Commit 70994bd7 authored by Christophe Maudoux's avatar Christophe Maudoux

Merge branch 'v2.0' of gitlab.ow2.org:lemonldap-ng/lemonldap-ng into v2.0

parents 24e58faf 5886cbe2
......@@ -6,7 +6,7 @@ use JSON;
use Lemonldap::NG::Common::PSGI::Constants;
use Lemonldap::NG::Common::PSGI::Request;
our $VERSION = '2.0.0';
our $VERSION = '2.0.2';
our $_json = JSON->new->allow_nonref;
......
......@@ -16,8 +16,10 @@ BEGIN { use_ok('Lemonldap::NG::Common::Conf') }
my $h;
ok( $h = new Lemonldap::NG::Common::Conf(
{ type => 'File',
ok(
$h = new Lemonldap::NG::Common::Conf(
{
type => 'File',
dirName => "t/",
}
),
......@@ -37,15 +39,15 @@ my @test = (
{ cfgNum => 1, test => 'éà' }
);
for ( my $i = 0; $i < @test; $i++ ) {
for ( my $i = 0 ; $i < @test ; $i++ ) {
ok( $h->store( $test[$i] ) == 1, "Test $i is stored" )
or print STDERR "$Lemonldap::NG::Common::Conf::msg $!";
or print STDERR "$Lemonldap::NG::Common::Conf::msg $!";
$count++;
my $cfg;
ok( $cfg = $h->load(1), "Test $i can be read" )
or print STDERR $Lemonldap::NG::Common::Conf::msg;
or print STDERR $Lemonldap::NG::Common::Conf::msg;
ok( $cfg->{test} eq $test[$i]->{test}, "Test $i is restored" )
or print STDERR "Expect $cfg->{test} eq $test[$i]->{test}\n";
or print STDERR "Expect $cfg->{test} eq $test[$i]->{test}\n";
$count += 2;
}
......
......@@ -9,7 +9,7 @@ use JSON qw(to_json);
use IO::Select;
use IO::Socket::INET;
our $VERSION = '2.0.0';
our $VERSION = '2.0.2';
our $status = {};
our $activity = [];
......
......@@ -109,7 +109,7 @@ sub statusInit {
exec $perl_exec, '-MLemonldap::NG::Handler::Lib::Status',
# Insert @INC in Perl path
map( {"-I$_"} @INC ),
map( { "-I$_" } @INC ),
# Command to launch
'-e', '&Lemonldap::NG::Handler::Lib::Status::run()',
......
......@@ -8,6 +8,6 @@ use strict;
use base 'Lemonldap::NG::Handler::Lib::AuthBasic',
'Lemonldap::NG::Handler::PSGI::Main';
our $VERSION = '2.0.';
our $VERSION = '2.0.0';
1;
......@@ -5,21 +5,22 @@ use Data::Dumper;
require 't/test-psgi-lib.pm';
init('Lemonldap::NG::Handler::PSGI', {
vhostOptions => {
'test1.example.com' => {
vhostHttps => 1,
vhostPort => 443,
init(
'Lemonldap::NG::Handler::PSGI',
{
vhostOptions => {
'test1.example.com' => {
vhostHttps => 1,
vhostPort => 443,
},
},
},
locationRules => {
},
exportedHeaders => {
},
https => undef,
port => undef,
maintenance => undef,
});
locationRules => {},
exportedHeaders => {},
https => undef,
port => undef,
maintenance => undef,
}
);
my $res;
......
......@@ -45,7 +45,7 @@ sub addRoutes {
$self->setTypes($conf);
$self->{multiValuesSeparator} ||= '; ';
$self->{hiddenAttributes} //= "_password";
$self->{TOTPCheck} = $self->{U2FCheck} = $self->{UBKCheck} = '1';
$self->{TOTPCheck} = $self->{U2FCheck} = $self->{UBKCheck} = '1';
}
###################
......
......@@ -2203,8 +2203,8 @@ sub attributes {
default => 0,
},
samlIDPMetaDataOptionsUserAttribute => { type => 'text', },
samlIDPMetaDataOptionsDisplayName => { type => 'text', },
samlIDPMetaDataOptionsIcon => { type => 'text', },
samlIDPMetaDataOptionsDisplayName => { type => 'text', },
samlIDPMetaDataOptionsIcon => { type => 'text', },
# SP keys
samlSPMetaDataExportedAttributes => {
......@@ -2563,10 +2563,9 @@ m{^(?:ldapi://[^/]*/?|\w[\w\-\.]*(?::\d{1,5})?|ldap(?:s|\+tls)?://\w[\w\-\.]*(?:
documentation => 'LDAP filter for auth search'
},
ldapGroupDecodeSearchedValue => {
default => 0,
type => 'bool',
documentation =>
'Decode value before searching it in LDAP groups',
default => 0,
type => 'bool',
documentation => 'Decode value before searching it in LDAP groups',
},
ldapGroupRecursive => {
default => 0,
......
......@@ -88,7 +88,7 @@ sub cTrees {
"samlIDPMetaDataOptionsCheckAudience"
]
},
{
{
title => "samlIDPMetaDataOptionsDisplay",
form => 'simpleInputContainer',
nodes => [
......
......@@ -19,44 +19,50 @@ mkdir 't/sessions';
my ( $res, $resBody );
ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ),
"Request succeed"
);
"Request succeed" );
ok( $res->[0] == 200, "Result code is 200" );
ok( $resBody = from_json( $res->[2]->[0] ),
"Result body contains JSON text" );
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
ok( $resBody->{result} == 0, "JSON response contains \"result:0\"" )
or print STDERR Dumper($resBody);
or print STDERR Dumper($resBody);
ok( $resBody->{needConfirm} == 1, "JSON response contains \"needConfirm:1\"" )
or print STDERR Dumper($resBody);
or print STDERR Dumper($resBody);
ok( @{ $resBody->{details}->{__warnings__} } == 3,
ok(
@{ $resBody->{details}->{__warnings__} } == 3,
'JSON response contains 3 warnings'
) or print STDERR Dumper($resBody);
foreach my $i (0 .. 2) {
ok( $resBody->{details}->{__warnings__}->[$i]->{message}
=~ /\b(unprotected|cross-domain-authentication|retries)\b/,
foreach my $i ( 0 .. 2 ) {
ok(
$resBody->{details}->{__warnings__}->[$i]->{message} =~
/\b(unprotected|cross-domain-authentication|retries)\b/,
"Warning with 'unprotect', 'CDA' or 'retries' found"
) or print STDERR Dumper($resBody);
}
count(4);
ok( @{ $resBody->{details}->{__needConfirmation__} } == 1,
ok(
@{ $resBody->{details}->{__needConfirmation__} } == 1,
'JSON response contains 1 needConfirmation'
) or print STDERR Dumper($resBody);
ok( $resBody->{details}->{__needConfirmation__}->[0]->{message}
=~ /\bplugin is enabled without CSRF Token neither Captcha required\b/,
ok(
$resBody->{details}->{__needConfirmation__}->[0]->{message} =~
/\bplugin is enabled without CSRF Token neither Captcha required\b/,
"Warning with confirmation needed found"
) or print STDERR Dumper($resBody);
ok( @{ $resBody->{details}->{__changes__} } == 22,
ok(
@{ $resBody->{details}->{__changes__} } == 22,
'JSON response contains 24 changes'
) or print STDERR Dumper($resBody);
#print STDERR Dumper($resBody);
ok( $res = &client->_post( '/confs/', 'cfgNum=1&force=1', &body, 'application/json' ),
ok(
$res = &client->_post(
'/confs/', 'cfgNum=1&force=1', &body, 'application/json'
),
"Request succeed"
);
......@@ -79,13 +85,13 @@ while ( my $c = shift @{ $resBody->{details}->{__changes__} } ) {
}
else {
ok( ( $cmp1 - @changes ) == ( $cmp2 - @cmsg ), qq("$c->{key}" found) )
or print STDERR 'Expect: '
. ( $cmp1 - @changes )
. ', got: '
. ( $cmp2 - @cmsg )
. "\nExpect: "
. Dumper( \@d1 ) . "Got: "
. Dumper( \@d2 );
or print STDERR 'Expect: '
. ( $cmp1 - @changes )
. ', got: '
. ( $cmp2 - @cmsg )
. "\nExpect: "
. Dumper( \@d1 ) . "Got: "
. Dumper( \@d2 );
}
count(1);
}
......@@ -93,9 +99,9 @@ ok( !@changes, 'All changes detected' ) or $bug = 1;
if ($bug) {
print STDERR 'Expected not found: '
. Dumper( \@changes )
. 'Changes announced and not found: '
. Dumper( \@cmsg );
. Dumper( \@changes )
. 'Changes announced and not found: '
. Dumper( \@cmsg );
}
#print STDERR Dumper(\@changes,\@cmsg);
......@@ -108,9 +114,9 @@ my ( @c1, @c2 );
ok( ( @c1 = sort keys %{ $res->[0] } ), 'diff() detects changes in conf 1' );
ok( ( @c2 = sort keys %{ $res->[1] } ), 'diff() detects changes in conf 2' );
