Merge branch 'reset-certificate' into 'v2.0'

fix call to mailTemplate in ResetCertificate module (#1605) See merge request lemonldap-ng/lemonldap-ng!120

Merge branch 'reset-certificate' into 'v2.0'
fix call to mailTemplate in ResetCertificate module (#1605) See merge request lemonldap-ng/lemonldap-ng!120
23b79199 · Christophe Maudoux · bd85aff9 · ca894220 · 23b79199 · 23b79199
Commit 23b79199 authored Dec 30, 2019 by Christophe Maudoux 🐛
2 changed files
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Plugins/CertificateResetByMail.pm
@@ -377,7 +377,8 @@ sub _certificateReset {
        else {

            # Use HTML template
-            $body = $self->loadTemplate(
+            $body = $self->loadMailTemplate(
+                $req,
                'mail_confirm',
                filter => $tr,
                params => \%tplPrms
@@ -562,7 +563,8 @@ sub modifyCertificate {
    else {

        # Use HTML template
-        $body = $self->loadTemplate(
+        $body = $self->loadMailTemplate(
+            $req,
            'mail_certificatReset',
            filter => $tr,
            params => \%tplPrms

--- a/lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t
+++ b/lemonldap-ng-portal/t/44-CertificateResetByMail-LDAP.t
@@ -5,6 +5,11 @@ use strict;
 use IO::String;
 use File::Copy;

+use Lemonldap::NG::Portal::Main::Constants qw(
+  PE_RESETCERTIFICATE_INVALID PE_RESETCERTIFICATE_FORMEMPTY
+  PE_RESETCERTIFICATE_FIRSTACCESS
+);
+
 BEGIN {
    eval {
        require 't/test-lib.pm';
@@ -13,7 +18,7 @@ BEGIN {
 }

 my ( $res, $user );
-my $maintests = 6;
+my $maintests = 12;

 SKIP: {
    eval
@@ -212,6 +217,154 @@ lkRrWfQftwmLyNIu3HfSgXlgAZS30ymfbzBU

    ok( mail() =~ /Certificate Reset sucessfully/, 'Certificate was changed' );

