From 5b6b6179cf29de0aaf1a5c4ddf18d1d560df3a11 Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Jan 2024 12:48:25 +0100 Subject: [PATCH 1/3] Improve multiple handler management in portal test-lib --- lemonldap-ng-portal/t/test-lib.pm | 80 +++++++++++++++++++++++++++---- 1 file changed, 72 insertions(+), 8 deletions(-) diff --git a/lemonldap-ng-portal/t/test-lib.pm b/lemonldap-ng-portal/t/test-lib.pm index 897e4fbcdb..d934660309 100644 --- a/lemonldap-ng-portal/t/test-lib.pm +++ b/lemonldap-ng-portal/t/test-lib.pm @@ -706,14 +706,20 @@ my %handlerTSHV; =head4 register -Registers a new LLNG instance +Multi-handler system. This automatically takes care of loading the correct +handler when processing a request. + =cut +our @currenthandler; + sub register { local $Test::Builder::Level = $Test::Builder::Level + 1; my ( $type, $constructor ) = @_; my $obj; + + # Clear previous global handler data @Lemonldap::NG::Handler::Main::_onReload = (); $Lemonldap::NG::Handler::Main::_tshv = { tsv => {}, @@ -727,25 +733,66 @@ sub register { lmConf => {}, localConfig => {}, }; - &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); + + # Set currenthandler stack to the type being initialized + @currenthandler = $type; + ok( $obj = $constructor->(), 'Register $type' ); + + # If the constructed object has an app (most cases) + # we wrap the app in a function that loads the correct handler context + # before processing the request, and unloads if afterwards + use Scalar::Util 'blessed'; + if ( $obj and blessed($obj) and $obj->can('app') ) { + my $inner_app = $obj->app; + + my $wrapper = sub { + pushHandler($type); + my $res = $inner_app->(@_); + popHandler(); + return $res; + }; + $obj->app($wrapper); + } count(1); - $handlerOR{$type} = \@Lemonldap::NG::Handler::Main::_onReload; + + # Save the initialized handler data for future requests + $handlerOR{$type} = [@Lemonldap::NG::Handler::Main::_onReload]; $handlerTSHV{$type} = $Lemonldap::NG::Handler::Main::_tshv; + pop @currenthandler; return $obj; } -=head4 register +=head4 withHandler -Switch to a registered instance +This method lets you run handler methods (such as conf reload) +inside a give context =cut -sub switch { +sub withHandler { + my ( $type, $sub ) = @_; + pushHandler($type); + $sub->(); + popHandler(); +} + + +sub pushHandler { my $type = shift; - return [] unless $handlerOR{$type}; - note( '==> Switching to ' . uc($type) . ' <==' ); + + # Save the current state of the previous handler, this is needed + # for tests in which portal initialization requires a HTTP request to + # another portal + if (@currenthandler) { + my $type = $currenthandler[-1]; + note( '==> Saving handler ' . uc($type) . ' <==' ); + $handlerOR{$type} = [@Lemonldap::NG::Handler::Main::_onReload]; + $handlerTSHV{$type} = $Lemonldap::NG::Handler::Main::_tshv; + } + note( '==> Pushing ' . uc($type) . ' <==' ); + push @currenthandler, $type; @Lemonldap::NG::Handler::Main::_onReload = @{ $handlerOR{$type}; }; @@ -753,6 +800,23 @@ sub switch { $Lemonldap::NG::Handler::Main::_tshv = $handlerTSHV{$type}; } +sub popHandler { + my $type = pop @currenthandler; + note( '==> Popping ' . uc($type) . ' <==' ); + + # Restore previous handler context + if (@currenthandler) { + my $type = $currenthandler[-1]; + return [] unless $handlerOR{$type}; + note( '==> Restoring ' . uc($type) . ' <==' ); + @Lemonldap::NG::Handler::Main::_onReload = @{ + $handlerOR{$type}; + }; + + $Lemonldap::NG::Handler::Main::_tshv = $handlerTSHV{$type}; + } +} + =head4 encodeUrl( $url ); Encode URL like the handler would, see ::Handler::Main -- GitLab From 9d1067e1d01a528edfc0eae1fa719669e8737c8d Mon Sep 17 00:00:00 2001 From: Maxime Besson Date: Wed, 24 Jan 2024 12:52:04 +0100 Subject: [PATCH 2/3] Update unit tests for new register/withHandler methods --- lemonldap-ng-portal/t/00-Switch.t | 41 +++++++++++++------ .../t/30-Auth-SAML-with-choice.t | 6 --- ...AML-Artifact-with-SOAP-SLO-IdP-initiated.t | 5 --- ...h-and-issuer-SAML-Artifact-with-SOAP-SLO.t | 5 --- .../t/30-Auth-and-issuer-SAML-Federation.t | 2 - .../30-Auth-and-issuer-SAML-POST-Choice-2FA.t | 3 -- ...-Auth-and-issuer-SAML-POST-IdP-initiated.t | 7 ---- ...30-Auth-and-issuer-SAML-POST-Missing-SLO.t | 4 -- .../t/30-Auth-and-issuer-SAML-POST.t | 12 ------ ...h-and-issuer-SAML-Redirect-IdP-initiated.t | 7 ---- ...uer-SAML-Redirect-MultipleSP-Missing-SLO.t | 8 ---- ...Auth-and-issuer-SAML-Redirect-MultipleSP.t | 18 -------- ...-Auth-and-issuer-SAML-Redirect-With-Info.t | 3 -- .../t/30-Auth-and-issuer-SAML-Redirect.t | 6 --- lemonldap-ng-portal/t/30-CDC.t | 6 --- .../t/30-SAML-Head-to-Tail-POST.t | 6 --- .../t/30-SAML-POST-Logout-when-expired.t | 4 -- .../t/30-SAML-POST-Logout-when-removed.t | 5 --- .../t/30-SAML-POST-with-2F-UpgradeOnly.t | 2 - .../t/30-SAML-POST-with-2F-and-Notification.t | 5 --- .../t/30-SAML-POST-with-Notification.t | 5 --- .../t/30-SAML-ReAuth-with-Cmb-Kerberos.t | 3 -- .../t/30-SAML-ReAuth-with-choice.t | 3 -- lemonldap-ng-portal/t/30-SAML-ReAuth.t | 3 -- lemonldap-ng-portal/t/30-SAML-SP-rule.t | 3 -- .../t/31-Auth-and-issuer-CAS-Logout-20.t | 4 -- .../t/31-Auth-and-issuer-CAS-Logout-30.t | 3 -- .../t/31-Auth-and-issuer-CAS-XSS-on-logout.t | 4 -- ...nd-issuer-CAS-declared-app-multiple-urls.t | 5 --- ...uth-and-issuer-CAS-declared-app-userattr.t | 5 --- .../t/31-Auth-and-issuer-CAS-declared-app.t | 5 --- .../t/31-Auth-and-issuer-CAS-declared-apps.t | 1 - .../t/31-Auth-and-issuer-CAS-default.t | 4 -- .../t/31-Auth-and-issuer-CAS-proxied.t | 4 -- .../t/31-Auth-and-issuer-CAS-with-choice.t | 6 --- lemonldap-ng-portal/t/31-CAS-10.t | 1 - lemonldap-ng-portal/t/31-CAS-jsRedirect.t | 1 - ...issuer-OIDC-authorization_code-OP-logout.t | 9 ---- ...er-OIDC-authorization_code-different-sub.t | 12 +----- ...uer-OIDC-authorization_code-jwt-userinfo.t | 12 +----- ...er-OIDC-authorization_code-public_client.t | 12 +----- ...-OIDC-authorization_code-with-authchoice.t | 10 +---- ...issuer-OIDC-authorization_code-with-info.t | 12 +----- ...er-OIDC-authorization_code-with-none-alg.t | 12 +----- ...-Auth-and-issuer-OIDC-authorization_code.t | 16 +------- .../t/32-Auth-and-issuer-OIDC-hybrid.t | 12 ++---- ...2-Auth-and-issuer-OIDC-implicit-no-token.t | 6 +-- .../t/32-Auth-and-issuer-OIDC-implicit.t | 6 +-- .../t/32-Auth-and-issuer-OIDC-sorted.t | 1 - .../t/32-OIDC-Back-Channel-Logout-no-sid.t | 9 +--- .../32-OIDC-Back-Channel-Logout-sid-EC-keys.t | 21 +++------- ...-Channel-Logout-sid-with-JWE-and-EC-keys.t | 15 ++----- .../t/32-OIDC-Back-Channel-Logout-sid.t | 19 +++------ .../t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t | 9 +--- .../t/32-OIDC-Code-Flow-with-2F.t | 11 +---- .../t/32-OIDC-Double-Keys-without-kid.t | 9 +--- lemonldap-ng-portal/t/32-OIDC-Double-Keys.t | 9 +--- lemonldap-ng-portal/t/32-OIDC-JWE.t | 16 ++------ .../t/32-OIDC-JWS-client_secret_jwt.t | 13 ++---- .../t/32-OIDC-JWS-private_key_jwt.t | 12 +----- .../t/32-OIDC-Logout-from-RP-bypass-confirm.t | 11 +---- .../32-OIDC-Logout-redirect-uri-not-allowed.t | 10 +---- lemonldap-ng-portal/t/32-OIDC-RP-rule.t | 6 +-- .../t/32-OIDC-bad-auth-method.t | 14 ++----- .../t/32-OIDC-redirect_uri-filter.t | 4 -- .../t/32-OIDC-strict-JWS-private_key_jwt.t | 11 +---- .../t/33-Auth-and-issuer-OpenID2.t | 3 -- .../t/34-Auth-Proxy-and-REST-Server.t | 2 - .../t/34-Auth-Proxy-and-SOAP-Server.t | 2 - lemonldap-ng-portal/t/35-REST-OAuth2-deny.t | 12 +++--- lemonldap-ng-portal/t/35-REST-OAuth2.t | 12 +++--- .../t/35-REST-config-backend.t | 16 ++------ .../t/35-REST-export-password.t | 1 - .../t/35-REST-sessions-with-REST-server.t | 2 - .../t/35-SOAP-config-backend.t | 12 ++---- .../t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t | 4 -- .../t/37-CAS-App-to-SAML-IdP-POST.t | 4 -- .../t/37-Logout-from-2-chained-SAML-SP-SOAP.t | 6 --- ...Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t | 7 ---- .../37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t | 7 ---- .../t/37-Logout-from-OIDC-RP-to-SAML-SP.t | 13 ------ .../t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t | 7 ---- .../t/37-OIDC-RP-to-SAML-IdP-GET.t | 7 ---- .../t/37-OIDC-RP-to-SAML-IdP-POST.t | 7 ---- .../t/37-SAML-SP-GET-to-OIDC-OP.t | 7 ---- .../t/37-SAML-SP-GET-to-SAML-with-Logout.t | 9 ---- ...7-SAML-SP-POST-to-CAS-server-with-Choice.t | 4 -- .../t/37-SAML-SP-POST-to-CAS-server.t | 4 -- .../t/37-SAML-SP-POST-to-OIDC-OP.t | 7 ---- lemonldap-ng-portal/t/39-Failing-RP-Logout.t | 24 ++++------- lemonldap-ng-portal/t/62-SingleSession.t | 5 --- lemonldap-ng-portal/t/66-CDA-already-auth.t | 1 - lemonldap-ng-portal/t/66-CDA-with-REST.t | 3 -- lemonldap-ng-portal/t/66-CDA-with-SOAP.t | 3 -- .../t/67-CheckUser-with-issuer-SAML-POST.t | 8 ---- 95 files changed, 121 insertions(+), 612 deletions(-) diff --git a/lemonldap-ng-portal/t/00-Switch.t b/lemonldap-ng-portal/t/00-Switch.t index 7a4cb15a1e..5d0dff1827 100644 --- a/lemonldap-ng-portal/t/00-Switch.t +++ b/lemonldap-ng-portal/t/00-Switch.t @@ -34,18 +34,35 @@ my $client2 = register( } ); -switch ("client1"); -is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), - 'https://auth.example.com/' ); -switch ("client2"); -is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), - 'https://auth.example2.com/' ); -switch ("client1"); -is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), - 'https://auth.example.com/' ); -switch ("client2"); -is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), - 'https://auth.example2.com/' ); +withHandler( + "client1", + sub { + is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), + 'https://auth.example.com/' ); + } +); +withHandler( + "client2", + sub { + is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), + 'https://auth.example2.com/' ); + } +); +withHandler( + "client1", + sub { + is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), + 'https://auth.example.com/' ); + } +); +withHandler( + "client2", + sub { + is( Lemonldap::NG::Handler::Main->tsv->{portal}->(), + 'https://auth.example2.com/' ); + } +); + count(4); done_testing( count() ); diff --git a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t index 89f7cf6f1e..5572d612c9 100644 --- a/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t +++ b/lemonldap-ng-portal/t/30-Auth-SAML-with-choice.t @@ -95,7 +95,6 @@ m%_post( $url, @@ -126,7 +125,6 @@ m%_post( $url, IO::String->new($query), @@ -160,7 +158,6 @@ m%_post( $url, @@ -179,7 +176,6 @@ m%_post( $url, IO::String->new($query), @@ -191,7 +187,6 @@ m%_get( '/', cookie => "lemonldap=$idpId", @@ -200,7 +195,6 @@ m%_get( '/', cookie => "lemonldap=$spId" diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t index a278ddb19e..c96faeaab2 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO-IdP-initiated.t @@ -54,7 +54,6 @@ SKIP: { $sp = register( 'sp', \&sp ); # Simple authentication on IdP - switch ('issuer'); ok( $res = $issuer->_post( '/', IO::String->new('user=russian&password=russian'), @@ -78,7 +77,6 @@ SKIP: { my ( $url, $query ) = expectRedirection( $res, qr#http://auth.sp.com(/saml/proxySingleSignOnArtifact)\?(SAMLart=[^&]+)# ); - switch ('sp'); ok( $res = $sp->_get( $url, query => $query, accept => 'test/html' ), 'Give artifact to SP' ); expectRedirection( $res, 'http://auth.sp.com' ); @@ -100,7 +98,6 @@ SKIP: { or explain( $res, 'cn => Frédéric Accents' ); # Logout initiated by IdP - switch ('issuer'); ok( $res = $issuer->_get( '/', @@ -132,7 +129,6 @@ m#img src="http://auth.idp.com(/saml/relaySingleLogoutSOAP)\?(relay=.*?)"#s, expectRedirection( $res, "http://auth.idp.com/static/common/icons/ok.png" ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -141,7 +137,6 @@ m#img src="http://auth.idp.com(/saml/relaySingleLogoutSOAP)\?(relay=.*?)"#s, ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t index 474034a00b..dda934afb0 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Artifact-with-SOAP-SLO.t @@ -68,7 +68,6 @@ SKIP: { # or explain( decode_base64($samlReq), '_get( $url, @@ -105,7 +104,6 @@ SKIP: { ); # Query SP with SAML artifact - switch ('sp'); ok( $res = $sp->_get( $url, @@ -146,14 +144,12 @@ SKIP: { #($url,$query)=expectRedirection($res,qr#http://auth.idp.com(/saml/singleLogout)\?(SAMLart=.