mirror of
https://github.com/joomla/joomla-cms.git
synced 2024-06-16 09:02:52 +00:00
Add ldap tests (#38593)
This commit is contained in:
parent
72ec7d0884
commit
8a87326f65
|
@ -10,14 +10,10 @@ environment:
|
|||
matrix:
|
||||
- php_ver_target: 8.0
|
||||
|
||||
|
||||
init:
|
||||
- SET PATH=C:\Tools\php;%PATH%
|
||||
- SET COMPOSER_NO_INTERACTION=1
|
||||
- SET ANSICON=121x90 (121x90)
|
||||
services:
|
||||
- mysql
|
||||
- iis
|
||||
|
||||
## Install PHP and composer, and run the appropriate composer command
|
||||
install:
|
||||
|
@ -45,12 +41,40 @@ install:
|
|||
- cd C:\projects\joomla-cms
|
||||
- refreshenv
|
||||
- composer install --no-progress --profile --ignore-platform-req=ext-sodium
|
||||
|
||||
hosts:
|
||||
openldap: 127.0.0.1
|
||||
|
||||
services:
|
||||
- mysql
|
||||
- iis
|
||||
|
||||
before_test:
|
||||
# Run openldap docker image
|
||||
- ps: docker pull bitnami/openldap:latest
|
||||
- ps: docker run --rm --name openldap --publish 1389:1389 --publish 1636:1636 -v ${pwd}\tests\Codeception\_data\certs:/certificates --env LDAP_ADMIN_USERNAME=admin --env LDAP_ADMIN_PASSWORD=adminpassword --env LDAP_USERS=customuser --env LDAP_PASSWORDS=custompassword --env LDAP_ENABLE_TLS=yes --env LDAP_TLS_CERT_FILE=/certificates/openldap.crt --env LDAP_TLS_KEY_FILE=/certificates/openldap.key --env LDAP_TLS_CA_FILE=/certificates/CA.crt --env BITNAMI_DEBUG=true --env LDAP_CONFIG_ADMIN_ENABLED=yes --env LDAP_CONFIG_ADMIN_USERNAME=admin --env LDAP_CONFIG_ADMIN_PASSWORD=configpassword -d bitnami/openldap:latest
|
||||
# Database setup for MySQL via PowerShell tools
|
||||
- >
|
||||
"C:\Program Files\MySQL\MySQL Server 5.7\bin\mysql" -u root -p"Password12!" -e "CREATE DATABASE IF NOT EXISTS test_joomla;"
|
||||
# Wait till slapd has started
|
||||
- ps: |
|
||||
$Counter=0
|
||||
$Found=$false
|
||||
While ( ! $Found -and $Counter -lt 60 ) {
|
||||
$Found = ( docker logs openldap 2>&1 | Select-String -Quiet "\*\* Starting slapd \*\*" )
|
||||
Start-Sleep -Seconds 1
|
||||
$Counter++
|
||||
"$Counter Waiting for slapd"
|
||||
}
|
||||
if ( ! $Found ) {
|
||||
Write-Error -Message "`nERROR: slapd not started (in time)!" -ErrorAction Stop
|
||||
exit 1
|
||||
}
|
||||
|
||||
test_script:
|
||||
- cd C:\projects\joomla-cms
|
||||
- libraries/vendor/bin/phpunit --testsuite Unit
|
||||
- libraries/vendor/bin/phpunit --testsuite Integration --configuration tests/phpunit-appveyor.xml.dist
|
||||
|
||||
on_failure:
|
||||
- ps: docker logs openldap 2>&1
|
||||
|
|
36
.drone.yml
36
.drone.yml
|
@ -5,6 +5,37 @@ name: default
