| .. | ||
| gpghome | ||
| lib/Lemonldap/NG/Portal/Auth | ||
| sessions | ||
| sessions2 | ||
| testslapd | ||
| 01-AuthDemo.t | ||
| 01-pdata.t | ||
| 02-Password-Demo.t | ||
| 03-XSS-protection.t | ||
| 19-Auth-Null.t | ||
| 20-Auth-and-password-DBI-dynamic-hash.t | ||
| 20-Auth-and-password-DBI.t | ||
| 20-Auth-DBI-utf8.t | ||
| 21-Auth-and-password-LDAP.t | ||
| 21-Auth-LDAP-Policy.t | ||
| 21-Auth-LDAP-utf8.t | ||
| 22-Auth-and-password-AD.t | ||
| 23-Auth-and-password-REST.t | ||
| 24-AuthApache.t | ||
| 24-AuthKerberos.t | ||
| 25-AuthSlave.t | ||
| 26-AuthRemote.t | ||
| 27-AuthProxy.t | ||
| 28-AuthChoice-and-password.t | ||
| 28-AuthChoice-with-rules.t | ||
| 29-AuthGPG.t | ||
| 29-AuthSSL.t | ||
| 30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t | ||
| 30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t | ||
| 30-Auth-and-issuer-SAML-Metadata.t | ||
| 30-Auth-and-issuer-SAML-POST-IdP-initiated.t | ||
| 30-Auth-and-issuer-SAML-POST-Missing-SLO.t | ||
| 30-Auth-and-issuer-SAML-POST.t | ||
| 30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t | ||
| 30-Auth-and-issuer-SAML-Redirect.t | ||
| 30-Auth-SAML-with-choice.t | ||
| 30-CDC.t | ||
| 30-SAML-Head-to-Tail-POST.t | ||
| 30-SAML-ReAuth-with-choice.t | ||
| 30-SAML-ReAuth.t | ||
| 30-SAML-SP-rule.t | ||
| 31-Auth-and-issuer-CAS-declared-app.t | ||
| 31-Auth-and-issuer-CAS-default.t | ||
| 31-Auth-and-issuer-CAS-gateway.t | ||
| 31-Auth-and-issuer-CAS-proxied.t | ||
| 31-Auth-and-issuer-CAS-with-choice-and-cancel.t | ||
| 31-Auth-and-issuer-CAS-with-choice.t | ||
| 32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t | ||
| 32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t | ||
| 32-Auth-and-issuer-OIDC-authorization_code.t | ||
| 32-Auth-and-issuer-OIDC-hybrid.t | ||
| 32-Auth-and-issuer-OIDC-implicit.t | ||
| 32-OIDC-RP-rule.t | ||
| 33-Auth-and-issuer-OpenID2.t | ||
| 34-Auth-Proxy-and-REST-Server.t | ||
| 34-Auth-Proxy-and-SOAP-Server.t | ||
| 35-My-session.t | ||
| 35-REST-config-backend.t | ||
| 35-REST-sessions-with-REST-server.t | ||
| 35-SOAP-config-backend.t | ||
| 35-SOAP-sessions-with-SOAP-server.t | ||
| 36-Combination-Kerberos-or-Demo.t | ||
| 36-Combination-with-over.t | ||
| 36-Combination-with-token.t | ||
| 36-Combination.t | ||
| 37-CAS-App-to-SAML-IdP-POST-with-WAYF.t | ||
| 37-CAS-App-to-SAML-IdP-POST.t | ||
| 37-Logout-from-OIDC-RP-to-SAML-SP.t | ||
| 37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t | ||
| 37-OIDC-RP-to-SAML-IdP-GET.t | ||
| 37-OIDC-RP-to-SAML-IdP-POST.t | ||
| 37-SAML-SP-GET-to-OIDC-OP.t | ||
| 37-SAML-SP-POST-to-CAS-server-with-Choice.t | ||
| 37-SAML-SP-POST-to-CAS-server.t | ||
| 37-SAML-SP-POST-to-OIDC-OP.t | ||
| 40-Notifications-JSON-DBI.t | ||
| 40-Notifications-JSON-File-with-token.t | ||
| 40-Notifications-JSON-File.t | ||
| 40-Notifications-JSON-Server.t | ||
| 40-Notifications-XML-DBI.t | ||
| 40-Notifications-XML-File.t | ||
| 40-Notifications-XML-Server.t | ||
| 41-Captcha.t | ||
| 41-Token.t | ||
| 42-Register-Demo-with-captcha.t | ||
| 42-Register-Demo-with-token.t | ||
| 42-Register-Demo.t | ||
| 42-Register-LDAP.t | ||
| 43-MailPasswordReset-Choice.t | ||
| 43-MailPasswordReset-DBI.t | ||
| 43-MailPasswordReset-LDAP.t | ||
| 43-MailPasswordReset-with-captcha.t | ||
| 43-MailPasswordReset-with-token.t | ||
| 43-MailPasswordReset.t | ||
| 50-IssuerGet.t | ||
| 60-Status.t | ||
| 61-BruteForceProtection.t | ||
| 61-ForceAuthn.t | ||
| 61-GrantSession.t | ||
| 61-Session-ActivityTimeout.t | ||
| 61-Session-Timeout.t | ||
| 62-SingleSession.t | ||
| 63-History.t | ||
| 64-StayConnected.t | ||
| 65-AutoSignin.t | ||
| 66-CDA-already-auth.t | ||
| 66-CDA-with-REST.t | ||
| 66-CDA-with-SOAP.t | ||
| 66-CDA.t | ||
| 67-CheckUser-with-token.t | ||
| 67-CheckUser.t | ||
| 68-Impersonation-with-merge.t | ||
| 68-Impersonation.t | ||
| 70-2F-TOTP_8.t | ||
| 70-2F-TOTP-with-History.t | ||
| 70-2F-TOTP.t | ||
| 71-2F-U2F-with-History.t | ||
| 71-2F-U2F.t | ||
| 72-2F-REST-with-HISTORY.t | ||
| 73-2F-UTOTP-TOTP-and-U2F-with-History.t | ||
| 73-2F-UTOTP-TOTP-and-U2F.t | ||
| 73-2F-UTOTP-TOTP-only-with-History.t | ||
| 73-2F-UTOTP-TOTP-only.t | ||
| 74-2F-Required.t | ||
| 75-2F-Registers.t | ||
| 76-2F-Ext-with-BruteForce.t | ||
| 76-2F-Ext-with-CodeActivation.t | ||
| 76-2F-Ext-with-GrantSession.t | ||
| 76-2F-Ext-with-History.t | ||
| 77-2F-Mail.t | ||
| 90-Translations.t | ||
| 99-pod.t | ||
| lmConf-1.json | ||
| pdata.pm | ||
| README.md | ||
| saml-lib.pm | ||
| sendCode.pl | ||
| sendOTP.pl | ||
| smtp.pm | ||
| test-ldap.pm | ||
| test-lib.pm | ||
| test-psgi.pm | ||
| vrfyOTP.pl | ||
NAME
test-lib.pm - Test framework for LLNG portal
SYNOPSIS
use Test::More;
use strict;
use IO::String;
require 't/test-lib.pm';
my $res;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
#...
}
}
);
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23
),
'Auth query'
);
count(1);
expectOK($res);
my $id = expectCookie($res);
clean_sessions();
done_testing( count() );
DESCRIPTION
This test library permits to simulate browser navigation.
Functions
In these functions, $res is the result of a LLNG::Manager::Test::_get() or
LLNG::Manager::Test::_post() call (see below).
count($inc)
Returns number of tests done. Increment test number if an argument is given
explain( $result, $expected_result )
Used to display error if test fails:
ok( $res->[0] == 302, 'Get redirection' ) or
explain( $res->[0], 302 );
clean_sessions()
Clean sessions created during tests
expectRedirection( $res, $location )
Verify that request result is a redirection to $location. $location can be:
-
a string: location must match exactly
-
a regexp: location must match this regexp. In this case, the list of matching strings are returned. Example:
my( $uri, $query ) = expectRedirection( $res, qr#http://host(/[^\?]*)?(.*)$# );
expectAutoPost(@args)
Same behaviour as expectForm() but verify also that form method is post.
TODO: verify javascript
expectForm( $res, $hostRe, $uriRe, @requiredFields )
Verify form in HTML result and return ( $host, $uri, $query, $method ):
- verify that a GET/POST form exists
- if a $hostRe regexp is given, verify that form target matches and populates $host. Skipped if $hostRe eq "#"
- if a $uriRe regexp is given, verify that form target matches and populates $uri
- if @requiredFields exists, verify that each element is an input name
- build form-url-encoded string looking at parameters/values and store it in $query
expectAuthenticatedAs($user)
Verify that result has a Lm-Remote-User header and value is $user
expectOK($res)
Verify that returned code is 200
expectBadRequest($res)
Verify that returned code is 400. Note that it works only for Ajax request (see below).
expectReject( $res, $code )
Verify that returned code is 401 and JSON result contains error:"$code".
Note that it works only for Ajax request (see below).
expectCookie( $res, $cookieName )
Check if a Set-Cookie exists and set a cookie named $cookieName. Return
its value.
exceptCspFormOK( $res, $host )
Verify that Content-Security-Policy header allows to connect to $host.
getCookies($res)
Returns an hash ref with names => values of cookies set by server.
getHeader( $res, $hname )
Returns value of first header named $hname in $res response.
getRedirection($res)
Returns value of Location header.
getUser($res)
Returns value of Lm-Remote-User header.
LLNG::Manager::Test Class
Accessors
- app: built application
- class: class to test (default Lemonldap::NG::Portal::Main)
- p: portal object
- ini: initialization parameters ($defaultIni values + given parameters)
Methods
logout($id)
Launch a /?logout=1 request an test:
- if response is 200
- if cookie 'lemonldap' and 'lemonldappdata' have no value
- if a GET request with previous cookie value ($i) is rejected
_get( $path, %args )
Simulates a GET requests to $path. Accepted arguments:
- accept: accepted content, default to Ajax request. Use 'text/html'
to test content (to launch a
expectForm()for example). - cookie: full cookie string
- custom: additional headers (hash ref only)
- ip: remote address. Default to 127.0.0.1
- method: default to GET. Only GET/DELETE values are acceptable
(use
_post()if you want to launch a POST/PUT request) - query: query string
- referer
- remote_user: REMOTE_USER header value
_post( $path, $body, %args )
Same as _get except that a body is required. $body must be a file handle.
Example with IO::String:
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=dwho'),
length => 23
),
'Auth query'
);
_delete( $path, %args )
Call _get() with method set to DELETE.
_put( $path, $body, %args )
Call _post() with method set to PUT