60-Lemonldap-NG-Handler-PSGI.t 3.76 KB
Newer Older
1 2
use Test::More;
use JSON;
Xavier Guimard's avatar
Xavier Guimard committed
3
use MIME::Base64;
Xavier Guimard's avatar
Xavier Guimard committed
4
use Data::Dumper;
5

Xavier Guimard's avatar
Xavier Guimard committed
6
require 't/test-psgi-lib.pm';
7

8 9
init('Lemonldap::NG::Handler::PSGI');

Xavier Guimard's avatar
Xavier Guimard committed
10 11
my $res;

Xavier Guimard's avatar
Xavier Guimard committed
12
# Unauthentified query
13
# --------------------
Xavier Guimard's avatar
Xavier Guimard committed
14
ok( $res = $client->_get('/'), 'Unauthentified query' );
Xavier Guimard's avatar
Xavier Guimard committed
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
ok( ref($res) eq 'ARRAY', 'Response is an array' ) or explain( $res, 'array' );
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
my %h = @{ $res->[1] };
ok(
    $h{Location} eq 'http://auth.example.com/?url='
      . encode_base64( 'http://test1.example.com/', '' ),
    'Redirection points to portal'
  )
  or explain(
    \%h,
    'Location => http://auth.example.com/?url='
      . encode_base64( 'http://test1.example.com/', '' )
  );
count(4);

Xavier Guimard's avatar
Xavier Guimard committed
30 31
# Authentified queries
# --------------------
Christophe Maudoux's avatar
Typo  
Christophe Maudoux committed
32
# Authorized query
Xavier Guimard's avatar
Xavier Guimard committed
33 34 35
ok( $res = $client->_get( '/', undef, undef, "lemonldap=$sessionId" ),
    'Authentified query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
Xavier Guimard's avatar
Xavier Guimard committed
36 37
count(2);

38 39 40 41 42 43
ok( $res = $client->_get( '/user_dwho/', undef, undef, "lemonldap=$sessionId" ),
    'Regexp query' );
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );

count(2);

Xavier Guimard's avatar
Xavier Guimard committed
44
# Denied query
Xavier Guimard's avatar
Xavier Guimard committed
45 46
ok( $res = $client->_get( '/deny', undef, undef, "lemonldap=$sessionId" ),
    'Denied query' );
Xavier Guimard's avatar
Xavier Guimard committed
47
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res->[0], 403 );
48
count(2);
Xavier Guimard's avatar
Xavier Guimard committed
49

50 51
# Required AuthnLevel = 1
ok( $res = $client->_get( '/AuthWeak', undef, undef, "lemonldap=$sessionId" ),
52
    'Weak Authentified query' );
53
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
Xavier Guimard's avatar
Xavier Guimard committed
54 55
count(2);

56 57 58 59 60 61
ok( $res = $client->_get( '/user_rtyler/', undef, undef, "lemonldap=$sessionId" ),
    'Regexp deny query' );
ok( $res->[0] == 403, 'Code is 403' ) or explain( $res, 403 );

count(2);

62 63 64
# Required AuthnLevel = 5
ok(
    $res = $client->_get( '/AuthStrong', undef, undef, "lemonldap=$sessionId" ),
65
    'Strong Authentified query'
66 67 68 69 70 71 72 73 74 75 76 77 78 79 80
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
%h = @{ $res->[1] };
ok(
    $h{Location} eq 'http://auth.example.com//upgradesession?url='
      . encode_base64( 'http://test1.example.com/AuthStrong', '' ),
    'Redirection points to http://test1.example.com/AuthStrong'
  )
  or explain(
    \%h,
    'http://auth.example.com//upgradesession?url='
      . encode_base64( 'http://test1.example.com/AuthStrong', '' )
  );
count(3);

Xavier Guimard's avatar
Xavier Guimard committed
81 82 83 84 85 86 87 88 89 90 91
# Bad cookie
ok(
    $res = $client->_get(
        '/deny',
        undef,
        'manager.example.com',
'lemonldap=e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545'
    ),
    'Bad cookie'
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res->[0], 302 );
Xavier Guimard's avatar
Xavier Guimard committed
92 93 94
unlink(
't/sessions/lock/Apache-Session-e5eec18ebb9bc96352595e2d8ce962e8ecf7af7c9a98cb9a43f9cd181cf4b545.lock'
);
95
count(2);
Xavier Guimard's avatar
Xavier Guimard committed
96

97 98 99 100 101
# Required AuthnLevel = 1
ok(
    $res = $client->_get(
        '/AuthWeak', undef, 'test2.example.com', "lemonldap=$sessionId"
    ),
102
    'Weak Authentified query'
103 104
);
ok( $res->[0] == 200, 'Code is 200' ) or explain( $res, 200 );
Xavier Guimard's avatar
Xavier Guimard committed
105 106
count(2);

107 108 109 110
# Required AuthnLevel = 5
ok(
    $res =
      $client->_get( '/', undef, 'test2.example.com', "lemonldap=$sessionId" ),
111
    'Default Authentified query'
112 113 114 115 116 117 118 119 120 121 122 123 124 125 126
);
ok( $res->[0] == 302, 'Code is 302' ) or explain( $res, 302 );
%h = @{ $res->[1] };
ok(
    $h{Location} eq 'http://auth.example.com//upgradesession?url='
      . encode_base64( 'http://test2.example.com/', '' ),
    'Redirection points to http://test2.example.com/'
  )
  or explain(
    \%h,
    'http://auth.example.com//upgradesession?url='
      . encode_base64( 'http://test2.example.com/', '' )
  );
count(3);

127
done_testing( count() );
Xavier Guimard's avatar
Xavier Guimard committed
128

Xavier Guimard's avatar
Xavier Guimard committed
129 130
clean();

131
sub Lemonldap::NG::Handler::PSGI::handler {
Xavier Guimard's avatar
Xavier Guimard committed
132
    my ( $self, $req ) = @_;
Xavier Guimard's avatar
Xavier Guimard committed
133 134
    ok( $req->env->{HTTP_AUTH_USER} eq 'dwho', 'Header is given to app' )
      or explain( $req->env->{HTTP_AUTH_USER}, 'dwho' );
Xavier Guimard's avatar
Xavier Guimard committed
135 136 137
    count(1);
    return [ 200, [ 'Content-Type', 'text/plain' ], ['Hello'] ];
}