search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 16699: Remove requirement from borrowernumberQueryParam
[koha.git] / t / Auth_with_shibboleth.t
blob0c34fc564e444abc64bff7d53f98d113ef05cef6
1 #!/usr/bin/perl
2
3 # This file is part of Koha.
4 #
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
17
18 use Modern::Perl;
19
20 $| = 1;
21 use Module::Load::Conditional qw/check_install/;
22 use Test::More;
23 use Test::MockModule;
24 use Test::Warn;
25
26 use CGI;
27 use C4::Context;
28
29 BEGIN {
30 if ( check_install( module => 'Test::DBIx::Class' ) ) {
31 plan tests => 11;
32 } else {
33 plan skip_all => "Need Test::DBIx::Class"
34 }
35 }
36
37 use Test::DBIx::Class { schema_class => 'Koha::Schema', connect_info => ['dbi:SQLite:dbname=:memory:','',''] };
38
39 # Mock Variables
40 my $matchpoint = 'userid';
41 my %mapping = ( 'userid' => { 'is' => 'uid' }, );
42 $ENV{'uid'} = "test1234";
43
44 # Setup Mocks
45 ## Mock Context
46 my $context = new Test::MockModule('C4::Context');
47
48 ### Mock ->config
49 $context->mock( 'config', \&mockedConfig );
50
51 sub mockedConfig {
52 my $param = shift;
53
54 my %shibboleth = (
55 'matchpoint' => $matchpoint,
56 'mapping' => \%mapping
57 );
58
59 return \%shibboleth;
60 }
61
62 ### Mock ->preference
63 my $OPACBaseURL = "testopac.com";
64 $context->mock( 'preference', \&mockedPref );
65
66 sub mockedPref {
67 my $param = $_[1];
68 my $return;
69
70 if ( $param eq 'OPACBaseURL' ) {
71 $return = $OPACBaseURL;
72 }
73
74 return $return;
75 }
76
77 ## Mock Database
78 my $database = new Test::MockModule('Koha::Database');
79
80 ### Mock ->schema
81 $database->mock( 'schema', \&mockedSchema );
82
83 sub mockedSchema {
84 return Schema();
85 }
86
87 ## Convenience method to reset config
88 sub reset_config {
89 $matchpoint = 'userid';
90 %mapping = ( 'userid' => { 'is' => 'uid' }, );
91 $ENV{'uid'} = "test1234";
92
93 return 1;
94 }
95
96 # Tests
97 ##############################################################
98
99 # Can module load
100 use_ok('C4::Auth_with_shibboleth');
101 $C4::Auth_with_shibboleth::debug = '0';
102
103 # Subroutine tests
104 ## shib_ok
105 subtest "shib_ok tests" => sub {
106 plan tests => 5;
107 my $result;
108
109 # correct config, no debug
110 is( shib_ok(), '1', "good config" );
111
112 # bad config, no debug
113 $matchpoint = undef;
114 warnings_are { $result = shib_ok() }
115 [ { carped => 'shibboleth matchpoint not defined' }, ],
116 "undefined matchpoint = fatal config, warning given";
117 is( $result, '0', "bad config" );
118
119 $matchpoint = 'email';
120 warnings_are { $result = shib_ok() }
121 [ { carped => 'shibboleth matchpoint not mapped' }, ],
122 "unmapped matchpoint = fatal config, warning given";
123 is( $result, '0', "bad config" );
124
125 # add test for undefined shibboleth block
126
127 reset_config();
128 };
129
130 ## logout_shib
131 #my $query = CGI->new();
132 #is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
133
134 ## login_shib_url
135 my $query_string = 'language=en-GB';
136 $ENV{QUERY_STRING} = $query_string;
137 $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
138 my $query = CGI->new($query_string);
139 is(
140 login_shib_url($query),
141 'https://testopac.com'
142 . '/Shibboleth.sso/Login?target='
143 . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
144 . $query_string,
145 "login shib url"
146 );
147
148 ## get_login_shib
149 subtest "get_login_shib tests" => sub {
150 plan tests => 4;
151 my $login;
152
153 # good config
154 ## debug off
155 $C4::Auth_with_shibboleth::debug = '0';
156 warnings_are { $login = get_login_shib() }[],
