Improve unit test (#2276)

5 years ago · 525eab006d
parent 8b6ab584cf
commit 525eab006d
2 changed files with 39 additions and 5 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/BruteForceProtection.pm
@ -48,7 +48,10 @@ sub init {
    if ( $self->conf->{bruteForceProtectionIncrementalTempo} ) {
        my $lockTimes = @{ $self->lockTimes } =
          sort { $a <=> $b }
-          map  { $_ < $self->conf->{bruteForceProtectionMaxLockTime} ? $_ : () }
+          map {
+            $_ =~ s/\D//;
+            $_ < $self->conf->{bruteForceProtectionMaxLockTime} ? $_ : ()
+          }
          grep { /\d+/ }
          split /\s*,\s*/, $self->conf->{bruteForceProtectionLockTimes};

@ -67,7 +70,7 @@ sub init {
            $lockTimes++;
        }

-        if ( $lockTimes > $self->conf->{failedLoginNumber} ) {
+        unless ( $lockTimes < $self->conf->{failedLoginNumber} ) {
            $self->logger->warn(
 'Number of incremental lock time values plus allowed failed logins attempt('
                  . "$lockTimes) is higher than failed logins history ("
--- a/lemonldap-ng-portal/t/61-BruteForceProtection-with-Incremental-lockTimes.t
+++ b/lemonldap-ng-portal/t/61-BruteForceProtection-with-Incremental-lockTimes.t
@ -10,15 +10,16 @@ my $res;

 my $client = LLNG::Manager::Test->new( {
        ini => {
-            logLevel                             => 'error',
+            logLevel                             => 'debug',
            authentication                       => 'Demo',
            userDB                               => 'Same',
            loginHistoryEnabled                  => 1,
            bruteForceProtection                 => 1,
            bruteForceProtectionIncrementalTempo => 1,
-            failedLoginNumber                    => 4,
+            failedLoginNumber                    => 5,
            bruteForceProtectionMaxLockTime      => 300,
-            bruteForceProtectionLockTimes        => '5 500 bad 20 10 ',
+            bruteForceProtectionLockTimes        => '5 , 500, bad ,20, 10 ',
+            bruteForceProtectionMaxFailed        => 2,
        }
    }
 );
@ -38,6 +39,36 @@ my $id = expectCookie($res);
 expectRedirection( $res, 'http://auth.example.com/' );
 $client->logout($id);

+## First allowed failed login
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new('user=dwho&password=ohwd'),
+        length => 23,
+        accept => 'text/html',
+    ),
+    '1st allowed Bad Auth query'
+);
+ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/,
+    'Bad credential' )
+  or print STDERR Dumper( $res->[2]->[0] );
+count(2);
+
+## Second allowed failed login
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new('user=dwho&password=ohwd'),
+        length => 23,
+        accept => 'text/html',
+    ),
+    '2nd allowed Bad Auth query'
+);
+ok( $res->[2]->[0] =~ /<span trmsg="5"><\/span>/,
+    'Bad credential' )
+  or print STDERR Dumper( $res->[2]->[0] );
+count(2);
+
 ## First failed connection
 ok(
    $res = $client->_post(