Commit 7234f907 authored by Xavier Guimard's avatar Xavier Guimard

More tests for REST API (#970)

parent 4d8c2546
......@@ -68,6 +68,12 @@ sub session {
}
if ($skey) {
if ( $skey =~ s/^\[(.*)\]$/$1/ ) {
my @sk = split /,/, $skey;
my $res = {};
$res->{$_} = $session{$_} foreach (@sk);
return $self->sendJSONresponse( $req, $res );
}
return $self->sendJSONresponse( $req, $session{$skey} );
}
else {
......
......@@ -128,7 +128,7 @@ sub do {
return $req->response;
}
if ( !$self->conf->{noAjaxHook} and $req->wantJSON ) {
$self->lmLog('Processing to JSON response','debug');
$self->lmLog( 'Processing to JSON response', 'debug' );
if ( $err > 0 and !%{ $req->sessionInfo } ) {
return [
401,
......@@ -170,11 +170,11 @@ sub do {
)
{
my ( $tpl, $prms ) = $self->display($req);
$self->lmLog("Calling sendHtml with template $tpl",'debug');
$self->lmLog( "Calling sendHtml with template $tpl", 'debug' );
return $self->sendHtml( $req, $tpl, params => $prms );
}
else {
$self->lmLog('Calling autoredirect','debug');
$self->lmLog( 'Calling autoredirect', 'debug' );
return $self->autoRedirect($req);
}
}
......@@ -229,7 +229,7 @@ sub autoRedirect {
}
}
my ( $tpl, $prms ) = $self->display($req);
$self->lmLog("Calling sendHtml with template $tpl",'debug');
$self->lmLog( "Calling sendHtml with template $tpl", 'debug' );
return $self->sendHtml( $req, $tpl, params => $prms );
}
......@@ -484,7 +484,8 @@ sub isTrustedUrl {
sub stamp {
my $self = shift;
my $res = $self->conf->{cipher} ? $self->conf->{cipher}->encrypt( time() ) : 1;
my $res =
$self->conf->{cipher} ? $self->conf->{cipher}->encrypt( time() ) : 1;
$res =~ s/\+/%2B/g;
return $res;
}
......
......@@ -4,6 +4,7 @@
# - Sessions (if restSessionServer is on)
# * GET /sessions/<type>/<session-id> : get session datas
# * GET /sessions/<type>/<session-id>/<key> : get a session key value
# * GET /sessions/<type>/<session-id>/[k1,k2] : get some session key value
# * POST /sessions/<type> : create a session
# * PUT /sessions/<type>/<session-id> : update some keys
# * DELETE /adminSessions/<type>/<session-id> : delete a session
......@@ -41,6 +42,36 @@ our $VERSION = '2.0.0';
extends 'Lemonldap::NG::Portal::Main::Plugin';
has exportedAttr => (
is => 'rw',
default => sub {
my $conf = $_[0]->{conf};
if ( $conf->{exportedAttr} and $conf->{exportedAttr} !~ /^\s*\+/ ) {
return [ split /\s+/, $conf->{exportedAttr} ];
}
else {
my @attributes = (
'authenticationLevel', 'groups',
'ipAddr', 'startTime',
'_utime', '_lastSeen',
'_session_id',
);
if ( my $exportedAttr = $conf->{exportedAttr} ) {
$exportedAttr =~ s/^\s*\+\s+//;
@attributes = ( @attributes, split( /\s+/, $exportedAttr ) );
}
# convert @attributes into hash to remove duplicates
my %attributes = map( { $_ => 1 } @attributes );
%attributes =
( %attributes, %{ $conf->{exportedVars} }, %{ $conf->{macros} },
);
return '[' . join( ',', keys %attributes ) . ']';
}
}
);
# INITIALIZATION
sub init {
......@@ -126,7 +157,8 @@ sub newSession {
. $session->data->{ $self->conf->{whatToTrace} },
'debug'
);
return $self->p->sendJSONresponse( $req, { result => 1 } );
return $self->p->sendJSONresponse( $req,
{ result => 1, sessionId => $session->data->{_session_id} } );
}
sub updateSession {
......@@ -161,7 +193,7 @@ sub delSession {
# Delete it
$self->lmLog( "REST request to delete session $id", 'debug' );
my $res = $self->p->_deleteSession($session);
my $res = $self->p->_deleteSession( $req, $session );
$self->lmLog( " Result is $res", 'debug' );
return $self->p->sendJSONresponse( $req, { result => $res } );
}
......@@ -211,7 +243,11 @@ sub mysession {
sub getMyKey {
my ( $self, $req, $key ) = @_;
$self->lmLog( 'Request to get personal session info', 'debug' );