157 "good config with debug off, no warnings recieved";
158 is( $login, "test1234",
159 "good config with debug off, attribute value returned" );
160
161 ## debug on
162 $C4::Auth_with_shibboleth::debug = '1';
163 warnings_are { $login = get_login_shib() }[
164 "koha borrower field to match: userid",
165 "shibboleth attribute to match: uid",
166 "uid value: test1234"
167 ],
168 "good config with debug enabled, correct warnings recieved";
169 is( $login, "test1234",
170 "good config with debug enabled, attribute value returned" );
171
172 # bad config - with shib_ok implemented, we should never reach this sub with a bad config
173 };
174
175 ## checkpw_shib
176 subtest "checkpw_shib tests" => sub {
177 plan tests => 13;
178
179 my $shib_login;
180 my ( $retval, $retcard, $retuserid );
181
182 # Setup Mock Database Data
183 fixtures_ok [
184 'Borrower' => [
185 [qw/cardnumber userid surname address city/],
186 [qw/testcardnumber test1234 renvoize myaddress johnston/],
187 ],
188 ],
189 'Installed some custom fixtures via the Populate fixture class';
190
191 # debug off
192 $C4::Auth_with_shibboleth::debug = '0';
193
194 # good user
195 $shib_login = "test1234";
196 warnings_are {
197 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
198 }
199 [], "good user with no debug";
200 is( $retval, "1", "user authenticated" );
201 is( $retcard, "testcardnumber", "expected cardnumber returned" );
202 is( $retuserid, "test1234", "expected userid returned" );
203
204 # bad user
205 $shib_login = 'martin';
206 warnings_are {
207 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
208 }
209 [], "bad user with no debug";
210 is( $retval, "0", "user not authenticated" );
211
212 # debug on
213 $C4::Auth_with_shibboleth::debug = '1';
214
215 # good user
216 $shib_login = "test1234";
217 warnings_exist {
218 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
219 }
220 [ qr/checkpw_shib/, qr/koha borrower field to match: userid/,
221 qr/shibboleth attribute to match: uid/,
222 qr/User Shibboleth-authenticated as:/ ],
223 "good user with debug enabled";
224 is( $retval, "1", "user authenticated" );
225 is( $retcard, "testcardnumber", "expected cardnumber returned" );
226 is( $retuserid, "test1234", "expected userid returned" );
227
228 # bad user
229 $shib_login = "martin";
230 warnings_exist {
231 ( $retval, $retcard, $retuserid ) = checkpw_shib( $shib_login );
232 }
233 [
234 qr/checkpw_shib/,
235 qr/koha borrower field to match: userid/,
236 qr/shibboleth attribute to match: uid/,
237 qr/User Shibboleth-authenticated as:/,
238 qr/not a valid Koha user/
239 ],
240 "bad user with debug enabled";
241 is( $retval, "0", "user not authenticated" );
242
243 };
244
245 ## _get_uri
246 $OPACBaseURL = "testopac.com";
247 is( C4::Auth_with_shibboleth::_get_uri(),
248 "https://testopac.com", "https opac uri returned" );
249
250 $OPACBaseURL = "http://testopac.com";
251 my $result;
252 warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
253 [ qr/Shibboleth requires OPACBaseURL to use the https protocol!/ ],
254 "improper protocol - received expected warning";
255 is( $result, "https://testopac.com", "https opac uri returned" );
256
257 $OPACBaseURL = "https://testopac.com";
258 is( C4::Auth_with_shibboleth::_get_uri(),
259 "https://testopac.com", "https opac uri returned" );
260
261 $OPACBaseURL = undef;
262 warning_like { $result = C4::Auth_with_shibboleth::_get_uri() }
263 [ qr/OPACBaseURL not set!/ ],
264 "undefined OPACBaseURL - received expected warning";
265 is( $result, "https://", "https opac uri returned" );
266
267 ## _get_shib_config
268 # Internal helper function, covered in tests above
Koha ILS