*)#); ## Push logout artifact to IdP -#switch('issuer'); #ok($res=$issuer->_get($url,query=>$query,accept=>'text/html',cookie=>"lemonldap=$idpId"),'Follow redirection'); my $removedCookie = expectCookie($res); is( $removedCookie, 0, "SSO cookie removed" ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -162,7 +158,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Federation.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Federation.t index 2274db8966..de5c973e9e 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Federation.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Federation.t @@ -36,7 +36,6 @@ SKIP: { $sp = register( 'sp', \&sp ); subtest "Test logging in to a federated IDP" => sub { - switch ('sp'); ok( $res = $sp->_get( @@ -57,7 +56,6 @@ SKIP: { }; subtest "Responding to a federated SP" => sub { - switch ('issuer'); my $res; my $query = buildForm( { user => 'french', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Choice-2FA.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Choice-2FA.t index d774f0ccba..3ef3dc18be 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Choice-2FA.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Choice-2FA.t @@ -119,7 +119,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -164,7 +163,6 @@ SKIP: { or explain( $res, 'cn => Frédéric Accents' ); # Logout initiated by IDP - switch ('issuer'); ok( $res = $issuer->_get( '/', @@ -196,7 +194,6 @@ m#img src="http://auth.idp.com(/saml/relaySingleLogoutSOAP)\?(relay=.*?)"#s, "http://auth.idp.com/static/common/icons/ok.png" ); # Test if logout is done - switch ('sp'); ok( $res = $sp->_get( '/', cookie => "lemonldap=$spId" diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t index 76aef3ed96..3d8cccb344 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-IdP-initiated.t @@ -36,7 +36,6 @@ SKIP: { $sp = register( 'sp', \&sp ); # Simple authentication on IdP - switch ('issuer'); ok( $res = $issuer->_post( '/', IO::String->new('user=russian&password=russian'), @@ -102,7 +101,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -129,7 +127,6 @@ SKIP: { or explain( $res, 'cn => Frédéric Accents' ); # Logout initiated by IdP - switch ('issuer'); ok( $res = $issuer->_get( '/', @@ -169,7 +166,6 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, 'SAMLRequest' ); # Post SAML logout request to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -184,7 +180,6 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, 'SAMLResponse' ); # Post SAML logout response to IdP - switch ('issuer'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -196,7 +191,6 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -205,7 +199,6 @@ m#iframe src="http://auth.idp.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Missing-SLO.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Missing-SLO.t index b7a8d00848..f5f0e1d73a 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Missing-SLO.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST-Missing-SLO.t @@ -49,7 +49,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -120,7 +119,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -161,7 +159,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -192,7 +189,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t index 084bb25820..78cd741626 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-POST.t @@ -38,7 +38,6 @@ SKIP: { # SP-initiated flow my $res; - switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', @@ -54,7 +53,6 @@ SKIP: { 1, 'samlGenerateRequestHook called' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -149,7 +147,6 @@ SKIP: { 1, 'samlGotRequestHookCalled called' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -194,7 +191,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -213,7 +209,6 @@ SKIP: { is( $removedCookie, 0, "IDP Cookie removed" ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -225,7 +220,6 @@ SKIP: { expectRedirection( $res, 'http://auth.sp.com' ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -234,7 +228,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', @@ -312,7 +305,6 @@ SKIP: { 1, 'samlGotRequestHookCalled called' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -362,7 +354,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -381,7 +372,6 @@ SKIP: { is( $removedCookie, 0, "IDP Cookie removed" ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -393,7 +383,6 @@ SKIP: { expectRedirection( $res, 'http://test1.example.com' ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -402,7 +391,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t index 3947cc7d0d..e6ad12e499 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-IdP-initiated.t @@ -36,7 +36,6 @@ SKIP: { $sp = register( 'sp', \&sp ); # Simple authentication on IdP - switch ('issuer'); ok( $res = $issuer->_post( '/', IO::String->new('user=russian&password=russian'), @@ -72,7 +71,6 @@ SKIP: { my $s = "SAMLResponse=$1"; # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -99,7 +97,6 @@ SKIP: { or explain( $res, 'cn => Frédéric Accents' ); # Logout initiated by IdP - switch ('issuer'); ok( $res = $issuer->_get( '/', @@ -122,14 +119,12 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#, my $removedCookie = expectCookie($res); is( $removedCookie, 0, "SSO cookie removed" ); - switch ('sp'); ok( $res = $sp->_get( $url, query => $query, accept => 'text/html' ), 'Query SP for iframe' ); ( $url, $query ) = expectRedirection( $res, qr#http://auth.idp.com(/saml/singleLogoutReturn)\?(SAMLResponse=.*)# ); # Push SAML logout response to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, query => $query, accept => 'text/html' ), 'Push SAML response to IdP' ); expectRedirection( $res, 'http://auth.idp.com/static/common/icons/ok.png' ); @@ -142,7 +137,6 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#, 'Content-Security-Policy does not contain a frame-ancestors' ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -151,7 +145,6 @@ m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#, ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP-Missing-SLO.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP-Missing-SLO.t index 2189e5507c..2716f81ef5 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP-Missing-SLO.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP-Missing-SLO.t @@ -51,7 +51,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -90,7 +89,6 @@ SKIP: { 'SAMLResponse', 'RelayState' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -116,7 +114,6 @@ SKIP: { # Simple SP2 access - switch ('sp2'); ok( $res = $sp2->_get( '/', @@ -130,7 +127,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -145,7 +141,6 @@ SKIP: { 'SAMLResponse', 'RelayState' ); # Post SAML response to SP2 - switch ('sp2'); ok( $res = $sp2->_post( $url, IO::String->new($query), @@ -176,7 +171,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleLogout)\?(SAMLRequest=.+)# ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -205,7 +199,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', @@ -218,7 +211,6 @@ SKIP: { expectRedirection( $res, qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); - switch ('sp2'); ok( $res = $sp2->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP.t index 45a0a5959f..56425298ba 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-MultipleSP.t @@ -55,7 +55,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -94,7 +93,6 @@ SKIP: { 'SAMLResponse', 'RelayState' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -120,7 +118,6 @@ SKIP: { # Simple SP2 access - switch ('sp2'); ok( $res = $sp2->_get( '/', @@ -134,7 +131,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -149,7 +145,6 @@ SKIP: { 'SAMLResponse', 'RelayState' ); # Post SAML response to SP2 - switch ('sp2'); ok( $res = $sp2->_post( $url, IO::String->new($query), @@ -166,7 +161,6 @@ SKIP: { expectAuthenticatedAs( $res, 'fa@badwolf.org@idp' ); # Simple SP3 access - switch ('sp3'); ok( $res = $sp3->_get( '/', @@ -180,7 +174,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -195,7 +188,6 @@ SKIP: { 'SAMLResponse', 'RelayState' ); # Post SAML response to SP3 - switch ('sp3'); ok( $res = $sp3->_post( $url, IO::String->new($query), @@ -226,7 +218,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleLogout)\?(SAMLRequest=.+)# ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -250,7 +241,6 @@ SKIP: { # Logout from SP2 # Load iframe my $iframe = $iframes{'auth.sp2.com'}; - switch ('sp2'); ok( $res = $sp2->_get( '/saml/proxySingleLogout', @@ -265,7 +255,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleLogoutReturn)\?(SAMLResponse=.+)# ); # Get OK icon from IDP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -279,7 +268,6 @@ SKIP: { # Logout from SP3 # Load iframe $iframe = $iframes{'auth.sp3.com'}; - switch ('sp3'); ok( $res = $sp3->_get( '/saml/proxySingleLogout', @@ -294,7 +282,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleLogoutReturn)\?(SAMLResponse=.+)# ); # Get OK icon from IDP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -324,7 +311,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# ); # Send SAML response to SP - switch ('sp'); ok( $res = $sp->_get( $url, @@ -335,7 +321,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -344,7 +329,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', @@ -356,7 +340,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# expectRedirection( $res, qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); - switch ('sp2'); ok( $res = $sp2->_get( '/', @@ -368,7 +351,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# expectRedirection( $res, qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); - switch ('sp3'); ok( $res = $sp3->_get( '/', diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-With-Info.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-With-Info.t index 7232151962..12741d0433 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-With-Info.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect-With-Info.t @@ -50,7 +50,6 @@ SKIP: { expectCookie($res); - switch ('sp'); $sp = register( 'sp', \&sp ); @@ -68,7 +67,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -120,7 +118,6 @@ SKIP: { 'SAMLResponse', 'RelayState' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t index ca9c309504..176e49d911 100644 --- a/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t +++ b/lemonldap-ng-portal/t/30-Auth-and-issuer-SAML-Redirect.t @@ -55,7 +55,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -165,7 +164,6 @@ qr@SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -211,7 +209,6 @@ qr@SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -229,7 +226,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# is( $removedCookie, 0, "IDP Cookie removed" ); # Send SAML response to SP - switch ('sp'); ok( $res = $sp->_get( $url, @@ -241,7 +237,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# expectOK($res); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -250,7 +245,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-CDC.t b/lemonldap-ng-portal/t/30-CDC.t index 2a2a6b4b96..670e1f4c85 100644 --- a/lemonldap-ng-portal/t/30-CDC.t +++ b/lemonldap-ng-portal/t/30-CDC.t @@ -63,7 +63,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -110,7 +109,6 @@ m#_post( $url, IO::String->new($s), @@ -151,7 +149,6 @@ m#_post( $url, @@ -167,7 +164,6 @@ m#_post( $url, IO::String->new($s), @@ -179,7 +175,6 @@ m#_get( '/', cookie => "lemonldap=$idpId", @@ -188,7 +183,6 @@ m#_get( '/', diff --git a/lemonldap-ng-portal/t/30-SAML-Head-to-Tail-POST.t b/lemonldap-ng-portal/t/30-SAML-Head-to-Tail-POST.t index 541763d6d4..ef539ce925 100644 --- a/lemonldap-ng-portal/t/30-SAML-Head-to-Tail-POST.t +++ b/lemonldap-ng-portal/t/30-SAML-Head-to-Tail-POST.t @@ -48,7 +48,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -79,7 +78,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -120,7 +118,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -139,7 +136,6 @@ SKIP: { is( $removedCookie, 0, "SSO cookie removed" ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -151,7 +147,6 @@ SKIP: { expectOK($res); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -160,7 +155,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t b/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t index ad13b8a68b..94726a5f10 100644 --- a/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t +++ b/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-expired.t @@ -50,7 +50,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -126,7 +125,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -162,7 +160,6 @@ SKIP: { Time::Fake->offset( "+" . ( $timeout * 1.5 ) . "s" ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -178,7 +175,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), diff --git a/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-removed.t b/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-removed.t index e22c96b7a9..c46dd32de8 100644 --- a/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-removed.t +++ b/lemonldap-ng-portal/t/30-SAML-POST-Logout-when-removed.t @@ -49,7 +49,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -85,7 +84,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -103,7 +101,6 @@ SKIP: { expectOK($res); # Logout from IdP - switch ('issuer'); ok( $res = $issuer->_get( '/', @@ -126,7 +123,6 @@ SKIP: { expectReject($res); # Logout initiated by SP - switch ('sp'); ok( $res = $sp->_get( '/', @@ -141,7 +137,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, diff --git a/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t b/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t index 853d93f1dc..b7fad4d199 100644 --- a/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t +++ b/lemonldap-ng-portal/t/30-SAML-POST-with-2F-UpgradeOnly.t @@ -125,7 +125,6 @@ qr%_post( $url, IO::String->new($s), @@ -253,7 +252,6 @@ qr%_post( $url, IO::String->new($s), diff --git a/lemonldap-ng-portal/t/30-SAML-POST-with-2F-and-Notification.t b/lemonldap-ng-portal/t/30-SAML-POST-with-2F-and-Notification.t index 0a787d4ce7..44ecb83447 100644 --- a/lemonldap-ng-portal/t/30-SAML-POST-with-2F-and-Notification.t +++ b/lemonldap-ng-portal/t/30-SAML-POST-with-2F-and-Notification.t @@ -155,7 +155,6 @@ qr%_post( $url, IO::String->new($s), @@ -188,7 +187,6 @@ qr%_post( $url, @@ -207,7 +205,6 @@ qr%_post( $url, IO::String->new($s), @@ -219,7 +216,6 @@ qr%_get( '/', cookie => "lemonldap=$idpId", @@ -228,7 +224,6 @@ qr%_get( '/', diff --git a/lemonldap-ng-portal/t/30-SAML-POST-with-Notification.t b/lemonldap-ng-portal/t/30-SAML-POST-with-Notification.t index 5f516322a1..9ba2cee260 100644 --- a/lemonldap-ng-portal/t/30-SAML-POST-with-Notification.t +++ b/lemonldap-ng-portal/t/30-SAML-POST-with-Notification.t @@ -127,7 +127,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -160,7 +159,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML logout request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -179,7 +177,6 @@ SKIP: { is( $removedCookie, 0, "SSO cookie removed" ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -191,7 +188,6 @@ SKIP: { expectRedirection( $res, 'http://auth.sp.com' ); # Test if logout is done - switch ('issuer'); ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId", @@ -200,7 +196,6 @@ SKIP: { ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/30-SAML-ReAuth-with-Cmb-Kerberos.t b/lemonldap-ng-portal/t/30-SAML-ReAuth-with-Cmb-Kerberos.t index fd60f90342..bff8689d1c 100644 --- a/lemonldap-ng-portal/t/30-SAML-ReAuth-with-Cmb-Kerberos.t +++ b/lemonldap-ng-portal/t/30-SAML-ReAuth-with-Cmb-Kerberos.t @@ -43,7 +43,6 @@ SKIP: { $sp = register( 'sp', \&sp ); # Simple authentication on IdP - switch ('issuer'); my $str = 'user=dwho&password=dwho'; ok( $res = $issuer->_post( @@ -69,7 +68,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -163,7 +161,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/30-SAML-ReAuth-with-choice.t b/lemonldap-ng-portal/t/30-SAML-ReAuth-with-choice.t index 97acbf89c1..a2bf906793 100644 --- a/lemonldap-ng-portal/t/30-SAML-ReAuth-with-choice.t +++ b/lemonldap-ng-portal/t/30-SAML-ReAuth-with-choice.t @@ -48,7 +48,6 @@ SKIP: { $sp = register( 'sp', \&sp ); # Simple authentication on IdP - switch ('issuer'); ok( $res = $issuer->_post( '/', IO::String->new('user=dwho&password=dwho&test=sql'), @@ -74,7 +73,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -138,7 +136,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/30-SAML-ReAuth.t b/lemonldap-ng-portal/t/30-SAML-ReAuth.t index 4268f4a5e0..7496ca9731 100644 --- a/lemonldap-ng-portal/t/30-SAML-ReAuth.t +++ b/lemonldap-ng-portal/t/30-SAML-ReAuth.t @@ -36,7 +36,6 @@ SKIP: { $sp = register( 'sp', \&sp ); # Simple authentication on IdP - switch ('issuer'); ok( $res = $issuer->_post( '/', IO::String->new('user=russian&password=russian'), @@ -63,7 +62,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -127,7 +125,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/30-SAML-SP-rule.t b/lemonldap-ng-portal/t/30-SAML-SP-rule.t index cd059c86fc..4129bc9fe3 100644 --- a/lemonldap-ng-portal/t/30-SAML-SP-rule.t +++ b/lemonldap-ng-portal/t/30-SAML-SP-rule.t @@ -50,7 +50,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -87,7 +86,6 @@ SKIP: { expectPortalError( $res, 84, 'PE_UNAUTHORIZEDPARTNER' ); # Access to unknown SP - switch ("unknownsp"); ok( $res = $unknownsp->_get( '/', @@ -100,7 +98,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_get( $url, diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-20.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-20.t index 62a23c254e..d823bbfb26 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-20.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-20.t @@ -61,7 +61,6 @@ $issuer = register( 'issuer', \&issuer ); $sp = register( 'sp', \&sp ); # Simple SP access -switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', @@ -75,7 +74,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -119,7 +117,6 @@ my ($query) = expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# ); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', @@ -149,7 +146,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) count(3); # Logout initiated by CAS -switch ('issuer'); ok( $res = $issuer->_get( '/cas/logout', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-30.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-30.t index ffeddd8fcf..1aed0e0986 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-30.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-Logout-30.t @@ -74,7 +74,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -118,7 +117,6 @@ my ($query) = expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# ); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', @@ -148,7 +146,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) count(3); # Logout initiated by CAS, try with invalid service URL first -switch ('issuer'); ok( $res = $issuer->_get( '/cas/logout', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-XSS-on-logout.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-XSS-on-logout.t index 3c936a0000..ab8694a876 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-XSS-on-logout.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-XSS-on-logout.t @@ -74,7 +74,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -113,7 +112,6 @@ my ($query) = expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# ); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', @@ -149,7 +147,6 @@ my $url = $1; $query = $2; $query .= '%3F%3Cscript%3E'; -switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -172,7 +169,6 @@ ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' ); count(1); expectReject($res); -switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t index f0438b5a4f..4e4b8dfcba 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-multiple-urls.t @@ -72,7 +72,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp2.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -121,7 +120,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp2.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -158,7 +156,6 @@ my ($query) = my $idpId = expectCookie($res); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', query => $query, accept => 'text/html' ), 'Query SP with ticket' ); count(1); @@ -202,7 +199,6 @@ my $url = $1; $query = $2; expectCspChildOK( $res, "auth.idp.com" ); -switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -225,7 +221,6 @@ ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' ); count(1); expectReject($res); -switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', cookie => "lemonldap=$idpId" ), diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t index 1f7e5be5af..5863a28e05 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app-userattr.t @@ -72,7 +72,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -121,7 +120,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -158,7 +156,6 @@ my ($query) = my $idpId = expectCookie($res); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', query => $query, accept => 'text/html' ), 'Query SP with ticket' ); count(1); @@ -202,7 +199,6 @@ my $url = $1; $query = $2; expectCspChildOK( $res, "auth.idp.com" ); -switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -225,7 +221,6 @@ ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' ); count(1); expectReject($res); -switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', cookie => "lemonldap=$idpId" ), diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t index 504d4044d9..d5b6509d1b 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-app.t @@ -72,7 +72,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -121,7 +120,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -158,7 +156,6 @@ my ($query) = my $idpId = expectCookie($res); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', query => $query, accept => 'text/html' ), 'Query SP with ticket' ); count(1); @@ -202,7 +199,6 @@ my $url = $1; $query = $2; expectCspChildOK( $res, "auth.idp.com" ); -switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -225,7 +221,6 @@ ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' ); count(1); expectReject($res); -switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', cookie => "lemonldap=$idpId" ), diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-apps.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-apps.t index 0d57372a3a..661ec10616 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-apps.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-declared-apps.t @@ -78,7 +78,6 @@ qr% count(1); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t index 6c92308212..693a1f013d 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-default.t @@ -74,7 +74,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -118,7 +117,6 @@ my ($query) = expectRedirection( $res, qr#^http://auth.sp.com/\?(ticket=[^&]+)$# ); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', @@ -172,7 +170,6 @@ my $url = $1; $query = $2; expectCspChildOK( $res, "auth.idp.com" ); -switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -195,7 +192,6 @@ ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' ); count(1); expectReject($res); -switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t index 27f56f3574..1a2b6c9479 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-proxied.t @@ -72,7 +72,6 @@ expectRedirection( $res, 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Query IdP -switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -110,7 +109,6 @@ my ($query) = my $idpId = expectCookie($res); # Back to SP -switch ('sp'); ok( $res = $sp->_get( '/', @@ -162,7 +160,6 @@ my $url = $1; $query = $2; expectCspChildOK( $res, "auth.idp.com" ); -switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -185,7 +182,6 @@ ok( $res = $issuer->_get( '/', cookie => "lemonldap=$idpId" ), 'Query IdP' ); count(1); expectReject($res); -switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t index 2fee3dbc0a..606fc63fd4 100644 --- a/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t +++ b/lemonldap-ng-portal/t/31-Auth-and-issuer-CAS-with-choice.t @@ -94,7 +94,6 @@ SKIP: { 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Follow redirection to CAS server - switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -135,7 +134,6 @@ SKIP: { ok( $pdata !~ 'issuerRequestsaml', 'SAML request cleared from pdata' ); # Back to SP - switch ('sp'); # Follow redirection to CAS app ok( @@ -170,7 +168,6 @@ SKIP: { 'http://auth.idp.com/cas/login?service=http%3A%2F%2Fauth.sp.com%2F' ); # Follow redirection to CAS server with "renew" set to "true" - switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -227,7 +224,6 @@ SKIP: { expectRedirection( $res, qr#http://auth.sp.com/?