test: vérification erreur externalid

GIP-RECIA · Nov 12, 2024 · 649b970 · 649b970
1 parent 81647a7
commit 649b970
Show file tree

Hide file tree

Showing 7 changed files with 92 additions and 4 deletions.
diff --git a/ci/python/constants.py b/ci/python/constants.py
@@ -18,4 +18,7 @@
 SERVICE_TOKEN_NOREDIRECT_URL = "http://localhost:8016/test"
 
 # Url du service pour tester la déconnexion globale
-SERVICE_SLO_URL = "http://localhost:8019/test"
+SERVICE_SLO_URL = "http://localhost:8019/test"
+
+# Url du service pour tester une erreur dans la récupération de l'externalid
+SERVICE_EXTERNALID_ERROR_URL = "http://localhost:8022/test"
diff --git a/ci/python/externalid_api.py b/ci/python/externalid_api.py
@@ -12,6 +12,9 @@
                          "SERVICE2":"SERVICE2$00000000-0000-0000-0000-000000000002"}
 DEFAULT_EXTERNALID = "SERVICE$00000000-0000-0000-0000-000000000000"
 
+# Liste des services à retourner en erreur
+SERVICE_ERROR = ["SERVICE3"]
+
 class RequestHandler(BaseHTTPRequestHandler):
     """
     Classe RequestHandler pour répondre aux différentes requêtes
@@ -30,6 +33,10 @@ def do_POST(self):
             response_map = {"generatedId":externalid,"error":False,
                             "jdbcresult":{"error":False,"errorMessage":"","exceptionType":""},
                             "ldapresult":{"error":False,"errorMessage":"","exceptionType":""}}
+            if service in SERVICE_ERROR:
+                response_map = {"generatedId":externalid,"error":True,
+                "jdbcresult":{"error":True,"errorMessage":"Error","exceptionType":""},
+                "ldapresult":{"error":True,"errorMessage":"Error","exceptionType":""}}
             json_reponse = json.dumps(response_map)
             self.send_response(200)
             self.send_header('Content-Type', 'application/json')

diff --git a/ci/python/service_test22.py b/ci/python/service_test22.py
@@ -0,0 +1,25 @@
+"""
+Serveur python simulant un service web.
+Il n'est pas là pour faire les requêtes (ce sont les scripts de test qui les font) mais pour pour faire valider des ST.
+Utilisé comme service vers lequel on va être redirigé pour le test attribute release externalid.
+"""
+
+import urllib3
+from http.server import BaseHTTPRequestHandler, HTTPServer
+from constants import CAS_BASE_URL, SERVICE_EXTERNALID_ERROR_URL
+from utils import validate_ticket_to_cas_and_return_attributes
+
+urllib3.disable_warnings()
+
+class RequestHandler(BaseHTTPRequestHandler):
+    def do_GET(self):
+        validate_ticket_to_cas_and_return_attributes(self, SERVICE_EXTERNALID_ERROR_URL, CAS_BASE_URL)
+
+def run(server_class=HTTPServer, handler_class=RequestHandler, port=8022):
+    server_address = ('', port)
+    httpd = server_class(server_address, handler_class)
+    print(f'Starting server on port {port}...')
+    httpd.serve_forever()
+
+if __name__ == '__main__':
+    run()
diff --git a/ci/python/utils.py b/ci/python/utils.py
@@ -49,11 +49,13 @@ def validate_ticket_to_cas_and_return_attributes(request_handler, service_url, c
             request_handler.send_header("Content-Length", str(len(response.text.encode('utf-8'))))
             request_handler.end_headers()
             request_handler.wfile.write(response.text.encode('utf-8'))
-        # Sinon on a eu un problème donc on retourne un 404
+        # Sinon on a eu un problème donc on retourne le problème
         else:
-            request_handler.send_response(404)
+            request_handler.send_response(response.status_code)
+            request_handler.send_header("Content-type", "application/xml")
+            request_handler.send_header("Content-Length", str(len(response.text.encode('utf-8'))))
             request_handler.end_headers()
-            request_handler.wfile.write(b'404 Not Found')
+            request_handler.wfile.write(response.text.encode('utf-8'))
     else:
         request_handler.send_response(404)
         request_handler.end_headers()

diff --git a/puppeteer/run.sh b/puppeteer/run.sh
@@ -84,6 +84,8 @@ python3 service_test16.py &
 pid_python_service_test16=$!
 python3 service_test19.py &
 pid_python_service_test19=$!
+python3 service_test22.py &
+pid_python_service_test22=$!
 python3 structs_info_api.py &
 pid_python_structs_info_api=$!
 python3 externalid_api.py &
@@ -168,6 +170,7 @@ kill -9 "$pid_python_service_test2"
 kill -9 "$pid_python_service_test10"
 kill -9 "$pid_python_service_test16"
 kill -9 "$pid_python_service_test19"
+kill -9 "$pid_python_service_test22"
 kill -9 "$pid_python_structs_info_api"
 kill -9 "$pid_python_externalid_api"
 kill -9 "$pid_python_saml_client"

diff --git a/puppeteer/scenarios/release_attribute_externalid_error.js b/puppeteer/scenarios/release_attribute_externalid_error.js
@@ -0,0 +1,29 @@
+const cas = require("../cas.js");
+const puppeteer = require('puppeteer');
+const assert = require("assert");
+
+(async () => {
+    const browser = await puppeteer.launch(cas.browserOptions());
+
+    try {
+        const page = await browser.newPage();
+        const client = await page.createCDPSession();
+        const casHost = "https://localhost:8443";
+        const service = "http://localhost:8022/test"
+
+        // Login to cas
+        await cas.loginWith(page, casHost, service, "test1", "test")
+
+        // Assert that an error page is given
+        const pageContent = await page.content();
+        assert(pageContent.includes("<cas:authenticationFailure code=\"INVALID_AUTHENTICATION_CONTEXT\">"))
+
+        process.exit(0)
+
+    } catch (e) {
+        cas.loge(e);
+        process.exit(1)
+    } finally {
+        await browser.close();
+    }
+})();
diff --git a/src/main/resources/services-test/servicetest-22.json b/src/main/resources/services-test/servicetest-22.json
@@ -0,0 +1,19 @@
+{
+    "@class": "org.apereo.cas.services.CasRegisteredService",
+    "serviceId": "^http:\/\/localhost:8022\/.*",
+    "name": "Service Test",
+    "description": "Service de test pour externalid page erreur",
+    "id": 22,
+    "attributeReleasePolicy": {
+        "@class": "org.apereo.cas.services.ReturnAllowedAttributeReleasePolicy",
+        "allowedAttributes": [ "java.util.ArrayList", [ "cn", "mail", "sn" ] ]
+    },
+    "usernameAttributeProvider" : {
+        "@class" : "org.apereo.cas.services.PrincipalExternalIdRegisteredServiceUsernameProvider",
+        "internalServiceId": "SERVICE3"
+    },
+    "webflowInterruptPolicy": {
+        "@class": "org.apereo.cas.services.DefaultRegisteredServiceWebflowInterruptPolicy",
+        "enabled": false
+    }
+}