return $self->session( $req, $req->userData->{_session_id}, $key );
return $self->session(
$req,
$req->userData->{_session_id},
$key || $self->exportedAttr
);
}
1;
......@@ -7,7 +7,7 @@ BEGIN {
}
my $debug = 'error';
my ( $issuer, $sp, $res );
my ( $issuer, $sp, $res, $spId, $idpId );
my %handlerOR = ( issuer => [], sp => [] );
ok( $issuer = issuer(), 'Issuer portal' );
......@@ -36,9 +36,117 @@ ok(
'Post user/password'
);
expectRedirection( $res, 'http://auth.sp.com' );
my $spId = expectCookie($res);
$spId = expectCookie($res);
# Test other REST queries
switch ('issuer');
# Session content
ok( $res = $issuer->_get("/sessions/global/$idpId"), 'Session content' );
expectOK($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{_session_id} eq $idpId, ' Good ID' )
or explain( $res, "_session_id => $idpId" );
count(3);
# Session key
ok( $res = $issuer->_get("/sessions/global/$idpId/[_session_id,uid]"),
'Some session keys' );
expectOK($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{_session_id} eq $idpId, ' Good ID' )
or explain( $res, "_session_id => $idpId" );
ok( $res->{uid} eq 'dwho', ' Uid is dwho' ) or explain( $res, 'uid => dwho' );
count(4);
# New session
ok(
$res = $issuer->_post(
'/sessions/global', IO::String->new('{"uid":"zz","_whatToTrace":"zz"}'),
length => 32,
type => 'application/json'
),
'Create session'
);
expectOK($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
my $newId = $res->{sessionId};
# Verify a key
ok( $res = $issuer->_get("/sessions/global/$newId/uid"), 'Verify uid' );
ok( $res->[2]->[0] eq 'zz', ' Uid is good' );
count(4);
# Update a key
ok(
$res = $issuer->app->(
{
HTTP_ACCEPT => 'application/json',
HTTP_ACCEPT_LANGUAGE => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
HTTP_HOST => 'auth.idp.com',
PATH_INFO => "/sessions/global/$newId",
REMOTE_ADDR => '127.0.0.1',
REQUEST_METHOD => 'PUT',
REQUEST_URI => "/sessions/global/$newId",
SCRIPT_NAME => '',
SERVER_NAME => 'auth.example.com',
SERVER_PORT => '80',
SERVER_PROTOCOL => 'HTTP/1.1',
'psgix.input.buffered' => 0,
'psgi.input' => IO::String->new('{"cn":"CN"}'),
CONTENT_TYPE => 'application/json',
CONTENT_LENGTH => 11,
}
),
'Put a new key'
);
expectOK($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{result} == 1, ' Result is 1' );
count(3);
# Verify new key
ok( $res = $issuer->_get("/sessions/global/$newId/cn"), 'Verify cn' );
ok( $res->[2]->[0] eq 'CN', ' CN is good' );
count(2);
# Del new session
ok(
$res = $issuer->app->(
{
HTTP_ACCEPT => 'application/json',
HTTP_ACCEPT_LANGUAGE => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
HTTP_HOST => 'auth.idp.com',
PATH_INFO => "/sessions/global/$newId",
REMOTE_ADDR => '127.0.0.1',
REQUEST_METHOD => 'DELETE',
REQUEST_URI => "/sessions/global/$newId",
SCRIPT_NAME => '',
SERVER_NAME => 'auth.example.com',
SERVER_PORT => '80',
SERVER_PROTOCOL => 'HTTP/1.1',
}
),
'Delete new session'
);
expectOK($res);
ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' )
or print STDERR $@;
ok( $res->{result} == 1, ' Result is 1' );
count(3);
# Verify that session is deleted
ok( $res = $issuer->_get("/sessions/global/$newId/cn"),
'New session is deleted' );
ok( $res->[0] == 400, ' Session does not exist' );
count(2);
# Logout
switch ('sp');
ok(
$res = $sp->_get(
'/',
......@@ -88,7 +196,7 @@ sub LWP::UserAgent::request {
);
count(1);
expectOK($res);
expectCookie($res);
$idpId = expectCookie($res);
}
else {
ok(
......@@ -134,6 +242,8 @@ sub issuer {
authentication => 'Demo',
userDB => 'Demo',
restSessionServer => 1,
restConfigServer => 1,
whatToTrace => '_whatToTrace',
}
}
);
......@@ -150,6 +260,7 @@ sub sp {
userDB => 'Proxy',
proxyAuthService => 'http://auth.idp.com',
proxyUseSoap => 0,
whatToTrace => '_whatToTrace',
},
}
);
......
