Blame - t/plugin/auth.t - KorAP/Kalamar

blob: ff5988ee81548490b5cfbb95a9f935866f5d43e7 [file] [log] [blame]

Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	1	use Mojo::Base -strict;
Akron	be9d5b3	2017-04-05 20:48:24 +0200	[diff] [blame]	2	use Test::More;
Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	3	use Test::Mojo;
Akron	0e1ed24	2018-10-11 13:22:00 +0200	[diff] [blame]	4	use Mojo::File qw/path/;
Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	5	use Data::Dumper;
				6
Akron	3239663	2018-10-11 17:08:37 +0200	[diff] [blame]	7
				8	#####################
				9	# Start Fake server #
				10	#####################
Akron	0e1ed24	2018-10-11 13:22:00 +0200	[diff] [blame]	11	my $mount_point = '/api/';
				12	$ENV{KALAMAR_API} = $mount_point;
Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	13
Akron	864c293	2018-11-16 17:18:55 +0100	[diff] [blame^]	14	my $t = Test::Mojo->new('Kalamar' => {
				15	Kalamar => {
				16	auth_support => 1,
				17	plugins => ['Auth']
				18	}
				19	});
Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	20
Akron	0e1ed24	2018-10-11 13:22:00 +0200	[diff] [blame]	21	# Mount fake backend
				22	# Get the fixture path
Akron	864c293	2018-11-16 17:18:55 +0100	[diff] [blame^]	23	my $fixtures_path = path(Mojo::File->new(__FILE__)->dirname, '..', 'server');
Akron	0e1ed24	2018-10-11 13:22:00 +0200	[diff] [blame]	24	my $fake_backend = $t->app->plugin(
				25	Mount => {
				26	$mount_point =>
Akron	73f3608	2018-10-25 15:34:59 +0200	[diff] [blame]	27	$fixtures_path->child('mock.pl')
Akron	0e1ed24	2018-10-11 13:22:00 +0200	[diff] [blame]	28	}
				29	);
Akron	0e1ed24	2018-10-11 13:22:00 +0200	[diff] [blame]	30	# Configure fake backend
				31	$fake_backend->pattern->defaults->{app}->log($t->app->log);
				32
				33	$t->get_ok('/api')
				34	->status_is(200)
				35	->content_is('Fake server available');
Akron	7d75ee3	2017-05-02 13:42:41 +0200	[diff] [blame]	36
Akron	bc213c0	2017-04-20 16:45:55 +0200	[diff] [blame]	37	$t->get_ok('/?q=Baum')
				38	->status_is(200)
				39	->text_like('h1 span', qr/KorAP: Find .Baum./i)
				40	->text_like('#total-results', qr/\d+$/)
				41	->content_like(qr/\"authorized\"\:null/)
				42	;
				43
Akron	be9d5b3	2017-04-05 20:48:24 +0200	[diff] [blame]	44	$t->get_ok('/')
				45	->element_exists('form[action=/user/login] input[name=handle_or_email]');
				46
Akron	741b2b1	2017-04-13 22:15:59 +0200	[diff] [blame]	47	$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' })
				48	->status_is(302)
				49	->header_is('Location' => '/');
				50
				51	$t->get_ok('/')
				52	->status_is(200)
				53	->element_exists('div.notify-error')
Akron	2e3d377	2017-04-14 16:20:40 +0200	[diff] [blame]	54	->element_exists('input[name=handle_or_email][value=test]')
Akron	741b2b1	2017-04-13 22:15:59 +0200	[diff] [blame]	55	;
Akron	be9d5b3	2017-04-05 20:48:24 +0200	[diff] [blame]	56
Akron	e5ef4e0	2017-04-19 17:07:52 +0200	[diff] [blame]	57	$t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'pass' })
				58	->status_is(302)
				59	->header_is('Location' => '/');
				60
Akron	15158e0	2018-03-19 12:42:46 +0100	[diff] [blame]	61	my $csrf = $t->get_ok('/')
				62	->status_is(200)
				63	->element_exists('div.notify-error')
				64	->text_is('div.notify-error', 'Bad CSRF token')
				65	->tx->res->dom->at('input[name=csrf_token]')->attr('value')
				66	;
				67
Akron	d7ed34b	2018-10-22 18:42:28 +0200	[diff] [blame]	68	$t->post_ok('/user/login' => form => {
				69	handle_or_email => 'test',
				70	pwd => 'pass',
				71	csrf_token => $csrf
				72	})
Akron	15158e0	2018-03-19 12:42:46 +0100	[diff] [blame]	73	->status_is(302)
Akron	864c293	2018-11-16 17:18:55 +0100	[diff] [blame^]	74	->content_is('')
Akron	15158e0	2018-03-19 12:42:46 +0100	[diff] [blame]	75	->header_is('Location' => '/');
				76
Akron	e5ef4e0	2017-04-19 17:07:52 +0200	[diff] [blame]	77	$t->get_ok('/')
				78	->status_is(200)
				79	->element_exists_not('div.notify-error')
				80	->element_exists('div.notify-success')
Akron	bc213c0	2017-04-20 16:45:55 +0200	[diff] [blame]	81	->text_is('div.notify-success', 'Login successful')
				82	;
				83
				84	# Now the user is logged in and should be able to
				85	# search with authorization
				86	$t->get_ok('/?q=Baum')
				87	->status_is(200)
				88	->text_like('h1 span', qr/KorAP: Find .Baum./i)
				89	->text_like('#total-results', qr/\d+$/)
				90	->element_exists_not('div.notify-error')
				91	->content_like(qr/\"authorized\"\:\"test\"/)
Akron	e5ef4e0	2017-04-19 17:07:52 +0200	[diff] [blame]	92	;
				93
Akron	bc213c0	2017-04-20 16:45:55 +0200	[diff] [blame]	94	# Logout
				95	$t->get_ok('/user/logout')
				96	->status_is(302)
				97	->header_is('Location' => '/');
				98
				99	$t->get_ok('/')
				100	->status_is(200)
				101	->element_exists_not('div.notify-error')
				102	->element_exists('div.notify-success')
				103	->text_is('div.notify-success', 'Logout successful')
				104	;
				105
				106	$t->get_ok('/?q=Baum')
				107	->status_is(200)
				108	->text_like('h1 span', qr/KorAP: Find .Baum./i)
				109	->text_like('#total-results', qr/\d+$/)
				110	->content_like(qr/\"authorized\"\:null/)
				111	;
				112
Akron	429aeda	2018-03-19 16:02:29 +0100	[diff] [blame]	113	# Get redirect
				114	my $fwd = $t->get_ok('/?q=Baum&ql=poliqarp')
				115	->status_is(200)
				116	->element_exists_not('div.notify-error')
				117	->tx->res->dom->at('input[name=fwd]')->attr('value')
				118	;
				119
				120	is($fwd, '/?q=Baum&ql=poliqarp', 'Redirect is valid');
				121
				122	$t->post_ok('/user/login' => form => {
				123	handle_or_email => 'test',
				124	pwd => 'pass',
				125	csrf_token => $csrf,
				126	fwd => 'http://bad.example.com/test'
				127	})
				128	->status_is(302)
				129	->header_is('Location' => '/');
				130
				131	$t->get_ok('/')
				132	->status_is(200)
				133	->element_exists('div.notify-error')
				134	->element_exists_not('div.notify-success')
				135	->text_is('div.notify-error', 'Redirect failure')
				136	;
				137
				138	$t->post_ok('/user/login' => form => {
				139	handle_or_email => 'test',
				140	pwd => 'pass',
				141	csrf_token => $csrf,
				142	fwd => $fwd
				143	})
				144	->status_is(302)
				145	->header_is('Location' => '/?q=Baum&ql=poliqarp');
				146
				147
				148
				149
Akron	be9d5b3	2017-04-05 20:48:24 +0200	[diff] [blame]	150	done_testing;
				151	__END__
Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	152
				153
Akron	1b0c265	2017-04-27 15:28:49 +0200	[diff] [blame]	154	# Login mit falschem Nutzernamen:
				155	# 400 und:
				156	{"errors":[[2022,"LDAP Authentication failed due to unknown user or password!"]]}
				157
Akron	741b2b1	2017-04-13 22:15:59 +0200	[diff] [blame]	158
				159
Akron	e8235be	2016-06-27 11:02:18 +0200	[diff] [blame]	160	ok(!$c->user->get('details'), 'User not logged in');
				161
				162	# Login with user credentials
				163	ok($c->user->login('kustvakt', 'kustvakt2015'), 'Login with demo user');
				164	is($c->stash('user'), 'kustvakt', 'Kustvakt is logged in');
				165	like($c->stash('auth'), qr/^api_token /, 'Kustvakt is logged in');
				166
				167	my $details = $c->user->get('details');
				168	is($details->{email}, 'kustvakt@ids-mannheim.de', 'Email');
				169	is($details->{firstName}, 'Kustvakt', 'Firstname');
				170	is($details->{lastName}, 'KorAP', 'Lastname');
				171	is($details->{country}, 'Germany', 'Country');
				172	is($details->{address}, 'Mannheim', 'Address');
				173	is($details->{username}, 'kustvakt', 'Username');
				174	is($details->{institution}, 'IDS Mannheim', 'Institution');
				175
				176	my $settings = $c->user->get('settings');
				177	is($settings->{username}, 'kustvakt', 'Username');
				178
				179	# ok($c->user->set(details => { firstName => 'Me' }), 'Set first name');
				180	#ok($c->user->set(details => {
				181	# firstName => 'Akron',
				182	# lastName => 'Fuxfell'
				183	#}), 'Set first name');
				184
				185	# diag Dumper $c->user->get('info');
				186
				187	ok(1,'Fine');
				188
				189	done_testing;
				190	__END__