\?(ticket=.*)$# ); # Follow redirection to CAS app - switch ('sp'); ok( $res = $sp->_get( '/', query => $query ), 'Follow redirection' ); expectCookie($res); @@ -257,7 +253,6 @@ SKIP: { expectCspChildOK( $res, "auth.idp.com" ); # Get iframe from CAS server - switch ('issuer'); ok( $res = $issuer->_get( $url, @@ -274,7 +269,6 @@ SKIP: { 'Query CAS server' ); expectReject($res); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/31-CAS-10.t b/lemonldap-ng-portal/t/31-CAS-10.t index ff1b7c4d02..5474e4572c 100644 --- a/lemonldap-ng-portal/t/31-CAS-10.t +++ b/lemonldap-ng-portal/t/31-CAS-10.t @@ -18,7 +18,6 @@ plan skip_all => "Missing dependencies: $@" if ($@); ok( $issuer = issuer(), 'Issuer portal' ); count(1); -switch ('issuer'); ok( $res = $issuer->_get( diff --git a/lemonldap-ng-portal/t/31-CAS-jsRedirect.t b/lemonldap-ng-portal/t/31-CAS-jsRedirect.t index 155b18e1d5..ebcc6cc79b 100644 --- a/lemonldap-ng-portal/t/31-CAS-jsRedirect.t +++ b/lemonldap-ng-portal/t/31-CAS-jsRedirect.t @@ -18,7 +18,6 @@ plan skip_all => "Missing dependencies: $@" if ($@); ok( $issuer = issuer(), 'Issuer portal' ); count(1); -switch ('issuer'); ok( $res = $issuer->_get( diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t index 2197610c8e..e29c3d7f8b 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-OP-logout.t @@ -34,7 +34,6 @@ LWP::Protocol::PSGI->register( fail(' Aborting REST request (external)'); return [ 500, [], [] ]; } - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -62,7 +61,6 @@ LWP::Protocol::PSGI->register( ' Content is JSON' ) or explain( $res->[1], 'Content-Type => application/json' ); count(4); - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -85,14 +83,12 @@ count(2); $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); # Query RP for auth -switch ('rp'); ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth SP request' ); count(1); my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -129,14 +125,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -150,7 +144,6 @@ ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/, count(1); # Verify UTF-8 -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -158,7 +151,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) count(2); # Logout initiated by OP -switch ('op'); ok( $res = $op->_get( '/', @@ -188,7 +180,6 @@ ok( count(1); expectReject($res); -switch ('rp'); # Launch font logout request ok( diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-different-sub.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-different-sub.t index 16f51471c0..dba382a069 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-different-sub.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-different-sub.t @@ -74,7 +74,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -88,9 +88,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -100,7 +99,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -137,7 +135,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -158,10 +155,8 @@ $Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{french} = { guy => '', type => '', }; -switch ('op'); ok( $op->_get( '/refresh', cookie => "lemonldap=$idpId" ) ); count(1); -switch ('rp'); Time::Fake->offset("+2h"); @@ -199,7 +194,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?.*(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -241,7 +235,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -262,7 +255,6 @@ count(1); # ------------------------- # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t index dce95a24a2..2e6a559e1b 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-jwt-userinfo.t @@ -74,7 +74,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -88,9 +88,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -100,7 +99,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -137,14 +135,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -174,7 +170,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); count(2); -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -196,7 +191,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -255,7 +249,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -272,7 +265,6 @@ count(1); # ------------------------- # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t index ab3d187333..9cd7982723 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-public_client.t @@ -73,7 +73,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -87,9 +87,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -99,7 +98,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -136,14 +134,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -176,7 +172,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); count(3); -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); expectOK($res); ok( $res = eval { JSON::from_json( $res->[2]->[0] ) }, ' GET JSON' ) @@ -200,7 +195,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -255,7 +249,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -272,7 +265,6 @@ count(1); # ------------------------- # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t index 76758c8741..33ac7846ab 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-authchoice.t @@ -77,7 +77,7 @@ SKIP: { $dbh->do("INSERT INTO users VALUES ('dwho','dwho','Doctor who')"); # Initialization - ok( $op = op(), 'OP portal' ); + ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), @@ -93,9 +93,8 @@ SKIP: { expectOK($res); my $metadata = $res->[2]->[0]; - switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); - ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); + ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); # Query RP for auth ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth SP request' ); @@ -104,7 +103,6 @@ SKIP: { qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); my ( $host, $tmp ); @@ -141,13 +139,11 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); my $spId = expectCookie($res); - switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -173,7 +169,6 @@ SKIP: { ); # Push logout to OP - switch ('op'); ok( $res = $op->_get( @@ -223,7 +218,6 @@ SKIP: { ); expectReject($res); - switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t index d032bf5058..0edd9410e3 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-info.t @@ -73,7 +73,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -102,9 +102,8 @@ count(1); expectCookie($res); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -114,7 +113,6 @@ count(1); expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -139,14 +137,12 @@ my $method; ( $host, $tmp, $query ) = expectForm( $res, 'auth.rp.com' ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -177,7 +173,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); count(2); -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -199,7 +194,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -258,7 +252,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -275,7 +268,6 @@ count(1); # ------------------------- # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t index e021cd13e4..ff0ba5dc5e 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code-with-none-alg.t @@ -73,7 +73,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -87,9 +87,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -99,7 +98,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -136,14 +134,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -174,7 +170,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); count(2); -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -196,7 +191,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -251,7 +245,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -268,7 +261,6 @@ count(1); # ------------------------- # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t index 22a47d9420..296ecbe042 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-authorization_code.t @@ -79,7 +79,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -93,9 +93,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -105,7 +104,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -159,14 +157,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -197,7 +193,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); count(2); -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); my $access_token_eol = $res->{_oidc_access_token_eol}; @@ -241,10 +236,8 @@ $Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{french} = { guy => '', type => '', }; -switch ('op'); ok( $op->_get( '/refresh', cookie => "lemonldap=$idpId" ) ); count(1); -switch ('rp'); # Test session refresh (before access token refresh) ok( @@ -276,10 +269,8 @@ $Lemonldap::NG::Portal::UserDB::Demo::demoAccounts{french} = { guy => '', type => '', }; -switch ('op'); ok( $op->_get( '/refresh', cookie => "lemonldap=$idpId" ) ); count(1); -switch ('rp'); # Test session refresh (with access token refresh) Time::Fake->offset("+2h"); @@ -336,7 +327,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?.*(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -395,7 +385,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -418,7 +407,6 @@ count(1); # ------------------------- # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t index 2b96507346..c0c0e7b309 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-hybrid.t @@ -66,7 +66,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -80,9 +80,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -95,7 +94,6 @@ my ( $url, $query ) = $query =~ s/response_type=code/response_type=code%20id_token%20token/; # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -118,7 +116,7 @@ ok( $res->[2]->[0] =~ /trmsg="90"/, 'Reject reason is 90' ) count(1); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register('op', sub { op() }) , 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -132,9 +130,8 @@ expectOK($res); $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register('rp', sub { rp( $jwks, $metadata ) }), 'RP portal' ); count(1); # Query RP for auth @@ -147,7 +144,6 @@ count(1); $query =~ s/response_type=code/response_type=code%20id_token%20token/; # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit-no-token.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit-no-token.t index 8efa6cb650..64c7470343 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit-no-token.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit-no-token.t @@ -67,7 +67,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -81,9 +81,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -96,7 +95,6 @@ my ( $url, $query ) = $query =~ s/response_type=code/response_type=id_token/; # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t index 37e1dca714..3fd745956b 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-implicit.t @@ -67,7 +67,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -81,9 +81,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -96,7 +95,6 @@ my ( $url, $query ) = $query =~ s/response_type=code/response_type=id_token%20token/; # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t index 1791d47533..525641dc33 100644 --- a/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t +++ b/lemonldap-ng-portal/t/32-Auth-and-issuer-OIDC-sorted.t @@ -80,7 +80,6 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); count(1); diff --git a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-no-sid.t b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-no-sid.t index 53012ee1d4..73a949ab3e 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-no-sid.t +++ b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-no-sid.t @@ -68,7 +68,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -82,9 +82,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -94,7 +93,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -131,7 +129,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -139,7 +136,6 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); ok( $res = $op->_get( '/', @@ -162,7 +158,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-EC-keys.t b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-EC-keys.t index 37abcaa988..cd64e134c4 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-EC-keys.t +++ b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-EC-keys.t @@ -34,7 +34,6 @@ LWP::Protocol::PSGI->register( fail(' Aborting REST request (external)'); return [ 500, [], [] ]; } - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -65,13 +64,12 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -85,9 +83,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -97,7 +94,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -134,7 +130,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -142,10 +137,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -169,7 +163,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -185,8 +178,7 @@ clean_sessions(); done_testing( count() ); sub op { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', @@ -232,7 +224,7 @@ sub op { 'loa-2' => 2, 'loa-3' => 3 }, - oidcServiceKeyTypeSig => 'EC', + oidcServiceKeyTypeSig => 'EC', oidcServicePrivateKeySig => &oidc_key_op_private_ec_sig, oidcServicePublicKeySig => &oidc_key_op_public_ec_sig, } @@ -242,8 +234,7 @@ sub op { sub rp { my ( $jwks, $metadata ) = @_; - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'rp.com', diff --git a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-with-JWE-and-EC-keys.t b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-with-JWE-and-EC-keys.t index 30917a0aab..3b19fe780e 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-with-JWE-and-EC-keys.t +++ b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid-with-JWE-and-EC-keys.t @@ -35,7 +35,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -75,13 +74,12 @@ LWP::Protocol::PSGI->register( ) or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -95,13 +93,12 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Reload OP so it can fetch RP's JWKS -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); # Query RP for auth ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth RP request' ); @@ -110,7 +107,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -147,7 +143,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -155,10 +150,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -182,7 +176,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid.t b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid.t index 8f9ab575f6..1d8ed988fc 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid.t +++ b/lemonldap-ng-portal/t/32-OIDC-Back-Channel-Logout-sid.t @@ -33,7 +33,6 @@ LWP::Protocol::PSGI->register( fail(' Aborting REST request (external)'); return [ 500, [], [] ]; } - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -64,13 +63,12 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -84,9 +82,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -96,7 +93,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -133,7 +129,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -141,10 +136,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -168,7 +162,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -184,8 +177,7 @@ clean_sessions(); done_testing( count() ); sub op { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', @@ -240,8 +232,7 @@ sub op { sub rp { my ( $jwks, $metadata ) = @_; - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'rp.com', diff --git a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t index cb4de5195a..8b9fc647cd 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t +++ b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F-UpgradeOnly.t @@ -73,7 +73,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -105,9 +105,8 @@ ok( count(1); my $idpId = expectCookie($res); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -117,7 +116,6 @@ count(1); expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, @@ -210,7 +208,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -232,7 +229,6 @@ count(1); expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -301,7 +297,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); diff --git a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t index 54483300de..3928a03286 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t +++ b/lemonldap-ng-portal/t/32-OIDC-Code-Flow-with-2F.t @@ -73,7 +73,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -87,9 +87,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -99,7 +98,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -184,14 +182,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -222,7 +218,6 @@ ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) or explain( $res, 'cn => Frédéric Accents' ); count(2); -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -244,7 +239,6 @@ count(1); qr#http://auth.op.com(/oauth2/logout)\?(post_logout_redirect_uri=.+)$# ); # Push logout to OP -switch ('op'); ok( $res = $op->_get( @@ -303,7 +297,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-OIDC-Double-Keys-without-kid.t b/lemonldap-ng-portal/t/32-OIDC-Double-Keys-without-kid.t index 98ad4ea51b..8d09d36f70 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Double-Keys-without-kid.t +++ b/lemonldap-ng-portal/t/32-OIDC-Double-Keys-without-kid.t @@ -33,7 +33,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -64,7 +63,6 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -96,7 +94,6 @@ my $metadata = $res->[2]->[0]; count(1); $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); -switch ('rp'); # Query RP for auth ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth RP request' ); @@ -105,7 +102,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -142,7 +138,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -150,10 +145,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -177,7 +171,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-OIDC-Double-Keys.t b/lemonldap-ng-portal/t/32-OIDC-Double-Keys.t index f1b81ca7e3..c7675c146e 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Double-Keys.t +++ b/lemonldap-ng-portal/t/32-OIDC-Double-Keys.t @@ -34,7 +34,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -65,7 +64,6 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -97,7 +95,6 @@ my $metadata = $res->[2]->[0]; count(1); $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); -switch ('rp'); # Query RP for auth ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth RP request' ); @@ -106,7 +103,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -143,7 +139,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -151,10 +146,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -178,7 +172,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-OIDC-JWE.t b/lemonldap-ng-portal/t/32-OIDC-JWE.t index 7817659878..580cbe85c6 100644 --- a/lemonldap-ng-portal/t/32-OIDC-JWE.t +++ b/lemonldap-ng-portal/t/32-OIDC-JWE.t @@ -35,7 +35,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -75,7 +74,6 @@ LWP::Protocol::PSGI->register( ) or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -89,7 +87,7 @@ SKIP: { } # Initialization - ok( $op = op(), 'OP portal' ); + ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), @@ -106,14 +104,12 @@ SKIP: { my $metadata = $res->[2]->[0]; count(3); - switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); - ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); + ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Reload OP so it can fetch RP's JWKS - $op->p->HANDLER->checkConf(1); - + withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); # Verify that RP published its keys ok( $res = $rp->_get('/oauth2/jwks'), 'RP publish its keys' ); @@ -136,7 +132,6 @@ SKIP: { qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -173,7 +168,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -181,10 +175,9 @@ SKIP: { my $spId = expectCookie($res); # Logout initiated by OP - switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) - $op->p->HANDLER->checkConf(1); + withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -209,7 +202,6 @@ SKIP: { count(1); expectReject($res); - switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/32-OIDC-JWS-client_secret_jwt.t b/lemonldap-ng-portal/t/32-OIDC-JWS-client_secret_jwt.t index 05b77dd589..5e00c6fd4c 100644 --- a/lemonldap-ng-portal/t/32-OIDC-JWS-client_secret_jwt.t +++ b/lemonldap-ng-portal/t/32-OIDC-JWS-client_secret_jwt.t @@ -35,7 +35,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -75,7 +74,6 @@ LWP::Protocol::PSGI->register( ) or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -96,7 +94,6 @@ my $metadata = $res->[2]->[0]; count(2); $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); -switch ('rp'); # Query RP for auth ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth RP request' ); @@ -105,7 +102,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -142,7 +138,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -150,10 +145,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -178,7 +172,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -278,8 +271,8 @@ sub rp { oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.op.com/.well-known/openid-configuration", - oidcOPMetaDataOptionsAuthnEndpointAuthMethod => 'jws', - oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg => 'HS256', + oidcOPMetaDataOptionsAuthnEndpointAuthMethod => 'jws', + oidcOPMetaDataOptionsAuthnEndpointAuthSigAlg => 'HS256', oidcOPMetaDataOptionsTokenEndpointAuthMethod => 'client_secret_jwt', } diff --git a/lemonldap-ng-portal/t/32-OIDC-JWS-private_key_jwt.t b/lemonldap-ng-portal/t/32-OIDC-JWS-private_key_jwt.t index 3a0d4fd71a..1e337fea5d 100644 --- a/lemonldap-ng-portal/t/32-OIDC-JWS-private_key_jwt.t +++ b/lemonldap-ng-portal/t/32-OIDC-JWS-private_key_jwt.t @@ -35,7 +35,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -75,7 +74,6 @@ LWP::Protocol::PSGI->register( ) or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -100,8 +98,6 @@ $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); # Reload OP so it can fetch RP's JWKS $op = register( 'op', \&op ); -switch ('rp'); - # Verify that RP published its keys ok( $res = $rp->_get('/oauth2/jwks'), 'RP publish its keys' ); my $rpKeys = expectJSON($res); @@ -122,7 +118,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -159,7 +154,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -167,10 +161,9 @@ count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -195,7 +188,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -295,7 +287,7 @@ sub rp { oidcOPMetaDataOptionsClientID => "rpid", oidcOPMetaDataOptionsConfigurationURI => "https://auth.op.com/.well-known/openid-configuration", - oidcOPMetaDataOptionsAuthnEndpointAuthMethod => 'jws', + oidcOPMetaDataOptionsAuthnEndpointAuthMethod => 'jws', oidcOPMetaDataOptionsTokenEndpointAuthMethod => 'private_key_jwt', } diff --git a/lemonldap-ng-portal/t/32-OIDC-Logout-from-RP-bypass-confirm.t b/lemonldap-ng-portal/t/32-OIDC-Logout-from-RP-bypass-confirm.t index 4376146b33..5c0cd978d0 100644 --- a/lemonldap-ng-portal/t/32-OIDC-Logout-from-RP-bypass-confirm.t +++ b/lemonldap-ng-portal/t/32-OIDC-Logout-from-RP-bypass-confirm.t @@ -66,7 +66,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -80,9 +80,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -92,7 +91,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -129,14 +127,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -150,7 +146,6 @@ ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/, count(1); # Verify UTF-8 -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -183,7 +178,6 @@ count(1); like( $query, qr/id_token_hint=/, "Found ID Token hint" ); count(1); -switch ('op'); ok( $res = $op->_get( $url, @@ -197,7 +191,6 @@ count(1); # confirmation form is bypassed -switch ('op'); expectOK($res); ok( $res->[2]->[0] =~ m#register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -80,9 +80,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -92,7 +91,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -129,14 +127,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -150,7 +146,6 @@ ok( getHeader( $res, 'Content-Security-Policy' ) !