Fixed failing tests caused by auth changes

This commit is contained in:
Dan Brown 2020-02-02 12:00:41 +00:00
parent e743cd3f60
commit 5d08ec3cef
No known key found for this signature in database
GPG Key ID: 46D9F943C24A2EF9
4 changed files with 71 additions and 88 deletions

View File

@ -51,7 +51,7 @@ return [
// mechanisms used by this application to persist your user's data.
'providers' => [
'users' => [
'driver' => env('AUTH_METHOD', 'standard') === 'standard' ? 'eloquent' : env('AUTH_METHOD'),
'driver' => 'eloquent',
'model' => \BookStack\Auth\User::class,
],
'external' => [

View File

@ -19,10 +19,8 @@
<label for="password">{{ trans('auth.password') }}</label>
@include('form.password', ['name' => 'password'])
</div>
</div>
<div class="grid half collapse-xs gap-xl v-center">
<div class="text-right">
<div class="form-group text-right pt-s">
<button class="button">{{ Str::title(trans('auth.log_in')) }}</button>
</div>
</div>

View File

@ -1,4 +1,5 @@
<?php namespace Tests;
use BookStack\Auth\Role;
use BookStack\Auth\Access\Ldap;
use BookStack\Auth\User;
@ -21,12 +22,16 @@ class LdapTest extends BrowserKitTest
if (!defined('LDAP_OPT_REFERRALS')) define('LDAP_OPT_REFERRALS', 1);
app('config')->set([
'auth.method' => 'ldap',
'auth.defaults.guard' => 'ldap',
'services.ldap.base_dn' => 'dc=ldap,dc=local',
'services.ldap.email_attribute' => 'mail',
'services.ldap.display_name_attribute' => 'cn',
'services.ldap.id_attribute' => 'uid',
'services.ldap.user_to_groups' => false,
'auth.providers.users.driver' => 'ldap',
'services.ldap.version' => '3',
'services.ldap.user_filter' => '(&(uid=${user}))',
'services.ldap.follow_referrals' => false,
'services.ldap.tls_insecure' => false,
]);
$this->mockLdap = \Mockery::mock(Ldap::class);
$this->app[Ldap::class] = $this->mockLdap;
@ -60,16 +65,16 @@ class LdapTest extends BrowserKitTest
{
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->once();
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
'dn' => ['dc=test' . config('services.ldap.base_dn')]
]]);
$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);
$this->mockEscapes(4);
$this->mockLdap->shouldReceive('bind')->times(4)->andReturn(true);
$this->mockEscapes(2);
$this->mockUserLogin()
->seePageIs('/login')->see('Please enter an email to use for this account.');
@ -86,16 +91,16 @@ class LdapTest extends BrowserKitTest
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->once();
$ldapDn = 'cn=test-user,dc=test' . config('services.ldap.base_dn');
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
$this->mockLdap->shouldReceive('setOption')->times(1);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'cn' => [$this->mockUser->name],
'dn' => $ldapDn,
'mail' => [$this->mockUser->email]
]]);
$this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true);
$this->mockEscapes(2);
$this->mockLdap->shouldReceive('bind')->times(2)->andReturn(true);
$this->mockEscapes(1);
$this->mockUserLogin()
->seePageIs('/')
@ -109,8 +114,8 @@ class LdapTest extends BrowserKitTest
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->once();
$ldapDn = 'cn=test-user,dc=test' . config('services.ldap.base_dn');
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
$this->mockLdap->shouldReceive('setOption')->times(1);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'cn' => [$this->mockUser->name],
@ -120,8 +125,8 @@ class LdapTest extends BrowserKitTest
]]);
$this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true);
$this->mockEscapes(2);
$this->mockLdap->shouldReceive('bind')->times(2)->andReturn(true);
$this->mockEscapes(1);
$this->mockUserLogin()
->seePageIs('/')
@ -133,16 +138,16 @@ class LdapTest extends BrowserKitTest
{
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->once();
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
$this->mockLdap->shouldReceive('setOption')->times(1);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
'dn' => ['dc=test' . config('services.ldap.base_dn')]
]]);
$this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true, true, false);
$this->mockEscapes(2);
$this->mockLdap->shouldReceive('bind')->times(2)->andReturn(true, false);
$this->mockEscapes(1);
$this->mockUserLogin()
->seePageIs('/login')->see('These credentials do not match our records.')
@ -201,10 +206,10 @@ class LdapTest extends BrowserKitTest
'services.ldap.group_attribute' => 'memberOf',
'services.ldap.remove_from_groups' => false,
]);
$this->mockLdap->shouldReceive('connect')->times(2)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(2);
$this->mockLdap->shouldReceive('setOption')->times(5);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(5)
$this->mockLdap->shouldReceive('connect')->times(1)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(1);
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
@ -217,8 +222,8 @@ class LdapTest extends BrowserKitTest
1 => "cn=ldaptester-second,ou=groups,dc=example,dc=com",
]
]]);
$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);
$this->mockEscapes(5);
$this->mockLdap->shouldReceive('bind')->times(5)->andReturn(true);
$this->mockEscapes(4);
$this->mockExplodes(6);
$this->mockUserLogin()->seePageIs('/');
@ -250,10 +255,10 @@ class LdapTest extends BrowserKitTest
'services.ldap.group_attribute' => 'memberOf',
'services.ldap.remove_from_groups' => true,
]);
$this->mockLdap->shouldReceive('connect')->times(2)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(2);
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
$this->mockLdap->shouldReceive('connect')->times(1)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(1);
$this->mockLdap->shouldReceive('setOption')->times(3);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(3)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
@ -265,8 +270,8 @@ class LdapTest extends BrowserKitTest
0 => "cn=ldaptester,ou=groups,dc=example,dc=com",
]
]]);
$this->mockLdap->shouldReceive('bind')->times(5)->andReturn(true);
$this->mockEscapes(4);
$this->mockLdap->shouldReceive('bind')->times(4)->andReturn(true);
$this->mockEscapes(3);
$this->mockExplodes(2);
$this->mockUserLogin()->seePageIs('/');
@ -299,10 +304,10 @@ class LdapTest extends BrowserKitTest
'services.ldap.group_attribute' => 'memberOf',
'services.ldap.remove_from_groups' => true,
]);
$this->mockLdap->shouldReceive('connect')->times(2)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(2);
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
$this->mockLdap->shouldReceive('connect')->times(1)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(1);
$this->mockLdap->shouldReceive('setOption')->times(3);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(3)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
@ -314,8 +319,8 @@ class LdapTest extends BrowserKitTest
0 => "cn=ex-auth-a,ou=groups,dc=example,dc=com",
]
]]);
$this->mockLdap->shouldReceive('bind')->times(5)->andReturn(true);
$this->mockEscapes(4);
$this->mockLdap->shouldReceive('bind')->times(4)->andReturn(true);
$this->mockEscapes(3);
$this->mockExplodes(2);
$this->mockUserLogin()->seePageIs('/');
@ -344,10 +349,10 @@ class LdapTest extends BrowserKitTest
'services.ldap.group_attribute' => 'memberOf',
'services.ldap.remove_from_groups' => true,
]);
$this->mockLdap->shouldReceive('connect')->times(2)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(2);
$this->mockLdap->shouldReceive('setOption')->times(5);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(5)
$this->mockLdap->shouldReceive('connect')->times(1)->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->times(1);
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
@ -360,8 +365,8 @@ class LdapTest extends BrowserKitTest
1 => "cn=ldaptester-second,ou=groups,dc=example,dc=com",
]
]]);
$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);
$this->mockEscapes(5);
$this->mockLdap->shouldReceive('bind')->times(5)->andReturn(true);
$this->mockEscapes(4);
$this->mockExplodes(6);
$this->mockUserLogin()->seePageIs('/');
@ -385,8 +390,8 @@ class LdapTest extends BrowserKitTest
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->once();
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
@ -394,8 +399,8 @@ class LdapTest extends BrowserKitTest
'dn' => ['dc=test' . config('services.ldap.base_dn')],
'displayname' => 'displayNameAttribute'
]]);
$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);
$this->mockEscapes(4);
$this->mockLdap->shouldReceive('bind')->times(4)->andReturn(true);
$this->mockEscapes(2);
$this->mockUserLogin()
->seePageIs('/login')->see('Please enter an email to use for this account.');
@ -415,16 +420,16 @@ class LdapTest extends BrowserKitTest
$this->mockLdap->shouldReceive('connect')->once()->andReturn($this->resourceId);
$this->mockLdap->shouldReceive('setVersion')->once();
$this->mockLdap->shouldReceive('setOption')->times(4);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(4)
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)
->with($this->resourceId, config('services.ldap.base_dn'), \Mockery::type('string'), \Mockery::type('array'))
->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
'dn' => ['dc=test' . config('services.ldap.base_dn')]
]]);
$this->mockLdap->shouldReceive('bind')->times(6)->andReturn(true);
$this->mockEscapes(4);
$this->mockLdap->shouldReceive('bind')->times(4)->andReturn(true);
$this->mockEscapes(2);
$this->mockUserLogin()
->seePageIs('/login')->see('Please enter an email to use for this account.');
@ -444,14 +449,14 @@ class LdapTest extends BrowserKitTest
// Standard mocks
$this->mockLdap->shouldReceive('setVersion')->once();
$this->mockLdap->shouldReceive('setOption')->times(2);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(2)->andReturn(['count' => 1, 0 => [
$this->mockLdap->shouldReceive('setOption')->times(1);
$this->mockLdap->shouldReceive('searchAndGetEntries')->times(1)->andReturn(['count' => 1, 0 => [
'uid' => [$this->mockUser->name],
'cn' => [$this->mockUser->name],
'dn' => ['dc=test' . config('services.ldap.base_dn')]
]]);
$this->mockLdap->shouldReceive('bind')->times(3)->andReturn(true);
$this->mockEscapes(2);
$this->mockLdap->shouldReceive('bind')->times(2)->andReturn(true);
$this->mockEscapes(1);
$this->mockLdap->shouldReceive('connect')->once()
->with($expectedHost, $expectedPort)->andReturn($this->resourceId);

View File

@ -11,9 +11,9 @@ class Saml2Test extends TestCase
parent::setUp();
// Set default config for SAML2
config()->set([
'auth.method' => 'saml2',
'auth.defaults.guard' => 'saml2',
'saml2.name' => 'SingleSignOn-Testing',
'saml2.enabled' => true,
'saml2.auto_register' => true,
'saml2.email_attribute' => 'email',
'saml2.display_name_attributes' => ['first_name', 'last_name'],
'saml2.external_id_attribute' => 'uid',
@ -53,27 +53,12 @@ class Saml2Test extends TestCase
{
$req = $this->get('/login');
$req->assertSeeText('SingleSignOn-Testing');
$req->assertElementExists('a[href$="/saml2/login"]');
}
public function test_login_option_shows_on_register_page_only_when_auto_register_enabled()
{
$this->setSettings(['app-public' => 'true', 'registration-enabled' => 'true']);
$req = $this->get('/register');
$req->assertSeeText('SingleSignOn-Testing');
$req->assertElementExists('a[href$="/saml2/login"]');
config()->set(['saml2.auto_register' => false]);
$req = $this->get('/register');
$req->assertDontSeeText('SingleSignOn-Testing');
$req->assertElementNotExists('a[href$="/saml2/login"]');
$req->assertElementExists('form[action$="/saml2/login"][method=POST] button');
}
public function test_login()
{
$req = $this->get('/saml2/login');
$req = $this->post('/saml2/login');
$redirect = $req->headers->get('location');
$this->assertStringStartsWith('http://saml.local/saml2/idp/SSOService.php', $redirect, 'Login redirects to SSO location');
@ -138,20 +123,15 @@ class Saml2Test extends TestCase
});
}
public function test_logout_redirects_to_saml_logout_when_active_saml_session()
public function test_logout_link_directs_to_saml_path()
{
config()->set([
'saml2.onelogin.strict' => false,
]);
$this->withPost(['SAMLResponse' => $this->acsPostData], function () {
$acsPost = $this->post('/saml2/acs');
$lastLoginType = session()->get('last_login_type');
$this->assertEquals('saml2', $lastLoginType);
$req = $this->get('/logout');
$req->assertRedirect('/saml2/logout');
});
$resp = $this->actingAs($this->getEditor())->get('/');
$resp->assertElementExists('a[href$="/saml2/logout"]');
$resp->assertElementContains('a[href$="/saml2/logout"]', 'Logout');
}
public function test_logout_sls_flow()
@ -235,8 +215,8 @@ class Saml2Test extends TestCase
public function test_saml_routes_are_only_active_if_saml_enabled()
{
config()->set(['saml2.enabled' => false]);
$getRoutes = ['/login', '/logout', '/metadata', '/sls'];
config()->set(['auth.method' => 'standard']);
$getRoutes = ['/logout', '/metadata', '/sls'];
foreach ($getRoutes as $route) {
$req = $this->get('/saml2' . $route);
$req->assertRedirect('/');
@ -245,7 +225,7 @@ class Saml2Test extends TestCase
session()->flush();
}
$postRoutes = ['/acs'];
$postRoutes = ['/login', '/acs'];
foreach ($postRoutes as $route) {
$req = $this->post('/saml2' . $route);
$req->assertRedirect('/');