Christophe Maudoux
7 years ago
parent
c84bc72436
commit
3e65711658
@ -0,0 +1,127 @@ |
||||
use Test::More; |
||||
use strict; |
||||
use IO::String; |
||||
|
||||
require 't/test-lib.pm'; |
||||
my $maintests = 16; |
||||
|
||||
SKIP: { |
||||
eval { require Convert::Base32 }; |
||||
if ($@) { |
||||
skip 'Convert::Base32 is missing', $maintests; |
||||
} |
||||
require Lemonldap::NG::Common::TOTP; |
||||
|
||||
my $client = LLNG::Manager::Test->new( |
||||
{ |
||||
ini => { |
||||
logLevel => 'debug', |
||||
totp2fSelfRegistration => 1, |
||||
totp2fActivation => 1, |
||||
totp2fDigits => 8, |
||||
} |
||||
} |
||||
); |
||||
my $res; |
||||
|
||||
# Try to authenticate |
||||
# ------------------- |
||||
ok( |
||||
$res = $client->_post( |
||||
'/', |
||||
IO::String->new('user=dwho&password=dwho'), |
||||
length => 23 |
||||
), |
||||
'Auth query' |
||||
); |
||||
my $id = expectCookie($res); |
||||
|
||||
# TOTP form |
||||
ok( |
||||
$res = $client->_get( |
||||
'/2fregisters', |
||||
cookie => "lemonldap=$id", |
||||
accept => 'text/html', |
||||
), |
||||
'Form registration' |
||||
); |
||||
expectRedirection( $res, qr#/2fregisters/totp$# ); |
||||
ok( |
||||
$res = $client->_get( |
||||
'/2fregisters/totp', |
||||
cookie => "lemonldap=$id", |
||||
accept => 'text/html', |
||||
), |
||||
'Form registration' |
||||
); |
||||
ok( $res->[2]->[0] =~ /totpregistration\.(?:min\.)?js/, 'Found TOTP js' ); |
||||
|
||||
# JS query |
||||
ok( |
||||
$res = $client->_post( |
||||
'/2fregisters/totp/getkey', IO::String->new(''), |
||||
cookie => "lemonldap=$id", |
||||
length => 0, |
||||
), |
||||
'Get new key' |
||||
); |
||||
eval { $res = JSON::from_json( $res->[2]->[0] ) }; |
||||
ok( not($@), 'Content is JSON' ) |
||||
or explain( $res->[2]->[0], 'JSON content' ); |
||||
my ( $key, $token ); |
||||
ok( $key = $res->{secret}, 'Found secret' ); |
||||
ok( $token = $res->{token}, 'Found token' ); |
||||
$key = Convert::Base32::decode_base32($key); |
||||
|
||||
# Post code |
||||
my $code; |
||||
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ), |
||||
'Code' ); |
||||
ok( $code =~ /^\d{8}$/, 'Code contains 8 digits' ); |
||||
my $s = "code=$code&token=$token"; |
||||
ok( |
||||
$res = $client->_post( |
||||
'/2fregisters/totp/verify', |
||||
IO::String->new($s), |
||||
length => length($s), |
||||
cookie => "lemonldap=$id", |
||||
), |
||||
'Post code' |
||||
); |
||||
eval { $res = JSON::from_json( $res->[2]->[0] ) }; |
||||
ok( not($@), 'Content is JSON' ) |
||||
or explain( $res->[2]->[0], 'JSON content' ); |
||||
ok( $res->{result} == 1, 'Key is registered' ); |
||||
|
||||
# Try to sign-in |
||||
$client->logout($id); |
||||
ok( |
||||
$res = $client->_post( |
||||
'/', |
||||
IO::String->new('user=dwho&password=dwho'), |
||||
length => 23, |
||||
accept => 'text/html', |
||||
), |
||||
'Auth query' |
||||
); |
||||
my ( $host, $url, $query ) = |
||||
expectForm( $res, undef, '/totp2fcheck', 'token' ); |
||||
ok( $code = Lemonldap::NG::Common::TOTP::_code( undef, $key, 0, 30, 8 ), |
||||
'Code' ); |
||||
$query =~ s/code=/code=$code/; |
||||
ok( |
||||
$res = $client->_post( |
||||
'/totp2fcheck', IO::String->new($query), |
||||
length => length($query), |
||||
), |
||||
'Post code' |
||||
); |
||||
$id = expectCookie($res); |
||||
$client->logout($id); |
||||
} |
||||
count($maintests); |
||||
|
||||
clean_sessions(); |
||||
|
||||
done_testing( count() ); |
||||
|
||||
Loading…
Reference in new issue