ok( @c1 == 12, '11 keys changed in conf 1' )
or print STDERR "Expect: 12 keys, get: " . join( ', ', @c1 ) . "\n";
or print STDERR "Expect: 12 keys, get: " . join( ', ', @c1 ) . "\n";
ok( @c2 == 16, '14 keys changed or created in conf 2' )
or print STDERR "Expect: 16 keys, get: " . join( ',', @c2 ) . "\n";
or print STDERR "Expect: 16 keys, get: " . join( ',', @c2 ) . "\n";
count(5);
......@@ -124,89 +130,112 @@ done_testing( count() );
sub changes {
return [
{ 'key' => 'portal',
{
'key' => 'portal',
'new' => 'http://auth2.example.com/',
'old' => 'http://auth.example.com/'
},
{ 'new' => 0,
{
'new' => 0,
'old' => 1,
'key' => 'portalDisplayLogout'
},
{ 'key' =>
'applicationList, Sample applications, Application Test 1, uri',
{
'key' =>
'applicationList, Sample applications, Application Test 1, uri',
'old' => 'http://test1.example.com/',
'new' => 'http://testex.example.com/'
},
{ 'new' => 'Application Test 3',
{
'new' => 'Application Test 3',
'key' => 'applicationList, Sample applications'
},
{ 'new' => 'Changes in cat(s)/app(s)',
{
'new' => 'Changes in cat(s)/app(s)',
'key' => 'applicationList',
},
{ 'key' => 'applicationList',
{
'key' => 'applicationList',
'old' => 'Documentation',
'new' => 'Administration',
},
{ 'key' => 'applicationList',
{
'key' => 'applicationList',
'old' => 'Administration',
'new' => 'Sample applications',
},
{ 'key' => 'applicationList',
{
'key' => 'applicationList',
'old' => 'Sample applications',
'new' => 'Documentation',
},
{ 'key' => 'userDB',
{
'key' => 'userDB',
'new' => 'LDAP',
'old' => 'Demo'
},
{ 'key' => 'passwordDB',
{
'key' => 'passwordDB',
'new' => 'LDAP',
'old' => 'Demo'
},
{ 'key' => 'openIdSPList',
{
'key' => 'openIdSPList',
'new' => '1;bad.com'
},
{ 'new' => 'Uid',
{
'new' => 'Uid',
'key' => 'exportedVars'
},
{ 'key' =>
'locationRules, test1.example.com, (?#Logout comment)^/logout',
{
'key' =>
'locationRules, test1.example.com, (?#Logout comment)^/logout',
'new' => 'logout_sso',
'old' => undef
},
{ 'old' => '^/logout',
{
'old' => '^/logout',
'key' => 'locationRules, test1.example.com'
},
{ 'key' => 'locationRules, test3.example.com, ^/logout',
{
'key' => 'locationRules, test3.example.com, ^/logout',
'new' => 'logout_sso',
'old' => undef
},
{ 'key' => 'locationRules, test3.example.com, default',
{
'key' => 'locationRules, test3.example.com, default',
'old' => undef,
'new' => 'accept'
},
{ 'key' => 'locationRules',
{
'key' => 'locationRules',
'new' => 'test3.example.com'
},
{ 'key' => 'exportedHeaders, test3.example.com, Auth-User',
{
'key' => 'exportedHeaders, test3.example.com, Auth-User',
'old' => undef,
'new' => '$uid'
},
{ 'new' => 'test3.example.com',
{
'new' => 'test3.example.com',
'key' => 'exportedHeaders'
},
{ 'key' => 'locationRules, test.ex.com, default',
{
'key' => 'locationRules, test.ex.com, default',
'old' => undef,
'new' => 'deny'
},
{ 'key' => 'locationRules',
{
'key' => 'locationRules',
'new' => 'test.ex.com'
},
{ 'key' => 'virtualHosts',
{
'key' => 'virtualHosts',
'new' => 'test3.example.com',
'old' => 'test2.example.com'
},
{ 'key' => 'virtualHosts',
{
'key' => 'virtualHosts',
'old' => 'test2.example.com'
},
{
......@@ -218,6 +247,6 @@ sub changes {
'new' => 0,
'key' => 'captcha_mail_enabled',
'old' => '1'
}
}
];
}
......@@ -19,27 +19,29 @@ mkdir 't/sessions';
my ( $res, $resBody );
