search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 9302: Use patron-title.inc
[koha.git] / t / Auth_with_shibboleth.t
blob5022b008eb862636bf4478bc918dd8e0447d2ae0
1 #!/usr/bin/perl
2
3 # This file is part of Koha.
4 #
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
17
18 use Modern::Perl;
19
20 $| = 1;
21 use Module::Load::Conditional qw/check_install/;
22 use Test::More;
23 use Test::MockModule;
24 use Test::Warn;
25
26 use CGI;
27 use C4::Context;
28
29 BEGIN {
30 if ( check_install( module => 'Test::DBIx::Class' ) ) {
31 plan tests => 11;
32 } else {
33 plan skip_all => "Need Test::DBIx::Class"
34 }
35 }
36
37 use Test::DBIx::Class;
38
39 # Mock Variables
40 my $matchpoint = 'userid';
41 my $autocreate = 0;
42 my %mapping = (
43 'userid' => { 'is' => 'uid' },
44 'surname' => { 'is' => 'sn' },
45 'dateexpiry' => { 'is' => 'exp' },
46 'categorycode' => { 'is' => 'cat' },
47 'address' => { 'is' => 'add' },
48 'city' => { 'is' => 'city' },
49 );
50 $ENV{'uid'} = "test1234";
51 $ENV{'sn'} = undef;
52 $ENV{'exp'} = undef;
53 $ENV{'cat'} = undef;
54 $ENV{'add'} = undef;
55 $ENV{'city'} = undef;
56
57 # Setup Mocks
58 ## Mock Context
59 my $context = new Test::MockModule('C4::Context');
60
61 ### Mock ->config
62 $context->mock( 'config', \&mockedConfig );
63
64 ### Mock ->preference
65 my $OPACBaseURL = "testopac.com";
66 $context->mock( 'preference', \&mockedPref );
67
68 ### Mock ->tz
69 $context->mock( 'timezone', sub { return 'local'; } );
70
71 ## Mock Database
72 my $database = new Test::MockModule('Koha::Database');
73
74 ### Mock ->schema
75 $database->mock( 'schema', \&mockedSchema );
76
77 # Tests
78 ##############################################################
79
80 # Can module load
81 use C4::Auth_with_shibboleth;
82 require_ok('C4::Auth_with_shibboleth');
83 $C4::Auth_with_shibboleth::debug = '0';
84
85 # Subroutine tests
86 ## shib_ok
87 subtest "shib_ok tests" => sub {
88 plan tests => 5;
89 my $result;
90
91 # correct config, no debug
92 is( shib_ok(), '1', "good config" );
93
94 # bad config, no debug
95 $matchpoint = undef;
96 warnings_are { $result = shib_ok() }
97 [ { carped => 'shibboleth matchpoint not defined' }, ],
98 "undefined matchpoint = fatal config, warning given";
99 is( $result, '0', "bad config" );
100
101 $matchpoint = 'email';
102 warnings_are { $result = shib_ok() }
103 [ { carped => 'shibboleth matchpoint not mapped' }, ],
104 "unmapped matchpoint = fatal config, warning given";
105 is( $result, '0', "bad config" );
106
107 # add test for undefined shibboleth block
108
109 reset_config();
110 };
111
112 ## logout_shib
113 #my $query = CGI->new();
114 #is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
115
116 ## login_shib_url
117 my $query_string = 'language=en-GB';
118 $ENV{QUERY_STRING} = $query_string;
119 $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
120 my $query = CGI->new($query_string);
121 is(
122 login_shib_url($query),
123 'https://testopac.com'
124 . '/Shibboleth.sso/Login?target='
125 . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
126 . $query_string,
127 "login shib url"
128 );
129
130 ## get_login_shib
131 subtest "get_login_shib tests" => sub {
132 plan tests => 4;
133 my $login;
134
135 # good config
136 ## debug off
137 $C4::Auth_with_shibboleth::debug = '0';
138 warnings_are { $login = get_login_shib() }[],
139 "good config with debug off, no warnings received";
140 is( $login, "test1234",
141 "good config with debug off, attribute value returned" );
142
143 ## debug on
144 $C4::Auth_with_shibboleth::debug = '1';
145 warnings_are { $login = get_login_shib() }[
146 "koha borrower field to match: userid",
147 "shibboleth attribute to match: uid",
148 "uid value: test1234"
149 ],
150 "good config with debug enabled, correct warnings received";
151 is( $login, "test1234",
152 "good config with debug enabled, attribute value returned" );
153
154 # bad config - with shib_ok implemented, we should never reach this sub with a bad config
155 };
156
157 ## checkpw_shib
158 subtest "checkpw_shib tests" => sub {
159 plan tests => 18;
160
161 my $shib_login;
162 my ( $retval, $retcard, $retuserid );
163
164 # Setup Mock Database Data
165 fixtures_ok [
166 'Borrower' => [
167 [qw/cardnumber userid surname address city/],
168 [qw/testcardnumber test1234 renvoize myaddress johnston/],
169 ],
170 'Category' => [ [qw/categorycode default_privacy/], [qw/S never/], ]
