dani
/
lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lemonldap-ng/lemonldap-ng-portal/t/66-CDA-wildcard.t

169 lines
4.8 KiB
Perl
Raw Blame History

use Test::More;
use strict;
use IO::String;
use Lemonldap::NG::Portal::Main::Constants qw(
PE_FIRSTACCESS
);
require 't/test-lib.pm';
sub validate_cda {
my ( $client, $query, $domain, $expectedUser ) = @_;
# Initialize handler
use_ok('Lemonldap::NG::Handler::Server');
use_ok('Lemonldap::NG::Common::PSGI::Cli::Lib');
count(2);
my ( $cli, $app, $res );
ok( $app = Lemonldap::NG::Handler::Server->run( $client->ini ), 'App' );
count(1);
ok(
$res = $app->( {
'HTTP_ACCEPT' => 'text/html',
'SCRIPT_NAME' => '/',
'SERVER_NAME' => '127.0.0.1',
'QUERY_STRING' => $query,
'HTTP_CACHE_CONTROL' => 'max-age=0',
'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
'PATH_INFO' => '/',
'REQUEST_METHOD' => 'GET',
'REQUEST_URI' => "/?$query",
'X_ORIGINAL_URI' => "/?$query",
'SERVER_PORT' => '80',
'SERVER_PROTOCOL' => 'HTTP/1.1',
'HTTP_USER_AGENT' =>
'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
'REMOTE_ADDR' => '127.0.0.1',
'HTTP_HOST' => $domain,
'VHOSTTYPE' => 'CDA',
}
),
'Push cda cookie'
);
count(1);
expectRedirection( $res, "http://$domain/" );
my $cid = expectCookie($res);
ok(
$res = $app->( {
'HTTP_ACCEPT' => 'text/html',
'SCRIPT_NAME' => '/',
'SERVER_NAME' => '127.0.0.1',
'HTTP_COOKIE' => "lemonldap=$cid",
'HTTP_CACHE_CONTROL' => 'max-age=0',
'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
'PATH_INFO' => '/',
'REQUEST_METHOD' => 'GET',
'REQUEST_URI' => "/",
'X_ORIGINAL_URI' => "/",
'SERVER_PORT' => '80',
'SERVER_PROTOCOL' => 'HTTP/1.1',
'HTTP_USER_AGENT' =>
'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
'REMOTE_ADDR' => '127.0.0.1',
'HTTP_HOST' => $domain,
'VHOSTTYPE' => 'CDA',
}
),
'Authenticated query'
);
count(1);
expectOK($res);
expectAuthenticatedAs( $res, $expectedUser );
}
my $res;
my $client = LLNG::Manager::Test->new( {
ini => {
logLevel => 'error',
useSafeJail => 1,
cda => 1,
logger => 'Lemonldap::NG::Common::Logger::Std',
}
}
);
# CDA with unauthentified user
ok(
$res = $client->_get(
'/',
query => 'url=' . encodeUrl('http://cda.example.llng/'),
accept => 'text/html',
),
'Unauth CDA request'
);
my ( $host, $url, $query ) = expectForm( $res, undef, undef, 'url' );
count(1);
# Authentification
$query .= '&user=dwho&password=dwho';
ok(
$res = $client->_post(
'/' => IO::String->new($query),
length => length($query),
accept => 'text/html',
),
'Post credentials'
);
count(1);
($query) =
expectRedirection( $res, qr#^http://cda.example.llng/\?(lemonldapcda=.*)$# );
my $id = expectCookie($res);
# Check that *.example.llng allows subdomains
ok(
$res = $client->_get(
'/',
cookie => "lemonldap=$id",
query => 'url=' . encodeUrl('http://sub-domain.cda.example.llng/'),
accept => 'text/html',
),
'CDA request to subdomain'
);
count(1);
my ($querytosub) = expectRedirection( $res,
qr#^http://sub-domain.cda.example.llng/\?(lemonldapcda=.*)$# );
# Check that %.oneonly.llng rejects subdomains
ok(
$res = $client->_get(
'/',
cookie => "lemonldap=$id",
query => 'url=' . encodeUrl('http://sub-domain.cda.oneonly.llng/'),
accept => 'text/html',
),
'CDA request to subdomain'
);
count(1);
expectPortalError( $res, 37, "Subdomain CDA request not allowed by wildcard" );
# Check that %.oneonly.llng allows one-level domains
ok(
$res = $client->_get(
'/',
cookie => "lemonldap=$id",
query => 'url=' . encodeUrl('http://cda.oneonly.llng/'),
accept => 'text/html',
),
'CDA request to one-level wildcard'
);
count(1);
my ($querytoone) =
expectRedirection( $res, qr#^http://cda.oneonly.llng/\?(lemonldapcda=.*)$# );
validate_cda( $client, $querytosub, 'sub-domain.cda.example.llng', 'dwho' );
validate_cda( $client, $query, 'cda.example.llng', 'dwho' );
validate_cda( $client, $querytoone, 'cda.oneonly.llng', 'dwho' );
clean_sessions();
done_testing( count() );
Reference in New Issue View Git Blame Copy Permalink