ok( $res = &client->_post( '/confs/', 'cfgNum=1', &body, 'application/json' ),
"Request succeed"
);
"Request succeed" );
ok( $res->[0] == 200, "Result code is 200" );
ok( $resBody = from_json( $res->[2]->[0] ),
"Result body contains JSON text" );
ok( $resBody = from_json( $res->[2]->[0] ), "Result body contains JSON text" );
ok( $resBody->{result} == 1, "JSON response contains \"result:1\"" )
or print STDERR Dumper($resBody);
ok( @{ $resBody->{details}->{__warnings__} } == 2,
or print STDERR Dumper($resBody);
ok(
@{ $resBody->{details}->{__warnings__} } == 2,
'JSON response contains 2 warnings'
) or print STDERR Dumper($resBody);
foreach my $i (0 .. 1) {
ok( $resBody->{details}->{__warnings__}->[$i]->{message}
=~ /\b(unprotected|cross-domain-authentication)\b/,
foreach my $i ( 0 .. 1 ) {
ok(
$resBody->{details}->{__warnings__}->[$i]->{message} =~
/\b(unprotected|cross-domain-authentication)\b/,
"Warning with 'unprotect', 'CDA' or 'retries' found"
) or print STDERR Dumper($resBody);
}
ok( @{ $resBody->{details}->{__changes__} } == 20,
ok(
@{ $resBody->{details}->{__changes__} } == 20,
'JSON response contains 24 changes'
) or print STDERR Dumper($resBody);
#print STDERR Dumper($resBody);
ok( -f $confFiles->[1], 'File is created' );
......@@ -61,13 +63,13 @@ while ( my $c = shift @{ $resBody->{details}->{__changes__} } ) {
}
else {
ok( ( $cmp1 - @changes ) == ( $cmp2 - @cmsg ), qq("$c->{key}" found) )
or print STDERR 'Expect: '
. ( $cmp1 - @changes )
. ', got: '
. ( $cmp2 - @cmsg )
. "\nExpect: "
. Dumper( \@d1 ) . "Got: "
. Dumper( \@d2 );
or print STDERR 'Expect: '
. ( $cmp1 - @changes )
. ', got: '
. ( $cmp2 - @cmsg )
. "\nExpect: "
. Dumper( \@d1 ) . "Got: "
. Dumper( \@d2 );
}
count(1);
}
......@@ -75,9 +77,9 @@ ok( !@changes, 'All changes detected' ) or $bug = 1;
if ($bug) {
print STDERR 'Expected not found: '
. Dumper( \@changes )
. 'Changes announced and not found: '
. Dumper( \@cmsg );
. Dumper( \@changes )
. 'Changes announced and not found: '
. Dumper( \@cmsg );
}
#print STDERR Dumper(\@changes,\@cmsg);
......@@ -90,9 +92,9 @@ my ( @c1, @c2 );
ok( ( @c1 = sort keys %{ $res->[0] } ), 'diff() detects changes in conf 1' );
ok( ( @c2 = sort keys %{ $res->[1] } ), 'diff() detects changes in conf 2' );
ok( @c1 == 11, '11 keys changed in conf 1' )
or print STDERR "Expect: 11 keys, get: " . join( ', ', @c1 ) . "\n";
or print STDERR "Expect: 11 keys, get: " . join( ', ', @c1 ) . "\n";
ok( @c2 == 14, '14 keys changed or created in conf 2' )
or print STDERR "Expect: 14 keys, get: " . join( ',', @c2 ) . "\n";
or print STDERR "Expect: 14 keys, get: " . join( ',', @c2 ) . "\n";
count(5);
......@@ -106,89 +108,112 @@ done_testing( count() );
sub changes {
return [
{ 'key' => 'portal',
{
'key' => 'portal',
'new' => 'http://auth2.example.com/',
'old' => 'http://auth.example.com/'
},
{ 'new' => 0,
{
'new' => 0,
'old' => 1,
'key' => 'portalDisplayLogout'
},
{ 'key' =>
'applicationList, Sample applications, Application Test 1, uri',
{
'key' =>
'applicationList, Sample applications, Application Test 1, uri',
'old' => 'http://test1.example.com/',
'new' => 'http://testex.example.com/'
},
{ 'new' => 'Application Test 3',
{
'new' => 'Application Test 3',
'key' => 'applicationList, Sample applications'
},
{ 'new' => 'Changes in cat(s)/app(s)',
{
'new' => 'Changes in cat(s)/app(s)',
'key' => 'applicationList',
},
{ 'key' => 'applicationList',
{
'key' => 'applicationList',
'old' => 'Documentation',
'new' => 'Administration',
},
{ 'key' => 'applicationList',
{
'key' => 'applicationList',
'old' => 'Administration',
'new' => 'Sample applications',
},
{ 'key' => 'applicationList',
{
'key' => 'applicationList',
'old' => 'Sample applications',
'new' => 'Documentation',
},
{ 'key' => 'userDB',
{
'key' => 'userDB',
'new' => 'LDAP',
'old' => 'Demo'
},
{ 'key' => 'passwordDB',
{
'key' => 'passwordDB',
'new' => 'LDAP',
'old' => 'Demo'
},
{ 'key' => 'openIdSPList',
{
'key' => 'openIdSPList',
'new' => '1;bad.com'
},
{ 'new' => 'Uid',
{
'new' => 'Uid',
'key' => 'exportedVars'
},
{ 'key' =>
'locationRules, test1.example.com, (?#Logout comment)^/logout',
{
'key' =>
'locationRules, test1.example.com, (?#Logout comment)^/logout',
'new' => 'logout_sso',
'old' => undef
},
{ 'old' => '^/logout',
{
'old' => '^/logout',
'key' => 'locationRules, test1.example.com'
},
{ 'key' => 'locationRules, test3.example.com, ^/logout',
{
'key' => 'locationRules, test3.example.com, ^/logout',
'new' => 'logout_sso',
'old' => undef
},
{ 'key' => 'locationRules, test3.example.com, default',
{
'key' => 'locationRules, test3.example.com, default',
'old' => undef,
'new' => 'accept'
},
{ 'key' => 'locationRules',
{
'key' => 'locationRules',
'new' => 'test3.example.com'
},
{ 'key' => 'exportedHeaders, test3.example.com, Auth-User',
{
'key' => 'exportedHeaders, test3.example.com, Auth-User',
'old' => undef,
'new' => '$uid'
},
{ 'new' => 'test3.example.com',
{
'new' => 'test3.example.com',
'key' => 'exportedHeaders'
},
{ 'key' => 'locationRules, test.ex.com, default',
{
'key' => 'locationRules, test.ex.com, default',
'old' => undef,
'new' => 'deny'
},
{ 'key' => 'locationRules',
{
'key' => 'locationRules',
'new' => 'test.ex.com'
},
{ 'key' => 'virtualHosts',
{
'key' => 'virtualHosts',
'new' => 'test3.example.com',
'old' => 'test2.example.com'
},
{ 'key' => 'virtualHosts',
{
'key' => 'virtualHosts',
'old' => 'test2.example.com'
}
];
......
......@@ -40,4 +40,4 @@ done_testing( count() );
unlink 't/conf/lmConf-2.json';
`rm -rf t/sessions`;
\ No newline at end of file
`rm -rf t/sessions`;
......@@ -24,7 +24,8 @@ my @notManagedAttributes = (
'sfEngine', 'available2FSelfRegistration', 'available2F',
# Brute force attack protection parameters
'bruteForceProtectionMaxAge', 'bruteForceProtectionTempo', 'bruteForceProtectionMaxFailed',
'bruteForceProtectionMaxAge', 'bruteForceProtectionTempo',
'bruteForceProtectionMaxFailed',
# Metadatas (added by manager itself)
'cfgAuthor', 'cfgAuthorIP', 'cfgNum', 'cfgDate', 'cfgLog', 'cfgVersion',
......
......@@ -13,11 +13,11 @@ use strict;
use Mouse;
use JSON qw(from_json to_json);
use Lemonldap::NG::Portal::Main::Constants qw(
PE_ERROR
PE_NOTOKEN
PE_OK
PE_SENDRESPONSE
PE_TOKENEXPIRED
PE_ERROR
PE_NOTOKEN
PE_OK
PE_SENDRESPONSE
PE_TOKENEXPIRED
);
our $VERSION = '2.0.2';
......@@ -36,8 +36,8 @@ has ott => (
is => 'rw',
lazy => 1,
default => sub {
my $ott = $_[0]->{p}
->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
my $ott =
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
$ott->timeout( $_[0]->{conf}->{formTimeout} );
return $ott;
}
......@@ -55,7 +55,7 @@ sub init {
? 'available2FSelfRegistration'