Verify "mysession" (#970)

8 years ago · 82d39edc42
parent 3b44c4924f
commit 82d39edc42
4 changed files with 76 additions and 4 deletions
--- a/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
+++ b/lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Main/Run.pm
@ -244,7 +244,12 @@ sub grant {
    return $cond->($session) if ($cond);

    $vhost ||= $class->resolveAlias;
-    for ( my $i = 0 ; $i < $class->tsv->{locationCount}->{$vhost} ; $i++ ) {
+    for (
+        my $i = 0 ;
+        $i < ( $class->tsv->{locationCount}->{$vhost} || 0 ) ;
+        $i++
+      )
+    {
        if ( $uri =~ $class->tsv->{locationRegexp}->{$vhost}->[$i] ) {
            $class->logger->debug( 'Regexp "'
                  . $class->tsv->{locationConditionText}->{$vhost}->[$i]
--- a/lemonldap-ng-portal/MANIFEST
+++ b/lemonldap-ng-portal/MANIFEST
@ -309,6 +309,7 @@ t/32-Auth-and-issuer-OIDC-implicit.t
 t/33-Auth-and-issuer-OpenID2.t
 t/34-Auth-Proxy-and-REST-Server.t
 t/34-Auth-Proxy-and-SOAP-Server.t
+t/35-My-session.t
 t/35-REST-config-backend.t
 t/35-REST-sessions-with-REST-server.t
 t/35-SOAP-config-backend.t
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/RESTServer.pm
@ -297,14 +297,15 @@ sub mysession {
          if ( $self->p->checkXSSAttack( 'authorizationfor', $req->urldc ) );

        # Split URL
-        my ( $host, $uri ) = ( $url =~ m#^https?://([^/]+)(/.*)?$# );
-        return $self->p->sendError( $req, 'Bad URL', 400 ) unless ($host);
+        my ( $host, $uri ) = ( $req->urldc =~ m#^https?://([^/]+)(/.*)?$# );
+        $uri ||= '/';
+        return $self->p->sendError( $req, "Bad URL $req->{urldc}", 400 ) unless ($host);

        $self->logger->debug("Looking for authorization for $url");

        # Now check for authorization
        my $res =
-          $self->p->HANDLER->grant( $req->userDatas, $uri, undef, $host );
+          $self->p->HANDLER->grant( $req->userData, $uri, undef, $host );
        $self->logger->debug(" Result is $res");
        return $self->p->sendJSONresponse( $req, { result => $res } );
    }
--- a/lemonldap-ng-portal/t/35-My-session.t
+++ b/lemonldap-ng-portal/t/35-My-session.t
@ -0,0 +1,65 @@
+use Test::More;
+use strict;
+use IO::String;
+
+BEGIN {
+    require 't/test-lib.pm';
+}
+
+my ( $client, $res, $id );
+
+$client = LLNG::Manager::Test->new(
+    { ini => { logLevel => 'error', restSessionServer => 0, }, } );
+
+# Try to authenticate
+# -------------------
+ok(
+    $res = $client->_post(
+        '/',
+        IO::String->new('user=dwho&password=dwho'),
+        length => 23
+    ),
+    'Auth query'
+);
+count(1);
+expectOK($res);
+$id = expectCookie($res);
+
+# Test mysession endpoint
+ok(
+    $res = $client->_get(
+        '/mysession',
+        query  => 'authorizationfor=aHR0cDovL3Rlc3QxLmV4YW1wbGUuY29t',
+        cookie => "lemonldap=$id"
+    ),
+    'Check for test1'
+);
+count(1);
+expectOK($res);
+$res = eval { JSON::from_json( $res->[2]->[0] ) };
+if ($@) {
+    fail("Bad JSON response: $@");
+    count(1);
+}
+ok( $res->{result} == 1, ' http//test1.example.com is ganted' );
+count(1);
+
+ok(
+    $res = $client->_get(
+        '/mysession',
+        query  => 'authorizationfor=aHR0cDovL3Rlc3Q0LmV4YW1wbGUuY29t',
+        cookie => "lemonldap=$id"
+    ),
+    'Check for test1'
+);
+count(1);
+expectOK($res);
+
+# Test logout
+$client->logout($id);
+
+#print STDERR Dumper($res);
+
+clean_sessions();
+
+done_testing( count() );