+
+
+    # Test invalid certificate
+
+    # Test form
+    # ------------------------
+    ok( $res = $client->_get( '/certificateReset', accept => 'text/html' ),
+        'Reset form', );
+    my ( $host, $url, $query ) = expectForm( $res, '#', undef, 'mail' );
+
+    $query = 'mail=dwho%40badwolf.org';
+
+    # Post email
+    ok(
+        $res = $client->_post(
+            '/certificateReset', IO::String->new($query),
+            length => length($query),
+            accept => 'text/html'
+        ),
+        'Post mail'
+    );
+
+    ok( mail() =~ m#a href="http://auth.example.com/certificateReset\?(.*?)"#,
+        'Found link in mail' );
+    $query = $1;
+    my $querymail = $query;
+    ok(
+        $res = $client->_get(
+            '/certificateReset',
+            query  => $query,
+            accept => 'text/html'
+        ),
+        'Post mail token received by mail'
+    );
+
+    # print STDERR Dumper($res);
+
+    ( $host, $url, $query ) = expectForm( $res, '#', undef, 'token' );
+    ok( $res->[2]->[0] =~ /certif/s, ' Ask for a new certificate file' );
+
+    #print STDERR Dumper($query);
+    my %inputs   = split( /[=&]/, $query );
+    my %querytab = split( /[=&]/, $querymail );
+
+    # Create the certificate  file
+    my $cert = "INVALID CERTIFICATE";
+
+    open my $FH2, '>', '/tmp/v296ZJQ_kG';
+    print {$FH2} "$cert";
+    close $FH2;
+
+    $res = $client->app->( {
+            'plack.request.query' => bless( {
+                    'skin'       => $querytab{'skin'},
+                    'mail_token' => $querytab{'mail_token'}
+                },
+                'Hash::MultiValue'
+            ),
+            'PATH_INFO' => '/certificateReset',
+            'HTTP_ACCEPT' =>
+'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3',
+            'REQUEST_METHOD'       => 'POST',
+            'HTTP_ORIGIN'          => 'http://auth.example.com',
+            'HTTP_ACCEPT_LANGUAGE' => 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
+            'REQUEST_SCHEME'       => 'http',
+            'HTTP_CACHE_CONTROL'   => 'max-age=0',
+
+            'plack.request.merged' => bless( {
+                    'skin'       => $querytab{'skin'},
+                    'mail_token' => $querytab{'mail_token'},
+                    'url'        => '',
+                    'token'      => $inputs{'token'}
+                },
+                'Hash::MultiValue'
+            ),
+            'REMOTE_PORT'                    => '36674',
+            'QUERY_STRING'                   => $querymail,
+            'SERVER_SIGNATURE'               => '',
+            'psgix.input.buffered'           => 1,
+            'HTTP_UPGRADE_INSECURE_REQUESTS' => '1',
+            'CONTENT_TYPE' =>
+'multipart/form-data; boundary=----WebKitFormBoundarybabRY9u6K9tERoLr',
+            'plack.request.upload' => bless( {
+                    'certif' => bless( {
+                            'headers' => bless( {
+                                    'content-disposition' =>
+'form-data; name="certif"; filename="user.pem"',
+                                    'content-type' =>
+                                      'application/x-x509-ca-cert',
+                                    '::std_case' => {
+                                        'content-disposition' =>
+                                          'Content-Disposition'
+                                    }
+                                },
+                                'HTTP::Headers'
+                            ),
+                            'filename' => 'user.pem',
+                            'tempname' => '/tmp/v296ZJQ_kG',
+                            'size'     => 1261
+                        },
+                        'Plack::Request::Upload'
+                    )
+                },
+                'Hash::MultiValue'
+            ),
+            'psgi.streaming'     => 1,
+            'plack.request.body' => bless( {
+                    'skin'  => 'bootstrap',
+                    'url'   => '',
+                    'token' => $inputs{'token'}
+                },
+                'Hash::MultiValue'
+            ),
+            'SCRIPT_URL'   => '/certificateReset',
+            'SERVER_NAME'  => 'auth.example.com',
+            'HTTP_REFERER' => 'http://auth.example.com/certificateReset?'
+              . $querymail,
+            'HTTP_CONNECTION'     => 'close',
+            'CONTENT_LENGTH'      => '1759',
+            'SCRIPT_URI'          => 'http://auth.example.com/certificateReset',
+            'plack.cookie.parsed' => {
+                'llnglanguage' => 'fr'
+            },
+            'SERVER_PORT'     => '80',
+            'SERVER_NAME'     => 'auth.example.com',
+            'SERVER_PROTOCOL' => 'HTTP/1.1',
+            'SCRIPT_NAME'     => '',
+            'HTTP_USER_AGENT' =>
+              'Mozilla/5.0 (VAX-4000; rv:36.0) Gecko/20350101 Firefox',
+            'HTTP_COOKIE'         => 'llnglanguage=fr',
+            'REMOTE_ADDR'         => '127.0.0.1',
+            'REQUEST_URI'         => '/certificateReset?' . $querymail,
+            'plack.cookie.string' => 'llnglanguage=fr',
+            'SERVER_ADDR'         => '127.0.0.1',
+            'psgi.url_scheme'     => 'http',
+            'psgix.harakiri'      => '',
+            'HTTP_HOST'           => 'auth.example.com'
+        }
+    );
+
+    my $trmsg = $res->[2]->[0]; # get html response
+    my @trmsg = split(/\n/, $trmsg); # split into lines
+    @trmsg = grep(/trmsg="/, @trmsg); # only get line corresponding to message
+    $trmsg = $trmsg[0]; # get the first one only
+    $trmsg =~ s/.*trmsg="([0-9]+)".*/$1/g; # get error code number
+    ok ( $trmsg == PE_RESETCERTIFICATE_INVALID, 'Invalid certificate' );
+
+
 }
 count($maintests);
 stopLdapServer() if $ENV{LLNGTESTLDAP};