Skip to content

GitLab

Commit 0f591496 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛
Browse files
Options

Update sessionInfo during auth process to improve handler in-memory sessions... 

Update sessionInfo during auth process to improve handler in-memory sessions security & Improve unit tests
parent d94f9748
Hide whitespace changes
Inline Side-by-side
Showing with 8 additions and 4 deletions
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Main/Process.pm
View file @ 0f591496
...@@ -484,6 +484,7 @@ sub store { ...@@ -484,6 +484,7 @@ sub store {
# Update current request # Update current request
$req->id( $session->id ); $req->id( $session->id );
$req->{sessionInfo}->{_session_id} = $session->{id}; $req->{sessionInfo}->{_session_id} = $session->{id};
$req->{sessionInfo}->{_session_kind} = $session->{kind};
# Compute unsecured cookie value if needed # Compute unsecured cookie value if needed
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) { if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
......
lemonldap-ng-portal/t/68-Impersonation-with-doubleCookies.t
View file @ 0f591496
...@@ -26,7 +26,7 @@ my $client = LLNG::Manager::Test->new( { ...@@ -26,7 +26,7 @@ my $client = LLNG::Manager::Test->new( {
checkUserDisplayPersistentInfo => 0, checkUserDisplayPersistentInfo => 0,
checkUserDisplayEmptyValues => 0, checkUserDisplayEmptyValues => 0,
impersonationMergeSSOgroups => 0, impersonationMergeSSOgroups => 0,
checkUserHiddenAttributes => '_loginHistory hGroups _session_id', checkUserHiddenAttributes => '_loginHistory hGroups _session_id _session_kind',
macros => { macros => {
test_impersonation => '"$testPrefix__user/$_user"', test_impersonation => '"$testPrefix__user/$_user"',
_whatToTrace => _whatToTrace =>
......
lemonldap-ng-portal/t/68-Impersonation.t
View file @ 0f591496
...@@ -321,10 +321,12 @@ ok( $res->[2]->[0] =~ m%<td scope="row">rtyler/dwho</td>%, 'Found rtyler/dwo' ) ...@@ -321,10 +321,12 @@ ok( $res->[2]->[0] =~ m%<td scope="row">rtyler/dwho</td>%, 'Found rtyler/dwo' )
or explain( $res->[2]->[0], 'Found rtyler/dwo' ); or explain( $res->[2]->[0], 'Found rtyler/dwo' );
ok( $res->[2]->[0] =~ m%<td scope="row">_session_id</td>%, 'Found _session_id' ) ok( $res->[2]->[0] =~ m%<td scope="row">_session_id</td>%, 'Found _session_id' )
or explain( $res->[2]->[0], 'Found _session_id' ); or explain( $res->[2]->[0], 'Found _session_id' );
count(17); ok( $res->[2]->[0] =~ m%<td scope="row">_session_kind</td>%, 'Found _session_id' )
or explain( $res->[2]->[0], 'Found _session_kind' );
count(18);
my %attributes = map /<td scope="row">(.+)?<\/td>/g, $res->[2]->[0]; my %attributes = map /<td scope="row">(.+)?<\/td>/g, $res->[2]->[0];
ok( keys %attributes == 34, 'Found 34 attributes' ) ok( keys %attributes == 35, 'Found 35 attributes' )
or print STDERR "Missing attributes -> " . scalar %attributes; or print STDERR "Missing attributes -> " . scalar %attributes;
ok( $attributes{'_auth'} eq 'Demo', '_auth' ) ok( $attributes{'_auth'} eq 'Demo', '_auth' )
or print STDERR Dumper( \%attributes ); or print STDERR Dumper( \%attributes );
......
lemonldap-ng-portal/t/70-2F-TOTP-8.t lemonldap-ng-portal/t/70-2F-TOTP-8-with-global-storage.t
View file @ 0f591496
...@@ -25,6 +25,7 @@ SKIP: { ...@@ -25,6 +25,7 @@ SKIP: {
totp2fTTL => -1, totp2fTTL => -1,
formTimeout => 120, formTimeout => 120,
requireToken => 1, requireToken => 1,
tokenUseGlobalStorage => 1,
} }
} }
); );
......
lemonldap-ng-portal/t/77-2F-Mail-with-global-storage.t
View file @ 0f591496
...@@ -11,7 +11,7 @@ count(1); ...@@ -11,7 +11,7 @@ count(1);
my $client = LLNG::Manager::Test->new( { my $client = LLNG::Manager::Test->new( {
ini => { ini => {
logLevel => 'debug', logLevel => 'error',
mail2fActivation => 1, mail2fActivation => 1,
mail2fCodeRegex => '\d{4}', mail2fCodeRegex => '\d{4}',
authentication => 'Demo', authentication => 'Demo',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment