Commit 9987d28a authored by Christophe Maudoux's avatar Christophe Maudoux

Fix SSL/Kerberos Auth with Choice & Improve unit tests (#1636)

parent dba550b6
......@@ -146,6 +146,7 @@ site/coffee/confirm.coffee
site/coffee/idpchoice.coffee
site/coffee/info.coffee
site/coffee/kerberos.coffee
site/coffee/kerberosChoice.coffee
site/coffee/oidcchecksession.coffee
site/coffee/portal.coffee
site/coffee/redirect.coffee
......@@ -265,6 +266,8 @@ site/htdocs/static/common/js/info.js
site/htdocs/static/common/js/info.min.js
site/htdocs/static/common/js/kerberos.js
site/htdocs/static/common/js/kerberos.min.js
site/htdocs/static/common/js/kerberosChoice.js
site/htdocs/static/common/js/kerberosChoice.min.js
site/htdocs/static/common/js/oidcchecksession.js
site/htdocs/static/common/js/oidcchecksession.min.js
site/htdocs/static/common/js/portal.js
......
......@@ -4,7 +4,7 @@ use strict;
use Mouse;
use Lemonldap::NG::Portal::Main::Constants qw(PE_OK PE_FIRSTACCESS);
our $VERSION = '2.0.0';
our $VERSION = '2.0.2';
extends 'Lemonldap::NG::Portal::Lib::Choice';
......
......@@ -12,7 +12,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_SENDRESPONSE
);
our $VERSION = '2.0.0';
our $VERSION = '2.0.2';
extends 'Lemonldap::NG::Portal::Main::Auth';
......@@ -36,7 +36,7 @@ sub init {
$self->keytab("FILE:$file");
$self->AjaxInitScript( '<script type="text/javascript" src="'
. $self->p->staticPrefix
. '/common/js/kerberos.js"></script>' )
. '/common/js/kerberosChoice.js"></script>' )
if $self->conf->{krbByJs};
return 1;
}
......@@ -103,11 +103,17 @@ sub extractFormInfo {
# Case 3: Display kerberos auth page (with javascript)
else {
$self->logger->debug( 'Append ' . $self->Name . ' init/script' );
$req->data->{customScript} .= $self->AjaxInitScript;
# Call kerberos.js if Kerberos is the only Auth module
# kerberosChoice.js is used by Choice
$self->{AjaxInitScript} =~ s/kerberosChoice/kerberos/;
$req->data->{customScript} .= $self->{AjaxInitScript};
$self->logger->debug(
"Send init/script -> " . $req->data->{customScript} );
#$self->p->setHiddenFormValue( $req, kerberos => 0, '', 0 );
eval ( $self->InitCmd );
eval( $self->InitCmd );
die 'Unable to launch init commmand ' . $self->{InitCmd} if ($@);
return PE_FIRSTACCESS;
}
}
......
......@@ -9,7 +9,7 @@ use Lemonldap::NG::Portal::Main::Constants qw(
PE_OK
);
our $VERSION = '2.0.1';
our $VERSION = '2.0.2';
extends 'Lemonldap::NG::Portal::Main::Auth';
......@@ -48,8 +48,8 @@ sub extractFormInfo {
return PE_BADCERTIFICATE;
}
elsif ( $self->conf->{sslByAjax} and not $req->param('nossl') ) {
$self->logger->debug( 'Append ' . $self->Name . ' init/script' );
$req->data->{customScript} .= $self->AjaxInitScript;
$self->logger->debug( 'Append ' . $self->{Name} . ' init/script' );
$req->data->{customScript} .= $self->{AjaxInitScript};
$self->logger->debug(
"Send init/script -> " . $req->data->{customScript} );
return PE_FIRSTACCESS;
......
# Launch Kerberos request
$(document).ready ->
$.ajax portal + '?kerberos=1',
dataType: 'json'
# Called if browser can't find Kerberos ticket, will display
# PE_BADCREDENTIALS
statusCode:
401: () ->
$('#lformKerberos').submit()
# If request succeed cookie is set, posting form to get redirection
# or menu
success: (data) ->
$('#lformKerberos').submit()
# Case else, will display PE_BADCREDENTIALS or fallback to next auth
# backend
error: () ->
$('#lformKerberos').submit()
// Generated by CoffeeScript 1.12.7
(function() {
$(document).ready(function() {
return $.ajax(portal + '?kerberos=1', {
dataType: 'json',
statusCode: {
401: function() {
return $('#lformKerberos').submit();
}
},
success: function(data) {
return $('#lformKerberos').submit();
},
error: function() {
return $('#lformKerberos').submit();
}
});
});
}).call(this);
(function(){$(document).ready(function(){return $.ajax(portal+"?kerberos=1",{dataType:"json",statusCode:{401:function(){return $("#lformKerberos").submit()}},success:function(data){return $("#lformKerberos").submit()},error:function(){return $("#lformKerberos").submit()}})})}).call(this);
<!-- //if:jsminified
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">common/js/ssl.min.js"></script>
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">common/js/sslChoice.min.js"></script>
//else -->
<script type="text/javascript" src="<TMPL_VAR NAME="STATIC_PREFIX">common/js/sslChoice.js"></script>
<!-- //endif -->
......
