|
1 | 1 | use strict; |
2 | 2 | use warnings; |
3 | 3 | use utf8; |
| 4 | +use lib 't/lib'; |
| 5 | + |
| 6 | +package # Test::Routine's run_me (in main) doesn't mix well with Test::Aggregate. |
| 7 | + t::server::controller::login::openid; |
4 | 8 |
|
5 | 9 | use JSON qw( decode_json ); |
6 | 10 | use MetaCPAN::Server::Test; |
7 | 11 | use Test::More; |
8 | 12 | use Test::OpenID::Server; |
| 13 | +use Test::Routine; |
| 14 | +use Test::Routine::Util; |
| 15 | + |
| 16 | +with qw( |
| 17 | + MetaCPAN::Tests::UserAgent |
| 18 | +); |
9 | 19 |
|
10 | 20 | my $openid_server = Test::OpenID::Server->new; |
11 | 21 | my $url = $openid_server->started_ok('start server'); |
12 | 22 |
|
| 23 | +test authorization => sub { |
| 24 | + my $self = shift; |
| 25 | + |
| 26 | + # Set client_id to get cookie. |
| 27 | + my %params = ( |
| 28 | + openid_identifier => "$url/test", |
| 29 | + client_id => 'metacpan.dev', |
| 30 | + ); |
| 31 | + my $uri_params = URI->new; |
| 32 | + $uri_params->query_form(%params); |
| 33 | + |
| 34 | + ok( $self->request( GET '/login/openid?' . $uri_params->query ), |
| 35 | + 'login with test URL' ); |
| 36 | + |
| 37 | + like $self->redirect_uri, |
| 38 | + qr{\Q$url\E/openid.server}, 'get correct OpenID server url'; |
| 39 | + |
| 40 | + $self->follow_redirect; |
| 41 | + |
| 42 | + like $self->redirect_uri, |
| 43 | + qr{/login/openid .+ openid\.mode}x, |
| 44 | + 'returns to openid controller'; |
| 45 | + |
| 46 | + $self->follow_redirect; |
| 47 | + |
| 48 | + my $authed_uri = $self->redirect_uri; |
| 49 | + my %authed_params = $authed_uri->query_form; |
| 50 | + |
| 51 | + is $authed_params{$_}, $params{$_}, "preserved $_ param" |
| 52 | + for sort keys %params; |
| 53 | + |
| 54 | + is $authed_uri->path, '/oauth2/authorize', |
| 55 | + 'redirect to internal oauth provider'; |
| 56 | + |
| 57 | + $self->follow_redirect; |
| 58 | + |
| 59 | + my $final_url = $self->redirect_uri; |
| 60 | + |
| 61 | + is $final_url->host_port, 'localhost:5001', |
| 62 | + 'final redirect goes to web ui'; |
| 63 | + is $final_url->path, '/login', 'login to ui'; |
| 64 | + ok { $final_url->query_form }->{code}, 'request has code param'; |
| 65 | +}; |
| 66 | + |
| 67 | +test unknown_provider => sub { |
| 68 | + my $self = shift; |
| 69 | + my $res; |
| 70 | + |
| 71 | + ok( |
| 72 | + $res |
| 73 | + = $self->cb->( |
| 74 | + GET "/login/openid?openid_identifier=$url/unknown" ), |
| 75 | + 'get unknown ID page' |
| 76 | + ); |
| 77 | + my $body = decode_json( $res->content ); |
| 78 | + like( $body->{error}, qr/no_identity_server/, |
| 79 | + 'get descriptive error for unknown ID' ); |
| 80 | +}; |
| 81 | + |
13 | 82 | test_psgi app, sub { |
14 | 83 | my $cb = shift; |
15 | 84 | require MetaCPAN::Server::Controller::Login::OpenID; |
16 | 85 |
|
17 | 86 | MetaCPAN::Server::Controller::Login::OpenID->_ua->resolver |
18 | 87 | ->whitelisted_hosts( [ 'localhost', '127.0.0.1' ] ); |
19 | 88 |
|
20 | | - ok( my $res = $cb->( GET "/login/openid?openid_identifier=$url/test" ), |
21 | | - 'login with test URL' ); |
22 | | - like( $res->header('location'), |
23 | | - qr/openid.server/, 'get correct OpenID server url' ); |
24 | | - ok( $res = $cb->( GET "/login/openid?openid_identifier=$url/unknown" ), |
25 | | - 'get unknown ID page' ); |
26 | | - my $body = decode_json( $res->content ); |
27 | | - like( $body->{error}, qr/no_identity_server/, |
28 | | - 'get descriptive error for unknown ID' ); |
| 89 | + run_me( |
| 90 | + { |
| 91 | + cb => $cb, |
| 92 | + } |
| 93 | + ); |
29 | 94 | }; |
30 | 95 |
|
31 | 96 | done_testing(); |
0 commit comments