~ /frame-ancestors/, count(1); # Verify UTF-8 -switch ('rp'); ok( $res = $rp->_get("/sessions/global/$spId"), 'Get UTF-8' ); $res = expectJSON($res); ok( $res->{cn} eq 'Frédéric Accents', 'UTF-8 values' ) @@ -175,7 +170,6 @@ like( $query, qr/client_id=rpid/, "Found client ID in logout request" ); count(1); # Push logout to OP -switch ('op'); ok( $res = $op->_get( diff --git a/lemonldap-ng-portal/t/32-OIDC-RP-rule.t b/lemonldap-ng-portal/t/32-OIDC-RP-rule.t index 78832771e0..ed89687bea 100644 --- a/lemonldap-ng-portal/t/32-OIDC-RP-rule.t +++ b/lemonldap-ng-portal/t/32-OIDC-RP-rule.t @@ -66,7 +66,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', \&op ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -80,9 +80,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -92,7 +91,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); diff --git a/lemonldap-ng-portal/t/32-OIDC-bad-auth-method.t b/lemonldap-ng-portal/t/32-OIDC-bad-auth-method.t index 3f722bcef6..d2ad4160b3 100644 --- a/lemonldap-ng-portal/t/32-OIDC-bad-auth-method.t +++ b/lemonldap-ng-portal/t/32-OIDC-bad-auth-method.t @@ -35,7 +35,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -77,13 +76,12 @@ LWP::Protocol::PSGI->register( ) or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -97,13 +95,12 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Reload OP so it can fetch RP's JWKS -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); # Verify that RP published its keys ok( $res = $rp->_get('/oauth2/jwks'), 'RP publish its keys' ); @@ -125,7 +122,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -162,7 +158,6 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'application/json' ), 'Call openidconnectcallback on RP' ); @@ -170,10 +165,9 @@ count(1); expectReject($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( diff --git a/lemonldap-ng-portal/t/32-OIDC-redirect_uri-filter.t b/lemonldap-ng-portal/t/32-OIDC-redirect_uri-filter.t index 5f0522815c..5716c9aad8 100644 --- a/lemonldap-ng-portal/t/32-OIDC-redirect_uri-filter.t +++ b/lemonldap-ng-portal/t/32-OIDC-redirect_uri-filter.t @@ -96,13 +96,11 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); count(1); # Authentication -switch ('op'); my $query = "user=french&password=french"; ok( $res = $op->_post( @@ -117,7 +115,6 @@ count(1); my $idpId = expectCookie($res); # Query RP for auth -switch ('rp'); ok( $res = $rp->_get( '/', accept => 'text/html' ), 'Unauth SP request' ); count(1); my $url; @@ -125,7 +122,6 @@ my $url; expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # MAIN PART OF TEST -switch ('op'); foreach my $badUrl (@badUrls) { my $badArg = build_urlencoded( redirect_uri => $badUrl ); my $forged = $query; diff --git a/lemonldap-ng-portal/t/32-OIDC-strict-JWS-private_key_jwt.t b/lemonldap-ng-portal/t/32-OIDC-strict-JWS-private_key_jwt.t index 2e32146e61..cca22cb039 100644 --- a/lemonldap-ng-portal/t/32-OIDC-strict-JWS-private_key_jwt.t +++ b/lemonldap-ng-portal/t/32-OIDC-strict-JWS-private_key_jwt.t @@ -34,7 +34,6 @@ LWP::Protocol::PSGI->register( return [ 500, [], [] ]; } count(1); - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -74,7 +73,6 @@ LWP::Protocol::PSGI->register( ) or explain( $res->[1], 'Content-Type => application/json' ); count(1); } - switch ( $host eq 'rp' ? 'op' : 'rp' ); return $res; } ); @@ -99,8 +97,6 @@ $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ); # Reload OP so it can fetch RP's JWKS $op = register( 'op', \&op ); -switch ('rp'); - # Verify that RP published its keys ok( $res = $rp->_get('/oauth2/jwks'), 'RP publish its keys' ); my $rpKeys = expectJSON($res); @@ -121,7 +117,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -158,18 +153,15 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); - ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -194,7 +186,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', diff --git a/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t b/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t index b336c6ed57..4aa8bb7cf4 100644 --- a/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t +++ b/lemonldap-ng-portal/t/33-Auth-and-issuer-OpenID2.t @@ -82,7 +82,6 @@ SKIP: { qr#http://auth.idp.com(/openidserver/?)\?(openid.*)$# ); # Follow redirection do IdP - switch ('issuer'); ok( $res = $issuer->_get( $uri, query => $query, accept => 'text/html' ), 'Follow redirection to IdP' ); expectOK($res); @@ -131,7 +130,6 @@ SKIP: { qr#http://auth.idp.com(/openidserver/?)\?(openid.*)$# ); # Follow redirection do IdP - switch ('issuer'); ok( $res = $issuer->_get( $uri, query => $query, accept => 'text/html' ), 'Follow redirection to IdP' ); expectOK($res); @@ -165,7 +163,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.sp.com/?\?(.*)# ); # Push redirection to SP - switch ('sp'); ok( $res = $sp->_get( '/', query => $query, accept => 'text/html' ), 'Follow redirection to SP' ); my $spId = expectCookie($res); diff --git a/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t b/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t index 17a29805ed..d7d931018f 100644 --- a/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t +++ b/lemonldap-ng-portal/t/34-Auth-Proxy-and-REST-Server.t @@ -88,7 +88,6 @@ expectRedirection( $res, 'http://auth.sp.com' ); $spId = expectCookie($res); # Test other REST queries -switch ('issuer'); # Session content ok( $res = $issuer->_get("/sessions/global/$idpId"), 'Session content' ); @@ -274,7 +273,6 @@ ok( $res->[0] == 400, ' Session does not exist' ); count(2); # Logout -switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t b/lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t index 030c4b9ac0..4f68ff7f87 100644 --- a/lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t +++ b/lemonldap-ng-portal/t/34-Auth-Proxy-and-SOAP-Server.t @@ -24,7 +24,6 @@ LWP::Protocol::PSGI->register( my $res; my $s = $req->content; my $client = ( $host eq 'idp' ? $issuer : $sp ); - switch ( $host eq 'idp' ? 'issuer' : 'sp' ); ok( $res = $client->_post( $url, @@ -43,7 +42,6 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/xml' ); pass(' @ END OF SOAP REQUEST @'); count(4); - switch ( $host eq 'idp' ? 'sp' : 'issuer' ); return $res; } ); diff --git a/lemonldap-ng-portal/t/35-REST-OAuth2-deny.t b/lemonldap-ng-portal/t/35-REST-OAuth2-deny.t index 651172ff86..e9b7d6797a 100644 --- a/lemonldap-ng-portal/t/35-REST-OAuth2-deny.t +++ b/lemonldap-ng-portal/t/35-REST-OAuth2-deny.t @@ -79,7 +79,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -93,9 +93,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -105,7 +104,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -142,14 +140,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/mysession', @@ -190,6 +186,10 @@ sub op { '^/mysession' => '$_scope =~ /(? 'accept', }, + # Fix this when the test lib correctly transmits HTTP_HOST + "auth.example.com" => { + "default" => "accept" + }, }, domain => 'idp.com', portal => 'http://auth.op.com/', diff --git a/lemonldap-ng-portal/t/35-REST-OAuth2.t b/lemonldap-ng-portal/t/35-REST-OAuth2.t index 4f5dcfc7e0..3dc15fbeb6 100644 --- a/lemonldap-ng-portal/t/35-REST-OAuth2.t +++ b/lemonldap-ng-portal/t/35-REST-OAuth2.t @@ -79,7 +79,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -93,9 +93,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -105,7 +104,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -142,14 +140,12 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); -switch ('op'); ok( $res = $op->_get( '/mysession', @@ -190,6 +186,10 @@ sub op { '^/mysession' => '$_scope =~ /(? 'accept', }, + # Fix this when the test lib correctly transmits HTTP_HOST + "auth.example.com" => { + "default" => "accept" + }, }, domain => 'idp.com', portal => 'http://auth.op.com/', diff --git a/lemonldap-ng-portal/t/35-REST-config-backend.t b/lemonldap-ng-portal/t/35-REST-config-backend.t index c46f11dc76..95d1975e54 100644 --- a/lemonldap-ng-portal/t/35-REST-config-backend.t +++ b/lemonldap-ng-portal/t/35-REST-config-backend.t @@ -20,7 +20,6 @@ LWP::Protocol::PSGI->register( $req->uri =~ m#http://auth.idp.com(.*?)(?:\?(.*))?$#, ' @ REST request (' . $req->method . " $1)" ); - switch ('issuer'); count(1); my $url = $1; my $query = $2; @@ -60,21 +59,18 @@ LWP::Protocol::PSGI->register( } pass(' @ END OF REST REQUEST'); count(1); - switch ('sp'); return $res; } ); -$issuer = register( 'issuer', \&issuer ); +$issuer = register( 'issuer', sub { issuer() } ); # Test REST config backend ok( $res = $issuer->_get('/config/latest'), 'Get latest conf metadata' ); count(1); expectOK($res); -$sp = register( 'sp', \&sp ); - -switch ('sp'); +$sp = register( 'sp', sub { sp() } ); # Simple SP access ok( @@ -104,7 +100,6 @@ count(1); expectOK($res); # Test other REST queries -switch ('issuer'); # Session content ok( $res = $issuer->_get("/sessions/global/$spId"), 'Session content' ); @@ -181,7 +176,6 @@ ok( $res->{result} eq '1', ' Good result' ) count(6); # Logout -switch ('sp'); ok( $res = $sp->_get( '/', @@ -208,8 +202,7 @@ clean_sessions(); done_testing( count() ); sub issuer { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', @@ -226,8 +219,7 @@ sub issuer { } sub sp { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'sp.com', diff --git a/lemonldap-ng-portal/t/35-REST-export-password.t b/lemonldap-ng-portal/t/35-REST-export-password.t index 3cf474d723..6c1a821bc1 100644 --- a/lemonldap-ng-portal/t/35-REST-export-password.t +++ b/lemonldap-ng-portal/t/35-REST-export-password.t @@ -92,7 +92,6 @@ count(1); expectOK($res); # Test other REST queries -switch ('issuer'); # Session key ok( $res = $issuer->_get("/sessions/global/$spId/[_session_id,_password]"), diff --git a/lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t b/lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t index 109389011a..0c3654e6c7 100644 --- a/lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t +++ b/lemonldap-ng-portal/t/35-REST-sessions-with-REST-server.t @@ -92,7 +92,6 @@ count(1); expectOK($res); # Test other REST queries -switch ('issuer'); # Session content ok( $res = $issuer->_get("/sessions/global/$spId"), 'Session content' ); @@ -121,7 +120,6 @@ ok( $res->{uid} eq 'french', ' Uid is french' ) count(4); # Logout -switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/35-SOAP-config-backend.t b/lemonldap-ng-portal/t/35-SOAP-config-backend.t index 9008aa5682..113e0c0858 100644 --- a/lemonldap-ng-portal/t/35-SOAP-config-backend.t +++ b/lemonldap-ng-portal/t/35-SOAP-config-backend.t @@ -24,7 +24,6 @@ LWP::Protocol::PSGI->register( my $res; my $s = $req->content; my $client = ( $host eq 'idp' ? $issuer : $sp ); - switch ( ( $host eq 'idp' ? 'issuer' : 'sp' ) ); ok( $res = $client->_post( $url, @@ -43,7 +42,6 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/xml' ); pass(' @ END OF SOAP REQUEST @'); count(4); - switch ( ( $host eq 'idp' ? 'sp' : 'issuer' ) ); return $res; } ); @@ -54,7 +52,7 @@ SKIP: { skip 'SOAP::Lite not found', $maintests; } - $issuer = register( 'issuer', \&issuer ); + $issuer = issuer(); # Test SOAP config backend my $soap = SOAP::Lite->new( proxy => 'http://auth.idp.com/config' ); @@ -67,7 +65,7 @@ SKIP: { ok( $res = $soap->call('getConfig')->result(), 'Get configuration' ); ok( $res->{cfgNum} == 1, 'cfgNum is 1' ); - $sp = register( 'sp', \&sp ); + $sp = sp(); # Simple SP access ok( @@ -122,8 +120,7 @@ clean_sessions(); done_testing( count() ); sub issuer { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', @@ -137,8 +134,7 @@ sub issuer { } sub sp { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'sp.com', diff --git a/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t b/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t index ea854a6cab..de51c15f8b 100644 --- a/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t +++ b/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST-with-WAYF.t @@ -76,7 +76,6 @@ SKIP: { expectRedirection( $res, qr#http://auth.proxy.com(/cas/login)\?(.*)$# ); # Push request to Proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -108,7 +107,6 @@ SKIP: { expectAutoPost( $res, 'auth.idp.com', '/saml/singleSignOn', 'SAMLRequest' ); - switch ('idp'); ok( $res = $idp->_post( $url, @@ -150,7 +148,6 @@ SKIP: { ok( $idpPdata !~ 'issuerRequestsaml', 'SAML request cleared from pdata' ); # Post SAML response - switch ('proxy'); ok( $res = $proxy->_post( $url, IO::String->new($query), @@ -175,7 +172,6 @@ SKIP: { expectRedirection( $res, qr#^http://auth.app.com/\?(ticket.*)$# ); # Follow redirection to App - switch ('app'); ok( $res = $app->_get( '/', query => $query, accept => 'text/html' ), 'Follow redirection to RP' ); my $appId = expectCookie($res); diff --git a/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST.t b/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST.t index 7204e2ebef..589f52a6be 100644 --- a/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST.t +++ b/lemonldap-ng-portal/t/37-CAS-App-to-SAML-IdP-POST.t @@ -76,7 +76,6 @@ SKIP: { expectRedirection( $res, qr#http://auth.proxy.com(/cas/login)\?(.*)$# ); # Push request to Proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -93,7 +92,6 @@ SKIP: { 'SAMLRequest' ); # Post SAML request to IdP - switch ('idp'); ok( $res = $idp->_post( $url, @@ -135,7 +133,6 @@ SKIP: { ok( $idpPdata !~ 'issuerRequestsaml', 'SAML request cleared from pdata' ); # Post SAML response - switch ('proxy'); ok( $res = $proxy->_post( $url, IO::String->new($query), @@ -160,7 +157,6 @@ SKIP: { expectRedirection( $res, qr#^http://auth.app.com/\?(ticket.*)$# ); # Follow redirection to App - switch ('app'); ok( $res = $app->_get( '/', query => $query, accept => 'text/html' ), 'Follow redirection to RP' ); my $appId = expectCookie($res); diff --git a/lemonldap-ng-portal/t/37-Logout-from-2-chained-SAML-SP-SOAP.t b/lemonldap-ng-portal/t/37-Logout-from-2-chained-SAML-SP-SOAP.t index 8064d35c1d..d115fe9f04 100644 --- a/lemonldap-ng-portal/t/37-Logout-from-2-chained-SAML-SP-SOAP.t +++ b/lemonldap-ng-portal/t/37-Logout-from-2-chained-SAML-SP-SOAP.t @@ -106,7 +106,6 @@ SKIP: { qr#http://auth.proxy.com(/saml/singleSignOn)\?(.*)$# ); # Push request to PROXY - switch ('proxy'); ok( $res = $proxy->_get( $url, query => $query, accept => 'text/html' ), "Push request to PROXY, endpoint $url" ); @@ -117,7 +116,6 @@ SKIP: { qr#http://auth.idp.com(/saml/singleSignOn)\?(.*)$# ); # Push request to IDP - switch ('idp'); # Try to authenticate to IdP ok( @@ -155,7 +153,6 @@ SKIP: { my ($resp) = $query =~ qr/SAMLResponse=([^&]*)/; # Post SAML response to PROXY - switch ('proxy'); ok( $res = $proxy->_post( $url, IO::String->new($query), @@ -188,7 +185,6 @@ SKIP: { ($resp) = $query =~ qr/SAMLResponse=([^&]*)/; # Post SAML response to PROXY - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -222,7 +218,6 @@ SKIP: { ok( $res->[2]->[0] =~ /trmsg="47"/, 'Test disconnexion message on SP' ); # test connexion on PROXY - switch ('proxy'); ok( $res = $proxy->_get( '/', @@ -238,7 +233,6 @@ SKIP: { qr#http://auth.idp.com(/saml/singleSignOn)\?(.*)$# ); # test connexion on IDP - switch ('idp'); ok( $res = $idp->_get( '/', diff --git a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t index 4b5ec35bbd..b9ad84a182 100644 --- a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t +++ b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-Redirect.t @@ -120,7 +120,6 @@ SKIP: { qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); @@ -131,7 +130,6 @@ SKIP: { qr#http://auth.idp.com(/saml/singleSignOn)\?(.*)$# ); # Push request to IDP - switch ('idp'); # Try to authenticate to IdP ok( @@ -169,7 +167,6 @@ SKIP: { my ($resp) = $query =~ qr/SAMLResponse=([^&]*)/; # Post SAML response to SP - switch ('op'); ok( $res = $op->_post( $url, IO::String->new($query), @@ -203,7 +200,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -232,7 +228,6 @@ SKIP: { ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); - switch ('op'); ok( $res = $op->_get( @@ -266,7 +261,6 @@ SKIP: { ( $url, $query ) = expectRedirection( $res, qr#^http://auth.idp.com(/.*)\?(.*)$# ); - switch ('idp'); ok( $res = $idp->_get( @@ -285,7 +279,6 @@ SKIP: { ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); - switch ('op'); ok( $res = $op->_get( diff --git a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t index 2914125b76..148b582e95 100644 --- a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t +++ b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-IDP-SOAP.t @@ -124,7 +124,6 @@ SKIP: { qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); @@ -135,7 +134,6 @@ SKIP: { qr#http://auth.idp.com(/saml/singleSignOn)\?(.*)$# ); # Push request to IDP - switch ('idp'); # Try to authenticate to IdP ok( @@ -173,7 +171,6 @@ SKIP: { my ($resp) = $query =~ qr/SAMLResponse=([^&]*)/; # Post SAML response to SP - switch ('op'); ok( $res = $op->_post( $url, IO::String->new($query), @@ -207,7 +204,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); @@ -236,7 +232,6 @@ SKIP: { ( $url, $query ) = expectRedirection( $res, qr#^http://auth.op.com(/.*)\?(.*)$# ); - switch ('op'); ok( $res = $op->_get( @@ -270,7 +265,6 @@ SKIP: { ( $url, $query ) = expectRedirection( $res, qr#^http://auth.rp.com(/?.*)\?(.*)$# ); - switch ('rp'); ok( $res = $rp->_get( @@ -285,7 +279,6 @@ SKIP: { expectOK($res); # test connexion on IDP - switch ('idp'); ok( $res = $idp->_get( '/', diff --git a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-SP.t b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-SP.t index 93a0fbc121..8195d10e90 100644 --- a/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-SP.t +++ b/lemonldap-ng-portal/t/37-Logout-from-OIDC-RP-to-SAML-SP.t @@ -101,7 +101,6 @@ SKIP: { qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); expectOK($res); @@ -137,13 +136,11 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); my $rpId = expectCookie($res); - switch ('op'); ok( $res = $op->_get( '/oauth2/checksession.html', accept => 'text.html' ), 'Check session, endpoint /oauth2/checksession.html' @@ -155,7 +152,6 @@ SKIP: { 'Content-Security-Policy does not contain a frame-ancestors' ); # SAML - switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', @@ -166,7 +162,6 @@ SKIP: { expectAutoPost( $res, 'auth.op.com', '/saml/singleSignOn', 'SAMLRequest' ); - switch ('op'); ok( $res = $op->_post( $url, @@ -182,7 +177,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -194,7 +188,6 @@ SKIP: { my $spId = expectCookie($res); # Logout initiated by RP - switch ('rp'); ok( $res = $rp->_get( '/', @@ -209,7 +202,6 @@ SKIP: { ); # Push logout to OP - switch ('op'); ok( $res = $op->_get( @@ -243,7 +235,6 @@ m#iframe src="http://auth.op.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, 'Get iframe request' ) or explain( $res, '' ); ( $url, $query ) = ( $1, $2 ); - switch ('op'); ok( $res = $op->_get( $url, @@ -257,7 +248,6 @@ m#iframe src="http://auth.op.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, 'SAMLRequest' ); # Post SAML logout request to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -272,7 +262,6 @@ m#iframe src="http://auth.op.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, 'SAMLResponse' ); # Post SAML logout response to IdP - switch ('op'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -292,7 +281,6 @@ m#iframe src="http://auth.op.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, ); expectReject($res); - switch ('rp'); ok( $res = $rp->_get( '/', @@ -303,7 +291,6 @@ m#iframe src="http://auth.op.com(/saml/relaySingleLogoutPOST)\?(relay=.*?)"#s, ); expectRedirection( $res, qr#^http://auth.op.com/oauth2/authorize# ); - switch ('sp'); ok( $res = $sp->_get( '/', diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t index 57f7c49cb4..ce84619a80 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET-with-WAYF.t @@ -100,7 +100,6 @@ SKIP: { qr#http://auth.sp.com(/oauth2/authorize)\?(.*)$# ); # Push request to Proxy - switch ('sp'); ok( $res = $sp->_get( $url, @@ -132,7 +131,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('idp'); ok( $res = $idp->_get( $url, @@ -169,7 +167,6 @@ SKIP: { my $idpId = expectCookie($res); # Post SAML response - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -210,7 +207,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#http://auth.rp.com/*\?(.*)$# ); # Follow redirection to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Follow redirection to RP' ); my $rpId = expectCookie($res); @@ -230,7 +226,6 @@ SKIP: { ); # Push logout request to proxy - switch ('sp'); ok( $res = $sp->_get( $url, @@ -254,7 +249,6 @@ SKIP: { qr#http://auth.idp.com/*(/saml/singleLogout)\?(.*)# ); # Push logout to SAML IdP - switch ('idp'); ok( $res = $idp->_get( $url, @@ -271,7 +265,6 @@ SKIP: { is( $removedCookie, 0, "SSO cookie removed" ); # Push logout to SAML SP - switch ('sp'); ok( $res = $sp->_get( $url, diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t index 3746173c15..769a65787d 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-GET.t @@ -100,7 +100,6 @@ SKIP: { qr#http://auth.sp.com(/oauth2/authorize)\?(.*)$# ); # Push request to Proxy - switch ('sp'); ok( $res = $sp->_get( $url, @@ -115,7 +114,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('idp'); ok( $res = $idp->_get( $url, @@ -152,7 +150,6 @@ SKIP: { my $idpId = expectCookie($res); # Post SAML response - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -193,7 +190,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#http://auth.rp.com/*\?(.*)$# ); # Follow redirection to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Follow redirection to RP' ); my $rpId = expectCookie($res); @@ -213,7 +209,6 @@ SKIP: { ); # Push logout request to proxy - switch ('sp'); ok( $res = $sp->_get( $url, @@ -237,7 +232,6 @@ SKIP: { qr#http://auth.idp.com/*(/saml/singleLogout)\?(.*)# ); # Push logout to SAML IdP - switch ('idp'); ok( $res = $idp->_get( $url, @@ -254,7 +248,6 @@ SKIP: { is( $removedCookie, 0, "SSO cookie removed" ); # Push logout to SAML SP - switch ('sp'); ok( $res = $sp->_get( $url, diff --git a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t index 94bdd43468..250111a38e 100644 --- a/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t +++ b/lemonldap-ng-portal/t/37-OIDC-RP-to-SAML-IdP-POST.t @@ -101,7 +101,6 @@ SKIP: { qr#http://auth.sp.com(/oauth2/authorize)\?(.*)$# ); # Push request to Proxy - switch ('sp'); ok( $res = $sp->_get( $url, @@ -117,7 +116,6 @@ SKIP: { 'SAMLRequest' ); # Post SAML request to IdP - switch ('idp'); ok( $res = $idp->_post( $url, @@ -155,7 +153,6 @@ SKIP: { my $idpId = expectCookie($res); # Post SAML response - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -195,7 +192,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#http://auth.rp.com/*\?(.*)$# ); # Follow redirection to RP - switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Follow redirection to RP' ); my $rpId = expectCookie($res); @@ -215,7 +211,6 @@ SKIP: { ); # Push logout request to proxy - switch ('sp'); ok( $res = $sp->_get( $url, @@ -239,7 +234,6 @@ SKIP: { expectForm( $res, 'auth.idp.com', '/saml/singleLogout', 'SAMLRequest' ); # Push logout to SAML IdP - switch ('idp'); ok( $res = $idp->_post( $url, IO::String->new($query), @@ -256,7 +250,6 @@ SKIP: { is( $removedCookie, 0, "SSO cookie removed" ); # Push logout to SAML SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t b/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t index 75905274e9..9b5db977fe 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-GET-to-OIDC-OP.t @@ -94,7 +94,6 @@ SKIP: { $proxy = register( 'proxy', sub { proxy( $jwks, $metadata ) } ); # SAML - switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', @@ -105,7 +104,6 @@ SKIP: { qr#^http://auth.proxy.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to IdP - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -120,7 +118,6 @@ SKIP: { my $proxyPdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -159,7 +156,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.proxy.com/?\?(.*)$# ); # Push OP response to Proxy - switch ('proxy'); ok( $res = $proxy->_get( @@ -191,7 +187,6 @@ SKIP: { 'SAMLResponse' ); # Push SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -217,7 +212,6 @@ SKIP: { qr#^http://auth.proxy.com(/saml/singleLogout)\?(SAMLRequest=.+)# ); # Push SAML logout request to proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -235,7 +229,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# is( $removedCookie, 0, "SSO cookie removed" ); # Forward logout to SP - switch ('sp'); ok( $res = $sp->_get( $url, diff --git a/lemonldap-ng-portal/t/37-SAML-SP-GET-to-SAML-with-Logout.t b/lemonldap-ng-portal/t/37-SAML-SP-GET-to-SAML-with-Logout.t index ba13a01728..c3c4c72071 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-GET-to-SAML-with-Logout.