|
|||
clone:
|
||||
|
||||
steps:
|
||||
- name: setup
|
||||
image: joomlaprojects/docker-images:php7.4
|
||||
volumes:
|
||||
- name: certificates
|
||||
path: /certificates
|
||||
commands:
|
||||
- cp -v tests/Codeception/_data/certs/* /certificates/
|
||||
|
||||
- name: openldap
|
||||
image: bitnami/openldap:latest
|
||||
detach: true
|
||||
ports:
|
||||
- 1389
|
||||
- 1636
|
||||
volumes:
|
||||
- name: certificates
|
||||
path: /certificates
|
||||
environment:
|
||||
LDAP_ADMIN_USERNAME: admin
|
||||
LDAP_ADMIN_PASSWORD: adminpassword
|
||||
LDAP_USERS: customuser
|
||||
LDAP_PASSWORDS: custompassword
|
||||
LDAP_ENABLE_TLS: yes
|
||||
LDAP_TLS_CERT_FILE: /certificates/openldap.crt
|
||||
LDAP_TLS_KEY_FILE: /certificates/openldap.key
|
||||
LDAP_TLS_CA_FILE: /certificates/CA.crt
|
||||
BITNAMI_DEBUG: true
|
||||
LDAP_CONFIG_ADMIN_ENABLED: yes
|
||||
LDAP_CONFIG_ADMIN_USERNAME: admin
|
||||
LDAP_CONFIG_ADMIN_PASSWORD: configpassword
|
||||
|
||||
- name: composer
|
||||
image: joomlaprojects/docker-images:php7.4
|
||||
volumes:
|
||||
|
@ -361,6 +392,9 @@ volumes:
|
|||
- name: npm-cache
|
||||
host:
|
||||
path: /tmp/npm-cache
|
||||
- name: certificates
|
||||
host:
|
||||
path: /tmp/certificates
|
||||
|
||||
services:
|
||||
- name: mysql
|
||||
|
@ -483,6 +517,6 @@ trigger:
|
|||
|
||||
---
|
||||
kind: signature
|
||||
hmac: 916fe89f8d920e8471b32aae02bfe192abf24cd035b5f1ea73452662c1c92895
|
||||
hmac: 62722201dc57c6d193bed2a67860fe4cced46d38ebfdfe12a45a79a15a59e07e
|
||||
|
||||
...
|
||||
|
|
29
tests/Codeception/_data/certs/CA.crt
Normal file
29
tests/Codeception/_data/certs/CA.crt
Normal file
|
@ -0,0 +1,29 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIFATCCAukCFFfpMacaJHHmGciIRfGyFqGNVuL/MA0GCSqGSIb3DQEBDQUAMDwx
|
||||
CzAJBgNVBAYTAkFBMRAwDgYDVQQKDAdKb29tbGEhMRswGQYDVQQDDBJKb29tbGEh
|
||||
IFRlc3RpbmcgQ0EwIBcNMjIwODI0MTkxNDMxWhgPMjA3MzA4MTExOTE0MzFaMDwx
|
||||
CzAJBgNVBAYTAkFBMRAwDgYDVQQKDAdKb29tbGEhMRswGQYDVQQDDBJKb29tbGEh
|
||||
IFRlc3RpbmcgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCeiWZ/
|
||||
mdHGkJYE9CHrSNHhdGjjDV1OJitpvvPIaUZcRWqJj9IRX2xdXbMViDvuCwvkbeQX
|
||||
DO/jsGeDhw/SzbvSg85Oudt/MSPPN7LJ68gOaBI35232JJfzQnNrFf7jMlbEH85s
|
||||
g4ZCybIWBvVPQ6I/GvkpupJrBg+UtpbgV3JgyWNfZSY8XH2RfJPvxkD76xdQdZOl
|
||||
1kTiWEdocjkZ1qznSELu4XQ9WECrL7BLJJ/NrhMXWDT1oGTAlpPsS3OwkCkHRkvT
|
||||
RyDpfOsjoQlY13RqQhFTxiUlCcVi9VltK2yNKG0pNXQm6uozMWCG2GhvVJpl7824
|
||||
ppkjPxR1sFflpXbiu4ZmaiXIEYFUMpUBHFM6BSptV1tCNyrGmLZimcMsmiYfAYAN
|
||||
yFMWSC2HkEQB2VHMozrzfk4hkf9sf7Mq3awtQ1AyutHJ/xPFbYj+wVVIJcCCbmXo
|
||||
1FTHnaavN5LdyQHqPBucJdeMw0qTxHoPRgUFw5M9ApT8TuT2BD8BMXwa/7oi2F++
|
||||
dyryW4mly4W8R8XOgg0TU7d/3C0hk2TDoMa+0+EcVUa+e2h/KGjudo0zmGa7ldjF
|
||||
AQ9x6XAto2UJsb6qZ+gBymFH3An2kWrbZvDgvftdg2ANYY3b8eSIQUBCavGnOaU3
|
||||
h0yF1qtq4VLhzAJ55uuOzPfSLjrqa/UIQUjB/wIDAQABMA0GCSqGSIb3DQEBDQUA
|
||||
A4ICAQBeeFUtmL22VbzGuRzb/hiHSnUX/d72izJhyesjT7S0xqohr3s6SfgOTdNi
|
||||
ruBuIbFDRGcGUQqCoJdWHVJpfVMY/HlMlKuwEdDLZKMcqhLDuDDsBd195DPpmud9
|
||||
8KQUT7HBxenbsLk2GgJwKvcj10lraTopcyAgA2bnyRXCXLIrAmEgvZsUDK8DqdMZ
|
||||
a/PKCxUlb7MKR7El0TCAYsjHkRcRtFfM1uYGK1MPLUyqm6I74J6IdOcAOrAIgDyE
|
||||
dboBxPCf9Jjiq5E7lP+fV+0Bx2UH3zpNzWmCa6V2569gOGcJUpe03mD8nrDY27pE
|
||||
5psgWgf7taoE3qSaNSXBQ2wBoEJkcEfEmeVE2AQdLQEN7paTH4lY02cvJsRhyUmt
|
||||
quOFKo5wOmzK//9+L+D4zy4HSFlzJn4FBPNpDpsqzoeha3woGdktItaTIAg7R9iL
|
||||
FNgkJNJ0hqZ9XDnfW1UJKq1QDl0FiuM58nRRssNVs1IaArBp2qbkr3XdwS+TQKhe
|
||||
xrjeq7IxWfgIEhaKDNmOk+G9IOeAnb4i9tzUhJs/4F6LtJEYD8brSOAIZ9lPhuId
|
||||
Paa03DEGAaox3KuaNa2hYtg7eQPbEYhu66ldhvQIV1sVnrJTm8ubhgmHKNGDE47C
|
||||
Ezmwc3tV6Ymryf7Dz0+zz7gdZvhlcHNOVtllQJE2Ouqht8wNMQ==
|
||||
-----END CERTIFICATE-----
|
34
tests/Codeception/_data/certs/openldap.crt
Normal file
34
tests/Codeception/_data/certs/openldap.crt
Normal file
|
@ -0,0 +1,34 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIF1zCCA7+gAwIBAgIUVO1vbw6tlI0GLCZu7yxNoDmfiSgwDQYJKoZIhvcNAQEN
|
||||
BQAwPDELMAkGA1UEBhMCQUExEDAOBgNVBAoMB0pvb21sYSExGzAZBgNVBAMMEkpv
|
||||
b21sYSEgVGVzdGluZyBDQTAgFw0yMjA4MjQxOTE0MzJaGA8yMDcyMDgxMTE5MTQz
|
||||
MlowMjELMAkGA1UEBhMCQUExEDAOBgNVBAoMB0pvb21sYSExETAPBgNVBAMMCG9w
|
||||
ZW5sZGFwMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzN4z9Y9JUTYf
|
||||
9Bv/jqGYe3JqsUJvft32ic8+3OC/7jwuH8i1x0RvknfWR6UYL/qohfnlQY+wy+nZ
|
||||
XJ9akZ+jBTXyuSvZBihaVar0wQIBzm90Vy9dOOPTJvLSKYqFfdgxPXvpiBcNq22a
|
||||
+1Q/hFhqT46L+FFkNBUfNaXw5E2KD5WUlpgUwfuVKZ9N7HfKLktm3AldACDQshaS
|
||||
UMT89HIqlOs8bWLDWCh6/kJ2xrpKIPsDYM+9GWvTz6ajIrjqjfnqGR5II0OWaTWJ
|
||||
SKiKjdF5dt/pGoSJXZn96EfL7EljGsz/7b0ihBbdumwVjxQb8vVsKTylFjj3InJC
|
||||
zFsrAsWBlbEoSpZnwDZshKvl1nYFIrcWVrwgskPW4Y4/NpNuM75QVwbM1gaqnVAX
|
||||
7rQYqW3aDre10ZvEbul1OzRKcDqbvr1uKL2GlY4D8F3eZHy5nKZDI4huLAwalhuP
|
||||
bdgllGNqsq3KpYr3E4qZmj79HjO8Z9i56TDC5e3fg2HmncppX6+Oa61nmQCJlaTB
|
||||
dI3FeN7HTJVOurirGa+Ro/UUwHVLP7yP4EIHmC1FQuvdL3YVFH09H/S4vKT6gg60
|
||||
1jTOlOE+0YlX4gQuTOefTMKIUyrquwaWnYwcgNxPL7LADYof8ITTVxc21aYrL5Gb
|
||||
OIaF15ofz2WixDEYFozbHCOMi9e5RyMCAwEAAaOB2DCB1TAJBgNVHRMEAjAAMBEG
|
||||
CWCGSAGG+EIBAQQEAwIGQDATBgNVHSUEDDAKBggrBgEFBQcDATAeBgNVHREEFzAV
|
||||
gghvcGVubGRhcIIJbG9jYWxob3N0MB0GA1UdDgQWBBSrIfqN57PP8BqrBsT70rDf
|
||||
HqUkqDBhBgNVHSMEWjBYoUCkPjA8MQswCQYDVQQGEwJBQTEQMA4GA1UECgwHSm9v
|
||||
bWxhITEbMBkGA1UEAwwSSm9vbWxhISBUZXN0aW5nIENBghRX6TGnGiRx5hnIiEXx
|
||||
shahjVbi/zANBgkqhkiG9w0BAQ0FAAOCAgEASFHgP7JZDVIBm/fMXI2cS5nPhaZN
|
||||
sMtrlBV4FinuHXDP3y2LFIyWox8NJi8PsD/31yL8fC+J4OnKXHrvJEcnkOIM9BnN
|
||||
I8avD6u3jco/52CW3kDmrA8zmxAEGUs0AyZkkeYzU/2nTHahxAMwG7HN5cPWc1gW
|
||||
Ep7647Y3qs1qOLZu82Qweaw1OExo4id/pX6ENrxrHDlVwOSC1gtIN/tex13WYdvt
|
||||
ejov71Dy6tkXVgLlViI36ajRYvlTYIca3TnCFq3WOEjQEEurSWi9dX1n/2UmAPtW
|
||||
33JD+fRr/HEFTzTGWansM/7Y4YSUi6VisNvp2SxxzQj+deGkc/mj5JqqFsNiuUTC
|
||||
szraD4aOKe9M8iv9lHiGvq0jFXuo11HluB1xlFkxOOMoAQVHFmoQBzfq+oglPjxW
|
||||
9IOBNwAwyqua82652F8KiMzBT2xBT6bkZhQjmjkJMMQ7Eo/sQ2r24mNju1sSjtkf
|
||||
ROv9bNgh0cEB/DKHoX2doBh78568iBvFxlI9yJcq9MGSUjomaYxfDNVPJDLTdUZ1
|
||||
zR0GeDqJGGQvLomX8F5YPQhALHdneAl9hlvvrEww3usiRAsmkuGFyD+3ry3qdEPK
|
||||
GJ63H/bmlCxQoIVoQv6et+PSME320gN+YD5oHgbvPsngjc0jl+QgOYJ2ybcRsPGH
|
||||
+50lsHBi/osmBz8=
|
||||
-----END CERTIFICATE-----
|
52
tests/Codeception/_data/certs/openldap.key
Normal file
52
tests/Codeception/_data/certs/openldap.key
Normal file
|
@ -0,0 +1,52 @@
|
|||
-----BEGIN PRIVATE KEY-----
|
||||
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDM3jP1j0lRNh/0
|
||||
G/+OoZh7cmqxQm9+3faJzz7c4L/uPC4fyLXHRG+Sd9ZHpRgv+qiF+eVBj7DL6dlc
|
||||
n1qRn6MFNfK5K9kGKFpVqvTBAgHOb3RXL10449Mm8tIpioV92DE9e+mIFw2rbZr7
|
||||
VD+EWGpPjov4UWQ0FR81pfDkTYoPlZSWmBTB+5Upn03sd8ouS2bcCV0AINCyFpJQ
|
||||
xPz0ciqU6zxtYsNYKHr+QnbGukog+wNgz70Za9PPpqMiuOqN+eoZHkgjQ5ZpNYlI
|
||||
qIqN0Xl23+kahIldmf3oR8vsSWMazP/tvSKEFt26bBWPFBvy9WwpPKUWOPcickLM
|
||||
WysCxYGVsShKlmfANmyEq+XWdgUitxZWvCCyQ9bhjj82k24zvlBXBszWBqqdUBfu
|
||||
tBipbdoOt7XRm8Ru6XU7NEpwOpu+vW4ovYaVjgPwXd5kfLmcpkMjiG4sDBqWG49t
|
||||
2CWUY2qyrcqlivcTipmaPv0eM7xn2LnpMMLl7d+DYeadymlfr45rrWeZAImVpMF0
|
||||
jcV43sdMlU66uKsZr5Gj9RTAdUs/vI/gQgeYLUVC690vdhUUfT0f9Li8pPqCDrTW
|
||||
NM6U4T7RiVfiBC5M559MwohTKuq7BpadjByA3E8vssANih/whNNXFzbVpisvkZs4
|
||||
hoXXmh/PZaLEMRgWjNscI4yL17lHIwIDAQABAoICABhY6A/s9tJXU7YtMFKr0yAI
|
||||
rwlgqI4z+ZLTNdiw6okjpHpT3iv6btAXZzid3vavcXZ1W9D42hLB40/mAwYqKgj6
|
||||
f7LmCnrNh5QwJw+xGgnbURZIzhQZb1oXovEbl1XSFbgFkUbX2+CzEVIr5wiRgWuc
|
||||
Y0zK+ipTwEvIluJrHKymzZaVfby4Fjgbc1ABGd7P8z9/QArohiTuwyDPkx3HW6wr
|
||||
G26x6B6tYOtKzCw+A4VROkuNJMoaoyebLul3fy4JtM/wu14FhaCnTijRGaD/yNG0
|
||||
i/2CIYPQQ068XviL7Y1H2Q/7Wa4dEZOQONeyP3LBHBj32Ml//PmeXrXut86H2Sh8
|
||||
YGpdbFbnxNwJs1WqIQUW5oGvWeH0Ug7aPLU4pJXy9uZ3pqS+K+FEYgwMpRWrQHmZ
|
||||
DjH+gpIyik1QDmot7GGgvqFqq6P9l0NlD34wah66Wg2z0o6Wx714I/BGzDGv+Gv0
|
||||
BtYGVwonZjA4ZgkhC1SnLmIUGdallrRsi/pd8HXgztizTDeTqrCEOATIp+gEaRCf
|
||||
6fPs//Cpk9pFwJpaOOU8FTmwURP4FA1Rj+v/Jfsjue8k1XceRt57owdWBqrNiDlc
|
||||
Xg6g7wXTqCNR5CdzOdidheDiCBjWkc3VWZT11o1l/RaVBeINdChaT6xdsmXIaONL
|
||||
NHOlIzf6YIZGsoaQ4NABAoIBAQD/yGnS4Gkw+VaWsVJbA8OmOKKOs9UwMGvo3/LL
|
||||
LTKOwA8YHl0tXkvcan3GdCyhnODd4Sg5tpI15h0bVvYfJ6x9iCW8xs7aK/kf+egH
|
||||
MAOaF8PGUZ6bxBwXcOq7U3wHHv1vTCAr9zgkhD1pWv8DTbXtnBSuYHEeswjd5itI
|
||||
3NSt/etIkxX9TD2PtQ5h6p49FQiZPkObsI8NeksQiDEwLRtVrqxmqRnWGX96/Xo9
|
||||
MkLBKUN79vELIqrE0Rbvx7mDfJk8l+g01NRwMhCpVg6GrIwRqXaKKpKhxzqjD6T9
|
||||
5kUiQJ/dWZK10TWVT18Fzmakm+0WtLgPnMPpRqEa5FswRasjAoIBAQDNCrmL2Tyi
|
||||
rXNqnhZ/GYAcsKIVKSfmcete1FDGjRYPnBEGM1tDM3z7k9VfdgBekFRuiJeF+Lcs
|
||||
UpQ8dTB4oKIs9Tamp8K3xL0CrbVePBQtsPiItwqwT4AW9hILH0EAkVjvblkdGLBv
|
||||
vEe8VpWLkmv61lrhfHaf+Ww7SK8CH9e5CIJAbP3mZPoons4k86iNSE7dXkfcc6Os
|
||||
ODhukShjGK6XfNovdvtgkhG+7ZfCTEuIPe0IszQQle0TGnOo7J9ocKIo9uu1s6h0
|
||||
KbaQjCE1QklFqBJkJSeSpAkSsDkPq6jpwVkWcF3Nl4Mj7z+XJsWwVpnt6T4ao363
|
||||
uQI2tkKN1bQBAoIBAQCC0Q8+aMOj5oHghEQohF5V7vVEorjP8pPeAFt+ilknJRcT
|
||||
MMRa5bVKv7QgAV6qMT/YesVF7xgMNOqCBxHNkU7ozO7wA4Xbk03QitGei3HsJ2db
|
||||
UHccF0p+uqNytxnh0nmvqHFzyvaNxoxaC84M9HutUHxLSsvP9aT9SDCvDTJA4nKp
|
||||
JYDDkXCSxPjcH1Ba0R0asvuE7uHa9MbbZ6wwhYFLaxCFWMr78wJ99pHEJqZ5gA8h
|
||||
oYRaO5q3GnDupWk91EXS9aYvDwKvdwuKb5byTeE9TzxvIaLo1qoop2Gs8U4+XGrm
|
||||
nF8qWhtbh8KDh7J7UbwKNtdENNsFvbe7tzrkD12dAoIBAFEsMsJ7kPayBiQqS6ur
|
||||
k71H7BLGhUZEyTJ0iTnhdt9dIJw8zp9vDcanAuzU0Vaeet57cskV6qZAVvEMT9Eh
|
||||
frKfrTAS8BJCb7VUwZ152V8xVWMCW9fq0UHFzuTaTaiE4hl/rQXI1WiWuCuGd5OW
|
||||
turJ25ay6F9ypfdeUfJcWtGk3bPVsjp4tVRJckDMuWidPKOEhJxwp1Yxt52GF+AL
|
||||
UGsmgVYTG3divGXCt7ay76ATK/iqwSzjvcQ3T5yLeJwnIvtmrW/0nPbH4L+eyjLE
|
||||
eC98VzOQRfdWu0TLwPtEMQ3BfpxUhb4zgjZCrAER12d1EWFPWke/fBYNxyOTygtO
|
||||
lAECggEBAMCvWRsHTHuyX/uZ6lLo3Pjur2hdho+pFu8hnXWxWmFdifuq4Dw7rFSn
|
||||
IhZLPvx+7mPypAhkyxRmm9k0M0lscK2D6J6dDufWQXMwRyepefZw2eNjwl6SD2gG
|
||||
Sd1583C5xNn4x3qOyjbrniZ6QsIMoVB+6pYwwyofjFrhNSX56tQprbo+PRknK250
|
||||
p8kGn7B8YJ8uraAVvibjd7I0qKgwNC77UxzabjyYJuUQYA/S/anguyuM5JV9GL2A
|
||||
LTzaUjO3x5L7a6avL8k3heV0Fek5V89Xqy41tvjnYUV/1jrEcT8NtULh4ehuzAkH
|
||||
oIM1zD7jgDpOk/ZpdOs/D62oZGoMMP8=
|
||||
-----END PRIVATE KEY-----
|
258
tests/Unit/Plugin/Authentication/Ldap/LdapPluginTest.php
Normal file
258
tests/Unit/Plugin/Authentication/Ldap/LdapPluginTest.php
Normal file
|
@ -0,0 +1,258 @@
|
|||
<?php
|
||||
|
||||
/**
|
||||
* @package Joomla.UnitTest
|
||||
* @subpackage Authentication
|
||||
*
|
||||
* @copyright (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
|
||||
* @license GNU General Public License version 2 or later; see LICENSE.txt
|
||||
*/
|
||||
|
||||
namespace Joomla\Tests\Unit\Plugin\Authentication\Ldap;
|
||||
|
||||
use Joomla\CMS\Authentication\Authentication;
|
||||
use Joomla\CMS\Authentication\AuthenticationResponse;
|
||||
use Joomla\CMS\Plugin\CMSPlugin;
|
||||
use Joomla\Event\Dispatcher;
|
||||
use Joomla\Tests\Unit\UnitTestCase;
|
||||
use Symfony\Component\Ldap\Ldap;
|
||||
|
||||
/**
|
||||
* Test class for Ldap plugin
|
||||
*
|
||||
* @package Joomla.UnitTest
|
||||
* @subpackage Ldap
|
||||
*
|
||||
* @testdox The Ldap plugin
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
class LdapPluginTest extends UnitTestCase
|
||||
{
|
||||
public const LDAPPORT = "1389";
|
||||
public const SSLPORT = "1636";
|
||||
|
||||
private function getPlugin($options): CMSPlugin
|
||||
{
|
||||
$type = "authentication";
|
||||
$plugin = "ldap";
|
||||
|
||||
// based on loadPluginFromFilesystem in ExtensionManagerTrait
|
||||
$path = JPATH_PLUGINS . '/' . $type . '/' . $plugin . '/' . $plugin . '.php';
|
||||
require_once $path;
|
||||
|
||||
$dispatcher = new Dispatcher();
|
||||
|
||||
// plugin object: result from DB using PluginHelper::getPlugin
|
||||
$pluginobject = [
|
||||
'name' => $plugin,
|
||||
'params' => json_encode($options),
|
||||
'type' => $type
|
||||
];
|
||||
|
||||
return new \PlgAuthenticationLdap($dispatcher, $pluginobject);
|
||||
}
|
||||
|
||||
private function acceptCertificates(): void
|
||||
{
|
||||
ldap_set_option(null, LDAP_OPT_X_TLS_CACERTDIR, JPATH_ROOT . '/tests/Codeception/_data/certs');
|
||||
ldap_set_option(null, LDAP_OPT_X_TLS_CACERTFILE, JPATH_ROOT . '/tests/Codeception/_data/certs/CA.crt');
|
||||
}
|
||||
|
||||
private function getAdminConnection(array $options): Ldap
|
||||
{
|
||||
$admin_options = [
|
||||
'host' => $options['host'],
|
||||
'port' => (int) $options['port'],
|
||||
'version' => $options['use_ldapV3'] == '1' ? 3 : 2,
|
||||
'referrals' => (bool) $options['no_referrals'],
|
||||
'encryption' => $options['encryption'],
|
||||
'debug' => (bool) $options['ldap_debug'],
|
||||
];
|
||||
$ldap = Ldap::create(
|
||||
'ext_ldap',
|
||||
$admin_options
|
||||
);
|
||||
$ldap->bind("cn=admin,cn=config", "configpassword");
|
||||
return $ldap;
|
||||
}
|
||||
|
||||
private function requireEncryption($encryption, $options): void
|
||||
{
|
||||
$ldap = $this->getAdminConnection($options);
|
||||
//TODO configure openldap to require the requested encryption
|
||||
}
|
||||
|
||||
/**
|
||||
* Setup
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function setUp(): void
|
||||
{
|
||||
// tests are executed in parallel as root
|
||||
// setUp is executed before every test
|
||||
$this->default_options = [
|
||||
'host' => "openldap",
|
||||
'port' => self::LDAPPORT,
|
||||
'use_ldapV3' => 1,
|
||||
'encryption' => "none",
|
||||
'no_referrals' => 0,
|
||||
'auth_method' => "bind",
|
||||
'base_dn' => "dc=example,dc=org",
|
||||
'search_string' => "uid=[search]",
|
||||
'users_dn' => "cn=[username],ou=users,dc=example,dc=org",
|
||||
'username' => "",
|
||||
'password' => "",
|
||||
'ldap_fullname' => "cn",
|
||||
'ldap_email' => "mail",
|
||||
'ldap_uid' => "uid",
|
||||
'ldap_debug' => 0
|
||||
];
|
||||
|
||||
$this->default_credentials = [
|
||||
'username' => "customuser",
|
||||
'password' => "custompassword",
|
||||
'secretkey' => null
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* Cleanup
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function tearDown(): void
|
||||
{
|
||||
}
|
||||
|
||||
/**
|
||||
* @testdox can perform an authentication using anynomous search
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function testOnUserAuthenticateAnonymousSearch()
|
||||
{
|
||||
$options = $this->default_options;
|
||||
$options["auth_method"] = "search";
|
||||
$options["users_dn"] = "";
|
||||
$plugin = $this->getPlugin($options);
|
||||
|
||||
$response = new AuthenticationResponse();
|
||||
$plugin->onUserAuthenticate($this->default_credentials, [], $response);
|
||||
$this->assertEquals(Authentication::STATUS_SUCCESS, $response->status);
|
||||
}
|
||||
|
||||
/**
|
||||
* @testdox can perform an authentication using direct bind
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function testOnUserAuthenticateDirect()
|
||||
{
|
||||
$this->markTestSkipped("Fix provided in PR #37959");
|
||||
|
||||
$plugin = $this->getPlugin($this->default_options);
|
||||
|
||||
$response = new AuthenticationResponse();
|
||||
$plugin->onUserAuthenticate($this->default_credentials, [], $response);
|
||||
$this->assertEquals(Authentication::STATUS_SUCCESS, $response->status);
|
||||
}
|
||||
|
||||
/**
|
||||
* @testdox can perform an authentication using direct bind with bad credentials
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function testInvalidOnUserAuthenticateDirect()
|
||||
{
|
||||
$plugin = $this->getPlugin($this->default_options);
|
||||
$credentials = $this->default_credentials;
|
||||
$credentials['password'] = "wrongpassword";
|
||||
|
||||
$response = new AuthenticationResponse();
|
||||
$plugin->onUserAuthenticate($credentials, [], $response);
|
||||
$this->assertEquals(Authentication::STATUS_FAILURE, $response->status);
|
||||
}
|
||||
|
||||
/**
|
||||
* @testdox can perform an authentication using anynomous search
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function testOnUserAuthenticateAnonymousSearchTLS()
|
||||
{
|
||||
$options = $this->default_options;
|
||||
$options["auth_method"] = "search";
|
||||
$options["users_dn"] = "";
|
||||
$options["encryption"] = "tls";
|
||||
$plugin = $this->getPlugin($options);
|
||||
|
||||
$this->acceptCertificates();
|
||||
$this->requireEncryption("tls", $options);
|
||||
|
||||
$response = new AuthenticationResponse();
|
||||
$plugin->onUserAuthenticate($this->default_credentials, [], $response);
|
||||
$this->assertEquals(Authentication::STATUS_SUCCESS, $response->status);
|
||||
}
|
||||
|
||||
/**
|
||||
* @testdox can perform an authentication using anynomous search
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
public function testOnUserAuthenticateAnonymousSearchSSL()
|
||||
{
|
||||
$this->markTestSkipped("Fix provided in PR #37962");
|
||||
|
||||
$options = $this->default_options;
|
||||
$options["auth_method"] = "search";
|
||||
$options["users_dn"] = "";
|
||||
$options["encryption"] = "ssl";
|
||||
$options["port"] = self::SSLPORT;
|
||||
$plugin = $this->getPlugin($options);
|
||||
|
||||
$this->acceptCertificates();
|
||||
$this->requireEncryption("ssl", $options);
|
||||
|
||||
$response = new AuthenticationResponse();
|
||||
$plugin->onUserAuthenticate($this->default_credentials, [], $response);
|
||||
$this->assertEquals(Authentication::STATUS_SUCCESS, $response->status);
|
||||
}
|
||||
|
||||
/**
|
||||
* @testdox does log ldap client calls and errors
|
||||
* can only be tested if phpunit stderr is redirected/duplicated/configured to a file
|
||||
* then, we can check if ldap_ calls are present in that file
|
||||
*
|
||||
* @return void
|
||||
*
|
||||
* @since __DEPLOY_VERSION__
|
||||
*/
|
||||
/*
|
||||
public function testOnUserAuthenticateWithDebug()
|
||||
{
|
||||
$options = $this->default_options;
|
||||
$options["ldap_debug"] = 1;
|
||||
$plugin = $this->getPlugin($options);
|
||||
|
||||
$response = new AuthenticationResponse();
|
||||
$plugin->onUserAuthenticate($this->default_credentials, [], $response);
|
||||
$this->assertEquals(Authentication::STATUS_SUCCESS, $response->status);
|
||||
}
|
||||
*/
|
||||
}
|
Loading…
Reference in New Issue
Block a user