Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 1 | use Mojo::Base -strict; |
| 2 | use Test::More; |
Akron | 6a228db | 2021-10-14 15:57:00 +0200 | [diff] [blame] | 3 | use Mojo::ByteStream 'b'; |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 4 | use Test::Mojo::WithRoles 'Session'; |
Akron | 66ef3b5 | 2022-11-22 14:25:15 +0100 | [diff] [blame] | 5 | use Mojo::File qw/path tempfile/; |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 6 | use Data::Dumper; |
| 7 | |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 8 | ##################### |
| 9 | # Start Fake server # |
| 10 | ##################### |
Akron | 63d963b | 2019-07-05 15:35:51 +0200 | [diff] [blame] | 11 | my $mount_point = '/realapi/'; |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 12 | $ENV{KALAMAR_API} = $mount_point; |
| 13 | |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 14 | my $t = Test::Mojo::WithRoles->new('Kalamar' => { |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 15 | Kalamar => { |
| 16 | plugins => ['Auth'] |
| 17 | }, |
| 18 | 'Kalamar-Auth' => { |
| 19 | client_id => 2, |
| 20 | client_secret => 'k414m4r-s3cr3t', |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 21 | oauth2 => 1, |
| 22 | experimental_client_registration => 1 |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 23 | } |
| 24 | }); |
| 25 | |
| 26 | # Mount fake backend |
| 27 | # Get the fixture path |
| 28 | my $fixtures_path = path(Mojo::File->new(__FILE__)->dirname, '..', 'server'); |
| 29 | my $fake_backend = $t->app->plugin( |
| 30 | Mount => { |
| 31 | $mount_point => |
| 32 | $fixtures_path->child('mock.pl') |
| 33 | } |
| 34 | ); |
| 35 | # Configure fake backend |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 36 | my $fake_backend_app = $fake_backend->pattern->defaults->{app}; |
| 37 | |
| 38 | # Set general app logger for simplicity |
| 39 | $fake_backend_app->log($t->app->log); |
| 40 | |
| 41 | my $access_token = $fake_backend_app->get_token('access_token'); |
| 42 | my $refresh_token = $fake_backend_app->get_token('refresh_token'); |
| 43 | my $access_token_2 = $fake_backend_app->get_token('access_token_2'); |
| 44 | my $refresh_token_2 = $fake_backend_app->get_token('refresh_token_2'); |
| 45 | |
| 46 | # Some routes to modify the session |
| 47 | # This expires the session |
| 48 | $t->app->routes->get('/x/expire')->to( |
| 49 | cb => sub { |
| 50 | my $c = shift; |
| 51 | $c->session(auth_exp => 0); |
| 52 | return $c->render(text => 'okay') |
| 53 | } |
| 54 | ); |
| 55 | |
| 56 | # This expires the session and removes the refresh token |
| 57 | $t->app->routes->get('/x/expire-no-refresh')->to( |
| 58 | cb => sub { |
| 59 | my $c = shift; |
| 60 | $c->session(auth_exp => 0); |
| 61 | delete $c->session->{auth_r}; |
| 62 | return $c->render(text => 'okay') |
| 63 | } |
| 64 | ); |
| 65 | |
| 66 | # This sets an invalid token |
| 67 | $t->app->routes->get('/x/invalid')->to( |
| 68 | cb => sub { |
| 69 | my $c = shift; |
| 70 | $c->session(auth_exp => time + 1000); |
| 71 | $c->session(auth_r => $refresh_token_2); |
| 72 | $c->session(auth => 'Bearer inv4lid'); |
| 73 | return $c->render(text => 'okay') |
| 74 | } |
| 75 | ); |
| 76 | |
| 77 | |
| 78 | # This sets an invalid token |
| 79 | $t->app->routes->get('/x/invalid-no-refresh')->to( |
| 80 | cb => sub { |
| 81 | my $c = shift; |
| 82 | $c->session(auth_exp => time + 1000); |
| 83 | delete $c->session->{auth_r}; |
| 84 | $c->session(auth => 'Bearer inv4lid'); |
| 85 | return $c->render(text => 'okay') |
| 86 | } |
| 87 | ); |
| 88 | |
| 89 | # This sets an invalid refresh token |
| 90 | $t->app->routes->get('/x/expired-with-wrong-refresh')->to( |
| 91 | cb => sub { |
| 92 | my $c = shift; |
| 93 | $c->session(auth_exp => 0); |
| 94 | $c->session(auth => 'Bearer inv4lid'); |
| 95 | $c->session(auth_r => 'inv4lid'); |
| 96 | return $c->render(text => 'okay') |
| 97 | } |
| 98 | ); |
| 99 | |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 100 | my $q = qr!(?:\"|")!; |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 101 | |
Akron | 63d963b | 2019-07-05 15:35:51 +0200 | [diff] [blame] | 102 | $t->get_ok('/realapi/v1.0') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 103 | ->status_is(200) |
| 104 | ->content_is('Fake server available'); |
| 105 | |
| 106 | $t->get_ok('/?q=Baum') |
| 107 | ->status_is(200) |
| 108 | ->text_like('h1 span', qr/KorAP: Find .Baum./i) |
| 109 | ->text_like('#total-results', qr/\d+$/) |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 110 | ->content_like(qr/${q}authorized${q}:null/) |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 111 | ->element_exists_not('div.button.top a') |
| 112 | ->element_exists_not('aside.active') |
| 113 | ->element_exists_not('aside.off') |
| 114 | ; |
| 115 | |
| 116 | $t->get_ok('/') |
| 117 | ->status_is(200) |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 118 | ->element_exists('form[action=/user/login] input[name=handle_or_email]') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 119 | ->element_exists('aside.active') |
| 120 | ->element_exists_not('aside.off') |
| 121 | ; |
| 122 | |
Akron | ff08811 | 2021-06-15 15:26:04 +0200 | [diff] [blame] | 123 | $t->get_ok('/settings/oauth') |
| 124 | ->status_is(401) |
| 125 | ->text_is('p.no-results', 'Not authenticated') |
| 126 | ; |
| 127 | |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 128 | $t->get_ok('/settings/marketplace') |
| 129 | ->status_is(401) |
| 130 | ->text_is('p.no-results', 'Not authenticated') |
| 131 | ; |
| 132 | |
Akron | 3e0fdc1 | 2020-05-15 16:17:21 +0200 | [diff] [blame] | 133 | # Test for bug with long password |
| 134 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 135 | handle_or_email => 'test', |
Akron | 3e0fdc1 | 2020-05-15 16:17:21 +0200 | [diff] [blame] | 136 | pwd => 'kjskjhndkjndqknaskjnakjdnkjdankajdnkjdsankjdsakjdfkjahzroiuqzriudjoijdmlamdlkmdsalkmdl' }) |
| 137 | ->status_is(302) |
| 138 | ->header_is('Location' => '/'); |
| 139 | |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 140 | $t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'fail' }) |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 141 | ->status_is(302) |
| 142 | ->header_is('Location' => '/'); |
| 143 | |
| 144 | $t->get_ok('/') |
| 145 | ->status_is(200) |
| 146 | ->element_exists('div.notify-error') |
| 147 | ->text_is('div.notify-error', 'Bad CSRF token') |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 148 | ->element_exists('input[name=handle_or_email][value=test]') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 149 | ->element_exists_not('div.button.top a') |
| 150 | ; |
| 151 | |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 152 | $t->post_ok('/user/login' => form => { handle_or_email => 'test', pwd => 'pass' }) |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 153 | ->status_is(302) |
| 154 | ->header_is('Location' => '/'); |
| 155 | |
| 156 | my $csrf = $t->get_ok('/') |
| 157 | ->status_is(200) |
| 158 | ->element_exists('div.notify-error') |
| 159 | ->text_is('div.notify-error', 'Bad CSRF token') |
| 160 | ->element_exists_not('div.button.top a') |
| 161 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 162 | ; |
| 163 | |
| 164 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 165 | handle_or_email => 'test', |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 166 | pwd => 'ldaperr', |
| 167 | csrf_token => $csrf |
| 168 | }) |
| 169 | ->status_is(302) |
| 170 | ->content_is('') |
| 171 | ->header_is('Location' => '/'); |
| 172 | |
| 173 | $csrf = $t->get_ok('/') |
| 174 | ->status_is(200) |
| 175 | ->element_exists('div.notify-error') |
| 176 | ->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!') |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 177 | ->element_exists('input[name=handle_or_email][value=test]') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 178 | ->element_exists_not('div.button.top a') |
Akron | 3b3c7af | 2020-05-15 16:23:55 +0200 | [diff] [blame] | 179 | ->element_exists_not('div.notify-success') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 180 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 181 | ; |
| 182 | |
| 183 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 184 | handle_or_email => 'test', |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 185 | pwd => 'unknown', |
| 186 | csrf_token => $csrf |
| 187 | }) |
| 188 | ->status_is(302) |
| 189 | ->content_is('') |
| 190 | ->header_is('Location' => '/'); |
| 191 | |
| 192 | $csrf = $t->get_ok('/') |
| 193 | ->status_is(200) |
| 194 | ->element_exists('div.notify-error') |
Akron | 8bbbecf | 2019-07-01 18:57:30 +0200 | [diff] [blame] | 195 | ->text_is('div.notify-error', '2022: LDAP Authentication failed due to unknown user or password!') |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 196 | ->element_exists('input[name=handle_or_email][value=test]') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 197 | ->element_exists_not('div.button.top a') |
| 198 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 199 | ; |
| 200 | |
| 201 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 202 | handle_or_email => 'test', |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 203 | pwd => 'pass', |
| 204 | csrf_token => $csrf |
| 205 | }) |
| 206 | ->status_is(302) |
| 207 | ->content_is('') |
| 208 | ->header_is('Location' => '/'); |
| 209 | |
| 210 | $t->get_ok('/') |
| 211 | ->status_is(200) |
| 212 | ->element_exists_not('div.notify-error') |
| 213 | ->element_exists('div.notify-success') |
| 214 | ->text_is('div.notify-success', 'Login successful') |
Akron | 1d09b53 | 2021-06-15 18:18:25 +0200 | [diff] [blame] | 215 | ->element_exists_not('aside.off') |
Akron | dc0b3ab | 2021-06-18 11:52:43 +0200 | [diff] [blame] | 216 | ->element_exists_not('aside.active') |
Akron | 1d09b53 | 2021-06-15 18:18:25 +0200 | [diff] [blame] | 217 | ->element_exists('aside.settings') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 218 | ; |
| 219 | |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 220 | # Now the user is logged in and should be able to |
| 221 | # search with authorization |
| 222 | $t->get_ok('/?q=Baum') |
| 223 | ->status_is(200) |
Akron | 4cefe1f | 2019-09-04 10:11:28 +0200 | [diff] [blame] | 224 | ->session_has('/auth') |
| 225 | ->session_is('/auth', 'Bearer ' . $access_token) |
| 226 | ->session_is('/auth_r', $refresh_token) |
| 227 | ->session_is('/user', 'test') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 228 | ->text_like('h1 span', qr/KorAP: Find .Baum./i) |
| 229 | ->text_like('#total-results', qr/\d+$/) |
| 230 | ->element_exists_not('div.notify-error') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 231 | ->content_like(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 232 | ->element_exists('div.button.top a') |
| 233 | ->element_exists('div.button.top a.logout[title~="test"]') |
| 234 | ; |
| 235 | |
Akron | 27031aa | 2020-04-28 14:57:10 +0200 | [diff] [blame] | 236 | $t->get_ok('/?q=Paum') |
| 237 | ->status_is(200) |
| 238 | ->text_like('h1 span', qr/KorAP: Find .Paum./i) |
| 239 | ->text_is('#total-results', '') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 240 | ->content_like(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | 27031aa | 2020-04-28 14:57:10 +0200 | [diff] [blame] | 241 | ->element_exists_not('p.hint') |
| 242 | ; |
| 243 | |
Akron | cce055c | 2021-07-02 12:18:03 +0200 | [diff] [blame] | 244 | # Query with error |
| 245 | $t->get_ok('/?q=error') |
| 246 | ->status_is(400) |
| 247 | ->text_is('#notifications .notify-error','500: Internal Server Error') |
| 248 | ; |
Akron | 27031aa | 2020-04-28 14:57:10 +0200 | [diff] [blame] | 249 | |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 250 | # Logout |
| 251 | $t->get_ok('/user/logout') |
| 252 | ->status_is(302) |
Akron | 4cefe1f | 2019-09-04 10:11:28 +0200 | [diff] [blame] | 253 | ->session_hasnt('/auth') |
| 254 | ->session_hasnt('/auth_r') |
| 255 | ->session_hasnt('/user') |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 256 | ->header_is('Location' => '/'); |
| 257 | |
| 258 | $t->get_ok('/') |
| 259 | ->status_is(200) |
| 260 | ->element_exists_not('div.notify-error') |
| 261 | ->element_exists('div.notify-success') |
| 262 | ->text_is('div.notify-success', 'Logout successful') |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 263 | ->element_exists("input[name=handle_or_email]") |
| 264 | ->element_exists("input[name=handle_or_email][value=test]") |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 265 | ; |
| 266 | |
| 267 | $t->get_ok('/?q=Baum') |
| 268 | ->status_is(200) |
| 269 | ->text_like('h1 span', qr/KorAP: Find .Baum./i) |
| 270 | ->text_like('#total-results', qr/\d+$/) |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 271 | ->content_like(qr/${q}authorized${q}:null/) |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 272 | ; |
| 273 | |
Akron | 27031aa | 2020-04-28 14:57:10 +0200 | [diff] [blame] | 274 | $t->get_ok('/?q=Paum') |
| 275 | ->status_is(200) |
| 276 | ->text_like('h1 span', qr/KorAP: Find .Paum./i) |
| 277 | ->text_is('#total-results', '') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 278 | ->content_like(qr/${q}authorized${q}:null/) |
Akron | 27031aa | 2020-04-28 14:57:10 +0200 | [diff] [blame] | 279 | ->text_is('p.hint', 'Maybe you need to log in first?') |
| 280 | ; |
| 281 | |
| 282 | |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 283 | # Get redirect |
| 284 | my $fwd = $t->get_ok('/?q=Baum&ql=poliqarp') |
| 285 | ->status_is(200) |
| 286 | ->element_exists_not('div.notify-error') |
| 287 | ->tx->res->dom->at('input[name=fwd]')->attr('value') |
| 288 | ; |
| 289 | |
| 290 | is($fwd, '/?q=Baum&ql=poliqarp', 'Redirect is valid'); |
| 291 | |
| 292 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 293 | handle_or_email => 'test', |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 294 | pwd => 'pass', |
| 295 | csrf_token => $csrf, |
| 296 | fwd => 'http://bad.example.com/test' |
| 297 | }) |
| 298 | ->status_is(302) |
| 299 | ->header_is('Location' => '/'); |
| 300 | |
| 301 | $t->get_ok('/') |
| 302 | ->status_is(200) |
| 303 | ->element_exists('div.notify-error') |
| 304 | ->element_exists_not('div.notify-success') |
| 305 | ->text_is('div.notify-error', 'Redirect failure') |
| 306 | ; |
| 307 | |
| 308 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 309 | handle_or_email => 'test', |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 310 | pwd => 'pass', |
| 311 | csrf_token => $csrf, |
| 312 | fwd => $fwd |
| 313 | }) |
| 314 | ->status_is(302) |
| 315 | ->header_is('Location' => '/?q=Baum&ql=poliqarp'); |
| 316 | |
Akron | 8bbbecf | 2019-07-01 18:57:30 +0200 | [diff] [blame] | 317 | $t->get_ok('/?q=Baum&ql=poliqarp') |
| 318 | ->status_is(200) |
| 319 | ->element_exists_not('div.notify-error') |
| 320 | ->element_exists('div.notify-success') |
| 321 | ->text_is('div.notify-success', 'Login successful') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 322 | ->session_has('/auth') |
| 323 | ->session_is('/auth', 'Bearer ' . $access_token) |
| 324 | ->session_is('/auth_r', $refresh_token) |
| 325 | ->header_isnt('X-Kalamar-Cache', 'true') |
Akron | 8bbbecf | 2019-07-01 18:57:30 +0200 | [diff] [blame] | 326 | ; |
| 327 | |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 328 | # Expire the session |
| 329 | # (makes the token be marked as expired - though it isn't serverside) |
| 330 | $t->get_ok('/x/expire') |
Akron | 8bbbecf | 2019-07-01 18:57:30 +0200 | [diff] [blame] | 331 | ->status_is(200) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 332 | ->content_is('okay') |
| 333 | ; |
| 334 | |
| 335 | ## It may be a problem, but the cache is still valid |
| 336 | $t->get_ok('/?q=Baum') |
| 337 | ->status_is(200) |
| 338 | ->text_like('h1 span', qr/KorAP: Find .Baum./i) |
| 339 | ->text_like('#total-results', qr/\d+$/) |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 340 | ->content_like(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 341 | ->header_is('X-Kalamar-Cache', 'true') |
| 342 | ; |
| 343 | |
| 344 | # Query without partial cache (unfortunately) (but no total results) |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 345 | my $err = $t->get_ok('/?q=baum&cutoff=true') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 346 | ->status_is(200) |
| 347 | ->session_is('/auth', 'Bearer ' . $access_token_2) |
| 348 | ->session_is('/auth_r', $refresh_token_2) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 349 | ->text_is('title', 'KorAP: Find »baum« with Poliqarp') |
| 350 | ->element_exists('meta[name="DC.title"][content="KorAP: Find »baum« with Poliqarp"]') |
| 351 | ->element_exists('body[itemscope][itemtype="http://schema.org/SearchResultsPage"]') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 352 | ->content_like(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 353 | ->header_isnt('X-Kalamar-Cache', 'true') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 354 | ->content_like(qr!${q}cutOff${q}:true!) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 355 | ->element_exists_not('#total-results') |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 356 | ->tx->res->dom->at('#error') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 357 | ; |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 358 | is(defined $err ? $err->text : '', ''); |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 359 | |
| 360 | # Expire the session and remove the refresh option |
| 361 | $t->get_ok('/x/expire-no-refresh') |
| 362 | ->status_is(200) |
| 363 | ->content_is('okay') |
| 364 | ; |
| 365 | |
| 366 | $t->app->defaults(no_cache => 1); |
| 367 | |
| 368 | |
| 369 | $t->get_ok('/x/invalid-no-refresh') |
| 370 | ->status_is(200) |
| 371 | ->content_is('okay') |
| 372 | ; |
| 373 | |
| 374 | # Query without cache |
| 375 | # The token is invalid and can't be refreshed! |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 376 | $err = $t->get_ok('/?q=baum&cutoff=true') |
Akron | 3c390c4 | 2020-03-30 09:06:21 +0200 | [diff] [blame] | 377 | ->status_is(400) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 378 | ->session_hasnt('/auth') |
| 379 | ->session_hasnt('/auth_r') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 380 | ->text_is('div.notify-error','Access token invalid') |
| 381 | ->text_is('title', 'KorAP: Find »baum« with Poliqarp') |
| 382 | ->element_exists('meta[name="DC.title"][content="KorAP: Find »baum« with Poliqarp"]') |
| 383 | ->element_exists('body[itemscope][itemtype="http://schema.org/SearchResultsPage"]') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 384 | ->content_unlike(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 385 | ->header_isnt('X-Kalamar-Cache', 'true') |
| 386 | ->element_exists('p.no-results') |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 387 | ->tx->res->dom->at('#error') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 388 | ; |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 389 | is(defined $err ? $err->text : '', ''); |
| 390 | |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 391 | |
| 392 | $t->get_ok('/x/invalid') |
| 393 | ->status_is(200) |
| 394 | ->content_is('okay') |
| 395 | ; |
| 396 | |
| 397 | # Query without cache |
| 398 | # The token is invalid and can't be refreshed! |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 399 | $err = $t->get_ok('/?q=baum&cutoff=true') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 400 | ->status_is(200) |
| 401 | ->session_is('/auth', 'Bearer ' . $access_token_2) |
| 402 | ->session_is('/auth_r', $refresh_token_2) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 403 | ->element_exists_not('div.notify-error','Access token invalid') |
| 404 | ->text_is('title', 'KorAP: Find »baum« with Poliqarp') |
| 405 | ->element_exists('meta[name="DC.title"][content="KorAP: Find »baum« with Poliqarp"]') |
| 406 | ->element_exists('body[itemscope][itemtype="http://schema.org/SearchResultsPage"]') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 407 | ->content_like(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 408 | ->header_isnt('X-Kalamar-Cache', 'true') |
| 409 | ->element_exists_not('p.no-results') |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 410 | ->tx->res->dom->at('#error') |
Akron | 8bbbecf | 2019-07-01 18:57:30 +0200 | [diff] [blame] | 411 | ; |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 412 | is(defined $err ? $err->text : '', ''); |
Akron | 8bbbecf | 2019-07-01 18:57:30 +0200 | [diff] [blame] | 413 | |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 414 | |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 415 | $t->get_ok('/x/expired-with-wrong-refresh') |
| 416 | ->status_is(200) |
| 417 | ->content_is('okay') |
| 418 | ; |
Akron | 4796e00 | 2019-07-05 10:13:15 +0200 | [diff] [blame] | 419 | |
Akron | 4796e00 | 2019-07-05 10:13:15 +0200 | [diff] [blame] | 420 | |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 421 | # The token is invalid and can't be refreshed! |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 422 | my $dom = $t->get_ok('/?q=baum&cutoff=true') |
Akron | 3c390c4 | 2020-03-30 09:06:21 +0200 | [diff] [blame] | 423 | ->status_is(400) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 424 | ->session_hasnt('/auth') |
| 425 | ->session_hasnt('/auth_r') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 426 | ->text_is('div.notify-error','Refresh token is expired') |
| 427 | ->text_is('title', 'KorAP: Find »baum« with Poliqarp') |
Akron | bc6b3f2 | 2021-01-13 14:53:12 +0100 | [diff] [blame] | 428 | ->content_unlike(qr/${q}authorized${q}:${q}yes${q}/) |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 429 | ->element_exists('p.no-results') |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 430 | ->tx->res->dom; |
| 431 | |
| 432 | $csrf = $dom->at('input[name="csrf_token"]') |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 433 | ->attr('value') |
Akron | cdfd9d5 | 2019-07-23 11:35:00 +0200 | [diff] [blame] | 434 | ; |
Akron | 4796e00 | 2019-07-05 10:13:15 +0200 | [diff] [blame] | 435 | |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 436 | $err = $dom->at('#error'); |
| 437 | is(defined $err ? $err->text : '', ''); |
| 438 | |
| 439 | |
Akron | 6a228db | 2021-10-14 15:57:00 +0200 | [diff] [blame] | 440 | # This should fail |
| 441 | my $wide_char_login = "\x{61}\x{E5}\x{61}"; # "\x{443}\x{434}"; |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 442 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 443 | handle_or_email => $wide_char_login, |
Akron | 6a228db | 2021-10-14 15:57:00 +0200 | [diff] [blame] | 444 | pwd => 'pass', |
| 445 | csrf_token => $csrf, |
| 446 | fwd => $fwd |
| 447 | }) |
| 448 | ->status_is(302) |
| 449 | ->header_is('Location' => '/'); |
| 450 | |
| 451 | $t->get_ok('/') |
| 452 | ->status_is(200) |
| 453 | ->element_exists('div.notify-error') |
| 454 | ->text_is('div.notify-error', 'Invalid character in request') |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 455 | ->element_exists('input[name=handle_or_email]:not([value])') |
Akron | 6a228db | 2021-10-14 15:57:00 +0200 | [diff] [blame] | 456 | ->element_exists_not('div.button.top a') |
| 457 | ; |
| 458 | |
| 459 | # Login: |
| 460 | # UTF8 request |
| 461 | my $username = b('täst')->encode; |
| 462 | $t->post_ok('/user/login' => form => { |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 463 | handle_or_email => $username, |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 464 | pwd => 'pass', |
| 465 | csrf_token => $csrf |
| 466 | }) |
| 467 | ->status_is(302) |
| 468 | ->content_is('') |
| 469 | ->header_is('Location' => '/'); |
| 470 | |
| 471 | $t->get_ok('/') |
| 472 | ->status_is(200) |
Akron | 78e0b6f | 2023-04-12 12:50:29 +0200 | [diff] [blame] | 473 | ->content_type_is('text/html;charset=UTF-8') |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 474 | ->element_exists_not('div.notify-error') |
| 475 | ->element_exists('div.notify-success') |
| 476 | ->text_is('div.notify-success', 'Login successful') |
Akron | 78e0b6f | 2023-04-12 12:50:29 +0200 | [diff] [blame] | 477 | # Weird error in certain environments otherwise |
| 478 | ->attr_like('a.logout', 'title', qr!^Logout: t.+st$!) |
Akron | 1d09b53 | 2021-06-15 18:18:25 +0200 | [diff] [blame] | 479 | ->element_exists_not('aside.off') |
Akron | dc0b3ab | 2021-06-18 11:52:43 +0200 | [diff] [blame] | 480 | ->element_exists_not('aside.active') |
Akron | 1d09b53 | 2021-06-15 18:18:25 +0200 | [diff] [blame] | 481 | ->element_exists('aside.settings') |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 482 | ; |
| 483 | |
| 484 | $t->get_ok('/settings/oauth') |
| 485 | ->text_is('form.form-table legend', 'Register new client application') |
| 486 | ->attr_is('form.oauth-register','action', '/settings/oauth/register') |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 487 | ->text_is('label[for=name]','Name of the client application') |
| 488 | ->text_is('label[for=type]','Type of the client application') |
| 489 | ->text_is('label[for=desc]','Short description') |
| 490 | ->text_is('label[for=url]','Homepage') |
| 491 | ->text_is('label[for=redirect_uri]','Redirect URI') |
| 492 | ->text_is('label[for=src]','Declaration of the plugin (*.json file)') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 493 | ->element_exists('ul.client-list') |
| 494 | ->element_exists_not('ul.client-list > li') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 495 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 496 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 497 | ->header_is('Pragma','no-cache') |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 498 | ; |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 499 | |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 500 | my $loglines = ''; |
| 501 | $t->app->log->on( |
| 502 | message => sub { |
| 503 | my ($log, $level, @lines) = @_; |
| 504 | if ($level eq 'warn') { |
| 505 | $loglines = join ',', @lines; |
| 506 | }; |
| 507 | }); |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 508 | |
| 509 | $t->get_ok('/settings/marketplace') |
| 510 | ->status_is(200) |
| 511 | ->text_is('html head title' => 'Marketplace') |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 512 | ->element_exists_not('ul.plugin_list') |
| 513 | ->element_exists_not('ul.plugin_in-list') |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 514 | ; |
| 515 | |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 516 | is($loglines, '', 'Check log is fine'); |
| 517 | |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 518 | $csrf = $t->post_ok('/settings/oauth/register' => form => { |
| 519 | name => 'MyApp', |
| 520 | type => 'PUBLIC', |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 521 | desc => 'This is my plugin application' |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 522 | }) |
| 523 | ->text_is('div.notify-error', 'Bad CSRF token') |
| 524 | ->tx->res->dom->at('input[name="csrf_token"]') |
| 525 | ->attr('value') |
| 526 | ; |
| 527 | |
| 528 | $t->post_ok('/settings/oauth/register' => form => { |
| 529 | name => 'MyApp', |
Akron | 99968a9 | 2022-06-03 12:32:07 +0200 | [diff] [blame] | 530 | type => 'PUBLIC', |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 531 | desc => 'This is my plugin application', |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 532 | csrf_token => $csrf, |
| 533 | src => { |
| 534 | filename => '', |
| 535 | content => '' |
| 536 | } |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 537 | }) |
| 538 | ->status_is(200) |
| 539 | ->element_exists('div.notify-success') |
| 540 | ->text_is('legend', 'Client Credentials') |
| 541 | ->text_is('label[for=client_id]', 'ID of the client application') |
| 542 | ->element_exists('input[name=client_id][readonly][value]') |
Akron | 99968a9 | 2022-06-03 12:32:07 +0200 | [diff] [blame] | 543 | ->element_exists_not('input[name=client_secret][readonly][value]') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 544 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 545 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 546 | ->header_is('Pragma','no-cache') |
Akron | 5999212 | 2019-10-29 11:28:45 +0100 | [diff] [blame] | 547 | ; |
Akron | 4796e00 | 2019-07-05 10:13:15 +0200 | [diff] [blame] | 548 | |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 549 | my $anchor = $t->get_ok('/settings/oauth') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 550 | ->text_is('.form-table legend', 'Register new client application') |
| 551 | ->attr_is('.oauth-register','action', '/settings/oauth/register') |
Akron | 17de86e | 2020-04-16 16:03:40 +0200 | [diff] [blame] | 552 | ->text_is('ul.client-list > li > span.client-name a', 'MyApp') |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 553 | ->text_is('ul.client-list > li > p.client-desc', 'This is my plugin application') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 554 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 555 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 556 | ->header_is('Pragma','no-cache') |
Akron | b6b156e | 2022-03-31 14:57:49 +0200 | [diff] [blame] | 557 | ->tx->res->dom->at('ul.client-list > li > p.client-url a') |
Akron | 17de86e | 2020-04-16 16:03:40 +0200 | [diff] [blame] | 558 | ; |
Akron | 58c6099 | 2021-09-07 13:11:43 +0200 | [diff] [blame] | 559 | is(defined $anchor ? $anchor->text : '', ''); |
Akron | 17de86e | 2020-04-16 16:03:40 +0200 | [diff] [blame] | 560 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 561 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | 17de86e | 2020-04-16 16:03:40 +0200 | [diff] [blame] | 562 | ->status_is(200) |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 563 | ->text_is('ul.client-list > li.client > span.client-name', 'MyApp') |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 564 | ->text_is('ul.client-list > li.client > p.client-desc', 'This is my plugin application') |
Akron | 17de86e | 2020-04-16 16:03:40 +0200 | [diff] [blame] | 565 | ->text_is('a.client-unregister', 'Unregister') |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 566 | ->attr_is('a.client-unregister', 'href', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/unregister?name=MyApp') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 567 | ; |
| 568 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 569 | $csrf = $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/unregister?name=MyApp') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 570 | ->content_like(qr!Do you really want to unregister \<span class="client-name"\>MyApp\<\/span\>?!) |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 571 | ->attr_is('.form-table input[name=client-name]', 'value', 'MyApp') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 572 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 573 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 574 | ->header_is('Pragma','no-cache') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 575 | ->tx->res->dom->at('input[name="csrf_token"]') |
| 576 | ->attr('value') |
| 577 | ; |
| 578 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 579 | $t->post_ok('/settings/oauth/xxxx==/unregister' => form => { |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 580 | 'client-name' => 'MyApp', |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 581 | 'csrf_token' => $csrf |
| 582 | })->status_is(302) |
| 583 | ->content_is('') |
| 584 | ->header_is('Location' => '/settings/oauth') |
| 585 | ; |
| 586 | |
| 587 | $t->get_ok('/settings/oauth') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 588 | ->text_is('.form-table legend', 'Register new client application') |
| 589 | ->attr_is('.oauth-register','action', '/settings/oauth/register') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 590 | ->element_exists('ul.client-list > li') |
| 591 | ->text_is('div.notify', 'Unknown client with xxxx==.') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 592 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 593 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 594 | ->header_is('Pragma','no-cache') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 595 | ; |
| 596 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 597 | $t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/unregister' => form => { |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 598 | 'client-name' => 'MyApp', |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 599 | 'csrf_token' => $csrf |
| 600 | })->status_is(302) |
| 601 | ->content_is('') |
| 602 | ->header_is('Location' => '/settings/oauth') |
| 603 | ; |
| 604 | |
| 605 | $t->get_ok('/settings/oauth') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 606 | ->text_is('.form-table legend', 'Register new client application') |
| 607 | ->attr_is('.oauth-register','action', '/settings/oauth/register') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 608 | ->element_exists_not('ul.client-list > li') |
| 609 | ->text_is('div.notify-success', 'Successfully deleted MyApp') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 610 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 611 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 612 | ->header_is('Pragma','no-cache') |
Akron | 1a9d5be | 2020-03-19 17:28:33 +0100 | [diff] [blame] | 613 | ; |
| 614 | |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 615 | $t->post_ok('/settings/oauth/register' => form => { |
| 616 | name => 'MyApp2', |
| 617 | type => 'PUBLIC', |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 618 | desc => 'This is my plugin application', |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 619 | csrf_token => $csrf |
| 620 | })->status_is(200) |
| 621 | ->element_exists('div.notify-success') |
| 622 | ->text_is('legend', 'Client Credentials') |
| 623 | ->text_is('label[for=client_id]', 'ID of the client application') |
| 624 | ->element_exists('input[name=client_id][readonly][value]') |
| 625 | ->element_exists_not('input[name=client_secret][readonly][value]') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 626 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 627 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 628 | ->header_is('Pragma','no-cache') |
