136 lines
4.5 KiB
Perl
136 lines
4.5 KiB
Perl
use lib 'inc';
|
|
use Test::More;
|
|
use strict;
|
|
use IO::String;
|
|
use LWP::UserAgent;
|
|
use LWP::Protocol::PSGI;
|
|
use MIME::Base64;
|
|
use JSON;
|
|
|
|
BEGIN {
|
|
require 't/test-lib.pm';
|
|
require 't/oidc-lib.pm';
|
|
}
|
|
|
|
my $debug = 'error';
|
|
my $res;
|
|
|
|
# Initialization
|
|
ok( my $op = op(), 'OP portal' );
|
|
|
|
my $register_data = {
|
|
"application_type" => "web",
|
|
"redirect_uris" => [
|
|
"https://client.example.org/callback",
|
|
"https://client.example.org/callback2"
|
|
],
|
|
"client_name" => "My Example",
|
|
"logo_uri" => "https://client.example.org/logo.png",
|
|
"subject_type" => "pairwise",
|
|
"token_endpoint_auth_method" => "client_secret_basic",
|
|
};
|
|
|
|
my $register_data_json = JSON::to_json($register_data);
|
|
|
|
ok(
|
|
$res = $op->_post(
|
|
"/oauth2/register",
|
|
IO::String->new($register_data_json),
|
|
accept => 'application/json',
|
|
length => length($register_data_json),
|
|
),
|
|
"Post register data"
|
|
);
|
|
|
|
ok( $res->[0] == 201, "Return code is 201" );
|
|
my $register_answer = JSON::from_json( $res->[2]->[0] );
|
|
|
|
ok( defined $register_answer->{client_id},
|
|
"Client ID found in answer: " . $register_answer->{client_id} );
|
|
|
|
# New configuration registered
|
|
my $confFile = "$main::tmpDir/lmConf-2.json";
|
|
my $conf = JSON::from_json(`cat $confFile`);
|
|
|
|
# Check saved data
|
|
my $rpId = ( keys %{ $conf->{oidcRPMetaDataOptions} } )[0];
|
|
|
|
ok(
|
|
$conf->{oidcRPMetaDataOptions}->{$rpId}->{oidcRPMetaDataOptionsClientID} eq
|
|
$register_answer->{client_id},
|
|
"Client ID saved in configuration"
|
|
);
|
|
|
|
# Check extra claims and extra attributes
|
|
ok(
|
|
$conf->{oidcRPMetaDataOptionsExtraClaims}->{$rpId}->{"extra_claim"} eq
|
|
"extra_var",
|
|
"Extra claim defined"
|
|
);
|
|
ok( $conf->{oidcRPMetaDataExportedVars}->{$rpId}->{"extra_var"} eq "mail",
|
|
"Extra variable defined" );
|
|
|
|
unlink $confFile;
|
|
clean_sessions();
|
|
done_testing();
|
|
|
|
sub op {
|
|
return LLNG::Manager::Test->new( {
|
|
ini => {
|
|
logLevel => $debug,
|
|
domain => 'idp.com',
|
|
portal => 'http://auth.op.com',
|
|
authentication => 'Demo',
|
|
userDB => 'Same',
|
|
issuerDBOpenIDConnectActivation => 1,
|
|
issuerDBOpenIDConnectRule => '$uid eq "french"',
|
|
oidcRPMetaDataExportedVars => {
|
|
rp => {
|
|
email => "mail",
|
|
family_name => "extract_sn",
|
|
name => "cn"
|
|
}
|
|
},
|
|
oidcServiceDynamicRegistrationExportedVars =>
|
|
{ "extra_var" => "mail" },
|
|
oidcServiceDynamicRegistrationExtraClaims =>
|
|
{ "extra_claim" => "extra_var" },
|
|
oidcServiceAllowHybridFlow => 1,
|
|
oidcServiceAllowImplicitFlow => 1,
|
|
oidcServiceAllowDynamicRegistration => 1,
|
|
oidcServiceAllowAuthorizationCodeFlow => 1,
|
|
oidcRPMetaDataMacros => {
|
|
rp => {
|
|
extract_sn => '(split(/\s/, $cn))[1]',
|
|
}
|
|
},
|
|
oidcRPMetaDataOptions => {
|
|
rp => {
|
|
oidcRPMetaDataOptionsDisplayName => "RP",
|
|
oidcRPMetaDataOptionsIDTokenExpiration => 3600,
|
|
oidcRPMetaDataOptionsClientID => "rpid",
|
|
oidcRPMetaDataOptionsIDTokenSignAlg => "HS512",
|
|
oidcRPMetaDataOptionsBypassConsent => 1,
|
|
oidcRPMetaDataOptionsClientSecret => "rpsecret",
|
|
oidcRPMetaDataOptionsUserIDAttr => "",
|
|
oidcRPMetaDataOptionsAccessTokenExpiration => 3600,
|
|
}
|
|
},
|
|
oidcOPMetaDataOptions => {},
|
|
oidcOPMetaDataJSON => {},
|
|
oidcOPMetaDataJWKS => {},
|
|
oidcServiceMetaDataAuthnContext => {
|
|
'loa-4' => 4,
|
|
'loa-1' => 1,
|
|
'loa-5' => 5,
|
|
'loa-2' => 2,
|
|
'loa-3' => 3
|
|
},
|
|
oidcServicePrivateKeySig => oidc_key_op_private_sig,
|
|
oidcServicePublicKeySig => oidc_key_op_public_sig,
|
|
}
|
|
}
|
|
);
|
|
}
|
|
|