Commit 9208beba authored by Xavier Guimard's avatar Xavier Guimard

Test skeleton for #1639

parent 838cf30d
Pipeline #4303 passed with stages
in 10 minutes and 51 seconds
use Test::More;
use strict;
use IO::String;
require 't/test-lib.pm';
use lib 't/lib';
my $res;
my $maintests = 3;
SKIP: {
skip 'LLNGTESTLDAP is not set', $maintests unless ( $ENV{LLNGTESTLDAP} );
require 't/test-ldap.pm';
my $client = LLNG::Manager::Test->new(
{
ini => {
logLevel => 'error',
useSafeJail => 1,
authentication => 'LDAPPolicy',
portal => 'http://auth.example.com/',
userDB => 'LDAP',
passwordDB => 'LDAP',
portalRequireOldPassword => 1,
ldapServer => 'ldap://127.0.0.1:19389/',
ldapBase => 'ou=users,dc=example,dc=com',
managerDn => 'cn=admin,dc=example,dc=com',
managerPassword => 'admin',
}
}
);
my $postString = 'user='
. ( $ENV{LDAPACCOUNT} || 'dwho' )
. '&password='
. ( $ENV{LDAPPWD} || 'dwho' );
# Try yo authenticate
# -------------------
ok(
$res = $client->_post(
'/', IO::String->new($postString),
length => length($postString)
),
'Auth query'
);
my $match = '"error":\s*"?'
. &Lemonldap::NG::Portal::Main::Constants::PE_PP_PASSWORD_EXPIRED;
ok( $res->[2]->[0] =~ /$match/, 'Password is expired' );
skip 'TO BE CONTINUED';
my $id = expectCookie($res);
ok(
$res = $client->_post(
'/',
IO::String->new(
'oldpassword=dwho&newpassword=test&confirmpassword=test'),
cookie => "lemonldap=$id",
accept => 'application/json',
length => 54
),
'Change password'
);
expectOK($res);
$client->logout($id);
ok(
$res = $client->_post(
'/',
IO::String->new('user=dwho&password=test'),
cookie => "lemonldap=$id",
length => 23
),
'Auth query with new password'
);
expectOK($res);
$id = expectCookie($res);
$client->logout($id);
}
clean_sessions();
count($maintests);
stopLdapServer() if $ENV{LLNGTESTLDAP};
done_testing( count() );
package Lemonldap::NG::Portal::Auth::LDAPPolicy;
use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants
qw(PE_OK PE_LDAPCONNECTFAILED PE_PP_CHANGE_AFTER_RESET PE_PP_PASSWORD_EXPIRED);
our $VERSION = '2.0.2';
extends qw(Lemonldap::NG::Portal::Auth::LDAP);
# RUNNING METHODS
sub authenticate {
my ( $self, $req ) = @_;
unless ( $self->ldap ) {
return PE_LDAPCONNECTFAILED;
}
# Set the dn unless done before
unless ( $req->data->{dn} ) {
if ( my $tmp = $self->getUser($req) ) {
$self->setSecurity($req);
return $tmp;
}
}
if ( $req->data->{password} eq ( $ENV{LDAPPWD} || 'dwho' ) ) {
$req->data->{noerror} = 1;
$self->setSecurity($req);
return PE_PP_PASSWORD_EXPIRED;
}
return PE_OK;
}
1;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment