Commit f8046dd7 authored by Christophe Maudoux's avatar Christophe Maudoux 🐛

Update sessionInfo during auth process & Improve unit tests

parent 1988983c
......@@ -52,7 +52,7 @@ sub process {
sub restoreArgs {
my ( $self, $req ) = @_;
$req->mustRedirect(1);
return PE_OK;
PE_OK;
}
sub importHandlerData {
......@@ -143,7 +143,6 @@ sub controlUrl {
$req->data->{_url} = $url;
$req->pdata->{_url} = $url;
}
PE_OK;
}
......@@ -266,7 +265,6 @@ sub checkXSSAttack {
"XSS attack detected (param: $name | value: $value)");
return $self->conf->{checkXSS};
}
return 0;
}
......@@ -327,7 +325,6 @@ sub authenticate {
# Ignore result, process will end at least with PE_BADCREDENTIALS
my $tmp = $self->process($req);
$ret = $tmp if ( $tmp == PE_WAIT );
return $ret;
}
......@@ -349,7 +346,7 @@ sub setSessionInfo {
my ( $self, $req ) = @_;
# Set _user
$req->{sessionInfo}->{_user} //= $req->{user};
$req->{sessionInfo}->{_user} //= $req->user;
# Get the current user module
$req->{sessionInfo}->{_auth} = $self->getModule( $req, "auth" );
......@@ -382,7 +379,6 @@ sub setSessionInfo {
# Call UserDB setSessionInfo
return $self->_userDB->setSessionInfo($req);
PE_OK;
}
......@@ -404,7 +400,7 @@ sub setPersistentSessionInfo {
my ( $self, $req ) = @_;
# Do not restore infos if session already opened
unless ( $req->{id} ) {
unless ( $req->id ) {
my $key = $req->{sessionInfo}->{ $self->conf->{whatToTrace} };
return PE_OK unless ( $key and length($key) );
......@@ -450,7 +446,7 @@ sub store {
$req->userData( $req->sessionInfo );
# Create second session for unsecure cookie
if ( $self->conf->{securedCookie} == 2 and !$req->refresh() ) {
if ( $self->conf->{securedCookie} == 2 and !$req->refresh ) {
my %infos = %{ $req->{sessionInfo} };
$infos{_updateTime} = strftime( "%Y%m%d%H%M%S", localtime() );
$self->logger->debug("Set _updateTime with $infos{_updateTime}");
......@@ -479,22 +475,24 @@ sub store {
# Main session
my $session = $self->getApacheSession(
$req->{id},
$req->id,
force => $req->{force},
info => $infos
);
return PE_APACHESESSIONERROR unless ($session);
$req->id( $session->{id} );
# Update current request
$req->id( $session->id );
$req->{sessionInfo}->{_session_id} = $session->{id};
# Compute unsecured cookie value if needed
if ( $self->conf->{securedCookie} == 3 and !$req->refresh() ) {
if ( $self->conf->{securedCookie} == 3 and !$req->refresh ) {
$req->{sessionInfo}->{_httpSession} =
$self->conf->{cipher}->encryptHex( $req->{id}, "http" );
$self->conf->{cipher}->encryptHex( $req->id, "http" );
$self->logger->debug( " -> Compute unsecured cookie value : "
. $req->{sessionInfo}->{_httpSession} );
}
$req->refresh(0);
PE_OK;
}
......@@ -504,7 +502,7 @@ sub buildCookie {
$req->addCookie(
$self->cookie(
name => $self->conf->{cookieName},
value => $req->{id},
value => $req->id,
domain => $self->conf->{domain},
secure => $self->conf->{securedCookie},
)
......
......@@ -26,7 +26,7 @@ my $client = LLNG::Manager::Test->new( {
checkUserDisplayPersistentInfo => 0,
checkUserDisplayEmptyValues => 0,
impersonationMergeSSOgroups => 0,
checkUserHiddenAttributes => '_loginHistory hGroups',
checkUserHiddenAttributes => '_loginHistory hGroups _session_id',
macros => {
test_impersonation => '"$testPrefix__user/$_user"',
_whatToTrace =>
......
......@@ -319,10 +319,12 @@ ok( $res->[2]->[0] =~ m%<td scope="row">test_impersonation</td>%,
or explain( $res->[2]->[0], 'test_impersonation' );
ok( $res->[2]->[0] =~ m%<td scope="row">rtyler/dwho</td>%, 'Found rtyler/dwo' )
or explain( $res->[2]->[0], 'Found rtyler/dwo' );
count(16);
ok( $res->[2]->[0] =~ m%<td scope="row">_session_id</td>%, 'Found _session_id' )
or explain( $res->[2]->[0], 'Found _session_id' );
count(17);
my %attributes = map /<td scope="row">(.+)?<\/td>/g, $res->[2]->[0];
ok( keys %attributes == 33, 'Found 33 attributes' )
ok( keys %attributes == 34, 'Found 34 attributes' )
or print STDERR "Missing attributes -> " . scalar %attributes;
ok( $attributes{'_auth'} eq 'Demo', '_auth' )
or print STDERR Dumper( \%attributes );
......
......@@ -140,25 +140,13 @@ ok(
'Post code'
);
count(1);
$pdata = expectCookie( $res, 'lemonldappdata' );
$id = expectCookie($res);
expectRedirection( $res, 'http://test1.example.com' );
$id = expectCookie($res);
# Make pdata was cleared and we aren't being redirected
ok(
$res = $client->_get(
'/',
accept => 'text/html',
cookie => "lemonldap=$id;lemonldappdata=$pdata",
),
'Post login'
);
my $cookies = getCookies($res);
ok( !defined( $cookies->{lemonldappdata} ), " Make sure no pdata is returned" );
count(1);
expectOK($res);
clean_sessions();
done_testing( count() );
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment