use Test::More;
use Test::MockModule;
use Test::Warn;
+use File::Temp qw(tempdir);
-use CGI;
+use t::lib::Mocks::Logger;
+
+use utf8;
+use CGI qw(-utf8 );
use C4::Context;
BEGIN {
if ( check_install( module => 'Test::DBIx::Class' ) ) {
- plan tests => 17;
+ plan tests => 18;
}
else {
plan skip_all => "Need Test::DBIx::Class";
# Setup Mocks
## Mock Context
-my $context = new Test::MockModule('C4::Context');
+my $context = Test::MockModule->new('C4::Context');
### Mock ->config
$context->mock( 'config', \&mockedConfig );
$context->mock( 'interface', \&mockedInterface );
## Mock Database
-my $database = new Test::MockModule('Koha::Database');
+my $database = Test::MockModule->new('Koha::Database');
### Mock ->schema
$database->mock( 'schema', \&mockedSchema );
# Tests
##############################################################
+my $logger = t::lib::Mocks::Logger->new();
+
# Can module load
-use C4::Auth_with_shibboleth;
+use C4::Auth_with_shibboleth qw( shib_ok login_shib_url get_login_shib checkpw_shib );
require_ok('C4::Auth_with_shibboleth');
-$C4::Auth_with_shibboleth::debug = '0';
# Subroutine tests
## shib_ok
is( $result, '0', "bad config" );
# add test for undefined shibboleth block
-
+ $logger->clear;
reset_config();
};
#is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
## login_shib_url
-my $query_string = 'language=en-GB';
-$ENV{QUERY_STRING} = $query_string;
-$ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
-my $query = CGI->new($query_string);
-is(
- login_shib_url($query),
- 'https://testopac.com'
- . '/Shibboleth.sso/Login?target='
- . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
- . $query_string,
- "login shib url"
-);
+subtest "login_shib_url tests" => sub {
+ plan tests => 2;
+
+ my $string = 'language=en-GB¶m="hehâ¤"';
+ my $query_string = Encode::encode('UTF-8', $string);
+ my $query_string_uri_escaped = URI::Escape::uri_escape_utf8('?'.$string);
+
+ local $ENV{REQUEST_METHOD} = 'GET';
+ local $ENV{QUERY_STRING} = $query_string;
+ local $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
+ my $query = CGI->new($query_string);
+ is(
+ login_shib_url($query),
+ 'https://testopac.com'
+ . '/Shibboleth.sso/Login?target='
+ . 'https://testopac.com/cgi-bin/koha/opac-user.pl'
+ . $query_string_uri_escaped,
+ "login shib url"
+ );
+
+ my $post_params = 'user=bob&password=wideopen';
+ local $ENV{REQUEST_METHOD} = 'POST';
+ local $ENV{CONTENT_LENGTH} = length($post_params);
+
+ my $dir = tempdir( CLEANUP => 1 );
+ my $infile = "$dir/in.txt";
+ open my $fh_write, '>', $infile or die "Could not open '$infile' $!";
+ print $fh_write $post_params;
+ close $fh_write;
+
+ open my $fh_read, '<', $infile or die "Could not open '$infile' $!";
+
+ $query = CGI->new($fh_read);
+ is(
+ login_shib_url($query),
+ 'https://testopac.com'
+ . '/Shibboleth.sso/Login?target='
+ . 'https://testopac.com/cgi-bin/koha/opac-user.pl',
+ "login shib url"
+ );
+
+ close $fh_read;
+};
## get_login_shib
subtest "get_login_shib tests" => sub {
- plan tests => 4;
+
+ plan tests => 3;
+
my $login;
- # good config
- ## debug off
- $C4::Auth_with_shibboleth::debug = '0';
- warnings_are { $login = get_login_shib() }[],
- "good config with debug off, no warnings received";
- is( $login, "test1234",
- "good config with debug off, attribute value returned" );
-
- ## debug on
- $C4::Auth_with_shibboleth::debug = '1';
- warnings_are { $login = get_login_shib() }[
- "koha borrower field to match: userid",
- "shibboleth attribute to match: uid",
- "uid value: test1234"
- ],
- "good config with debug enabled, correct warnings received";
- is( $login, "test1234",
- "good config with debug enabled, attribute value returned" );
-
-# bad config - with shib_ok implemented, we should never reach this sub with a bad config
+ $login = get_login_shib();
+
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
+
+ is( $login, "test1234", "good config, attribute value returned" );
};
## checkpw_shib
subtest "checkpw_shib tests" => sub {
- plan tests => 21;
+
+ plan tests => 33;
my $shib_login;
my ( $retval, $retcard, $retuserid );
# Setup Mock Database Data
fixtures_ok [
'Borrower' => [
- [qw/cardnumber userid surname address city/],
- [qw/testcardnumber test1234 renvoize myaddress johnston/],
+ [qw/cardnumber userid surname address city email/],
+ [qw/testcardnumber test1234 renvoize myaddress johnston /],
+ [qw/testcardnumber1 test12345 clamp1 myaddress quechee kid@clamp.io/],
+ [qw/testcardnumber2 test123456 clamp2 myaddress quechee kid@clamp.io/],
],
'Category' => [ [qw/categorycode default_privacy/], [qw/S never/], ]
],
'Installed some custom fixtures via the Populate fixture class';
- # debug off
- $C4::Auth_with_shibboleth::debug = '0';
-
# good user
$shib_login = "test1234";
- warnings_are {
- ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
- }
- [], "good user with no debug";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+
+ is( $logger->count(), 2, "Two debugging entries");
is( $retval, "1", "user authenticated" );
is( $retcard, "testcardnumber", "expected cardnumber returned" );
is( $retuserid, "test1234", "expected userid returned" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
# bad user
$shib_login = 'martin';
- warnings_are {
- ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
- }
- [], "bad user with no debug";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "0", "user not authenticated" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
+
+ # duplicated matchpoint
+ $matchpoint = 'email';
+ $mapping{'email'} = { is => 'email' };
+ $shib_login = 'kid@clamp.io';
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ is( $retval, "0", "user not authenticated if duplicated matchpoint" );
+ $logger->debug_is("koha borrower field to match: email", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: email", "shib match attribute debug info")
+ ->clear();
+
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ $logger->debug_is("koha borrower field to match: email", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: email", "shib match attribute debug info")
+ ->warn_is('There are several users with email of kid@clamp.io, matchpoints must be unique', "duplicated matchpoint warned with debug")
+ ->clear();
+
+ reset_config();
# autocreate user
$autocreate = 1;
$ENV{'cat'} = "S";
$ENV{'add'} = 'Address';
$ENV{'city'} = 'City';
- warnings_are {
- ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
- }
- [], "new user added with no debug";
+
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "1", "user authenticated" );
is( $retuserid, "test4321", "expected userid returned" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
+
ok my $new_user = ResultSet('Borrower')
->search( { 'userid' => 'test4321' }, { rows => 1 } ), "new user found";
is_fields [qw/surname dateexpiry address city/], $new_user->next,
# sync user
$sync = 1;
$ENV{'city'} = 'AnotherCity';
- warnings_are {
- ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
- }
- [], "good user with sync";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
ok my $sync_user = ResultSet('Borrower')
->search( { 'userid' => 'test4321' }, { rows => 1 } ), "sync user found";
'Found $sync_user synced city';
$sync = 0;
- # debug on
- $C4::Auth_with_shibboleth::debug = '1';
-
# good user
$shib_login = "test1234";
- warnings_exist {
- ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
- }
- [
- qr/checkpw_shib/,
- qr/koha borrower field to match: userid/,
- qr/shibboleth attribute to match: uid/,
- qr/User Shibboleth-authenticated as:/
- ],
- "good user with debug enabled";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "1", "user authenticated" );
is( $retcard, "testcardnumber", "expected cardnumber returned" );
is( $retuserid, "test1234", "expected userid returned" );
+ $logger->debug_is("koha borrower field to match: userid", "borrower match field debug info")
+ ->debug_is("shibboleth attribute to match: uid", "shib match attribute debug info")
+ ->clear();
# bad user
$shib_login = "martin";
- warnings_exist {
- ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
- }
- [
- qr/checkpw_shib/,
- qr/koha borrower field to match: userid/,
- qr/shibboleth attribute to match: uid/,
- qr/User Shibboleth-authenticated as:/,
- qr/not a valid Koha user/
- ],
- "bad user with debug enabled";
+ ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
is( $retval, "0", "user not authenticated" );
-
+ $logger->info_is("There are several users with userid of martin, matchpoints must be unique", "Duplicated matchpoint warned to info");
};
## _get_uri - opac
is( C4::Auth_with_shibboleth::_get_uri(),
"https://testopac.com", "https opac uri returned" );
+$logger->clear;
+
$OPACBaseURL = "http://testopac.com";
-my $result;
-warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }[
- "shibboleth interface: $interface",
-"Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!"
-],
- "improper protocol - received expected warning";
+my $result = C4::Auth_with_shibboleth::_get_uri();
is( $result, "https://testopac.com", "https opac uri returned" );
+$logger->warn_is("Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!", "Improper protocol logged to warn")
+ ->clear();
$OPACBaseURL = "https://testopac.com";
is( C4::Auth_with_shibboleth::_get_uri(),
"https://testopac.com", "https opac uri returned" );
+$logger->clear();
+
$OPACBaseURL = undef;
-warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }
-[ "shibboleth interface: $interface", "OPACBaseURL not set!" ],
- "undefined OPACBaseURL - received expected warning";
+$result = C4::Auth_with_shibboleth::_get_uri();
is( $result, "https://", "https $interface uri returned" );
+$logger->warn_is("Syspref staffClientBaseURL or OPACBaseURL not set!", "undefined OPACBaseURL - received expected warning")
+ ->clear();
+
## _get_uri - intranet
$interface = 'intranet';
$staffClientBaseURL = "teststaff.com";
is( C4::Auth_with_shibboleth::_get_uri(),
"https://teststaff.com", "https $interface uri returned" );
+
+$logger->clear;
+
$staffClientBaseURL = "http://teststaff.com";
-warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }[
- "shibboleth interface: $interface",
-"Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!"
-],
- "improper protocol - received expected warning";
+$result = C4::Auth_with_shibboleth::_get_uri();
is( $result, "https://teststaff.com", "https $interface uri returned" );
+$logger->warn_is("Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!")
+ ->clear;
$staffClientBaseURL = "https://teststaff.com";
is( C4::Auth_with_shibboleth::_get_uri(),
"https://teststaff.com", "https $interface uri returned" );
+is( $logger->count(), 0, 'No logging' );
$staffClientBaseURL = undef;
-warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }
-[ "shibboleth interface: $interface", "staffClientBaseURL not set!" ],
- "undefined staffClientBaseURL - received expected warning";
+$result = C4::Auth_with_shibboleth::_get_uri();
is( $result, "https://", "https $interface uri returned" );
+$logger->warn_is("Syspref staffClientBaseURL or OPACBaseURL not set!", "undefined staffClientBaseURL - received expected warning")
+ ->clear;
## _get_shib_config
# Internal helper function, covered in tests above
projects / koha-ffzg.git / blobdiff