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-GET-to-SAML-with-Logout.t @@ -37,7 +37,6 @@ SKIP: { $proxy = register( 'proxy', \&proxy ); # SP - switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', @@ -49,7 +48,6 @@ SKIP: { qr#^http://auth.proxy.com(/saml/singleSignOn)\?(SAMLRequest=.+)# ); # Push SAML request to Proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -63,7 +61,6 @@ SKIP: { my $proxyPdata = 'lemonldappdata=' . expectCookie( $res, 'lemonldappdata' ); # Push SAML request to Proxy - switch ('idp'); ok( $res = $idp->_get( $url, @@ -113,7 +110,6 @@ SKIP: { expectAutoPost( $res, 'auth.proxy.com', '/saml/proxySingleSignOnPost', 'SAMLResponse' ); - switch ('proxy'); ok( $res = $proxy->_post( $url, @@ -146,7 +142,6 @@ SKIP: { expectAutoPost( $res, 'auth.sp.com', '/saml/proxySingleSignOnPost', 'SAMLResponse' ); - switch ('sp'); ok( $res = $sp->_post( $url, @@ -178,7 +173,6 @@ SKIP: { qr#^http://auth.proxy.com(/saml/singleLogout)\?(SAMLRequest=.+)# ); # Follow redirection to Proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -195,7 +189,6 @@ SKIP: { qr#^http://auth.idp.com(/saml/singleLogout)\?(SAMLRequest=.+)# ); # Follow redirection to IDP - switch ('idp'); ok( $res = $idp->_get( $url, @@ -213,7 +206,6 @@ qr#^http://auth.proxy.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# ); # Follow redirection to Proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -244,7 +236,6 @@ qr#^http://auth.sp.com(/saml/proxySingleLogoutReturn)\?(SAMLResponse=.+)# ); # Follow redirection to SP - switch ('sp'); ok( $res = $sp->_get( $url, diff --git a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server-with-Choice.t b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server-with-Choice.t index 8ff75fee7f..8f32b54e0f 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server-with-Choice.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server-with-Choice.t @@ -82,7 +82,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('proxy'); ok( $res = $proxy->_post( $url, @@ -117,7 +116,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$' ); # Follow redirection to CAS server - switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -148,7 +146,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$' qr#^http://auth.proxy.com(/saml/singleSignOn)\?(.*ticket=.*)$# ); # Push CAS response to proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -166,7 +163,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$' 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server.t b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server.t index 841afdfaa3..6daf4abdc7 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-CAS-server.t @@ -86,7 +86,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('proxy'); ok( $res = $proxy->_post( $url, @@ -104,7 +103,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$' ); # Follow redirection to CAS server - switch ('issuer'); ok( $res = $issuer->_get( '/cas/login', @@ -136,7 +134,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$' qr#^http://auth.proxy.com(/saml/singleSignOn)\?(.*ticket=.*)$# ); # Push CAS response to proxy - switch ('proxy'); ok( $res = $proxy->_get( $url, @@ -154,7 +151,6 @@ qr'^http://auth.idp.com/cas/login\?(service=http%3A%2F%2Fauth.proxy.com%2F.*)$' 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t index 8e9c6673e5..ed31e866c6 100644 --- a/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t +++ b/lemonldap-ng-portal/t/37-SAML-SP-POST-to-OIDC-OP.t @@ -95,7 +95,6 @@ SKIP: { $proxy = register( 'proxy', sub { proxy( $jwks, $metadata ) } ); # SAML - switch ('sp'); ok( $res = $sp->_get( '/', accept => 'text/html', @@ -106,7 +105,6 @@ SKIP: { expectForm( $res, 'auth.proxy.com', '/saml/singleSignOn', 'SAMLRequest' ); # Push SAML request to IdP - switch ('proxy'); ok( $res = $proxy->_post( $url, IO::String->new($query), @@ -121,7 +119,6 @@ SKIP: { qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP - switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -160,7 +157,6 @@ SKIP: { ($query) = expectRedirection( $res, qr#^http://auth.proxy.com/?\?(.*)$# ); # Push OP response to Proxy - switch ('proxy'); ok( $res = $proxy->_get( @@ -190,7 +186,6 @@ SKIP: { 'SAMLResponse' ); # Push SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), @@ -216,7 +211,6 @@ SKIP: { expectForm( $res, 'auth.proxy.com', '/saml/singleLogout', 'SAMLRequest' ); # Push SAML logout request to proxy - switch ('proxy'); ok( $res = $proxy->_post( $url, IO::String->new($query), @@ -234,7 +228,6 @@ SKIP: { is( $removedCookie, 0, "SSO cookie removed" ); # Forward logout to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($query), diff --git a/lemonldap-ng-portal/t/39-Failing-RP-Logout.t b/lemonldap-ng-portal/t/39-Failing-RP-Logout.t index 61bd8875e7..13ba8670c2 100644 --- a/lemonldap-ng-portal/t/39-Failing-RP-Logout.t +++ b/lemonldap-ng-portal/t/39-Failing-RP-Logout.t @@ -34,7 +34,6 @@ LWP::Protocol::PSGI->register( fail(' Aborting REST request (external)'); return [ 500, [], [] ]; } - switch ($host); if ( $req->method =~ /^post$/i ) { my $s = $req->content; ok( @@ -59,7 +58,6 @@ LWP::Protocol::PSGI->register( } ok( $res->[0] == 200, ' Response is 200' ); count(3); - switch ( $host eq 'rp' ? 'op' : 'rp' ); if ( $url !~ /blogout/ ) { ok( getHeader( $res, 'Content-Type' ) =~ m#^application/json#, ' Content is JSON' ) @@ -71,7 +69,7 @@ LWP::Protocol::PSGI->register( ); # Initialization -ok( $op = op(), 'OP portal' ); +ok( $op = register( 'op', sub { op() } ), 'OP portal' ); ok( $res = $op->_get('/oauth2/jwks'), 'Get JWKS, endpoint /oauth2/jwks' ); expectOK($res); @@ -85,9 +83,8 @@ expectOK($res); my $metadata = $res->[2]->[0]; count(3); -switch ('rp'); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -ok( $rp = rp( $jwks, $metadata ), 'RP portal' ); +ok( $rp = register( 'rp', sub { rp( $jwks, $metadata ) } ), 'RP portal' ); count(1); # Query RP for auth @@ -97,7 +94,6 @@ my ( $url, $query ) = expectRedirection( $res, qr#http://auth.op.com(/oauth2/authorize)\?(.*)$# ); # Push request to OP -switch ('op'); ok( $res = $op->_get( $url, query => $query, accept => 'text/html' ), "Push request to OP, endpoint $url" ); count(1); @@ -134,19 +130,16 @@ count(1); ($query) = expectRedirection( $res, qr#^http://auth.rp.com/?\?(.*)$# ); # Push OP response to RP -switch ('rp'); ok( $res = $rp->_get( '/', query => $query, accept => 'text/html' ), 'Call openidconnectcallback on RP' ); count(1); my $spId = expectCookie($res); - # Logout initiated by OP -switch ('op'); # Reset conf to make sure to make sure lazy loading works during logout (#3014) -$op->p->HANDLER->checkConf(1); +withHandler( 'op', sub { $op->p->HANDLER->checkConf(1) } ); ok( $res = $op->_get( @@ -159,7 +152,7 @@ ok( ); count(1); expectOK($res); -ok( $res->[2][0] =~ /trmsg="56"/s, 'Display PE_SLO_ERROR'); +ok( $res->[2][0] =~ /trmsg="56"/s, 'Display PE_SLO_ERROR' ); count(1); # Test if logout is done @@ -172,7 +165,6 @@ ok( count(1); expectReject($res); -switch ('rp'); ok( $res = $rp->_get( '/', @@ -188,8 +180,7 @@ clean_sessions(); done_testing( count() ); sub op { - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'idp.com', @@ -237,7 +228,7 @@ sub op { }, oidcServicePrivateKeySig => oidc_key_op_private_sig, oidcServicePublicKeySig => oidc_cert_op_public_sig, - customPlugins => 't::LogoutFail', + customPlugins => 't::LogoutFail', } } ); @@ -245,8 +236,7 @@ sub op { sub rp { my ( $jwks, $metadata ) = @_; - return LLNG::Manager::Test->new( - { + return LLNG::Manager::Test->new( { ini => { logLevel => $debug, domain => 'rp.com', diff --git a/lemonldap-ng-portal/t/62-SingleSession.t b/lemonldap-ng-portal/t/62-SingleSession.t index 8081bb5389..f89f5d93d5 100644 --- a/lemonldap-ng-portal/t/62-SingleSession.t +++ b/lemonldap-ng-portal/t/62-SingleSession.t @@ -112,7 +112,6 @@ sub testGetParam { #################### # Test singleSession -switch ($client1); # Test login $res = loginUser( $client1, "dwho", "127.0.0.1" ); @@ -137,7 +136,6 @@ clean_sessions(); #################### # Test singleIP -switch ($client2); $res = loginUser( $client2, "dwho", "127.0.0.1" ); $id1 = expectCookie($res); @@ -160,7 +158,6 @@ clean_sessions(); #################### # Test singleUserByIP -switch ($client3); $res = loginUser( $client3, "rtyler", "127.0.0.1" ); $id1 = expectCookie($res); @@ -183,7 +180,6 @@ clean_sessions(); #################### # Test DisplayDeleted & DisplayOther -switch ($client5); $res = loginUser( $client5, "dwho", "127.0.0.1" ); $id1 = expectCookie($res); @@ -194,7 +190,6 @@ $id2 = expectCookie($res); $res = loginUser( $client5, "dwho", "127.0.0.2" ); $id3 = expectCookie($res); -switch ($client4); $res = loginUser( $client4, "dwho", "127.0.0.2", query => 'url=' . encode_base64( "http://test1.example.com/", '' ) ); diff --git a/lemonldap-ng-portal/t/66-CDA-already-auth.t b/lemonldap-ng-portal/t/66-CDA-already-auth.t index 3c9b0aef1f..882a7ac2ab 100644 --- a/lemonldap-ng-portal/t/66-CDA-already-auth.t +++ b/lemonldap-ng-portal/t/66-CDA-already-auth.t @@ -68,7 +68,6 @@ use_ok('Lemonldap::NG::Common::PSGI::Cli::Lib'); count(2); my ( $cli, $app ); -switch ('app'); $app = register( 'app', sub { Lemonldap::NG::Handler::Server->run( $client->ini ) } ); diff --git a/lemonldap-ng-portal/t/66-CDA-with-REST.t b/lemonldap-ng-portal/t/66-CDA-with-REST.t index 98939c5b7e..4f5ac78a63 100644 --- a/lemonldap-ng-portal/t/66-CDA-with-REST.t +++ b/lemonldap-ng-portal/t/66-CDA-with-REST.t @@ -26,7 +26,6 @@ LWP::Protocol::PSGI->register( my $url = $1; my $query = $2; my $res; - switch ('portal'); if ( $req->method =~ /^(post|put)$/i ) { my $mth = '_' . lc($1); my $s = $req->content; @@ -60,7 +59,6 @@ LWP::Protocol::PSGI->register( } pass(' @ END OF REST REQUEST @'); count(1); - switch ('app'); return $res; } ); @@ -114,7 +112,6 @@ use_ok('Lemonldap::NG::Common::PSGI::Cli::Lib'); my ( $cli, $app ); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); -switch ('app'); $app = register( 'app', sub { diff --git a/lemonldap-ng-portal/t/66-CDA-with-SOAP.t b/lemonldap-ng-portal/t/66-CDA-with-SOAP.t index a44ea451d5..8111db2762 100644 --- a/lemonldap-ng-portal/t/66-CDA-with-SOAP.t +++ b/lemonldap-ng-portal/t/66-CDA-with-SOAP.t @@ -24,7 +24,6 @@ LWP::Protocol::PSGI->register( my $url = $1; my $res; my $s = $req->content; - switch ('portal'); ok( $res = $client->_post( $url, @@ -42,7 +41,6 @@ LWP::Protocol::PSGI->register( or explain( $res->[1], 'Content-Type => application/xml' ); pass(' @ END OF SOAP REQUEST @'); count(4); - switch ('app'); return $res; } ); @@ -103,7 +101,6 @@ SKIP: { my ( $cli, $app ); &Lemonldap::NG::Handler::Main::cfgNum( 0, 0 ); - switch ('app'); $app = register( 'app', sub { diff --git a/lemonldap-ng-portal/t/67-CheckUser-with-issuer-SAML-POST.t b/lemonldap-ng-portal/t/67-CheckUser-with-issuer-SAML-POST.t index 5bc91f274c..7c6a99681f 100644 --- a/lemonldap-ng-portal/t/67-CheckUser-with-issuer-SAML-POST.t +++ b/lemonldap-ng-portal/t/67-CheckUser-with-issuer-SAML-POST.t @@ -49,7 +49,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -125,7 +124,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -161,7 +159,6 @@ SKIP: { 'SAMLRequest' ); # Push SAML request to IdP - switch ('issuer'); ok( $res = $issuer->_post( $url, @@ -197,7 +194,6 @@ SKIP: { 'SAMLResponse' ); # Post SAML response to SP - switch ('sp'); ok( $res = $sp->_post( $url, IO::String->new($s), @@ -311,7 +307,6 @@ m%
_post( $url, IO::String->new($s), @@ -342,7 +336,6 @@ m%
{error}->( $_[1] ) } +sub warn { $_[0]->{warn}->( $_[1] ) } +sub notice { $_[0]->{notice}->( $_[1] ) } +sub info { $_[0]->{info}->( $_[1] ) } +sub debug { $_[0]->{debug}->( $_[1] ) } + +sub logprint { + my ( $level, $message ) = @_; + my $tag = + @main::currenthandler + ? ( "[" . join( "->", @main::currenthandler ) . "] " ) + : ""; + print STDERR "[" . localtime . "] ${tag}[$level] $message\n"; +} + +1; diff --git a/lemonldap-ng-portal/t/test-lib.pm b/lemonldap-ng-portal/t/test-lib.pm index d934660309..1c4c7478a2 100644 --- a/lemonldap-ng-portal/t/test-lib.pm +++ b/lemonldap-ng-portal/t/test-lib.pm @@ -950,9 +950,11 @@ has ini => ( } if ( $ENV{DEBUG} ) { $ini->{logLevel} = 'debug'; + $ini->{logger} = "t::TestStdLogger"; } if ( $ENV{LLNGLOGLEVEL} ) { $ini->{logLevel} = $ENV{LLNGLOGLEVEL}; + $ini->{logger} = "t::TestStdLogger"; } $self->{ini} = $ini; main::ok( $self->{p} = $self->class->new(), 'Portal object' ); -- GitLab