use Test::More;
use Test::MockModule;
use Test::Warn;
+use File::Temp qw(tempdir);
-use CGI;
+use t::lib::Mocks::Logger;
+
+use utf8;
+use CGI qw(-utf8 );
use C4::Context;
BEGIN {
if ( check_install( module => 'Test::DBIx::Class' ) ) {
- plan tests => 11;
- } else {
- plan skip_all => "Need Test::DBIx::Class"
+ plan tests => 18;
+ }
+ else {
+ plan skip_all => "Need Test::DBIx::Class";
}
}
-use Test::DBIx::Class { schema_class => 'Koha::Schema', connect_info => ['dbi:SQLite:dbname=:memory:','',''] };
+use Test::DBIx::Class {
+ schema_class => 'Koha::Schema',
+ connect_info => [ 'dbi:SQLite:dbname=:memory:', '', '' ]
+};
# Mock Variables
my $matchpoint = 'userid';
-my %mapping = ( 'userid' => { 'is' => 'uid' }, );
-$ENV{'uid'} = "test1234";
+my $autocreate = 0;
+my $welcome = 0;
+my $sync = 0;
+my %mapping = (
+ 'userid' => { 'is' => 'uid' },
+ 'surname' => { 'is' => 'sn' },
+ 'dateexpiry' => { 'is' => 'exp' },
+ 'categorycode' => { 'is' => 'cat' },
+ 'address' => { 'is' => 'add' },
+ 'city' => { 'is' => 'city' },
+ 'emailpro' => { 'is' => 'emailpro' },
+);
+$ENV{'uid'} = "test1234";
+$ENV{'sn'} = undef;
+$ENV{'exp'} = undef;
+$ENV{'cat'} = undef;
+$ENV{'add'} = undef;
+$ENV{'city'} = undef;
+$ENV{'emailpro'} = undef;
# Setup Mocks
## Mock Context
-my $context = new Test::MockModule('C4::Context');
+my $context = Test::MockModule->new('C4::Context');
### Mock ->config
$context->mock( 'config', \&mockedConfig );
-sub mockedConfig {
- my $param = shift;
-
- my %shibboleth = (
- 'matchpoint' => $matchpoint,
- 'mapping' => \%mapping
- );
-
- return \%shibboleth;
-}
-
### Mock ->preference
my $OPACBaseURL = "testopac.com";
+my $staffClientBaseURL = "teststaff.com";
$context->mock( 'preference', \&mockedPref );
-sub mockedPref {
- my $param = $_[1];
- my $return;
+### Mock ->tz
+$context->mock( 'timezone', sub { return 'local'; } );
- if ( $param eq 'OPACBaseURL' ) {
- $return = $OPACBaseURL;
- }
-
- return $return;
-}
+### Mock ->interface
+my $interface = 'opac';
+$context->mock( 'interface', \&mockedInterface );
## Mock Database
-my $database = new Test::MockModule('Koha::Database');
+my $database = Test::MockModule->new('Koha::Database');
### Mock ->schema
$database->mock( 'schema', \&mockedSchema );
-sub mockedSchema {
- return Schema();
-}
-
-## Convenience method to reset config
-sub reset_config {
- $matchpoint = 'userid';
- %mapping = ( 'userid' => { 'is' => 'uid' }, );
- $ENV{'uid'} = "test1234";
-
+### Mock Letters
+my $mocked_letters = Test::MockModule->new('C4::Letters');
+# we want to test the params
+$mocked_letters->mock( 'GetPreparedLetter', sub {
+ warn "GetPreparedLetter called";
return 1;
-}
+});
+# we don't care about EnqueueLetter for now
+$mocked_letters->mock( 'EnqueueLetter', sub {
+ warn "EnqueueLetter called";
+ # return a 'message_id'
+ return 42;
+});
+# we don't care about EnqueueLetter for now
+$mocked_letters->mock( 'SendQueuedMessages', sub {
+ my $params = shift;
+ warn "SendQueuedMessages called with message_id: $params->{message_id}";
+ return 1;
+});
# Tests
##############################################################
+my $logger = t::lib::Mocks::Logger->new();
+
# Can module load
-use_ok('C4::Auth_with_shibboleth');
-$C4::Auth_with_shibboleth::debug = '0';
+use C4::Auth_with_shibboleth qw( shib_ok login_shib_url get_login_shib checkpw_shib );
+require_ok('C4::Auth_with_shibboleth');
# Subroutine tests
## shib_ok
is( $result, '0', "bad config" );
# add test for undefined shibboleth block
-
+ $logger->clear;
reset_config();
};
#is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
## login_shib_url
-my $query_string = 'language=en-GB';
-$ENV{QUERY_STRING} = $query_string;
-$ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
-my $query = CGI->new($query_string);
-is(
- login_shib_url($query),
- 'https://testopac.com'
- . '/Shibboleth.sso/Login?target='
- . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
- . $query_string,
- "login shib url"
-);
+subtest "login_shib_url tests" => sub {
+ plan tests => 2;
+
+ my $string = 'language=en-GB¶m="hehâ¤"';
+ my $query_string = Encode::encode('UTF-8', $string);
+ my $query_string_uri_escaped = URI::Escape::uri_escape_utf8('?'.$string);
+
+ local $ENV{REQUEST_METHOD} = 'GET';
+ local $ENV{QUERY_STRING} = $query_string;
+ local $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
+ my $query = CGI->new($query_string);
+ is(
+ login_shib_url($query),
+ 'https://testopac.com'
+ . '/Shibboleth.sso/Login?target='
+ . 'https://testopac.com/cgi-bin/koha/opac-user.pl'
+ . $query_string_uri_escaped,
+ "login shib url"
+ );
+
+ my $post_params = 'user=bob&password=wideopen';
+ local $ENV{REQUEST_METHOD} = 'POST';
+ local $ENV{CONTENT_LENGTH} = length($post_params);
+
+ my $dir = tempdir( CLEANUP => 1 );
+ my $infile = "$dir/in.txt";
+ open my $fh_write, '>', $infile or die "Could not open '$infile' $!";
+ print $fh_write $post_params;
+ close $fh_write;
+
+ open my $fh_read, '<', $infile or die "Could not open '$infile' $!";
+
+ $query = CGI->new($fh_read);
+ is(
+ login_shib_url($query),
+ 'https://testopac.com'
+ . '/Shibboleth.sso/Login?target='
+ . 'https://testopac.com/cgi-bin/koha/opac-user.pl',
+ "login shib url"
+ );
+
+ close $fh_read;
+};
## get_login_shib
subtest "get_login_shib tests" => sub {
- plan tests => 4;
+
+ plan tests => 3;
+
my $login;
- # good config
- ## debug off
- $C4::Auth_with_shibboleth::debug = '0';
- warnings_are { $login = get_login_shib() }[],
- "good config with debug off, no warnings recieved";
- is( $login, "test1234",
- "good config with debug off, attribute value returned" );
-
- ## debug on
- $C4::Auth_with_shibboleth::debug = '1';
- warnings_are { $login = get_login_shib() }[
- "koha borrower field to match: userid",
- "shibboleth attribute to match: uid",
- "uid value: test1234"
- ],
- "good config with debug enabled, correct warnings recieved";
- is( $login, "test1234",
- "good config with debug enabled, attribute value returned" );
+ $login = get_login_shib();
-# bad config - with shib_ok implimented, we should never reach this sub with a bad config
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
+
+ is( $login, "test1234", "good config, attribute value returned" );
};
## checkpw_shib
subtest "checkpw_shib tests" => sub {
- plan tests => 13;
+
+ plan tests => 34;
my $shib_login;
my ( $retval, $retcard, $retuserid );
# Setup Mock Database Data
fixtures_ok [
'Borrower' => [
- [qw/cardnumber userid surname address city/],
- [qw/testcardnumber test1234 renvoize myaddress johnston/],
+ [qw/cardnumber userid surname address city email/],
+ [qw/testcardnumber test1234 renvoize myaddress johnston /],
+ [qw/testcardnumber1 test12345 clamp1 myaddress quechee kid@clamp.io/],
+ [qw/testcardnumber2 test123456 clamp2 myaddress quechee kid@clamp.io/],
],
+ 'Category' => [ [qw/categorycode default_privacy/], [qw/S never/], ]
],
'Installed some custom fixtures via the Populate fixture class';
- # debug off
- $C4::Auth_with_shibboleth::debug = '0';
-
# good user
$shib_login = "test1234";
- warnings_are {
- ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
- }
- [], "good user with no debug";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+
+ is( $logger->count(), 2, "Two debugging entries");
is( $retval, "1", "user authenticated" );
is( $retcard, "testcardnumber", "expected cardnumber returned" );
is( $retuserid, "test1234", "expected userid returned" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
# bad user
$shib_login = 'martin';
- warnings_are {
- ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
- }
- [], "bad user with no debug";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "0", "user not authenticated" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
- # debug on
- $C4::Auth_with_shibboleth::debug = '1';
+ # duplicated matchpoint
+ $matchpoint = 'email';
+ $mapping{'email'} = { is => 'email' };
+ $shib_login = 'kid@clamp.io';
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ is( $retval, "0", "user not authenticated if duplicated matchpoint" );
+ $logger->debug_is("koha borrower field to match: email", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: email", "shib match attribute debug info")
+ ->clear();
+
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ $logger->debug_is("koha borrower field to match: email", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: email", "shib match attribute debug info")
+ ->warn_is('There are several users with email of kid@clamp.io, matchpoints must be unique', "duplicated matchpoint warned with debug")
+ ->clear();
+
+ reset_config();
+
+ # autocreate user (welcome)
+ $autocreate = 1;
+ $welcome = 1;
+ $shib_login = 'test4321';
+ $ENV{'uid'} = 'test4321';
+ $ENV{'sn'} = "pika";
+ $ENV{'exp'} = "2017";
+ $ENV{'cat'} = "S";
+ $ENV{'add'} = 'Address';
+ $ENV{'city'} = 'City';
+ $ENV{'emailpro'} = 'me@myemail.com';
+
+ warnings_are {
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ }
+ [
+ 'GetPreparedLetter called',
+ 'EnqueueLetter called',
+ 'SendQueuedMessages called with message_id: 42'
+ ],
+ "WELCOME notice Prepared, Enqueued and Send";
+ is( $retval, "1", "user authenticated" );
+ is( $retuserid, "test4321", "expected userid returned" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
+
+ ok my $new_user = ResultSet('Borrower')
+ ->search( { 'userid' => 'test4321' }, { rows => 1 } ), "new user found";
+ is_fields [qw/surname dateexpiry address city/], $new_user->next,
+ [qw/pika 2017 Address City/],
+ 'Found $new_users surname';
+ $autocreate = 0;
+ $welcome = 0;
+
+ # sync user
+ $sync = 1;
+ $ENV{'city'} = 'AnotherCity';
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
+
+ ok my $sync_user = ResultSet('Borrower')
+ ->search( { 'userid' => 'test4321' }, { rows => 1 } ), "sync user found";
+
+ is_fields [qw/surname dateexpiry address city/], $sync_user->next,
+ [qw/pika 2017 Address AnotherCity/],
+ 'Found $sync_user synced city';
+ $sync = 0;
# good user
$shib_login = "test1234";
- warnings_exist {
- ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
- }
- [ qr/checkpw_shib/, qr/koha borrower field to match: userid/,
- qr/shibboleth attribute to match: uid/,
- qr/User Shibboleth-authenticated as:/ ],
- "good user with debug enabled";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "1", "user authenticated" );
is( $retcard, "testcardnumber", "expected cardnumber returned" );
is( $retuserid, "test1234", "expected userid returned" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
# bad user
$shib_login = "martin";
- warnings_exist {
- ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
- }
- [
- qr/checkpw_shib/,
- qr/koha borrower field to match: userid/,
- qr/shibboleth attribute to match: uid/,
- qr/User Shibboleth-authenticated as:/,
- qr/not a valid Koha user/
- ],
- "bad user with debug enabled";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "0", "user not authenticated" );
-
+ $logger->info_is("There are several users with userid of martin, matchpoints must be unique", "Duplicated matchpoint warned to info");
};
-## _get_uri
+## _get_uri - opac
$OPACBaseURL = "testopac.com";
is( C4::Auth_with_shibboleth::_get_uri(),
"https://testopac.com", "https opac uri returned" );
+$logger->clear;
+
$OPACBaseURL = "http://testopac.com";
-my $result;
-warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
- [ qr/Shibboleth requires OPACBaseURL to use the https protocol!/ ],
- "improper protocol - received expected warning";
+my $result = C4::Auth_with_shibboleth::_get_uri();
is( $result, "https://testopac.com", "https opac uri returned" );
+$logger->warn_is("Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!", "Improper protocol logged to warn")
+ ->clear();
$OPACBaseURL = "https://testopac.com";
is( C4::Auth_with_shibboleth::_get_uri(),
"https://testopac.com", "https opac uri returned" );
+$logger->clear();
+
$OPACBaseURL = undef;
-warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
- [ qr/OPACBaseURL not set!/ ],
- "undefined OPACBaseURL - received expected warning";
-is( $result, "https://", "https opac uri returned" );
+$result = C4::Auth_with_shibboleth::_get_uri();
+is( $result, "https://", "https $interface uri returned" );
+
+$logger->warn_is("Syspref staffClientBaseURL or OPACBaseURL not set!", "undefined OPACBaseURL - received expected warning")
+ ->clear();
+
+## _get_uri - intranet
+$interface = 'intranet';
+$staffClientBaseURL = "teststaff.com";
+is( C4::Auth_with_shibboleth::_get_uri(),
+ "https://teststaff.com", "https $interface uri returned" );
+
+
+$logger->clear;
+
+$staffClientBaseURL = "http://teststaff.com";
+$result = C4::Auth_with_shibboleth::_get_uri();
+is( $result, "https://teststaff.com", "https $interface uri returned" );
+$logger->warn_is("Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!")
+ ->clear;
+
+$staffClientBaseURL = "https://teststaff.com";
+is( C4::Auth_with_shibboleth::_get_uri(),
+ "https://teststaff.com", "https $interface uri returned" );
+is( $logger->count(), 0, 'No logging' );
+
+$staffClientBaseURL = undef;
+$result = C4::Auth_with_shibboleth::_get_uri();
+is( $result, "https://", "https $interface uri returned" );
+$logger->warn_is("Syspref staffClientBaseURL or OPACBaseURL not set!", "undefined staffClientBaseURL - received expected warning")
+ ->clear;
## _get_shib_config
# Internal helper function, covered in tests above
+
+sub mockedConfig {
+ my $param = shift;
+
+ my %shibboleth = (
+ 'autocreate' => $autocreate,
+ 'welcome' => $welcome,
+ 'sync' => $sync,
+ 'matchpoint' => $matchpoint,
+ 'mapping' => \%mapping
+ );
+
+ return \%shibboleth;
+}
+
+sub mockedPref {
+ my $param = $_[1];
+ my $return;
+
+ if ( $param eq 'OPACBaseURL' ) {
+ $return = $OPACBaseURL;
+ }
+
+ if ( $param eq 'staffClientBaseURL' ) {
+ $return = $staffClientBaseURL;
+ }
+
+ if ( $param eq 'AutoEmailPrimaryAddress' ) {
+ $return = 'OFF';
+ }
+
+ return $return;
+}
+
+sub mockedInterface {
+ return $interface;
+}
+
+sub mockedSchema {
+ return Schema();
+}
+
+## Convenience method to reset config
+sub reset_config {
+ $matchpoint = 'userid';
+ $autocreate = 0;
+ $welcome = 0;
+ $sync = 0;
+ %mapping = (
+ 'userid' => { 'is' => 'uid' },
+ 'surname' => { 'is' => 'sn' },
+ 'dateexpiry' => { 'is' => 'exp' },
+ 'categorycode' => { 'is' => 'cat' },
+ 'address' => { 'is' => 'add' },
+ 'city' => { 'is' => 'city' },
+ 'emailpro' => { 'is' => 'emailpro' },
+ );
+ $ENV{'uid'} = "test1234";
+ $ENV{'sn'} = undef;
+ $ENV{'exp'} = undef;
+ $ENV{'cat'} = undef;
+ $ENV{'add'} = undef;
+ $ENV{'city'} = undef;
+ $ENV{'emailpro'} = undef;
+
+ return 1;
+}
+