......@@ -60,14 +60,14 @@ sub expectRedirection {
else {
ok( getRedirection($res) eq $location, " Location is $location" )
or explain( $res->[1], "Location => $location" );
count(1);
count(1);
}
}
sub expectAutoPost {
my @r = expectForm(@_);
my @r = expectForm(@_);
my $method = pop @r;
ok ( $method =~ /^post$/i, ' Method is POST' ) or explain (\@r,'POST');
ok( $method =~ /^post$/i, ' Method is POST' ) or explain( \@r, 'POST' );
count(1);
return @r;
}
......@@ -79,15 +79,15 @@ sub expectForm {
if (
ok(
$res->[2]->[0] =~
m@<form.+?action="(?:http://([^/]+)(/.*?)?|(#))".+method="(post|get)"@is,
m@<form.+?action="(?:http://([^/]+)(/.*?)?|(#))".+method="(post|get)"@is,
' Page contains a form'
)
)
{
my ( $host, $uri, $hash, $method ) = ( $1, $2, $3, $4 );
if($hash and $hash eq '#') {
if ( $hash and $hash eq '#' ) {
$host = '#';
$uri = '';
$uri = '';
}
if ($hostRe) {
if ( ref $hostRe ) {
......@@ -109,8 +109,8 @@ sub expectForm {
}
count(1);
}
my %fields = ( $res->[2]->[0] =~
m#<input.+?name="(.+?)".+?value="(.*?)"#gs );
my %fields =
( $res->[2]->[0] =~ m#<input.+?name="(.+?)".+?value="(.*?)"#gs );
my $query = join( '&',
map { "$_=" . uri_escape( uri_unescape( $fields{$_} ) ) }
keys(%fields) );
......@@ -127,7 +127,8 @@ sub expectForm {
sub expectAuthenticatedAs {
my ( $res, $user ) = @_;
ok( getHeader( $res, 'Lm-Remote-User' ) eq $user, " Authenticated as $user" )
ok( getHeader( $res, 'Lm-Remote-User' ) eq $user,
" Authenticated as $user" )
or explain( $res->[1], "Lm-Remote-User => $user" );
count(1);
}
......@@ -234,10 +235,10 @@ has ini => (
$ini->{$k} //= $defaultIni->{$k};
}
$self->{ini} = $ini;
main::ok($self->{p} = Lemonldap::NG::Portal::Main->new(),'Portal object');
main::ok($self->{p}->init($ini),'Init');
main::ok( $self->{app} = $self->{p}->run(),
'Portal app' );
main::ok( $self->{p} = Lemonldap::NG::Portal::Main->new(),
'Portal object' );
main::ok( $self->{p}->init($ini), 'Init' );
main::ok( $self->{app} = $self->{p}->run(), 'Portal app' );
main::count(3);
$self;
}
......@@ -265,7 +266,8 @@ sub logout {
main::ok( $res = $self->_get( '/', cookie => "lemonldap=$id" ),
'Disconnect request' )
or explain( $res, '[<code>,<hdrs>,<content>]' );
main::ok( $res->[0] == 401, 'Response is 401' ) or main::explain( $res, 401 );
main::ok( $res->[0] == 401, 'Response is 401' )
or main::explain( $res, 401 );
main::count(5);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment