Demo.t | ||
36-Combination-with-over.t | ||
36-Combination-with-token.t | ||
36-Combination.t | ||
37-CAS-App-to-SAML-IdP-POST.t | ||
37-Logout-from-OIDC-RP-to-SAML-SP.t | ||
37-OIDC-RP-to-SAML-IdP-GET.t | ||
37-OIDC-RP-to-SAML-IdP-POST.t | ||
37-SAML-SP-GET-to-OIDC-OP.t | ||
37-SAML-SP-POST-to-CAS-server-with-Choice.t | ||
37-SAML-SP-POST-to-CAS-server.t | ||
37-SAML-SP-POST-to-OIDC-OP.t | ||
40-Notifications-JSON-DBI.t | ||
40-Notifications-JSON-File-with-token.t | ||
40-Notifications-JSON-File.t | ||
40-Notifications-JSON-Server.t | ||
40-Notifications-XML-DBI.t | ||
40-Notifications-XML-File.t | ||
40-Notifications-XML-Server.t | ||
41-Captcha.t | ||
41-Token.t | ||
42-Register-Demo-with-captcha.t | ||
42-Register-Demo-with-token.t | ||
42-Register-Demo.t | ||
42-Register-LDAP.t | ||
43-MailReset-DBI.t | ||
43-MailReset-LDAP.t | ||
43-MailReset-with-captcha.t | ||
43-MailReset-with-token.t | ||
43-MailReset.t | ||
50-IssuerGet.t | ||
60-Status.t | ||
61-BruteForceProtection.t | ||
61-ForceAuthn.t | ||
61-GrantSession.t | ||
62-SingleSession.t | ||
63-History.t | ||
64-StayConnected.t | ||
65-AutoSignin.t | ||
66-CDA-already-auth.t | ||
66-CDA-with-REST.t | ||
66-CDA-with-SOAP.t | ||
66-CDA.t | ||
70-2F-TOTP_8.t | ||
70-2F-TOTP-with-HISTORY.t | ||
70-2F-TOTP.t | ||
71-2F-U2F-with-HISTORY.t | ||
71-2F-U2F.t | ||
72-2F-REST-with-HISTORY.t | ||
73-2F-UTOTP-TOTP-and-U2F-with-HISTORY.t | ||
73-2F-UTOTP-TOTP-and-U2F.t | ||
73-2F-UTOTP-TOTP-only-with-HISTORY.t | ||
73-2F-UTOTP-TOTP-only.t | ||
74-2F-Required.t | ||
75-2F-Registers.t | ||
76-2F-Ext-with-BruteForce.t | ||
76-2F-Ext-with-GrantSession.t | ||
76-2F-Ext-with-HISTORY.t | ||
90-Translations.t | ||
99-pod.t | ||
lmConf-1.json | ||
pdata.pm | ||
README.md | ||
saml-lib.pm | ||
sendOTP.pl | ||
smtp.pm | ||
test-ldap.pm | ||
test-lib.pm | ||
test-psgi.pm | ||
vrfyOTP.pl |
NAME
test-lib.pm - Test framework for LLNG portal
SYNOPSIS
use Test::More;
use strict;
use IO::String;
require 't/test-lib.pm';
my $res;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
#...
}
}
);
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23
),
'Auth query'
);
count(1);
expectOK($res);
my $id = expectCookie($res);
clean_sessions();
done_testing( count() );
DESCRIPTION
This test library permits to simulate browser navigation.
Functions
In these functions, $res
is the result of a LLNG::Manager::Test::_get()
or
LLNG::Manager::Test::_post()
call (see below).
count($inc)
Returns number of tests done. Increment test number if an argument is given
explain( $result, $expected_result )
Used to display error if test fails:
ok( $res->[0] == 302, 'Get redirection' ) or
explain( $res->[0], 302 );
clean_sessions()
Clean sessions created during tests
expectRedirection( $res, $location )
Verify that request result is a redirection to $location. $location can be:
-
a string: location must match exactly
-
a regexp: location must match this regexp. In this case, the list of matching strings are returned. Example:
my( $uri, $query ) = expectRedirection( $res, qr#http://host(/[^\?]*)?(.*)$# );
expectAutoPost(@args)
Same behaviour as expectForm()
but verify also that form method is post.
TODO: verify javascript
expectForm( $res, $hostRe, $uriRe, @requiredFields )
Verify form in HTML result and return ( $host, $uri, $query, $method ):
- verify that a GET/POST form exists
- if a $hostRe regexp is given, verify that form target matches and populates $host. Skipped if $hostRe eq "#"
- if a $uriRe regexp is given, verify that form target matches and populates $uri
- if @requiredFields exists, verify that each element is an input name
- build form-url-encoded string looking at parameters/values and store it in $query
expectAuthenticatedAs($user)
Verify that result has a Lm-Remote-User
header and value is $user
expectOK($res)
Verify that returned code is 200
expectBadRequest($res)
Verify that returned code is 400. Note that it works only for Ajax request (see below).
expectReject( $res, $code )
Verify that returned code is 401 and JSON result contains error:"$code"
.
Note that it works only for Ajax request (see below).
expectCookie( $res, $cookieName )
Check if a Set-Cookie
exists and set a cookie named $cookieName. Return
its value.
exceptCspFormOK( $res, $host )
Verify that Content-Security-Policy
header allows to connect to $host.
getCookies($res)
Returns an hash ref with names => values of cookies set by server.
getHeader( $res, $hname )
Returns value of first header named $hname in $res response.
getRedirection($res)
Returns value of Location
header.
getUser($res)
Returns value of Lm-Remote-User
header.
LLNG::Manager::Test Class
Accessors
- app: built application
- class: class to test (default Lemonldap::NG::Portal::Main)
- p: portal object
- ini: initialization parameters ($defaultIni values + given parameters)
Methods
logout($id)
Launch a /?logout=1
request an test:
- if response is 200
- if cookie 'lemonldap' and 'lemonldappdata' have no value
- if a GET request with previous cookie value ($i) is rejected
_get( $path, %args )
Simulates a GET requests to $path. Accepted arguments:
- accept: accepted content, default to Ajax request. Use 'text/html'
to test content (to launch a
expectForm()
for example). - cookie: full cookie string
- custom: additional headers (hash ref only)
- ip: remote address. Default to 127.0.0.1
- method: default to GET. Only GET/DELETE values are acceptable
(use
_post()
if you want to launch a POST/PUT request) - query: query string
- referer
- remote_user: REMOTE_USER header value
_post( $path, $body, %args )
Same as _get
except that a body is required. $body must be a file handle.
Example with IO::String:
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23
),
'Auth query'
);
_delete( $path, %args )
Call _get()
with method set to DELETE.
_put( $path, $body, %args )
Call _post()
with method set to PUT