......@@ -5,7 +5,7 @@ use IO::String;
require 't/test-lib.pm';
my $res;
my $maintests = 17;
my $maintests = 21;
eval { unlink 't/userdb.db' };
......@@ -19,8 +19,7 @@ SKIP: {
$dbh->do("INSERT INTO users VALUES ('dwho','dwho','Doctor who')");
my $client = LLNG::Manager::Test->new(
{
ini => {
{ ini => {
logLevel => 'error',
useSafeJail => 1,
portalMainLogo => 'common/logos/logo_llng_old.png',
......@@ -32,9 +31,9 @@ SKIP: {
'1_demo' => 'Demo;Demo;Null;;0',
'2_sql' => 'DBI;DBI;DBI;;1',
'3_demo' =>
'Demo;Demo;Null;https://test.example.com;$env->{ipAddr} =~ /127.0.0.1/',
'Demo;Demo;Null;https://test.example.com;$env->{ipAddr} =~ /127.0.0.1/',
'4_demo' =>
'Demo;Demo;Null;https://test.example.com;$env->{ipAddr} =~ /1.2.3.4/',
'Demo;Demo;Null;https://test.example.com;$env->{ipAddr} =~ /1.2.3.4/',
'5_ssl' => 'SSL;Demo;Demo',
'6_FakeCustom' => 'Custom;Demo;Demo',
'7_Kerberos' => 'Kerberos;Null;Null',
......@@ -60,39 +59,54 @@ SKIP: {
ok( $res = $client->_get( '/', accept => 'text/html' ), 'Get Menu' );
ok( $res->[2]->[0] !~ /1_demo/, '1_demo not displayed' );
ok( $res->[2]->[0] =~ /2_sql/, '2_sql displayed' );
ok( $res->[2]->[0] =~ /3_demo/, '3_demo displayed' );
ok( $res->[2]->[0] =~ /5_ssl/, '5_ssl displayed' );
ok( $res->[2]->[0] =~ /6_FakeCustom/, '6_FakeCustom displayed' );
ok( $res->[2]->[0] =~ /7_Kerberos/, '7_Kerberos displayed' );
ok( $res->[2]->[0] =~ qr%<img src="/static/common/modules/SSL.png"%,
'Found 5_ssl Logo' )
or print STDERR Dumper( $res->[2]->[0] );
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ qr%img src="/static/common/modules/Apache.png"%,
'Found 6_FakeCustom Logo' )
or print STDERR Dumper( $res->[2]->[0] );
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ qr%<img src="/static/common/modules/Kerberos.png"%,
'Found 7_Kerberos Logo' )
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ m%<form id="lformDemo" action="https://test.example.com"%,
' Redirect URL found' )
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ m%<script type="application/init">\{"sslHost":"https://authssl.example.com:19876"\}</script>%,
' SSL AJAX URL found' )
or print STDERR Dumper( $res->[2]->[0] );
'Found 7_Kerberos Logo'
) or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0]
=~ m%<form id="lformDemo" action="https://test.example.com"%,
' Redirect URL found'
) or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0]
=~ m%<script type="application/init">\{"sslHost":"https://authssl.example.com:19876"\}</script>%,
' SSL AJAX URL found'
) or print STDERR Dumper( $res->[2]->[0] );
expectForm( $res, '#', undef, 'kerberos' );
ok( $res->[2]->[0]
=~ m%<input type="hidden" name="kerberos" id="kerberos" value="0" />%,
'Found hidden attribut "kerberos" with value="0"'
) or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ /kerberos\.(?:min\.)?js/, 'Get Kerberos javascript' )
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ /kerberosChoice\.(?:min\.)?js/,
'Get Kerberos javascript' )
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0]
=~ m%<form id="lformKerberos" action="#" method="post" class="login Kerberos">%,
' Redirect URL found'
) or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0] =~ /sslChoice\.(?:min\.)?js/,
'Get sslChoice javascript' )
or print STDERR Dumper( $res->[2]->[0] );
ok( $res->[2]->[0]
=~ m%<form id="lformSSL" action="#" method="post" class="login SSL">%,
' Action # found'
) or print STDERR Dumper( $res->[2]->[0] );
my $header = getHeader( $res, 'Content-Security-Policy' );
ok( $header =~ m%;form-action \'self\' https://test.example.com;%,
' CSP URL found' )
or print STDERR Dumper( $res->[1] );
or print STDERR Dumper( $res->[1] );
ok( $res->[2]->[0] !~ /4_demo/, '4_Demo not displayed' );
ok(
$res->[2]->[0] =~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
ok( $res->[2]->[0]
=~ qr%<img src="/static/common/logos/logo_llng_old.png"%,
'Found custom Main Logo'
) or print STDERR Dumper( $res->[2]->[0] );
......@@ -101,8 +115,7 @@ SKIP: {
# Try yo authenticate
# -------------------
ok(
$res = $client->_post(
ok( $res = $client->_post(
'/', IO::String->new($postString),
length => length($postString)
),
......
......@@ -26,7 +26,9 @@ ok( $res->[2]->[0]
ok( $res->[2]->[0] =~ qr%<img src="/static/common/modules/SSL.png"%,
'Found 5_ssl Logo' )
or print STDERR Dumper( $res->[2]->[0] );
count(3);
ok( $res->[2]->[0] =~ /ssl\.(?:min\.)?js/, 'Get sslChoice javascript' )
or print STDERR Dumper( $res->[2]->[0] );
count(4);
ok( $res
= $client->_get( '/',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment