• Your recent searches
Apache-AuthCookie
3 results

 view release on metacpan or  search on metacpan

t/real.t  view on Meta::CPAN 

# TODO: handle line-endings better.  Perhaps we should just look for an 
# identifying part of each page rather than trying to do an exact match
# of the entire page.  The problem is on win32, some responses come back with
# dos-style line endings (not all of them though).  Not sure what MacOS does
# and I don't have a Mac to test with.  Currently, we just strip CR's out of
# responses to make the tests pass on Unix and Win32.  
use strict;
use warnings FATAL => 'all';
use lib 'lib';
use utf8;

use Apache::Test '-withtestmore';
use Apache::TestUtil;
use Apache::TestRequest qw(GET POST GET_BODY);
use Encode qw(encode);
use URI;

Apache::TestRequest::user_agent( reset => 1, requests_redirectable => 0 );

plan tests => 39, need_lwp;

ok 1, 'Test initialized';

# extract the configured hostname + port from Apache::Test
my $apache_test_config = Apache::Test::config();
my $host_port = Apache::TestRequest::hostport($apache_test_config);

# TODO: the test descriptions should be things other than 'test #' here.

# check that /docs/index.html works.  If this fails, the test environment did
# not configure properly.
subtest 'get index.html' => sub {
    plan tests => 1;

    my $url = '/docs/index.html';
    my $data = strip_cr(GET_BODY $url);

    like($data, qr/Get the protected document/s,
         '/docs/index.html seems to work');
};

# test no_cookie failure
subtest 'no cookie' => sub {
    plan tests => 1;

    my $url = '/docs/protected/get_me.html';
    my $r = GET $url;

    like($r->content, qr/Failure reason: 'no_cookie'/s,
         'no_cookie works');
};

# should succeed with redirect.
subtest 'login redirects' => sub {
    plan tests => 2;

    my $r = POST('/LOGIN', [
        destination  => '/docs/protected/get_me.html',
        credential_0 => 'programmer',
        credential_1 => 'Hero'
    ]);

    is($r->code, 302, 'login produces redirect');
    is($r->header('Location'), '/docs/protected/get_me.html',
       'redirect header exists, and contains expected url');
};

subtest 'redirect with bad session key' => sub {
    plan tests => 3;

t/real.t  view on Meta::CPAN 


# should get the login form back (bad_credentials)
subtest 'bad credentials' => sub {
    plan tests => 1;

    my $r = POST('/LOGIN', [
        destination  => '/docs/protected/get_me.html',
        credential_0 => 'fail',
        credential_1 => 'Hero'
    ]);

    like($r->content, qr/Failure reason: 'bad_credentials'/,
         'invalid credentials');
};

subtest 'AuthAny' => sub {
    plan tests => 3;

    my $r = POST('/LOGIN', [
        destination  => '/docs/authany/get_me.html',
        credential_0 => 'some-user',
        credential_1 => 'mypassword'
    ]);

    is($r->header('Location'), '/docs/authany/get_me.html',
       'Location header is correct');

    is($r->header('Set-Cookie'), 
       'Sample::AuthCookieHandler_WhatEver=some-user:mypassword; path=/',
       'Set-Cookie header is correct');

    is($r->code, 302, 'redirect code is correct');
};

# should fail because all requirements are not met
subtest 'AuthAll' => sub {
    plan tests => 3;

    my $r = GET(
        '/docs/authall/get_me.html',
        Cookie => 'Sample::AuthCookieHandler_WhatEver=some-user:mypassword'
    );

    is($r->code(), 403, 'unauthorized if requirements are not met');

    # should pass, ALL requirements are met
    $r = GET(
        '/docs/authall/get_me.html',
        Cookie => 'Sample::AuthCookieHandler_WhatEver=programmer:Hero'
    );

    is($r->code, '200', 'get protected document');
    like($r->content, qr/Congratulations, you got past AuthCookie/s,
         'check protected document content');
};

subtest 'POST to GET conversion' => sub {
    plan tests => 1;

    my $r = POST('/docs/protected/get_me.html', [
        utf8 => 'programmør'
    ]);

    like($r->content, qr#"/docs/protected/get_me\.html\?utf8=programm%c3%b8r"#,
         'POST -> GET conversion works');
};

subtest 'QUERY_STRING is preserved' => sub {
    plan tests => 1;

    my $data = GET_BODY('/docs/protected/get_me.html?foo=bar');

    like($data, qr#"/docs/protected/get_me\.html\?foo=bar"#,
         'input query string exists in desintation');
};

# should succeed (any requirement is met)
subtest 'AuthAny' => sub {
    plan tests => 3;

    my $r = GET(
        '/docs/authany/get_me.html',
        Cookie => 'Sample::AuthCookieHandler_WhatEver=some-user:mypassword'
    );

    like($r->content, qr/Congratulations, you got past AuthCookie/,
         'AuthAny access allowed');

    # any requirement, username=0 works.
    $r = GET(
        '/docs/authany/get_me.html',
        Cookie => 'Sample::AuthCookieHandler_WhatEver=0:mypassword'
    );

    like($r->content, qr/Congratulations, you got past AuthCookie/,
         'username=0 access allowed');

    # no AuthAny requirements met
    $r = GET(
        '/docs/authany/get_me.html',
        Cookie => 'Sample::AuthCookieHandler_WhatEver=nouser:mypassword'
    );

    is($r->code, 403, 'AuthAny forbidden');
};

# local authz provider test for 2.4 (works same as authany on older versions)
subtest 'Authz Provider' => sub {
    plan tests => 1;

    my $r = GET(
        '/docs/myuser/get_me.html',
        Cookie => 'Sample::AuthCookieHandler_WhatEver=programmer:Hero'
    );

    like($r->content, qr/Congratulations, you got past AuthCookie/,
         'myuser=programmer access allowed');
};

# login with username=0 works
subtest 'login with username=0' => sub {
    plan tests => 2;

    my $r = POST('/LOGIN', [



( run in 2.610 seconds using v1.01-cache-2.11-cpan-5837b0d9d2c )