171 ],
172 'Installed some custom fixtures via the Populate fixture class';
173
174 # debug off
175 $C4::Auth_with_shibboleth::debug = '0';
176
177 # good user
178 $shib_login = "test1234";
179 warnings_are {
180 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
181 }
182 [], "good user with no debug";
183 is( $retval, "1", "user authenticated" );
184 is( $retcard, "testcardnumber", "expected cardnumber returned" );
185 is( $retuserid, "test1234", "expected userid returned" );
186
187 # bad user
188 $shib_login = 'martin';
189 warnings_are {
190 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
191 }
192 [], "bad user with no debug";
193 is( $retval, "0", "user not authenticated" );
194
195 # autocreate user
196 $autocreate = 1;
197 $shib_login = 'test4321';
198 $ENV{'uid'} = 'test4321';
199 $ENV{'sn'} = "pika";
200 $ENV{'exp'} = "2017";
201 $ENV{'cat'} = "S";
202 $ENV{'add'} = 'Address';
203 $ENV{'city'} = 'City';
204 warnings_are {
205 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
206 }
207 [], "new user added with no debug";
208 is( $retval, "1", "user authenticated" );
209 is( $retuserid, "test4321", "expected userid returned" );
210 ok my $new_user = ResultSet('Borrower')
211 ->search( { 'userid' => 'test4321' }, { rows => 1 } ), "new user found";
212 is_fields [qw/surname dateexpiry address city/], $new_user->next,
213 [qw/pika 2017 Address City/],
214 'Found $new_users surname';
215 $autocreate = 0;
216
217 # debug on
218 $C4::Auth_with_shibboleth::debug = '1';
219
220 # good user
221 $shib_login = "test1234";
222 warnings_exist {
223 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
224 }
225 [
226 qr/checkpw_shib/,
227 qr/koha borrower field to match: userid/,
228 qr/shibboleth attribute to match: uid/,
229 qr/User Shibboleth-authenticated as:/
230 ],
231 "good user with debug enabled";
232 is( $retval, "1", "user authenticated" );
233 is( $retcard, "testcardnumber", "expected cardnumber returned" );
234 is( $retuserid, "test1234", "expected userid returned" );
235
236 # bad user
237 $shib_login = "martin";
238 warnings_exist {
239 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
240 }
241 [
242 qr/checkpw_shib/,
243 qr/koha borrower field to match: userid/,
244 qr/shibboleth attribute to match: uid/,
245 qr/User Shibboleth-authenticated as:/,
246 qr/not a valid Koha user/
247 ],
248 "bad user with debug enabled";
249 is( $retval, "0", "user not authenticated" );
250
251 };
252
253 ## _get_uri
254 $OPACBaseURL = "testopac.com";
255 is( C4::Auth_with_shibboleth::_get_uri(),
256 "https://testopac.com", "https opac uri returned" );
257
258 $OPACBaseURL = "http://testopac.com";
259 my $result;
260 warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
261 [qr/Shibboleth requires OPACBaseURL to use the https protocol!/],
262 "improper protocol - received expected warning";
263 is( $result, "https://testopac.com", "https opac uri returned" );
264
265 $OPACBaseURL = "https://testopac.com";
266 is( C4::Auth_with_shibboleth::_get_uri(),
267 "https://testopac.com", "https opac uri returned" );
268
269 $OPACBaseURL = undef;
270 warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
271 [qr/OPACBaseURL not set!/],
272 "undefined OPACBaseURL - received expected warning";
273 is( $result, "https://", "https opac uri returned" );
274
275 ## _get_shib_config
276 # Internal helper function, covered in tests above
277
278 sub mockedConfig {
279 my $param = shift;
280
281 my %shibboleth = (
282 'autocreate' => $autocreate,
283 'matchpoint' => $matchpoint,
284 'mapping' => \%mapping
285 );
286
287 return \%shibboleth;
288 }
289
290 sub mockedPref {
291 my $param = $_[1];
292 my $return;
293
294 if ( $param eq 'OPACBaseURL' ) {
295 $return = $OPACBaseURL;
296 }
297
298 return $return;
299 }
300
301 sub mockedSchema {
302 return Schema();
303 }
304
305 ## Convenience method to reset config
306 sub reset_config {
307 $matchpoint = 'userid';
308 $autocreate = 0;
309 %mapping = (
310 'userid' => { 'is' => 'uid' },
311 'surname' => { 'is' => 'sn' },
312 'dateexpiry' => { 'is' => 'exp' },
313 'categorycode' => { 'is' => 'cat' },
314 'address' => { 'is' => 'add' },
315 'city' => { 'is' => 'city' },
316 );
317 $ENV{'uid'} = "test1234";
318 $ENV{'sn'} = undef;
319 $ENV{'exp'} = undef;
320 $ENV{'cat'} = undef;
321 $ENV{'add'} = undef;
322 $ENV{'city'} = undef;
323
324 return 1;
325 }
326
Koha ILS