worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Send service headers to protected applications & Improve unit test (#2030)

Browse Source
merge-requests/133/head
Christophe Maudoux 6 years ago
parent 1a5daf324b
commit d20c5efb35
3 changed files with 209 additions and 18 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 6
      lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
  2. 191
      lemonldap-ng-handler/t/65-Lemonldap-NG-Handler-Nginx-ServiceToken.t
  3. 30
      lemonldap-ng-handler/t/65-Lemonldap-NG-Handler-PSGI-ServiceToken.t

6
lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/ServiceToken.pm
Unescape View File

@ -56,10 +56,10 @@ sub fetchId {
return 0;
}
# Send service headers if exist
# Send service headers to protected application if exist
if (%serviceHeaders) {
$class->logger->debug("Append service header(s)...");
$class->set_header_out( $req, %serviceHeaders );
$class->userLogger->info("Append service header(s)...");
$class->set_header_in( $req, %serviceHeaders );
}
return $_session_id;

191
lemonldap-ng-handler/t/65-Lemonldap-NG-Handler-Nginx-ServiceToken.t
Unescape View File

@ -0,0 +1,191 @@
use Test::More;
BEGIN {
require 't/test-psgi-lib.pm';
}
init(
'Lemonldap::NG::Handler::Server::Nginx',
{
logLevel => 'error',
handlerServiceTokenTTL => 120,
vhostOptions => {
'test1.example.com' => {
vhostHttps => 0,
vhostPort => 80,
vhostMaintenance => 0,
vhostServiceTokenTTL => 180,
},
'test2.example.com' => {
vhostHttps => 0,
vhostPort => 80,
vhostMaintenance => 0,
vhostServiceTokenTTL => 300,
}
},
exportedHeaders => {
'test2.example.com' => {
'Auth-User' => '$uid',
'empty' => undef,
'zero' => "'0'",
},
}
}
);
my $res;
my $crypt = Lemonldap::NG::Common::Crypto->new('qwertyui');
my $token = $crypt->encrypt(
join ':', time,
$sessionId, 'test1.example.com',
'XFromVH=app1-auth.example.com', "serviceHeader1=$sessionId",
"serviceHeader2=$sessionId", 'test2.example.com',
'*.example.com'
);
ok(
$res = $client->_get(
'/', undef, 'test1.example.com', "lemonldap=$sessionId",
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 1'
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2);
my %headers = @{ $res->[1] };
ok( $header{cookie} eq '', 'NO cookie found' )
or print STDERR Data::Dumper::Dumper( \%headers );
my @headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
my @values = grep { /\.example\.com|^$sessionId$/ } @{ $res->[1] };
ok( @headers == 6, 'Found 6 service headers' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
ok( @values == 6, 'Found 6 service header values' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(3);
# Waiting
Time::Fake->offset("+90s");
ok(
$res = $client->_get(
'/', undef, 'test1.example.com', undef,
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 2'
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2);
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
@values = grep { /\.example\.com|^$sessionId$/ } @{ $res->[1] };
ok( @headers == 6, 'Found 6 service headers' )
or print STDERR Data::Dumper::Dumper($res);
ok( @values == 6, 'Found 6 service header values' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
# Waiting
Time::Fake->offset("+210s");
ok(
$res = $client->_get(
'/', undef, 'test1.example.com', undef,
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 3'
);
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 );
count(2);
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
# Waiting
Time::Fake->offset("+270s");
ok(
$res = $client->_get(
'/', undef, 'test2.example.com', undef,
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 4'
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2);
my %headers = @{ $res->[1] };
ok( $headers{'zero'} eq '0', 'Found "zero" header with "0"' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
ok( $headers{'empty'} eq '', 'Found "empty" header without value' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
@values = grep { /\.example\.com|^$sessionId$/ } @{ $res->[1] };
ok( @headers == 6, 'Found 6 service headers' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
ok( @values == 6, 'Found 6 service header values' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
# Waiting
Time::Fake->offset("+330s");
ok(
$res = $client->_get(
'/', undef, 'test2.example.com', undef,
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 5'
);
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 );
count(2);
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
ok(
$res = $client->_get(
'/', undef, 'test3.example.com', undef,
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 6'
);
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 );
count(2);
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
$token = $crypt->encrypt( join ':', time, $sessionId );
ok(
$res = $client->_get(
'/', undef, 'test2.example.com', undef,
VHOSTTYPE => 'ServiceToken',
'HTTP_X_LLNG_TOKEN' => $token,
),
'Query with token 7'
);
ok( $res->[0] == 401, 'Code is 401' ) or explain( $res->[0], 401 );
count(2);
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
done_testing( count() );
clean();

30
lemonldap-ng-handler/t/65-Lemonldap-NG-Handler-PSGI-ServiceToken.t
Unescape View File

@ -38,7 +38,7 @@ my $crypt = Lemonldap::NG::Common::Crypto->new('qwertyui');
my $token = $crypt->encrypt(
join ':', time,
$sessionId, 'test1.example.com',
'XFromVH=app1-auth.example.com', "serviceHeader1=$sessionId",
'XFromVH=app1-auth.example.com', "serviceHeader1=$sessionId","serviceHeader2=$sessionId",
'test2.example.com', '*.example.com'
);
@ -53,11 +53,11 @@ ok(
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2);
my @headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
my @headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
my @values = grep { /\.example\.com|^$sessionId$/ } @{ $res->[1] };
ok( @headers == 2, 'Found 2 service headers' )
ok( @headers == 3, 'Found 3 service headers' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
ok( @values == 2, 'Found 2 service header values' )
ok( @values == 3, 'Found 3 service header values' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
@ -75,11 +75,11 @@ ok(
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res->[0], 200 );
count(2);
@headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
@values = grep { /\.example\.com|^$sessionId$/ } @{ $res->[1] };
ok( @headers == 2, 'Found 2 service headers' )
ok( @headers == 3, 'Found 3 service headers' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
ok( @values == 2, 'Found 2 service header values' )
ok( @values == 3, 'Found 3 service header values' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
@ -94,10 +94,10 @@ ok(
),
'Query with token 3'
);
ok( $res->[0] == 302, 'Code is 200' ) or explain( $res->[0], 302 );
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
count(2);
@headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
@ -123,11 +123,11 @@ ok( $headers{'empty'} eq '', 'Found "empty" header without value' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
@headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
@values = grep { /\.example\.com|^$sessionId$/ } @{ $res->[1] };
ok( @headers == 2, 'Found 2 service headers' )
ok( @headers == 3, 'Found 3 service headers' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
ok( @values == 2, 'Found 2 service header values' )
ok( @values == 3, 'Found 3 service header values' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(2);
@ -145,7 +145,7 @@ ok(
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
count(2);
@headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
@ -161,7 +161,7 @@ ok(
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
count(2);
@headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);
@ -178,7 +178,7 @@ ok(
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
count(2);
@headers = grep { /service|^XFromVH$/ } @{ $res->[1] };
@headers = grep { /^serviceHeader\d$|^XFromVH$/ } @{ $res->[1] };
ok( @headers == 0, 'NONE service header found' )
or print STDERR Data::Dumper::Dumper( $res->[1] );
count(1);

Write Preview
Loading…
Cancel
Save