Akron | b6b156e | 2022-03-31 14:57:49 +0200 | [diff] [blame] | 629 | ->element_exists('.client-issue-token') |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 630 | ; |
| 631 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 632 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 633 | ->text_is('.client-name', 'MyApp2') |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 634 | ->text_is('.client-desc', 'This is my plugin application') |
Akron | e997bb5 | 2021-06-11 16:44:06 +0200 | [diff] [blame] | 635 | ->text_is('.client-issue-token', 'Issue new token') |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 636 | ->attr_is('.client-issue-token', 'href', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?name=MyApp2') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 637 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 638 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 639 | ->header_is('Pragma','no-cache') |
Akron | e997bb5 | 2021-06-11 16:44:06 +0200 | [diff] [blame] | 640 | ->text_is('ul.token-list label[for=token]', 'Access Token') |
| 641 | ->text_is('p[name=created]', 'Created at ') |
| 642 | ->text_is('p[name=expires]', 'Expires in 31533851 seconds.') |
Akron | b6b156e | 2022-03-31 14:57:49 +0200 | [diff] [blame] | 643 | ->element_exists('.client-issue-token') |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 644 | ; |
| 645 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 646 | $csrf = $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?name=MyApp2') |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 647 | ->status_is(200) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 648 | ->attr_is('#issue-token','action', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token') |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 649 | ->attr_is('input[name=client-id]', 'value', 'fCBbQkA2NDA3MzM1Yw==') |
| 650 | ->attr_is('input[name=name]', 'value', 'MyApp2') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 651 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 652 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 653 | ->header_is('Pragma','no-cache') |
Akron | e997bb5 | 2021-06-11 16:44:06 +0200 | [diff] [blame] | 654 | ->text_is('a.button-abort', 'Abort') |
| 655 | ->attr_is('#issue-token input[type=submit]', 'value', 'Issue new token') |
| 656 | ->content_like(qr!Issue a new token for!) |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 657 | ->tx->res->dom->at('input[name="csrf_token"]') |
| 658 | ->attr('value') |
| 659 | ; |
| 660 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 661 | $t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token' => form => { |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 662 | csrf_token => $csrf, |
| 663 | name => 'MyApp2', |
| 664 | 'client-id' => 'fCBbQkA2NDA3MzM1Yw==' |
| 665 | }) |
Akron | bc94a9c | 2021-04-15 00:07:35 +0200 | [diff] [blame] | 666 | ->status_is(302) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 667 | ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | bc94a9c | 2021-04-15 00:07:35 +0200 | [diff] [blame] | 668 | ; |
| 669 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 670 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
| 671 | ->status_is(200) |
Akron | bc94a9c | 2021-04-15 00:07:35 +0200 | [diff] [blame] | 672 | ->text_is('div.notify-success', 'New access token created') |
Akron | ad011bb | 2021-06-10 12:16:36 +0200 | [diff] [blame] | 673 | ->status_is(200) |
| 674 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 675 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 676 | ->header_is('Pragma','no-cache') |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 677 | ; |
| 678 | |
Akron | e3daaeb | 2023-05-08 09:44:18 +0200 | [diff] [blame] | 679 | $t->post_ok('/settings/oauth/307/token' => form => { |
| 680 | csrf_token => $csrf, |
| 681 | name => 'MyApp2', |
| 682 | }) |
| 683 | ->status_is(302) |
| 684 | ->header_is('Location','/settings/oauth/307') |
| 685 | ; |
| 686 | |
| 687 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
| 688 | ->status_is(200) |
| 689 | ->text_is('div.notify-success', 'New access token created') |
| 690 | ->status_is(200) |
| 691 | ->header_is('Cache-Control','max-age=0, no-cache, no-store, must-revalidate') |
| 692 | ->header_is('Expires','Thu, 01 Jan 1970 00:00:00 GMT') |
| 693 | ->header_is('Pragma','no-cache') |
| 694 | ; |
| 695 | |
| 696 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 697 | $csrf = $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 698 | ->status_is(200) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 699 | ->attr_is('form.token-revoke', 'action', '/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token/revoke') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 700 | ->attr_is('form.token-revoke input[name=token]', 'value', 'jhkhkjhk_hjgjsfz67i') |
| 701 | ->attr_is('form.token-revoke input[name=name]', 'value', 'MyApp2') |
| 702 | ->tx->res->dom->at('input[name="csrf_token"]') |
| 703 | ->attr('value') |
| 704 | ; |
| 705 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 706 | $t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token/revoke' => form => { |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 707 | csrf_token => $csrf, |
| 708 | name => 'MyApp2', |
| 709 | token => 'jhkhkjhk_hjgjsfz67i' |
| 710 | }) |
| 711 | ->status_is(200) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 712 | ->attr_is('form#revoke-token','action','/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 713 | ->attr_is('form#revoke-token','method','POST') |
| 714 | ->attr_is('form#revoke-token input[name=token]','value','jhkhkjhk_hjgjsfz67i') |
Akron | e997bb5 | 2021-06-11 16:44:06 +0200 | [diff] [blame] | 715 | ->text_is('a.button-abort', 'Abort') |
| 716 | ->attr_is('#revoke-token input[type=submit]', 'value', 'Revoke') |
| 717 | ->content_like(qr!Revoke a token for!) |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 718 | ; |
| 719 | |
| 720 | |
| 721 | # CSRF missing |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 722 | $t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => { |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 723 | name => 'MyApp2', |
| 724 | token => 'jhkhkjhk_hjgjsfz67i' |
| 725 | })->status_is(302) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 726 | ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 727 | ; |
| 728 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 729 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 730 | ->element_exists_not('div.notify-success') |
| 731 | ->text_is('div.notify-error', 'Bad CSRF token') |
| 732 | ; |
| 733 | |
| 734 | # Token missing |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 735 | $t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => { |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 736 | name => 'MyApp2', |
| 737 | csrf_token => $csrf, |
| 738 | })->status_is(302) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 739 | ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 740 | ; |
| 741 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 742 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 743 | ->element_exists_not('div.notify-success') |
| 744 | ->text_is('div.notify-error', 'Some fields are invalid') |
| 745 | ; |
| 746 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 747 | $t->post_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==/token?_method=DELETE' => form => { |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 748 | name => 'MyApp2', |
| 749 | csrf_token => $csrf, |
| 750 | token => 'jhkhkjhk_hjgjsfz67i' |
| 751 | })->status_is(302) |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 752 | ->header_is('Location','/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 753 | ; |
| 754 | |
Akron | 041ca4d | 2021-06-10 11:52:51 +0200 | [diff] [blame] | 755 | $t->get_ok('/settings/oauth/fCBbQkA2NDA3MzM1Yw==') |
Akron | c1aaf93 | 2021-06-09 12:19:15 +0200 | [diff] [blame] | 756 | ->element_exists_not('div.notify-error') |
| 757 | ->text_is('div.notify-success', 'Token was revoked successfully') |
| 758 | ; |
Akron | 83209f7 | 2021-01-29 17:54:15 +0100 | [diff] [blame] | 759 | |
Akron | b6b156e | 2022-03-31 14:57:49 +0200 | [diff] [blame] | 760 | $t->app->routes->get('/x/redirect-target')->to( |
| 761 | cb => sub { |
| 762 | my $c = shift; |
| 763 | return $c->render(text => 'redirected'); |
| 764 | } |
| 765 | ); |
| 766 | |
| 767 | $csrf = $t->post_ok('/settings/oauth/register' => form => { |
| 768 | name => 'MyConfApp', |
| 769 | type => 'CONFIDENTIAL', |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 770 | desc => 'This is my plugin application', |
Akron | b6b156e | 2022-03-31 14:57:49 +0200 | [diff] [blame] | 771 | }) |
| 772 | ->text_is('div.notify-error', 'Bad CSRF token') |
| 773 | ->tx->res->dom->at('input[name="csrf_token"]') |
| 774 | ->attr('value') |
| 775 | ; |
| 776 | |
| 777 | $t->post_ok('/settings/oauth/register' => form => { |
| 778 | name => 'MyConfApp', |
| 779 | type => 'CONFIDENTIAL', |
| 780 | desc => 'This is my confidential application', |
| 781 | csrf_token => $csrf, |
| 782 | redirect_uri => 'http://localhost/redirect-target' |
| 783 | }) |
| 784 | ->text_is('div.notify-error', undef) |
| 785 | ->text_is('li.client span.client-name', 'MyConfApp') |
| 786 | ->text_is('li.client p.client-desc', 'This is my confidential application') |
| 787 | ->text_is('li.client .client-redirect-uri tt', 'http://localhost/redirect-target') |
| 788 | ->text_is('li.client .client-type tt', 'CONFIDENTIAL') |
| 789 | ->element_exists_not('.client-issue-token') |
| 790 | ; |
| 791 | |
| 792 | $t->post_ok('/settings/oauth/register' => form => { |
| 793 | name => 'MyConfApp2', |
| 794 | type => 'CONFIDENTIAL', |
| 795 | desc => 'This is my second confidential application', |
| 796 | csrf_token => $csrf, |
| 797 | redirect_uri => 'http://localhost/FAIL' |
| 798 | }) |
| 799 | ->status_is(302) |
| 800 | ->header_is('location','/settings/oauth/') |
| 801 | ; |
| 802 | |
| 803 | $t->get_ok('/settings/oauth/') |
| 804 | ->text_is('div.notify-error', 'invalid_request: http://localhost/FAIL is invalid.') |
| 805 | ; |
| 806 | |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 807 | # OAuth client authorization flow |
| 808 | $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')) |
| 809 | ->status_is(302) |
Akron | 5ea0f5d | 2023-01-20 11:51:43 +0100 | [diff] [blame] | 810 | ->header_is('location','/settings/oauth') |
| 811 | ; |
| 812 | |
| 813 | $t->get_ok('/settings/oauth/') |
Akron | 2c142ab | 2023-01-30 13:21:57 +0100 | [diff] [blame] | 814 | ->text_is('div.notify-error', 'Client ID required') |
| 815 | ; |
| 816 | |
| 817 | $t->get_ok(Mojo::URL->new('/settings/oauth/authorize?client_id=xyz')) |
| 818 | ->status_is(302) |
| 819 | ->header_is('location','/settings/oauth') |
| 820 | ; |
| 821 | |
| 822 | $t->get_ok('/settings/oauth/') |
| 823 | ->text_is('div.notify-error', 'Scope required') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 824 | ; |
| 825 | |
Akron | db1f467 | 2023-01-24 12:05:07 +0100 | [diff] [blame] | 826 | # OAuth client authorization flow |
| 827 | $t->get_ok(Mojo::URL->new('/settings/oauth/authorize?client_id=abc')) |
| 828 | ->status_is(302) |
| 829 | ->header_is('location','/settings/oauth') |
| 830 | ; |
| 831 | |
| 832 | $t->get_ok('/settings/oauth/') |
Akron | 2c142ab | 2023-01-30 13:21:57 +0100 | [diff] [blame] | 833 | ->text_is('div.notify-error', 'Scope required') |
| 834 | ; |
| 835 | |
| 836 | # OAuth client authorization flow |
| 837 | $t->get_ok(Mojo::URL->new('/settings/oauth/authorize?client_id=abc&scope=match')) |
| 838 | ->status_is(302) |
| 839 | ->header_is('location','/settings/oauth') |
| 840 | ; |
| 841 | |
| 842 | $t->get_ok('/settings/oauth/') |
Akron | db1f467 | 2023-01-24 12:05:07 +0100 | [diff] [blame] | 843 | ->text_is('div.notify-error', 'Unknown client with abc.') |
| 844 | ; |
| 845 | |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 846 | # Logout |
| 847 | $t->get_ok('/x/expired-with-wrong-refresh'); |
| 848 | |
| 849 | $t->get_ok('/user/logout') |
| 850 | ->status_is(302) |
| 851 | ->session_hasnt('/auth') |
| 852 | ->session_hasnt('/auth_r') |
| 853 | ->session_hasnt('/user') |
| 854 | ->header_is('Location' => '/'); |
| 855 | |
Akron | 001dcd2 | 2023-02-07 08:38:11 +0100 | [diff] [blame] | 856 | $t->get_ok('/') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 857 | ->status_is(200) |
| 858 | ->element_exists_not('div.notify-error') |
| 859 | ->element_exists('div.notify-success') |
| 860 | ->text_is('div.notify-success', 'Logout successful') |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 861 | ->element_exists("input[name=handle_or_email]") |
Akron | 001dcd2 | 2023-02-07 08:38:11 +0100 | [diff] [blame] | 862 | ; |
| 863 | |
| 864 | # OAuth client authorization flow - but user not logged in |
| 865 | $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')) |
| 866 | ->status_is(302) |
| 867 | ->header_is('location','/') |
| 868 | ; |
| 869 | |
| 870 | $csrf = $t->get_ok('/') |
| 871 | ->status_is(200) |
| 872 | ->element_exists('div.notify-error') |
| 873 | ->element_exists_not('div.notify-success') |
| 874 | ->text_is('div.notify-error', 'Client ID required') |
| 875 | ->element_exists("input[name=handle_or_email]") |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 876 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 877 | ; |
| 878 | |
Akron | 408bc7c | 2022-04-28 15:46:43 +0200 | [diff] [blame] | 879 | $fake_backend_app->add_client({ |
| 880 | "client_id" => 'xyz', |
| 881 | "client_name" => 'New added client', |
| 882 | "client_description" => 'This is a new client', |
| 883 | "client_url" => 'http://example.com', |
| 884 | "client_type" => 'CONFIDENTIAL' |
| 885 | # "client_redirect_uri" => $redirect_uri |
| 886 | }); |
| 887 | |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 888 | |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 889 | $fake_backend_app->add_client({ |
| 890 | "client_id" => 'xyz2', |
| 891 | "client_name" => 'New added client', |
| 892 | "client_description" => 'This is a new client', |
| 893 | "client_url" => 'http://example.com', |
| 894 | "client_type" => 'CONFIDENTIAL', |
| 895 | "client_redirect_uri" => 'http://redirect.url/' |
| 896 | }); |
| 897 | |
Akron | eb39cf3 | 2023-04-03 14:40:48 +0200 | [diff] [blame] | 898 | $t->get_ok('/settings/oauth/xyz2') |
| 899 | ->status_is(200) |
| 900 | ->text_is('li.client span.client-name','New added client') |
| 901 | ->attr_is('li.client p.client-url a','href','http://example.com') |
| 902 | ->attr_is('li.client input[name=client_id]','value','xyz2') |
| 903 | ->element_exists('li.client p.client-type-confidential') |
| 904 | ->text_is('li.client p.client-redirect-uri tt','http://redirect.url/') |
| 905 | ; |
| 906 | |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 907 | $fwd = $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 908 | client_id => 'xyz2', |
| 909 | scope => 'search match', |
| 910 | redirect_uri => 'http://test.com/', |
| 911 | })) |
| 912 | ->status_is(200) |
| 913 | ->text_is('div.notify-warn', 'redirect_uri host differs from registered host') |
| 914 | ->element_exists_not('div.notify-error') |
| 915 | ->element_exists_not('div.notify-success') |
| 916 | ->element_exists("input[name=handle_or_email]") |
| 917 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 918 | ; |
| 919 | |
| 920 | $fwd = $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 921 | client_id => 'xyz2', |
| 922 | scope => 'search match', |
| 923 | redirect_uri => 'http://redirect.url:9000/', |
| 924 | })) |
| 925 | ->status_is(200) |
| 926 | ->text_is('div.notify-warn', 'redirect_uri port differs from registered port') |
| 927 | ->element_exists_not('div.notify-error') |
| 928 | ->element_exists_not('div.notify-success') |
| 929 | ->element_exists("input[name=handle_or_email]") |
| 930 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 931 | ; |
| 932 | |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 933 | |
| 934 | $fake_backend_app->add_plugin({ |
| 935 | "source" => {"key1" => 'wert1', "key2" => 'wert2'}, |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 936 | "client_id" => '52abc', |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 937 | "permitted" => 'true', |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 938 | "client_name" => 'Plugin 1', |
| 939 | "client_type" => 'CONFIDENTIAL', |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 940 | "client_description" => 'Description Plugin 1', |
| 941 | "client_url" => 'http://example.client.de', |
| 942 | "registration_date" => '2022-05-31T14:30:09+02:00[Europe/Berlin]', |
| 943 | "registered_by" => 'system' |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 944 | }); |
| 945 | |
| 946 | |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 947 | $fwd = $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 948 | client_id => 'xyz', |
| 949 | state => 'abcde', |
| 950 | scope => 'search match', |
| 951 | redirect_uri => 'http://test.com/', |
| 952 | })) |
| 953 | ->status_is(200) |
| 954 | ->attr_is('input[name=client_id]','value','xyz') |
| 955 | ->attr_is('input[name=state]','value','abcde') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 956 | ->attr_like('input[name=fwd]','value',qr!test\.com!) |
Akron | 408bc7c | 2022-04-28 15:46:43 +0200 | [diff] [blame] | 957 | ->text_is('span.client-name','New added client') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 958 | ->text_is('div.intro p:nth-child(2)', 'Please log in!') |
| 959 | ->tx->res->dom->at('input[name=fwd]')->attr('value') |
| 960 | ; |
| 961 | |
| 962 | $fwd = $t->post_ok(Mojo::URL->new('/user/login')->query({ |
| 963 | csrf_token => $csrf, |
| 964 | client_id => 'xyz', |
| 965 | state => 'abcde', |
| 966 | scope => 'search match', |
| 967 | redirect_uri => 'http://test.com/', |
Akron | 9fa7cc5 | 2022-05-12 11:17:20 +0200 | [diff] [blame] | 968 | handle_or_email => 'test', |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 969 | pwd => 'pass', |
| 970 | fwd => $fwd |
| 971 | })) |
| 972 | ->status_is(302) |
| 973 | ->header_like('location', qr!/settings/oauth/authorize!) |
| 974 | ->tx->res->headers->header('location') |
| 975 | ; |
| 976 | |
| 977 | $t->get_ok($fwd) |
| 978 | ->status_is(200) |
| 979 | ->attr_is('input[name=client_id]','value','xyz') |
| 980 | ->attr_is('input[name=state]','value','abcde') |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 981 | ->attr_like('input[name=redirect_uri]','value', qr!^http://test\.com\/\?crto=.{3,}!) |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 982 | ->text_is('ul#scopes li:nth-child(1)','search') |
| 983 | ->text_is('ul#scopes li:nth-child(2)','match') |
Akron | 408bc7c | 2022-04-28 15:46:43 +0200 | [diff] [blame] | 984 | ->text_is('span.client-name','New added client') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 985 | ->attr_is('a.form-button','href','http://test.com/') |
| 986 | ->attr_is('a.embedded-link', 'href', '/doc/korap/kalamar') |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 987 | ->element_exists_not('div.notify-error') |
| 988 | ->element_exists_not('div.notify-warn') |
| 989 | ->element_exists_not('blockquote.warning') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 990 | ; |
| 991 | |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 992 | $t->get_ok('/settings/marketplace') |
| 993 | ->status_is(200) |
| 994 | ->text_is('html head title' => 'Marketplace') |
| 995 | ->element_exists('ul.plugin-list') |
| 996 | ->element_exists('ul.plugin-list > li') |
| 997 | ->element_exists('p.registration_date') |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 998 | ->text_is('span.client-name','Plugin 1') |
| 999 | ->text_is('p.plugin-desc','Description Plugin 1') |
| 1000 | ; |
| 1001 | |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 1002 | |
| 1003 | |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 1004 | $fake_backend_app->add_plugin({ |
| 1005 | "source" => {"one" => '1', "two" => '2'}, |
| 1006 | "permitted" => 'false', |
| 1007 | "client_id" => '53abc', |
| 1008 | "client_name" => 'Plugin 2', |
| 1009 | "client_type" => 'CONFIDENTIAL', |
| 1010 | "client_description" =>'Description Plugin 2' |
| 1011 | }); |
| 1012 | |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 1013 | $t->get_ok('/settings/marketplace') |
| 1014 | ->status_is(200) |
| 1015 | ->element_exists('ul.plugin-list') |
| 1016 | ->element_exists('ul.plugin-list > li') |
| 1017 | ->text_is('span.client-name','Plugin 1') |
| 1018 | ->text_is('p.plugin-desc','Description Plugin 1') |
| 1019 | ->element_exists('ul.plugin-list > li + li') |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 1020 | ->text_is('ul.plugin-list > li + li >span.client-name','Plugin 2') |
| 1021 | ->text_is('ul.plugin-list > li + li >p.plugin-desc','Description Plugin 2') |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 1022 | ; |
| 1023 | |
Helge | db720ea | 2023-03-20 09:39:36 +0100 | [diff] [blame^] | 1024 | $t->ua->max_redirects(0); |
| 1025 | |
| 1026 | $t->post_ok('/settings/marketplace', form => {'client-id' => '52abc'}) |
| 1027 | ->status_is(302) |
| 1028 | ->header_is(location => '/settings/marketplace') |
| 1029 | ; |
| 1030 | |
| 1031 | $t->ua->max_redirects(1); |
| 1032 | |
| 1033 | $t->post_ok('/settings/marketplace', form => {'client-id' => '52abc'}) |
| 1034 | ->status_is(200) |
| 1035 | ->element_exists('ul.plugin-list') |
| 1036 | ->element_exists('ul.plugin-list > li') |
| 1037 | ->text_is('ul.plugin-list > li > span.client-name','Plugin 2') |
| 1038 | ->text_is('ul.plugin-list > li > p.plugin-desc','Description Plugin 2') |
| 1039 | ->element_exists_not('ul.plugin-list > li + li') |
| 1040 | ->element_exists('ul.plugin_in-list') |
| 1041 | ->element_exists('ul.plugin_in-list > li') |
| 1042 | ->text_is('ul.plugin_in-list > li > span.client-name','Plugin 1') |
| 1043 | ->text_is('ul.plugin_in-list > li > p.inst_date','Date of Installation: 2022-12-13T16:33:27.621+01:00[Europe/Berlin]') |
| 1044 | ; |
| 1045 | |
| 1046 | $t->ua->max_redirects(0); |
| 1047 | |
| 1048 | $t->post_ok('/settings/marketplace', form => {'client-id' => 'unsinn31'}) |
| 1049 | ->status_is(302) |
| 1050 | ->header_is(location => '/settings/marketplace') |
| 1051 | ; |
| 1052 | |
| 1053 | $t->ua->max_redirects(1); |
| 1054 | |
| 1055 | $t->post_ok('/settings/marketplace', form => {'client-id' => 'unsinn31'}) |
| 1056 | ->status_is(200) |
| 1057 | ->text_is('div.notify-error', 'Plugin could not be installed') |
| 1058 | ; |
| 1059 | |
| 1060 | $t->ua->max_redirects(0); |
Helge | 278fbca | 2022-11-29 18:49:15 +0100 | [diff] [blame] | 1061 | |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1062 | $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 1063 | client_id => 'xyz', |
| 1064 | state => 'abcde', |
| 1065 | scope => 'search match', |
| 1066 | redirect_uri => 'http://test.com/' |
| 1067 | })) |
| 1068 | ->status_is(200) |
| 1069 | ->attr_is('input[name=client_id]','value','xyz') |
| 1070 | ->attr_is('input[name=state]','value','abcde') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1071 | ->text_is('ul#scopes li:nth-child(1)','search') |
| 1072 | ->text_is('ul#scopes li:nth-child(2)','match') |
Akron | 408bc7c | 2022-04-28 15:46:43 +0200 | [diff] [blame] | 1073 | ->text_is('span.client-name','New added client') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1074 | ->attr_is('a.form-button','href','http://test.com/') |
| 1075 | ->attr_is('a.embedded-link', 'href', '/doc/korap/kalamar') |
| 1076 | ; |
| 1077 | |
| 1078 | $t->post_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 1079 | client_id => 'xyz', |
| 1080 | state => 'abcde', |
| 1081 | scope => 'search match', |
| 1082 | redirect_uri => 'http://test.com/' |
| 1083 | })) |
| 1084 | ->status_is(302) |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 1085 | ->header_is('location', '/settings/oauth?error_description=Bad+CSRF+token') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1086 | ; |
| 1087 | |
Akron | a8f87cc | 2023-02-23 12:21:30 +0100 | [diff] [blame] | 1088 | |
| 1089 | my $local_port = $t->get_ok('/')->tx->local_port; |
| 1090 | my $remote_port = $t->get_ok('/')->tx->remote_port; |
| 1091 | |
| 1092 | like($local_port, qr!^\d+$!); |
| 1093 | like($remote_port, qr!^\d+$!); |
| 1094 | |
| 1095 | my $port = $remote_port; |
| 1096 | |
| 1097 | my $redirect_url_fakeapi = $t->app->close_redirect_to(Mojo::URL->new('http://localhost:' . $port)->path($fake_backend_app->url_for('return_uri'))->to_abs->to_string); |
| 1098 | |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1099 | $fwd = $t->post_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 1100 | client_id => 'xyz', |
| 1101 | state => 'abcde', |
| 1102 | scope => 'search match', |
Akron | a8f87cc | 2023-02-23 12:21:30 +0100 | [diff] [blame] | 1103 | redirect_uri_server => 'http://localhost:'.$port, |
| 1104 | redirect_uri => "$redirect_url_fakeapi", |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1105 | csrf_token => $csrf, |
| 1106 | })) |
| 1107 | ->status_is(302) |
Akron | a8f87cc | 2023-02-23 12:21:30 +0100 | [diff] [blame] | 1108 | ->header_like('location', qr!^http://localhost:\d+/realapi/fakeclient/return\?code=.+$!) |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1109 | ->tx->res->headers->header('location') |
| 1110 | ; |
| 1111 | |
Akron | f47813c | 2023-05-08 16:24:03 +0200 | [diff] [blame] | 1112 | unless ($^O eq 'MSWin32') { |
| 1113 | $t->get_ok($fwd) |
| 1114 | ->status_is(200) |
| 1115 | ->content_like(qr'welcome back! \[(.+?)\]') |
| 1116 | ; |
| 1117 | }; |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1118 | |
Akron | a8f87cc | 2023-02-23 12:21:30 +0100 | [diff] [blame] | 1119 | my $fake_port = $port; |
| 1120 | |
| 1121 | while ($fake_port == $remote_port || $fake_port == $local_port) { |
| 1122 | $fake_port++; |
| 1123 | }; |
| 1124 | |
| 1125 | $redirect_url_fakeapi = $t->app->close_redirect_to(Mojo::URL->new('http://localhost:' . $fake_port)->path($fake_backend_app->url_for('return_uri'))->to_abs->to_string); |
| 1126 | |
| 1127 | $fwd = $t->post_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 1128 | client_id => 'xyz', |
| 1129 | state => 'abcde', |
| 1130 | scope => 'search match', |
| 1131 | redirect_uri_server => 'http://localhost:'.$port, |
| 1132 | redirect_uri => "$redirect_url_fakeapi", |
| 1133 | csrf_token => $csrf, |
| 1134 | })) |
| 1135 | ->status_is(302) |
| 1136 | ->header_unlike('location', qr!^http://localhost:\d+/realapi/fakeclient/return\?error_description=Connection\+refused$!) |
| 1137 | ->header_like('location', qr!^http://localhost:\d+/realapi/fakeclient/return\?code=.+?$!) |
| 1138 | ->tx->res->headers->header('location') |
| 1139 | ; |
| 1140 | |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1141 | $t->post_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 1142 | client_id => 'xyz', |
Akron | 9ccf69a | 2023-01-31 14:21:37 +0100 | [diff] [blame] | 1143 | state => 'abcde', |
| 1144 | scope => 'search match', |
| 1145 | redirect_uri_server => 'http://example.com/', |
| 1146 | redirect_uri => $t->app->close_redirect_to('http://wrong'), |
| 1147 | csrf_token => $csrf, |
| 1148 | })) |
| 1149 | ->status_is(302) |
| 1150 | ->header_is('location', '/settings/oauth') |
| 1151 | ->tx->res->headers->header('location') |
| 1152 | ; |
| 1153 | |
| 1154 | $t->get_ok('/settings/oauth') |
| 1155 | ->text_is('div.notify-error', 'Invalid redirect URI') |
| 1156 | ; |
| 1157 | |
| 1158 | $t->post_ok(Mojo::URL->new('/settings/oauth/authorize')->query({ |
| 1159 | client_id => 'xyz', |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1160 | state => 'fail', |
| 1161 | scope => 'search match', |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 1162 | # redirect_uri_server => 'http://example.com/', |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1163 | redirect_uri => $fake_backend_app->url_for('return_uri')->to_abs, |
| 1164 | csrf_token => $csrf, |
| 1165 | })) |
| 1166 | ->status_is(302) |
Akron | 9d82690 | 2023-01-25 10:20:52 +0100 | [diff] [blame] | 1167 | ->header_is('location', '/realapi/fakeclient/return?error_description=FAIL') |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1168 | ; |
| 1169 | |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 1170 | my $json_post = { |
| 1171 | name => 'Funny', |
| 1172 | type => 'PUBLIC', |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 1173 | desc => 'This is my plugin application 2', |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 1174 | csrf_token => $csrf, |
| 1175 | src => 'hMMM' |
| 1176 | }; |
| 1177 | |
| 1178 | $t->post_ok('/settings/oauth/register' => form => $json_post) |
| 1179 | ->status_is(200) |
| 1180 | ->element_exists('div.notify-error') |
Akron | 99968a9 | 2022-06-03 12:32:07 +0200 | [diff] [blame] | 1181 | ->text_is('div.notify-error', 'Plugin declarations need to be json files') |
| 1182 | ; |
| 1183 | |
| 1184 | $json_post->{src} = { |
| 1185 | content => 'jjjjjj', |
| 1186 | filename => 'fun.txt' |
| 1187 | }; |
| 1188 | |
| 1189 | $t->post_ok('/settings/oauth/register' => form => $json_post) |
| 1190 | ->status_is(200) |
| 1191 | ->element_exists('div.notify-error') |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 1192 | ->text_is('div.notify-error', 'Plugins need to be confidential') |
| 1193 | ; |
| 1194 | |
| 1195 | $json_post->{type} = 'CONFIDENTIAL'; |
| 1196 | |
Akron | 99968a9 | 2022-06-03 12:32:07 +0200 | [diff] [blame] | 1197 | # This somehow gets removed in the last form send ... |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 1198 | $json_post->{src} = { |
| 1199 | content => 'jjjjjj', |
| 1200 | filename => 'fun.txt' |
| 1201 | }; |
| 1202 | |
| 1203 | $t->post_ok('/settings/oauth/register' => form => $json_post) |
| 1204 | ->status_is(200) |
| 1205 | ->element_exists('div.notify-error') |
| 1206 | ->text_is('div.notify-error', 'Plugin declarations need to be json files') |
| 1207 | ; |
| 1208 | |
| 1209 | $json_post->{src} = { |
| 1210 | content => '{"name":"example"}', |
| 1211 | filename => 'fun.txt' |
| 1212 | }; |
| 1213 | |
| 1214 | $t->post_ok('/settings/oauth/register' => form => $json_post) |
| 1215 | ->status_is(200) |
| 1216 | ->element_exists_not('div.notify-error') |
| 1217 | ->element_exists('div.notify-success') |
| 1218 | ->text_is('div.notify-success', 'Registration successful') |
| 1219 | ; |
| 1220 | |
Akron | 6b75d12 | 2022-05-12 17:39:05 +0200 | [diff] [blame] | 1221 | $t->get_ok('/settings/oauth/jh0gfjhjbfdsgzjghj==') |
| 1222 | ->status_is(200) |
| 1223 | ->text_is('div.notify-error', undef) |
| 1224 | ->text_is('li.client #client_source', '{"name":"example"}') |
| 1225 | ->text_is('li.client span.client-name', 'Funny') |
| 1226 | ->text_is('li.client p.client-desc', 'This is my plugin application 2') |
| 1227 | ->element_exists_not('li.client .client-redirect-uri tt') |
| 1228 | ->text_is('li.client .client-type tt', 'CONFIDENTIAL') |
| 1229 | ; |
Akron | 9f2ad34 | 2022-05-04 16:16:40 +0200 | [diff] [blame] | 1230 | |
Akron | b6b156e | 2022-03-31 14:57:49 +0200 | [diff] [blame] | 1231 | |
Akron | 66ef3b5 | 2022-11-22 14:25:15 +0100 | [diff] [blame] | 1232 | # Retest client with super_client_file |
| 1233 | my $client_file = tempfile; |
| 1234 | |
| 1235 | $client_file->spurt( |
| 1236 | '{"client_id":"2","client_secret":"k414m4r-s3cr3t"}' |
| 1237 | ); |
| 1238 | |
| 1239 | $t = Test::Mojo::WithRoles->new('Kalamar' => { |
| 1240 | Kalamar => { |
| 1241 | plugins => ['Auth'] |
| 1242 | }, |
| 1243 | 'Kalamar-Auth' => { |
| 1244 | client_file => $client_file, |
| 1245 | oauth2 => 1 |
| 1246 | } |
| 1247 | }); |
| 1248 | |
| 1249 | $t->app->plugin( |
| 1250 | Mount => { |
| 1251 | $mount_point => |
| 1252 | $fixtures_path->child('mock.pl') |
| 1253 | } |
| 1254 | ); |
| 1255 | |
| 1256 | $csrf = $t->get_ok('/') |
| 1257 | ->status_is(200) |
| 1258 | ->element_exists_not('div.button.top a') |
| 1259 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 1260 | ; |
| 1261 | |
| 1262 | $t->post_ok('/user/login' => form => { |
| 1263 | handle_or_email => 'test', |
| 1264 | pwd => 'pass', |
| 1265 | csrf_token => $csrf |
| 1266 | }) |
| 1267 | ->status_is(302) |
| 1268 | ->header_is('Location' => '/') |
| 1269 | ->content_is(''); |
| 1270 | |
| 1271 | $t->get_ok('/') |
| 1272 | ->status_is(200) |
| 1273 | ->element_exists_not('div.notify-error') |
| 1274 | ->element_exists('div.notify-success') |
| 1275 | ->text_is('div.notify-success', 'Login successful') |
| 1276 | ->element_exists_not('aside.off') |
| 1277 | ->element_exists_not('aside.active') |
| 1278 | ->element_exists('aside.settings') |
| 1279 | ; |
| 1280 | |
Akron | 53a171e | 2022-12-05 18:22:58 +0100 | [diff] [blame] | 1281 | $main::ENV{KALAMAR_CLIENT_FILE} = $client_file; |
| 1282 | |
| 1283 | $t = Test::Mojo::WithRoles->new('Kalamar' => { |
| 1284 | Kalamar => { |
| 1285 | plugins => ['Auth'] |
| 1286 | }, |
| 1287 | 'Kalamar-Auth' => { |
| 1288 | oauth2 => 1, |
| 1289 | # client_file => $client_file, |
| 1290 | } |
| 1291 | }); |
| 1292 | |
| 1293 | $t->app->plugin( |
| 1294 | Mount => { |
| 1295 | $mount_point => |
| 1296 | $fixtures_path->child('mock.pl') |
| 1297 | } |
| 1298 | ); |
| 1299 | |
| 1300 | $csrf = $t->get_ok('/') |
| 1301 | ->status_is(200) |
| 1302 | ->element_exists_not('div.button.top a') |
| 1303 | ->tx->res->dom->at('input[name=csrf_token]')->attr('value') |
| 1304 | ; |
| 1305 | |
| 1306 | $t->post_ok('/user/login' => form => { |
| 1307 | handle_or_email => 'test', |
| 1308 | pwd => 'pass', |
| 1309 | csrf_token => $csrf |
| 1310 | }) |
| 1311 | ->status_is(302) |
| 1312 | ->header_is('Location' => '/') |
| 1313 | ->content_is(''); |
| 1314 | |
| 1315 | $t->get_ok('/') |
| 1316 | ->status_is(200) |
| 1317 | ->element_exists_not('div.notify-error') |
| 1318 | ->element_exists('div.notify-success') |
| 1319 | ->text_is('div.notify-success', 'Login successful') |
| 1320 | ->element_exists_not('aside.off') |
| 1321 | ->element_exists_not('aside.active') |
| 1322 | ->element_exists('aside.settings') |
| 1323 | ; |
| 1324 | |
Akron | 66ef3b5 | 2022-11-22 14:25:15 +0100 | [diff] [blame] | 1325 | |
Akron | 33f5c67 | 2019-06-24 19:40:47 +0200 | [diff] [blame] | 1326 | done_testing; |
| 1327 | __END__ |
Akron | a8efaa9 | 2022-04-09 14:45:43 +0200 | [diff] [blame] | 1328 | |
| 1329 | |