search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 15395: Do not process template files that do not use i18n.inc
[koha.git] / t / Auth_with_shibboleth.t
blob641b77123b11d25a674ee09fa7ebae222a1d4e98
1 #!/usr/bin/perl
2
3 # This file is part of Koha.
4 #
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
9 #
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
14 #
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
17
18 use Modern::Perl;
19
20 $| = 1;
21 use Module::Load::Conditional qw/check_install/;
22 use Test::More;
23 use Test::MockModule;
24 use Test::Warn;
25
26 use CGI;
27 use C4::Context;
28
29 BEGIN {
30 if ( check_install( module => 'Test::DBIx::Class' ) ) {
31 plan tests => 17;
32 }
33 else {
34 plan skip_all => "Need Test::DBIx::Class";
35 }
36 }
37
38 use Test::DBIx::Class {
39 schema_class => 'Koha::Schema',
40 connect_info => [ 'dbi:SQLite:dbname=:memory:', '', '' ]
41 };
42
43 # Mock Variables
44 my $matchpoint = 'userid';
45 my $autocreate = 0;
46 my %mapping = (
47 'userid' => { 'is' => 'uid' },
48 'surname' => { 'is' => 'sn' },
49 'dateexpiry' => { 'is' => 'exp' },
50 'categorycode' => { 'is' => 'cat' },
51 'address' => { 'is' => 'add' },
52 'city' => { 'is' => 'city' },
53 );
54 $ENV{'uid'} = "test1234";
55 $ENV{'sn'} = undef;
56 $ENV{'exp'} = undef;
57 $ENV{'cat'} = undef;
58 $ENV{'add'} = undef;
59 $ENV{'city'} = undef;
60
61 # Setup Mocks
62 ## Mock Context
63 my $context = new Test::MockModule('C4::Context');
64
65 ### Mock ->config
66 $context->mock( 'config', \&mockedConfig );
67
68 ### Mock ->preference
69 my $OPACBaseURL = "testopac.com";
70 my $staffClientBaseURL = "teststaff.com";
71 $context->mock( 'preference', \&mockedPref );
72
73 ### Mock ->tz
74 $context->mock( 'timezone', sub { return 'local'; } );
75
76 ### Mock ->interface
77 my $interface = 'opac';
78 $context->mock( 'interface', \&mockedInterface );
79
80 ## Mock Database
81 my $database = new Test::MockModule('Koha::Database');
82
83 ### Mock ->schema
84 $database->mock( 'schema', \&mockedSchema );
85
86 # Tests
87 ##############################################################
88
89 # Can module load
90 use C4::Auth_with_shibboleth;
91 require_ok('C4::Auth_with_shibboleth');
92 $C4::Auth_with_shibboleth::debug = '0';
93
94 # Subroutine tests
95 ## shib_ok
96 subtest "shib_ok tests" => sub {
97 plan tests => 5;
98 my $result;
99
100 # correct config, no debug
101 is( shib_ok(), '1', "good config" );
102
103 # bad config, no debug
104 $matchpoint = undef;
105 warnings_are { $result = shib_ok() }
106 [ { carped => 'shibboleth matchpoint not defined' }, ],
107 "undefined matchpoint = fatal config, warning given";
108 is( $result, '0', "bad config" );
109
110 $matchpoint = 'email';
111 warnings_are { $result = shib_ok() }
112 [ { carped => 'shibboleth matchpoint not mapped' }, ],
113 "unmapped matchpoint = fatal config, warning given";
114 is( $result, '0', "bad config" );
115
116 # add test for undefined shibboleth block
117
118 reset_config();
119 };
120
121 ## logout_shib
122 #my $query = CGI->new();
123 #is(logout_shib($query),"https://".$opac."/Shibboleth.sso/Logout?return="."https://".$opac,"logout_shib");
124
125 ## login_shib_url
126 my $query_string = 'language=en-GB';
127 $ENV{QUERY_STRING} = $query_string;
128 $ENV{SCRIPT_NAME} = '/cgi-bin/koha/opac-user.pl';
129 my $query = CGI->new($query_string);
130 is(
131 login_shib_url($query),
132 'https://testopac.com'
133 . '/Shibboleth.sso/Login?target='
134 . 'https://testopac.com/cgi-bin/koha/opac-user.pl' . '%3F'
135 . $query_string,
136 "login shib url"
137 );
138
139 ## get_login_shib
140 subtest "get_login_shib tests" => sub {
141 plan tests => 4;
142 my $login;
143
144 # good config
145 ## debug off
146 $C4::Auth_with_shibboleth::debug = '0';
147 warnings_are { $login = get_login_shib() }[],
148 "good config with debug off, no warnings received";
149 is( $login, "test1234",
150 "good config with debug off, attribute value returned" );
151
152 ## debug on
153 $C4::Auth_with_shibboleth::debug = '1';
154 warnings_are { $login = get_login_shib() }[
155 "koha borrower field to match: userid",
156 "shibboleth attribute to match: uid",
157 "uid value: test1234"
158 ],
159 "good config with debug enabled, correct warnings received";
160 is( $login, "test1234",
161 "good config with debug enabled, attribute value returned" );
162
163 # bad config - with shib_ok implemented, we should never reach this sub with a bad config
164 };
165
166 ## checkpw_shib
167 subtest "checkpw_shib tests" => sub {
168 plan tests => 18;
169
170 my $shib_login;
171 my ( $retval, $retcard, $retuserid );
172
173 # Setup Mock Database Data
174 fixtures_ok [
175 'Borrower' => [
176 [qw/cardnumber userid surname address city/],
177 [qw/testcardnumber test1234 renvoize myaddress johnston/],
178 ],
179 'Category' => [ [qw/categorycode default_privacy/], [qw/S never/], ]
180 ],
181 'Installed some custom fixtures via the Populate fixture class';
182
183 # debug off
184 $C4::Auth_with_shibboleth::debug = '0';
185
186 # good user
187 $shib_login = "test1234";
188 warnings_are {
189 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
190 }
191 [], "good user with no debug";
192 is( $retval, "1", "user authenticated" );
193 is( $retcard, "testcardnumber", "expected cardnumber returned" );
194 is( $retuserid, "test1234", "expected userid returned" );
195
196 # bad user
197 $shib_login = 'martin';
198 warnings_are {
199 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
200 }
201 [], "bad user with no debug";
202 is( $retval, "0", "user not authenticated" );
203
204 # autocreate user
205 $autocreate = 1;
206 $shib_login = 'test4321';
207 $ENV{'uid'} = 'test4321';
208 $ENV{'sn'} = "pika";
209 $ENV{'exp'} = "2017";
210 $ENV{'cat'} = "S";
211 $ENV{'add'} = 'Address';
212 $ENV{'city'} = 'City';
213 warnings_are {
214 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
215 }
216 [], "new user added with no debug";
217 is( $retval, "1", "user authenticated" );
218 is( $retuserid, "test4321", "expected userid returned" );
219 ok my $new_user = ResultSet('Borrower')
220 ->search( { 'userid' => 'test4321' }, { rows => 1 } ), "new user found";
221 is_fields [qw/surname dateexpiry address city/], $new_user->next,
222 [qw/pika 2017 Address City/],
223 'Found $new_users surname';
224 $autocreate = 0;
225
226 # debug on
227 $C4::Auth_with_shibboleth::debug = '1';
228
229 # good user
230 $shib_login = "test1234";
231 warnings_exist {
232 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
233 }
234 [
235 qr/checkpw_shib/,
236 qr/koha borrower field to match: userid/,
237 qr/shibboleth attribute to match: uid/,
238 qr/User Shibboleth-authenticated as:/
239 ],
240 "good user with debug enabled";
241 is( $retval, "1", "user authenticated" );
242 is( $retcard, "testcardnumber", "expected cardnumber returned" );
243 is( $retuserid, "test1234", "expected userid returned" );
244
245 # bad user
246 $shib_login = "martin";
247 warnings_exist {
248 ( $retval, $retcard, $retuserid ) = checkpw_shib($shib_login);
249 }
250 [
251 qr/checkpw_shib/,
252 qr/koha borrower field to match: userid/,
253 qr/shibboleth attribute to match: uid/,
254 qr/User Shibboleth-authenticated as:/,
255 qr/not a valid Koha user/
256 ],
257 "bad user with debug enabled";
258 is( $retval, "0", "user not authenticated" );
259
260 };
261
262 ## _get_uri - opac
263 $OPACBaseURL = "testopac.com";
264 is( C4::Auth_with_shibboleth::_get_uri(),
265 "https://testopac.com", "https opac uri returned" );
266
267 $OPACBaseURL = "http://testopac.com";
268 my $result;
269 warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }[
270 "shibboleth interface: $interface",
271 "Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!"
272 ],
273 "improper protocol - received expected warning";
274 is( $result, "https://testopac.com", "https opac uri returned" );
275
276 $OPACBaseURL = "https://testopac.com";
277 is( C4::Auth_with_shibboleth::_get_uri(),
278 "https://testopac.com", "https opac uri returned" );
279
280 $OPACBaseURL = undef;
281 warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }
282 [ "shibboleth interface: $interface", "OPACBaseURL not set!" ],
283 "undefined OPACBaseURL - received expected warning";
284 is( $result, "https://", "https $interface uri returned" );
285
286 ## _get_uri - intranet
287 $interface = 'intranet';
288 $staffClientBaseURL = "teststaff.com";
289 is( C4::Auth_with_shibboleth::_get_uri(),
290 "https://teststaff.com", "https $interface uri returned" );
291
292 $staffClientBaseURL = "http://teststaff.com";
293 warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }[
294 "shibboleth interface: $interface",
295 "Shibboleth requires OPACBaseURL/staffClientBaseURL to use the https protocol!"
296 ],
297 "improper protocol - received expected warning";
298 is( $result, "https://teststaff.com", "https $interface uri returned" );
299
300 $staffClientBaseURL = "https://teststaff.com";
301 is( C4::Auth_with_shibboleth::_get_uri(),
302 "https://teststaff.com", "https $interface uri returned" );
303
304 $staffClientBaseURL = undef;
305 warnings_are { $result = C4::Auth_with_shibboleth::_get_uri() }
306 [ "shibboleth interface: $interface", "staffClientBaseURL not set!" ],
307 "undefined staffClientBaseURL - received expected warning";
308 is( $result, "https://", "https $interface uri returned" );
309
310 ## _get_shib_config
311 # Internal helper function, covered in tests above
312
313 sub mockedConfig {
314 my $param = shift;
315
316 my %shibboleth = (
317 'autocreate' => $autocreate,
318 'matchpoint' => $matchpoint,
319 'mapping' => \%mapping
320 );
321
322 return \%shibboleth;
323 }
324
325 sub mockedPref {
326 my $param = $_[1];
327 my $return;
328
329 if ( $param eq 'OPACBaseURL' ) {
330 $return = $OPACBaseURL;
331 }
332
333 if ( $param eq 'staffClientBaseURL' ) {
334 $return = $staffClientBaseURL;
335 }
336
337 return $return;
338 }
339
340 sub mockedInterface {
341 return $interface;
342 }
343
344 sub mockedSchema {
345 return Schema();
346 }
347
348 ## Convenience method to reset config
349 sub reset_config {
350 $matchpoint = 'userid';
351 $autocreate = 0;
352 %mapping = (
353 'userid' => { 'is' => 'uid' },
354 'surname' => { 'is' => 'sn' },
355 'dateexpiry' => { 'is' => 'exp' },
356 'categorycode' => { 'is' => 'cat' },
357 'address' => { 'is' => 'add' },
358 'city' => { 'is' => 'city' },
359 );
360 $ENV{'uid'} = "test1234";
361 $ENV{'sn'} = undef;
362 $ENV{'exp'} = undef;
363 $ENV{'cat'} = undef;
364 $ENV{'add'} = undef;
365 $ENV{'city'} = undef;
366
367 return 1;
368 }
369
Koha ILS